Mercurial > p > roundup > code
annotate test/test_cgi.py @ 6565:2c2dbfc332ba
Try to handle multiple connections better.
The session database is a hot spot. When multiple requests (e.g. 20)
come in at the same time session database contention can get great.
The original code didn't retry session database access when the open
failed. This resulted in errors at the client.
The second pass delayed 0.01 seconds and retried. It was better but we
still had multiple second stalls. I think the first request got in,
everybody else backed up and then retried at the same time. Again they
stepped on each other. With logging I would see many counters go all
the way to low single digits or to -1 indicating falure.
This pass uses randomint to generate delays from 0-.125 seconds in 5ms
increments. This performs better in testing. I rarely saw a counter
less than 13 (2 failed retries). Current logging starts after 6
failures and counts down until success or failure.
| author | John Rouillard <rouilj@ieee.org> |
|---|---|
| date | Thu, 16 Dec 2021 20:02:00 -0500 |
| parents | ada96db8ec62 |
| children | 91ab3e0ffcd0 |
| rev | line source |
|---|---|
|
1377
9ddb3ab23a3f
start of CGI form handling tests
Richard Jones <richard@users.sourceforge.net>
parents:
diff
changeset
|
1 # |
|
9ddb3ab23a3f
start of CGI form handling tests
Richard Jones <richard@users.sourceforge.net>
parents:
diff
changeset
|
2 # Copyright (c) 2003 Richard Jones, rjones@ekit-inc.com |
|
9ddb3ab23a3f
start of CGI form handling tests
Richard Jones <richard@users.sourceforge.net>
parents:
diff
changeset
|
3 # This module is free software, and you may redistribute it and/or modify |
|
9ddb3ab23a3f
start of CGI form handling tests
Richard Jones <richard@users.sourceforge.net>
parents:
diff
changeset
|
4 # under the same terms as Python, so long as this copyright message and |
|
9ddb3ab23a3f
start of CGI form handling tests
Richard Jones <richard@users.sourceforge.net>
parents:
diff
changeset
|
5 # disclaimer are retained in their original form. |
|
9ddb3ab23a3f
start of CGI form handling tests
Richard Jones <richard@users.sourceforge.net>
parents:
diff
changeset
|
6 # |
|
9ddb3ab23a3f
start of CGI form handling tests
Richard Jones <richard@users.sourceforge.net>
parents:
diff
changeset
|
7 # This module is distributed in the hope that it will be useful, |
|
9ddb3ab23a3f
start of CGI form handling tests
Richard Jones <richard@users.sourceforge.net>
parents:
diff
changeset
|
8 # but WITHOUT ANY WARRANTY; without even the implied warranty of |
|
9ddb3ab23a3f
start of CGI form handling tests
Richard Jones <richard@users.sourceforge.net>
parents:
diff
changeset
|
9 # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. |
|
9ddb3ab23a3f
start of CGI form handling tests
Richard Jones <richard@users.sourceforge.net>
parents:
diff
changeset
|
10 |
|
5376
64b05e24dbd8
Python 3 preparation: convert print to a function.
Joseph Myers <jsm@polyomino.org.uk>
parents:
5316
diff
changeset
|
11 from __future__ import print_function |
|
6083
f74d078cfd9a
issue2551019 needs to be handled in the action code itself, not the WSGI handler
Christof Meerwald <cmeerw@cmeerw.org>
parents:
5980
diff
changeset
|
12 import unittest, os, shutil, errno, sys, difflib, cgi, re, io |
|
1377
9ddb3ab23a3f
start of CGI form handling tests
Richard Jones <richard@users.sourceforge.net>
parents:
diff
changeset
|
13 |
|
5721
abb9fdb02228
Mark the failing test I deactivated as xfail to make it easier for
John Rouillard <rouilj@ieee.org>
parents:
5720
diff
changeset
|
14 import pytest |
|
abb9fdb02228
Mark the failing test I deactivated as xfail to make it easier for
John Rouillard <rouilj@ieee.org>
parents:
5720
diff
changeset
|
15 |
|
3930
1b84355e346a
add tests for through-the-web permission checking
Richard Jones <richard@users.sourceforge.net>
parents:
3904
diff
changeset
|
16 from roundup.cgi import client, actions, exceptions |
|
5973
fe334430ca07
issue2550919 - Anti-bot signup using 4 second delay
John Rouillard <rouilj@ieee.org>
parents:
5924
diff
changeset
|
17 from roundup.cgi.exceptions import FormError, NotFound, Redirect |
|
5976
71c68961d9f4
- issue2550920 - Optionally detect duplicate username at registration.
John Rouillard <rouilj@ieee.org>
parents:
5973
diff
changeset
|
18 from roundup.exceptions import UsageError, Reject |
|
5310
efb34cbdba7c
Add (currently failing) test for atomic actions
Ralf Schlatterbeck <rsc@runtux.com>
parents:
5248
diff
changeset
|
19 from roundup.cgi.templating import HTMLItem, HTMLRequest, NoTemplate |
|
efb34cbdba7c
Add (currently failing) test for atomic actions
Ralf Schlatterbeck <rsc@runtux.com>
parents:
5248
diff
changeset
|
20 from roundup.cgi.templating import HTMLProperty, _HTMLItem, anti_csrf_nonce |
| 2027 | 21 from roundup.cgi.form_parser import FormParser |
|
1393
71928bf79302
more CGI fixes and tests
Richard Jones <richard@users.sourceforge.net>
parents:
1385
diff
changeset
|
22 from roundup import init, instance, password, hyperdb, date |
|
6083
f74d078cfd9a
issue2551019 needs to be handled in the action code itself, not the WSGI handler
Christof Meerwald <cmeerw@cmeerw.org>
parents:
5980
diff
changeset
|
23 from roundup.anypy.strings import u2s, b2s, s2b |
| 6361 | 24 from roundup.test.tx_Source_detector import init as tx_Source_init |
|
1377
9ddb3ab23a3f
start of CGI form handling tests
Richard Jones <richard@users.sourceforge.net>
parents:
diff
changeset
|
25 |
|
5973
fe334430ca07
issue2550919 - Anti-bot signup using 4 second delay
John Rouillard <rouilj@ieee.org>
parents:
5924
diff
changeset
|
26 from time import sleep |
|
fe334430ca07
issue2550919 - Anti-bot signup using 4 second delay
John Rouillard <rouilj@ieee.org>
parents:
5924
diff
changeset
|
27 |
|
5166
232c74973a56
issue1408570: fix that form values are lost
Ralf Schlatterbeck <rsc@runtux.com>
parents:
5162
diff
changeset
|
28 # For testing very simple rendering |
|
232c74973a56
issue1408570: fix that form values are lost
Ralf Schlatterbeck <rsc@runtux.com>
parents:
5162
diff
changeset
|
29 from roundup.cgi.engine_zopetal import RoundupPageTemplate |
|
232c74973a56
issue1408570: fix that form values are lost
Ralf Schlatterbeck <rsc@runtux.com>
parents:
5162
diff
changeset
|
30 |
|
6366
f2c31f5ec50b
Move mocknull from test to roundup/test
Ralf Schlatterbeck <rsc@runtux.com>
parents:
6361
diff
changeset
|
31 from roundup.test.mocknull import MockNull |
|
4112
6441ffe588f7
fix bug introduced into CSV export and view (issue 2550529)
Richard Jones <richard@users.sourceforge.net>
parents:
4088
diff
changeset
|
32 |
|
5388
d26921b851c3
Python 3 preparation: make relative imports explicit.
Joseph Myers <jsm@polyomino.org.uk>
parents:
5385
diff
changeset
|
33 from . import db_test_base |
|
d26921b851c3
Python 3 preparation: make relative imports explicit.
Joseph Myers <jsm@polyomino.org.uk>
parents:
5385
diff
changeset
|
34 from .db_test_base import FormTestParent, setupTracker, FileUpload |
|
5513
19bd4b413ed6
be more lenient when comparing string results
Christof Meerwald <cmeerw@cmeerw.org>
parents:
5488
diff
changeset
|
35 from .cmp_helper import StringFragmentCmpHelper |
|
1425
58ce2c1614cd
new form handling complete
Richard Jones <richard@users.sourceforge.net>
parents:
1420
diff
changeset
|
36 |
|
5065
47ab150b7325
Allow multiple file uploads
Ralf Schlatterbeck <rsc@runtux.com>
parents:
5037
diff
changeset
|
37 class FileList: |
|
47ab150b7325
Allow multiple file uploads
Ralf Schlatterbeck <rsc@runtux.com>
parents:
5037
diff
changeset
|
38 def __init__(self, name, *files): |
|
47ab150b7325
Allow multiple file uploads
Ralf Schlatterbeck <rsc@runtux.com>
parents:
5037
diff
changeset
|
39 self.name = name |
|
47ab150b7325
Allow multiple file uploads
Ralf Schlatterbeck <rsc@runtux.com>
parents:
5037
diff
changeset
|
40 self.files = files |
|
47ab150b7325
Allow multiple file uploads
Ralf Schlatterbeck <rsc@runtux.com>
parents:
5037
diff
changeset
|
41 def items (self): |
|
47ab150b7325
Allow multiple file uploads
Ralf Schlatterbeck <rsc@runtux.com>
parents:
5037
diff
changeset
|
42 for f in self.files: |
|
47ab150b7325
Allow multiple file uploads
Ralf Schlatterbeck <rsc@runtux.com>
parents:
5037
diff
changeset
|
43 yield (self.name, f) |
|
47ab150b7325
Allow multiple file uploads
Ralf Schlatterbeck <rsc@runtux.com>
parents:
5037
diff
changeset
|
44 |
|
4880
ca692423e401
Different approach to fix XSS in issue2550817
Ralf Schlatterbeck <rsc@runtux.com>
parents:
4851
diff
changeset
|
45 cm = client.add_message |
|
1684
b87c40d1b8fb
fix hackish message escaping [SF#757128]
Richard Jones <richard@users.sourceforge.net>
parents:
1631
diff
changeset
|
46 class MessageTestCase(unittest.TestCase): |
|
4880
ca692423e401
Different approach to fix XSS in issue2550817
Ralf Schlatterbeck <rsc@runtux.com>
parents:
4851
diff
changeset
|
47 # Note: Escaping is now handled on a message-by-message basis at a |
|
ca692423e401
Different approach to fix XSS in issue2550817
Ralf Schlatterbeck <rsc@runtux.com>
parents:
4851
diff
changeset
|
48 # point where we still know what generates a message. In this way we |
|
ca692423e401
Different approach to fix XSS in issue2550817
Ralf Schlatterbeck <rsc@runtux.com>
parents:
4851
diff
changeset
|
49 # can decide when to escape and when not. We test the add_message |
|
ca692423e401
Different approach to fix XSS in issue2550817
Ralf Schlatterbeck <rsc@runtux.com>
parents:
4851
diff
changeset
|
50 # routine here. |
|
ca692423e401
Different approach to fix XSS in issue2550817
Ralf Schlatterbeck <rsc@runtux.com>
parents:
4851
diff
changeset
|
51 # Of course we won't catch errors in judgement when to escape here |
|
ca692423e401
Different approach to fix XSS in issue2550817
Ralf Schlatterbeck <rsc@runtux.com>
parents:
4851
diff
changeset
|
52 # -- but at the time of this change only one message is not escaped. |
|
ca692423e401
Different approach to fix XSS in issue2550817
Ralf Schlatterbeck <rsc@runtux.com>
parents:
4851
diff
changeset
|
53 def testAddMessageOK(self): |
|
ca692423e401
Different approach to fix XSS in issue2550817
Ralf Schlatterbeck <rsc@runtux.com>
parents:
4851
diff
changeset
|
54 self.assertEqual(cm([],'a\nb'), ['a<br />\nb']) |
|
ca692423e401
Different approach to fix XSS in issue2550817
Ralf Schlatterbeck <rsc@runtux.com>
parents:
4851
diff
changeset
|
55 self.assertEqual(cm([],'a\nb\nc\n'), ['a<br />\nb<br />\nc<br />\n']) |
|
ca692423e401
Different approach to fix XSS in issue2550817
Ralf Schlatterbeck <rsc@runtux.com>
parents:
4851
diff
changeset
|
56 |
|
ca692423e401
Different approach to fix XSS in issue2550817
Ralf Schlatterbeck <rsc@runtux.com>
parents:
4851
diff
changeset
|
57 def testAddMessageBAD(self): |
|
ca692423e401
Different approach to fix XSS in issue2550817
Ralf Schlatterbeck <rsc@runtux.com>
parents:
4851
diff
changeset
|
58 self.assertEqual(cm([],'<script>x</script>'), |
|
ca692423e401
Different approach to fix XSS in issue2550817
Ralf Schlatterbeck <rsc@runtux.com>
parents:
4851
diff
changeset
|
59 ['<script>x</script>']) |
|
ca692423e401
Different approach to fix XSS in issue2550817
Ralf Schlatterbeck <rsc@runtux.com>
parents:
4851
diff
changeset
|
60 self.assertEqual(cm([],'<iframe>x</iframe>'), |
|
ca692423e401
Different approach to fix XSS in issue2550817
Ralf Schlatterbeck <rsc@runtux.com>
parents:
4851
diff
changeset
|
61 ['<iframe>x</iframe>']) |
|
ca692423e401
Different approach to fix XSS in issue2550817
Ralf Schlatterbeck <rsc@runtux.com>
parents:
4851
diff
changeset
|
62 self.assertEqual(cm([],'<<script >>alert(42);5<</script >>'), |
|
ca692423e401
Different approach to fix XSS in issue2550817
Ralf Schlatterbeck <rsc@runtux.com>
parents:
4851
diff
changeset
|
63 ['<<script >>alert(42);5<</script >>']) |
|
ca692423e401
Different approach to fix XSS in issue2550817
Ralf Schlatterbeck <rsc@runtux.com>
parents:
4851
diff
changeset
|
64 self.assertEqual(cm([],'<a href="y">x</a>'), |
|
ca692423e401
Different approach to fix XSS in issue2550817
Ralf Schlatterbeck <rsc@runtux.com>
parents:
4851
diff
changeset
|
65 ['<a href="y">x</a>']) |
|
5805
39a5f40ae4d4
Extra test of < and > inside quotes.
John Rouillard <rouilj@ieee.org>
parents:
5794
diff
changeset
|
66 self.assertEqual(cm([],'<a href="<y>">x</a>'), |
|
39a5f40ae4d4
Extra test of < and > inside quotes.
John Rouillard <rouilj@ieee.org>
parents:
5794
diff
changeset
|
67 ['<a href="<y>">x</a>']) |
|
4880
ca692423e401
Different approach to fix XSS in issue2550817
Ralf Schlatterbeck <rsc@runtux.com>
parents:
4851
diff
changeset
|
68 self.assertEqual(cm([],'<A HREF="y">x</A>'), |
|
ca692423e401
Different approach to fix XSS in issue2550817
Ralf Schlatterbeck <rsc@runtux.com>
parents:
4851
diff
changeset
|
69 ['<A HREF="y">x</A>']) |
|
ca692423e401
Different approach to fix XSS in issue2550817
Ralf Schlatterbeck <rsc@runtux.com>
parents:
4851
diff
changeset
|
70 self.assertEqual(cm([],'<br>x<br />'), ['<br>x<br />']) |
|
ca692423e401
Different approach to fix XSS in issue2550817
Ralf Schlatterbeck <rsc@runtux.com>
parents:
4851
diff
changeset
|
71 self.assertEqual(cm([],'<i>x</i>'), ['<i>x</i>']) |
|
ca692423e401
Different approach to fix XSS in issue2550817
Ralf Schlatterbeck <rsc@runtux.com>
parents:
4851
diff
changeset
|
72 self.assertEqual(cm([],'<b>x</b>'), ['<b>x</b>']) |
|
ca692423e401
Different approach to fix XSS in issue2550817
Ralf Schlatterbeck <rsc@runtux.com>
parents:
4851
diff
changeset
|
73 self.assertEqual(cm([],'<BR>x<BR />'), ['<BR>x<BR />']) |
|
ca692423e401
Different approach to fix XSS in issue2550817
Ralf Schlatterbeck <rsc@runtux.com>
parents:
4851
diff
changeset
|
74 self.assertEqual(cm([],'<I>x</I>'), ['<I>x</I>']) |
|
ca692423e401
Different approach to fix XSS in issue2550817
Ralf Schlatterbeck <rsc@runtux.com>
parents:
4851
diff
changeset
|
75 self.assertEqual(cm([],'<B>x</B>'), ['<B>x</B>']) |
|
ca692423e401
Different approach to fix XSS in issue2550817
Ralf Schlatterbeck <rsc@runtux.com>
parents:
4851
diff
changeset
|
76 |
|
ca692423e401
Different approach to fix XSS in issue2550817
Ralf Schlatterbeck <rsc@runtux.com>
parents:
4851
diff
changeset
|
77 def testAddMessageNoEscape(self): |
|
ca692423e401
Different approach to fix XSS in issue2550817
Ralf Schlatterbeck <rsc@runtux.com>
parents:
4851
diff
changeset
|
78 self.assertEqual(cm([],'<i>x</i>',False), ['<i>x</i>']) |
|
ca692423e401
Different approach to fix XSS in issue2550817
Ralf Schlatterbeck <rsc@runtux.com>
parents:
4851
diff
changeset
|
79 self.assertEqual(cm([],'<i>x</i>\n<b>x</b>',False), |
|
ca692423e401
Different approach to fix XSS in issue2550817
Ralf Schlatterbeck <rsc@runtux.com>
parents:
4851
diff
changeset
|
80 ['<i>x</i><br />\n<b>x</b>']) |
|
1684
b87c40d1b8fb
fix hackish message escaping [SF#757128]
Richard Jones <richard@users.sourceforge.net>
parents:
1631
diff
changeset
|
81 |
|
5513
19bd4b413ed6
be more lenient when comparing string results
Christof Meerwald <cmeerw@cmeerw.org>
parents:
5488
diff
changeset
|
82 class FormTestCase(FormTestParent, StringFragmentCmpHelper, unittest.TestCase): |
|
2696
a5c5a1106e3b
init.initialize() was removed in [[CVS:1.30]] (27-jul-2004)
Alexander Smishlajev <a1s@users.sourceforge.net>
parents:
2027
diff
changeset
|
83 |
|
5310
efb34cbdba7c
Add (currently failing) test for atomic actions
Ralf Schlatterbeck <rsc@runtux.com>
parents:
5248
diff
changeset
|
84 def setUp(self): |
|
efb34cbdba7c
Add (currently failing) test for atomic actions
Ralf Schlatterbeck <rsc@runtux.com>
parents:
5248
diff
changeset
|
85 FormTestParent.setUp(self) |
| 4781 | 86 |
| 6361 | 87 tx_Source_init(self.db) |
| 4781 | 88 |
|
2929
7a8a02646d4e
backend is an attribute of tracker instances
Alexander Smishlajev <a1s@users.sourceforge.net>
parents:
2821
diff
changeset
|
89 test = self.instance.backend.Class(self.db, "test", |
|
1525
c006e8166f81
added tests for Number cgi editing
Richard Jones <richard@users.sourceforge.net>
parents:
1483
diff
changeset
|
90 string=hyperdb.String(), number=hyperdb.Number(), |
|
5067
e424987d294a
Add support for an integer type to join the existing number type.
John Rouillard <rouilj@ieee.org>
parents:
5065
diff
changeset
|
91 intval=hyperdb.Integer(), boolean=hyperdb.Boolean(), |
|
e424987d294a
Add support for an integer type to join the existing number type.
John Rouillard <rouilj@ieee.org>
parents:
5065
diff
changeset
|
92 link=hyperdb.Link('test'), multilink=hyperdb.Multilink('test'), |
|
e424987d294a
Add support for an integer type to join the existing number type.
John Rouillard <rouilj@ieee.org>
parents:
5065
diff
changeset
|
93 date=hyperdb.Date(), messages=hyperdb.Multilink('msg'), |
|
5814
bd6d41f21a5a
More extensive EditCSV testing.
John Rouillard <rouilj@ieee.org>
parents:
5805
diff
changeset
|
94 interval=hyperdb.Interval(), pw=hyperdb.Password() ) |
|
1393
71928bf79302
more CGI fixes and tests
Richard Jones <richard@users.sourceforge.net>
parents:
1385
diff
changeset
|
95 |
|
1438
13c42b803101
Better handling of the form variable labels.
Richard Jones <richard@users.sourceforge.net>
parents:
1431
diff
changeset
|
96 # compile the labels re |
|
13c42b803101
Better handling of the form variable labels.
Richard Jones <richard@users.sourceforge.net>
parents:
1431
diff
changeset
|
97 classes = '|'.join(self.db.classes.keys()) |
|
2004
1782fe36e7b8
Move out parts of client.py to new modules:
Johannes Gijsbers <jlgijsbers@users.sourceforge.net>
parents:
1873
diff
changeset
|
98 self.FV_SPECIAL = re.compile(FormParser.FV_LABELS%classes, |
|
1438
13c42b803101
Better handling of the form variable labels.
Richard Jones <richard@users.sourceforge.net>
parents:
1431
diff
changeset
|
99 re.VERBOSE) |
|
13c42b803101
Better handling of the form variable labels.
Richard Jones <richard@users.sourceforge.net>
parents:
1431
diff
changeset
|
100 |
|
1380
4ce6820c18fa
fixes to CGI form handling (NEEDS BACKPORTING TO 0.5)
Richard Jones <richard@users.sourceforge.net>
parents:
1377
diff
changeset
|
101 # |
|
1438
13c42b803101
Better handling of the form variable labels.
Richard Jones <richard@users.sourceforge.net>
parents:
1431
diff
changeset
|
102 # form label extraction |
|
13c42b803101
Better handling of the form variable labels.
Richard Jones <richard@users.sourceforge.net>
parents:
1431
diff
changeset
|
103 # |
|
13c42b803101
Better handling of the form variable labels.
Richard Jones <richard@users.sourceforge.net>
parents:
1431
diff
changeset
|
104 def tl(self, s, c, i, a, p): |
|
13c42b803101
Better handling of the form variable labels.
Richard Jones <richard@users.sourceforge.net>
parents:
1431
diff
changeset
|
105 m = self.FV_SPECIAL.match(s) |
|
13c42b803101
Better handling of the form variable labels.
Richard Jones <richard@users.sourceforge.net>
parents:
1431
diff
changeset
|
106 self.assertNotEqual(m, None) |
|
13c42b803101
Better handling of the form variable labels.
Richard Jones <richard@users.sourceforge.net>
parents:
1431
diff
changeset
|
107 d = m.groupdict() |
|
13c42b803101
Better handling of the form variable labels.
Richard Jones <richard@users.sourceforge.net>
parents:
1431
diff
changeset
|
108 self.assertEqual(d['classname'], c) |
|
13c42b803101
Better handling of the form variable labels.
Richard Jones <richard@users.sourceforge.net>
parents:
1431
diff
changeset
|
109 self.assertEqual(d['id'], i) |
|
13c42b803101
Better handling of the form variable labels.
Richard Jones <richard@users.sourceforge.net>
parents:
1431
diff
changeset
|
110 for action in 'required add remove link note file'.split(): |
|
13c42b803101
Better handling of the form variable labels.
Richard Jones <richard@users.sourceforge.net>
parents:
1431
diff
changeset
|
111 if a == action: |
|
13c42b803101
Better handling of the form variable labels.
Richard Jones <richard@users.sourceforge.net>
parents:
1431
diff
changeset
|
112 self.assertNotEqual(d[action], None) |
|
13c42b803101
Better handling of the form variable labels.
Richard Jones <richard@users.sourceforge.net>
parents:
1431
diff
changeset
|
113 else: |
|
13c42b803101
Better handling of the form variable labels.
Richard Jones <richard@users.sourceforge.net>
parents:
1431
diff
changeset
|
114 self.assertEqual(d[action], None) |
|
13c42b803101
Better handling of the form variable labels.
Richard Jones <richard@users.sourceforge.net>
parents:
1431
diff
changeset
|
115 self.assertEqual(d['propname'], p) |
|
13c42b803101
Better handling of the form variable labels.
Richard Jones <richard@users.sourceforge.net>
parents:
1431
diff
changeset
|
116 |
|
13c42b803101
Better handling of the form variable labels.
Richard Jones <richard@users.sourceforge.net>
parents:
1431
diff
changeset
|
117 def testLabelMatching(self): |
|
13c42b803101
Better handling of the form variable labels.
Richard Jones <richard@users.sourceforge.net>
parents:
1431
diff
changeset
|
118 self.tl('<propname>', None, None, None, '<propname>') |
|
13c42b803101
Better handling of the form variable labels.
Richard Jones <richard@users.sourceforge.net>
parents:
1431
diff
changeset
|
119 self.tl(':required', None, None, 'required', None) |
|
13c42b803101
Better handling of the form variable labels.
Richard Jones <richard@users.sourceforge.net>
parents:
1431
diff
changeset
|
120 self.tl(':confirm:<propname>', None, None, 'confirm', '<propname>') |
|
13c42b803101
Better handling of the form variable labels.
Richard Jones <richard@users.sourceforge.net>
parents:
1431
diff
changeset
|
121 self.tl(':add:<propname>', None, None, 'add', '<propname>') |
|
13c42b803101
Better handling of the form variable labels.
Richard Jones <richard@users.sourceforge.net>
parents:
1431
diff
changeset
|
122 self.tl(':remove:<propname>', None, None, 'remove', '<propname>') |
|
13c42b803101
Better handling of the form variable labels.
Richard Jones <richard@users.sourceforge.net>
parents:
1431
diff
changeset
|
123 self.tl(':link:<propname>', None, None, 'link', '<propname>') |
|
13c42b803101
Better handling of the form variable labels.
Richard Jones <richard@users.sourceforge.net>
parents:
1431
diff
changeset
|
124 self.tl('test1:<prop>', 'test', '1', None, '<prop>') |
|
13c42b803101
Better handling of the form variable labels.
Richard Jones <richard@users.sourceforge.net>
parents:
1431
diff
changeset
|
125 self.tl('test1:required', 'test', '1', 'required', None) |
|
13c42b803101
Better handling of the form variable labels.
Richard Jones <richard@users.sourceforge.net>
parents:
1431
diff
changeset
|
126 self.tl('test1:add:<prop>', 'test', '1', 'add', '<prop>') |
|
13c42b803101
Better handling of the form variable labels.
Richard Jones <richard@users.sourceforge.net>
parents:
1431
diff
changeset
|
127 self.tl('test1:remove:<prop>', 'test', '1', 'remove', '<prop>') |
|
13c42b803101
Better handling of the form variable labels.
Richard Jones <richard@users.sourceforge.net>
parents:
1431
diff
changeset
|
128 self.tl('test1:link:<prop>', 'test', '1', 'link', '<prop>') |
|
13c42b803101
Better handling of the form variable labels.
Richard Jones <richard@users.sourceforge.net>
parents:
1431
diff
changeset
|
129 self.tl('test1:confirm:<prop>', 'test', '1', 'confirm', '<prop>') |
|
13c42b803101
Better handling of the form variable labels.
Richard Jones <richard@users.sourceforge.net>
parents:
1431
diff
changeset
|
130 self.tl('test-1:<prop>', 'test', '-1', None, '<prop>') |
|
13c42b803101
Better handling of the form variable labels.
Richard Jones <richard@users.sourceforge.net>
parents:
1431
diff
changeset
|
131 self.tl('test-1:required', 'test', '-1', 'required', None) |
|
13c42b803101
Better handling of the form variable labels.
Richard Jones <richard@users.sourceforge.net>
parents:
1431
diff
changeset
|
132 self.tl('test-1:add:<prop>', 'test', '-1', 'add', '<prop>') |
|
13c42b803101
Better handling of the form variable labels.
Richard Jones <richard@users.sourceforge.net>
parents:
1431
diff
changeset
|
133 self.tl('test-1:remove:<prop>', 'test', '-1', 'remove', '<prop>') |
|
13c42b803101
Better handling of the form variable labels.
Richard Jones <richard@users.sourceforge.net>
parents:
1431
diff
changeset
|
134 self.tl('test-1:link:<prop>', 'test', '-1', 'link', '<prop>') |
|
13c42b803101
Better handling of the form variable labels.
Richard Jones <richard@users.sourceforge.net>
parents:
1431
diff
changeset
|
135 self.tl('test-1:confirm:<prop>', 'test', '-1', 'confirm', '<prop>') |
|
13c42b803101
Better handling of the form variable labels.
Richard Jones <richard@users.sourceforge.net>
parents:
1431
diff
changeset
|
136 self.tl(':note', None, None, 'note', None) |
|
13c42b803101
Better handling of the form variable labels.
Richard Jones <richard@users.sourceforge.net>
parents:
1431
diff
changeset
|
137 self.tl(':file', None, None, 'file', None) |
|
13c42b803101
Better handling of the form variable labels.
Richard Jones <richard@users.sourceforge.net>
parents:
1431
diff
changeset
|
138 |
|
13c42b803101
Better handling of the form variable labels.
Richard Jones <richard@users.sourceforge.net>
parents:
1431
diff
changeset
|
139 # |
|
1380
4ce6820c18fa
fixes to CGI form handling (NEEDS BACKPORTING TO 0.5)
Richard Jones <richard@users.sourceforge.net>
parents:
1377
diff
changeset
|
140 # Empty form |
|
4ce6820c18fa
fixes to CGI form handling (NEEDS BACKPORTING TO 0.5)
Richard Jones <richard@users.sourceforge.net>
parents:
1377
diff
changeset
|
141 # |
|
4ce6820c18fa
fixes to CGI form handling (NEEDS BACKPORTING TO 0.5)
Richard Jones <richard@users.sourceforge.net>
parents:
1377
diff
changeset
|
142 def testNothing(self): |
|
1425
58ce2c1614cd
new form handling complete
Richard Jones <richard@users.sourceforge.net>
parents:
1420
diff
changeset
|
143 self.assertEqual(self.parseForm({}), ({('test', None): {}}, [])) |
|
1377
9ddb3ab23a3f
start of CGI form handling tests
Richard Jones <richard@users.sourceforge.net>
parents:
diff
changeset
|
144 |
|
1380
4ce6820c18fa
fixes to CGI form handling (NEEDS BACKPORTING TO 0.5)
Richard Jones <richard@users.sourceforge.net>
parents:
1377
diff
changeset
|
145 def testNothingWithRequired(self): |
|
1819
e24cebaaa7e8
Use FormError.
Johannes Gijsbers <jlgijsbers@users.sourceforge.net>
parents:
1797
diff
changeset
|
146 self.assertRaises(FormError, self.parseForm, {':required': 'string'}) |
|
e24cebaaa7e8
Use FormError.
Johannes Gijsbers <jlgijsbers@users.sourceforge.net>
parents:
1797
diff
changeset
|
147 self.assertRaises(FormError, self.parseForm, |
|
1420
3ac43c62a250
implemented extension to form parsing...
Richard Jones <richard@users.sourceforge.net>
parents:
1393
diff
changeset
|
148 {':required': 'title,status', 'status':'1'}, 'issue') |
|
1819
e24cebaaa7e8
Use FormError.
Johannes Gijsbers <jlgijsbers@users.sourceforge.net>
parents:
1797
diff
changeset
|
149 self.assertRaises(FormError, self.parseForm, |
|
1420
3ac43c62a250
implemented extension to form parsing...
Richard Jones <richard@users.sourceforge.net>
parents:
1393
diff
changeset
|
150 {':required': ['title','status'], 'status':'1'}, 'issue') |
|
1819
e24cebaaa7e8
Use FormError.
Johannes Gijsbers <jlgijsbers@users.sourceforge.net>
parents:
1797
diff
changeset
|
151 self.assertRaises(FormError, self.parseForm, |
|
1420
3ac43c62a250
implemented extension to form parsing...
Richard Jones <richard@users.sourceforge.net>
parents:
1393
diff
changeset
|
152 {':required': 'status', 'status':''}, 'issue') |
|
1819
e24cebaaa7e8
Use FormError.
Johannes Gijsbers <jlgijsbers@users.sourceforge.net>
parents:
1797
diff
changeset
|
153 self.assertRaises(FormError, self.parseForm, |
|
1420
3ac43c62a250
implemented extension to form parsing...
Richard Jones <richard@users.sourceforge.net>
parents:
1393
diff
changeset
|
154 {':required': 'nosy', 'nosy':''}, 'issue') |
|
3656
0119e04886d8
@required in forms may now specify properties of linked items
Richard Jones <richard@users.sourceforge.net>
parents:
3491
diff
changeset
|
155 self.assertRaises(FormError, self.parseForm, |
|
0119e04886d8
@required in forms may now specify properties of linked items
Richard Jones <richard@users.sourceforge.net>
parents:
3491
diff
changeset
|
156 {':required': 'msg-1@content', 'msg-1@content':''}, 'issue') |
|
0119e04886d8
@required in forms may now specify properties of linked items
Richard Jones <richard@users.sourceforge.net>
parents:
3491
diff
changeset
|
157 self.assertRaises(FormError, self.parseForm, |
|
0119e04886d8
@required in forms may now specify properties of linked items
Richard Jones <richard@users.sourceforge.net>
parents:
3491
diff
changeset
|
158 {':required': 'msg-1@content'}, 'issue') |
|
1393
71928bf79302
more CGI fixes and tests
Richard Jones <richard@users.sourceforge.net>
parents:
1385
diff
changeset
|
159 |
|
71928bf79302
more CGI fixes and tests
Richard Jones <richard@users.sourceforge.net>
parents:
1385
diff
changeset
|
160 # |
|
71928bf79302
more CGI fixes and tests
Richard Jones <richard@users.sourceforge.net>
parents:
1385
diff
changeset
|
161 # Nonexistant edit |
|
71928bf79302
more CGI fixes and tests
Richard Jones <richard@users.sourceforge.net>
parents:
1385
diff
changeset
|
162 # |
|
71928bf79302
more CGI fixes and tests
Richard Jones <richard@users.sourceforge.net>
parents:
1385
diff
changeset
|
163 def testEditNonexistant(self): |
|
1819
e24cebaaa7e8
Use FormError.
Johannes Gijsbers <jlgijsbers@users.sourceforge.net>
parents:
1797
diff
changeset
|
164 self.assertRaises(FormError, self.parseForm, {'boolean': ''}, |
|
1420
3ac43c62a250
implemented extension to form parsing...
Richard Jones <richard@users.sourceforge.net>
parents:
1393
diff
changeset
|
165 'test', '1') |
|
1377
9ddb3ab23a3f
start of CGI form handling tests
Richard Jones <richard@users.sourceforge.net>
parents:
diff
changeset
|
166 |
|
1380
4ce6820c18fa
fixes to CGI form handling (NEEDS BACKPORTING TO 0.5)
Richard Jones <richard@users.sourceforge.net>
parents:
1377
diff
changeset
|
167 # |
|
4ce6820c18fa
fixes to CGI form handling (NEEDS BACKPORTING TO 0.5)
Richard Jones <richard@users.sourceforge.net>
parents:
1377
diff
changeset
|
168 # String |
|
4ce6820c18fa
fixes to CGI form handling (NEEDS BACKPORTING TO 0.5)
Richard Jones <richard@users.sourceforge.net>
parents:
1377
diff
changeset
|
169 # |
|
4ce6820c18fa
fixes to CGI form handling (NEEDS BACKPORTING TO 0.5)
Richard Jones <richard@users.sourceforge.net>
parents:
1377
diff
changeset
|
170 def testEmptyString(self): |
|
1425
58ce2c1614cd
new form handling complete
Richard Jones <richard@users.sourceforge.net>
parents:
1420
diff
changeset
|
171 self.assertEqual(self.parseForm({'string': ''}), |
|
58ce2c1614cd
new form handling complete
Richard Jones <richard@users.sourceforge.net>
parents:
1420
diff
changeset
|
172 ({('test', None): {}}, [])) |
|
58ce2c1614cd
new form handling complete
Richard Jones <richard@users.sourceforge.net>
parents:
1420
diff
changeset
|
173 self.assertEqual(self.parseForm({'string': ' '}), |
|
58ce2c1614cd
new form handling complete
Richard Jones <richard@users.sourceforge.net>
parents:
1420
diff
changeset
|
174 ({('test', None): {}}, [])) |
|
1819
e24cebaaa7e8
Use FormError.
Johannes Gijsbers <jlgijsbers@users.sourceforge.net>
parents:
1797
diff
changeset
|
175 self.assertRaises(FormError, self.parseForm, {'string': ['', '']}) |
|
1380
4ce6820c18fa
fixes to CGI form handling (NEEDS BACKPORTING TO 0.5)
Richard Jones <richard@users.sourceforge.net>
parents:
1377
diff
changeset
|
176 |
|
4ce6820c18fa
fixes to CGI form handling (NEEDS BACKPORTING TO 0.5)
Richard Jones <richard@users.sourceforge.net>
parents:
1377
diff
changeset
|
177 def testSetString(self): |
|
1420
3ac43c62a250
implemented extension to form parsing...
Richard Jones <richard@users.sourceforge.net>
parents:
1393
diff
changeset
|
178 self.assertEqual(self.parseForm({'string': 'foo'}), |
|
1425
58ce2c1614cd
new form handling complete
Richard Jones <richard@users.sourceforge.net>
parents:
1420
diff
changeset
|
179 ({('test', None): {'string': 'foo'}}, [])) |
|
1420
3ac43c62a250
implemented extension to form parsing...
Richard Jones <richard@users.sourceforge.net>
parents:
1393
diff
changeset
|
180 self.assertEqual(self.parseForm({'string': 'a\r\nb\r\n'}), |
|
1425
58ce2c1614cd
new form handling complete
Richard Jones <richard@users.sourceforge.net>
parents:
1420
diff
changeset
|
181 ({('test', None): {'string': 'a\nb'}}, [])) |
|
1393
71928bf79302
more CGI fixes and tests
Richard Jones <richard@users.sourceforge.net>
parents:
1385
diff
changeset
|
182 nodeid = self.db.issue.create(title='foo') |
|
1420
3ac43c62a250
implemented extension to form parsing...
Richard Jones <richard@users.sourceforge.net>
parents:
1393
diff
changeset
|
183 self.assertEqual(self.parseForm({'title': 'foo'}, 'issue', nodeid), |
|
1425
58ce2c1614cd
new form handling complete
Richard Jones <richard@users.sourceforge.net>
parents:
1420
diff
changeset
|
184 ({('issue', nodeid): {}}, [])) |
|
1380
4ce6820c18fa
fixes to CGI form handling (NEEDS BACKPORTING TO 0.5)
Richard Jones <richard@users.sourceforge.net>
parents:
1377
diff
changeset
|
185 |
|
4ce6820c18fa
fixes to CGI form handling (NEEDS BACKPORTING TO 0.5)
Richard Jones <richard@users.sourceforge.net>
parents:
1377
diff
changeset
|
186 def testEmptyStringSet(self): |
|
4ce6820c18fa
fixes to CGI form handling (NEEDS BACKPORTING TO 0.5)
Richard Jones <richard@users.sourceforge.net>
parents:
1377
diff
changeset
|
187 nodeid = self.db.issue.create(title='foo') |
|
1420
3ac43c62a250
implemented extension to form parsing...
Richard Jones <richard@users.sourceforge.net>
parents:
1393
diff
changeset
|
188 self.assertEqual(self.parseForm({'title': ''}, 'issue', nodeid), |
|
1425
58ce2c1614cd
new form handling complete
Richard Jones <richard@users.sourceforge.net>
parents:
1420
diff
changeset
|
189 ({('issue', nodeid): {'title': None}}, [])) |
|
1380
4ce6820c18fa
fixes to CGI form handling (NEEDS BACKPORTING TO 0.5)
Richard Jones <richard@users.sourceforge.net>
parents:
1377
diff
changeset
|
190 nodeid = self.db.issue.create(title='foo') |
|
1420
3ac43c62a250
implemented extension to form parsing...
Richard Jones <richard@users.sourceforge.net>
parents:
1393
diff
changeset
|
191 self.assertEqual(self.parseForm({'title': ' '}, 'issue', nodeid), |
|
1425
58ce2c1614cd
new form handling complete
Richard Jones <richard@users.sourceforge.net>
parents:
1420
diff
changeset
|
192 ({('issue', nodeid): {'title': None}}, [])) |
|
58ce2c1614cd
new form handling complete
Richard Jones <richard@users.sourceforge.net>
parents:
1420
diff
changeset
|
193 |
|
3859
9e48fda4a41c
Added two new tests for Links and Multilinks in HTMLItems:
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents:
3777
diff
changeset
|
194 def testStringLinkId(self): |
|
9e48fda4a41c
Added two new tests for Links and Multilinks in HTMLItems:
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents:
3777
diff
changeset
|
195 self.db.status.set('1', name='2') |
|
9e48fda4a41c
Added two new tests for Links and Multilinks in HTMLItems:
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents:
3777
diff
changeset
|
196 self.db.status.set('2', name='1') |
|
9e48fda4a41c
Added two new tests for Links and Multilinks in HTMLItems:
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents:
3777
diff
changeset
|
197 issue = self.db.issue.create(title='i1-status1', status='1') |
|
9e48fda4a41c
Added two new tests for Links and Multilinks in HTMLItems:
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents:
3777
diff
changeset
|
198 self.assertEqual(self.db.issue.get(issue,'status'),'1') |
|
9e48fda4a41c
Added two new tests for Links and Multilinks in HTMLItems:
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents:
3777
diff
changeset
|
199 self.assertEqual(self.db.status.lookup('1'),'2') |
|
9e48fda4a41c
Added two new tests for Links and Multilinks in HTMLItems:
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents:
3777
diff
changeset
|
200 self.assertEqual(self.db.status.lookup('2'),'1') |
| 4781 | 201 self.assertEqual(self.db.issue.get('1','tx_Source'),'web') |
|
3859
9e48fda4a41c
Added two new tests for Links and Multilinks in HTMLItems:
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents:
3777
diff
changeset
|
202 form = cgi.FieldStorage() |
|
9e48fda4a41c
Added two new tests for Links and Multilinks in HTMLItems:
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents:
3777
diff
changeset
|
203 cl = client.Client(self.instance, None, {'PATH_INFO':'/'}, form) |
|
9e48fda4a41c
Added two new tests for Links and Multilinks in HTMLItems:
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents:
3777
diff
changeset
|
204 cl.classname = 'issue' |
|
9e48fda4a41c
Added two new tests for Links and Multilinks in HTMLItems:
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents:
3777
diff
changeset
|
205 cl.nodeid = issue |
|
9e48fda4a41c
Added two new tests for Links and Multilinks in HTMLItems:
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents:
3777
diff
changeset
|
206 cl.db = self.db |
|
3969
905faf52a51f
fix mysql breakage in 1.4.2
Richard Jones <richard@users.sourceforge.net>
parents:
3930
diff
changeset
|
207 cl.language = ('en',) |
|
3859
9e48fda4a41c
Added two new tests for Links and Multilinks in HTMLItems:
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents:
3777
diff
changeset
|
208 item = HTMLItem(cl, 'issue', issue) |
|
9e48fda4a41c
Added two new tests for Links and Multilinks in HTMLItems:
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents:
3777
diff
changeset
|
209 self.assertEqual(item.status.id, '1') |
|
9e48fda4a41c
Added two new tests for Links and Multilinks in HTMLItems:
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents:
3777
diff
changeset
|
210 self.assertEqual(item.status.name, '2') |
|
9e48fda4a41c
Added two new tests for Links and Multilinks in HTMLItems:
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents:
3777
diff
changeset
|
211 |
|
9e48fda4a41c
Added two new tests for Links and Multilinks in HTMLItems:
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents:
3777
diff
changeset
|
212 def testStringMultilinkId(self): |
|
9e48fda4a41c
Added two new tests for Links and Multilinks in HTMLItems:
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents:
3777
diff
changeset
|
213 id = self.db.keyword.create(name='2') |
|
9e48fda4a41c
Added two new tests for Links and Multilinks in HTMLItems:
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents:
3777
diff
changeset
|
214 self.assertEqual(id,'1') |
|
9e48fda4a41c
Added two new tests for Links and Multilinks in HTMLItems:
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents:
3777
diff
changeset
|
215 id = self.db.keyword.create(name='1') |
|
9e48fda4a41c
Added two new tests for Links and Multilinks in HTMLItems:
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents:
3777
diff
changeset
|
216 self.assertEqual(id,'2') |
|
3904
91008ec8f9a0
retire "topic" usage
Justus Pendleton <jpend@users.sourceforge.net>
parents:
3902
diff
changeset
|
217 issue = self.db.issue.create(title='i1-status1', keyword=['1']) |
|
91008ec8f9a0
retire "topic" usage
Justus Pendleton <jpend@users.sourceforge.net>
parents:
3902
diff
changeset
|
218 self.assertEqual(self.db.issue.get(issue,'keyword'),['1']) |
|
3859
9e48fda4a41c
Added two new tests for Links and Multilinks in HTMLItems:
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents:
3777
diff
changeset
|
219 self.assertEqual(self.db.keyword.lookup('1'),'2') |
|
9e48fda4a41c
Added two new tests for Links and Multilinks in HTMLItems:
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents:
3777
diff
changeset
|
220 self.assertEqual(self.db.keyword.lookup('2'),'1') |
| 4781 | 221 self.assertEqual(self.db.issue.get(issue,'tx_Source'),'web') |
|
3859
9e48fda4a41c
Added two new tests for Links and Multilinks in HTMLItems:
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents:
3777
diff
changeset
|
222 form = cgi.FieldStorage() |
|
9e48fda4a41c
Added two new tests for Links and Multilinks in HTMLItems:
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents:
3777
diff
changeset
|
223 cl = client.Client(self.instance, None, {'PATH_INFO':'/'}, form) |
|
9e48fda4a41c
Added two new tests for Links and Multilinks in HTMLItems:
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents:
3777
diff
changeset
|
224 cl.classname = 'issue' |
|
9e48fda4a41c
Added two new tests for Links and Multilinks in HTMLItems:
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents:
3777
diff
changeset
|
225 cl.nodeid = issue |
|
9e48fda4a41c
Added two new tests for Links and Multilinks in HTMLItems:
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents:
3777
diff
changeset
|
226 cl.db = self.db |
|
3969
905faf52a51f
fix mysql breakage in 1.4.2
Richard Jones <richard@users.sourceforge.net>
parents:
3930
diff
changeset
|
227 cl.language = ('en',) |
|
3859
9e48fda4a41c
Added two new tests for Links and Multilinks in HTMLItems:
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents:
3777
diff
changeset
|
228 cl.userid = '1' |
|
9e48fda4a41c
Added two new tests for Links and Multilinks in HTMLItems:
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents:
3777
diff
changeset
|
229 item = HTMLItem(cl, 'issue', issue) |
|
3904
91008ec8f9a0
retire "topic" usage
Justus Pendleton <jpend@users.sourceforge.net>
parents:
3902
diff
changeset
|
230 for keyword in item.keyword: |
|
91008ec8f9a0
retire "topic" usage
Justus Pendleton <jpend@users.sourceforge.net>
parents:
3902
diff
changeset
|
231 self.assertEqual(keyword.id, '1') |
|
91008ec8f9a0
retire "topic" usage
Justus Pendleton <jpend@users.sourceforge.net>
parents:
3902
diff
changeset
|
232 self.assertEqual(keyword.name, '2') |
|
3859
9e48fda4a41c
Added two new tests for Links and Multilinks in HTMLItems:
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents:
3777
diff
changeset
|
233 |
|
1425
58ce2c1614cd
new form handling complete
Richard Jones <richard@users.sourceforge.net>
parents:
1420
diff
changeset
|
234 def testFileUpload(self): |
|
58ce2c1614cd
new form handling complete
Richard Jones <richard@users.sourceforge.net>
parents:
1420
diff
changeset
|
235 file = FileUpload('foo', 'foo.txt') |
|
58ce2c1614cd
new form handling complete
Richard Jones <richard@users.sourceforge.net>
parents:
1420
diff
changeset
|
236 self.assertEqual(self.parseForm({'content': file}, 'file'), |
|
58ce2c1614cd
new form handling complete
Richard Jones <richard@users.sourceforge.net>
parents:
1420
diff
changeset
|
237 ({('file', None): {'content': 'foo', 'name': 'foo.txt', |
|
58ce2c1614cd
new form handling complete
Richard Jones <richard@users.sourceforge.net>
parents:
1420
diff
changeset
|
238 'type': 'text/plain'}}, [])) |
|
1380
4ce6820c18fa
fixes to CGI form handling (NEEDS BACKPORTING TO 0.5)
Richard Jones <richard@users.sourceforge.net>
parents:
1377
diff
changeset
|
239 |
|
5065
47ab150b7325
Allow multiple file uploads
Ralf Schlatterbeck <rsc@runtux.com>
parents:
5037
diff
changeset
|
240 def testSingleFileUpload(self): |
|
47ab150b7325
Allow multiple file uploads
Ralf Schlatterbeck <rsc@runtux.com>
parents:
5037
diff
changeset
|
241 file = FileUpload('foo', 'foo.txt') |
|
47ab150b7325
Allow multiple file uploads
Ralf Schlatterbeck <rsc@runtux.com>
parents:
5037
diff
changeset
|
242 self.assertEqual(self.parseForm({'@file': file}, 'issue'), |
|
47ab150b7325
Allow multiple file uploads
Ralf Schlatterbeck <rsc@runtux.com>
parents:
5037
diff
changeset
|
243 ({('file', '-1'): {'content': 'foo', 'name': 'foo.txt', |
|
47ab150b7325
Allow multiple file uploads
Ralf Schlatterbeck <rsc@runtux.com>
parents:
5037
diff
changeset
|
244 'type': 'text/plain'}, |
|
47ab150b7325
Allow multiple file uploads
Ralf Schlatterbeck <rsc@runtux.com>
parents:
5037
diff
changeset
|
245 ('issue', None): {}}, |
|
47ab150b7325
Allow multiple file uploads
Ralf Schlatterbeck <rsc@runtux.com>
parents:
5037
diff
changeset
|
246 [('issue', None, 'files', [('file', '-1')])])) |
|
47ab150b7325
Allow multiple file uploads
Ralf Schlatterbeck <rsc@runtux.com>
parents:
5037
diff
changeset
|
247 |
|
47ab150b7325
Allow multiple file uploads
Ralf Schlatterbeck <rsc@runtux.com>
parents:
5037
diff
changeset
|
248 def testMultipleFileUpload(self): |
|
47ab150b7325
Allow multiple file uploads
Ralf Schlatterbeck <rsc@runtux.com>
parents:
5037
diff
changeset
|
249 f1 = FileUpload('foo', 'foo.txt') |
|
47ab150b7325
Allow multiple file uploads
Ralf Schlatterbeck <rsc@runtux.com>
parents:
5037
diff
changeset
|
250 f2 = FileUpload('bar', 'bar.txt') |
|
47ab150b7325
Allow multiple file uploads
Ralf Schlatterbeck <rsc@runtux.com>
parents:
5037
diff
changeset
|
251 f3 = FileUpload('baz', 'baz.txt') |
|
47ab150b7325
Allow multiple file uploads
Ralf Schlatterbeck <rsc@runtux.com>
parents:
5037
diff
changeset
|
252 files = FileList('@file', f1, f2, f3) |
|
47ab150b7325
Allow multiple file uploads
Ralf Schlatterbeck <rsc@runtux.com>
parents:
5037
diff
changeset
|
253 |
|
47ab150b7325
Allow multiple file uploads
Ralf Schlatterbeck <rsc@runtux.com>
parents:
5037
diff
changeset
|
254 self.assertEqual(self.parseForm(files, 'issue'), |
|
47ab150b7325
Allow multiple file uploads
Ralf Schlatterbeck <rsc@runtux.com>
parents:
5037
diff
changeset
|
255 ({('file', '-1'): {'content': 'foo', 'name': 'foo.txt', |
|
47ab150b7325
Allow multiple file uploads
Ralf Schlatterbeck <rsc@runtux.com>
parents:
5037
diff
changeset
|
256 'type': 'text/plain'}, |
|
47ab150b7325
Allow multiple file uploads
Ralf Schlatterbeck <rsc@runtux.com>
parents:
5037
diff
changeset
|
257 ('file', '-2'): {'content': 'bar', 'name': 'bar.txt', |
|
47ab150b7325
Allow multiple file uploads
Ralf Schlatterbeck <rsc@runtux.com>
parents:
5037
diff
changeset
|
258 'type': 'text/plain'}, |
|
47ab150b7325
Allow multiple file uploads
Ralf Schlatterbeck <rsc@runtux.com>
parents:
5037
diff
changeset
|
259 ('file', '-3'): {'content': 'baz', 'name': 'baz.txt', |
|
47ab150b7325
Allow multiple file uploads
Ralf Schlatterbeck <rsc@runtux.com>
parents:
5037
diff
changeset
|
260 'type': 'text/plain'}, |
|
47ab150b7325
Allow multiple file uploads
Ralf Schlatterbeck <rsc@runtux.com>
parents:
5037
diff
changeset
|
261 ('issue', None): {}}, |
|
47ab150b7325
Allow multiple file uploads
Ralf Schlatterbeck <rsc@runtux.com>
parents:
5037
diff
changeset
|
262 [ ('issue', None, 'files', [('file', '-1')]) |
|
47ab150b7325
Allow multiple file uploads
Ralf Schlatterbeck <rsc@runtux.com>
parents:
5037
diff
changeset
|
263 , ('issue', None, 'files', [('file', '-2')]) |
|
47ab150b7325
Allow multiple file uploads
Ralf Schlatterbeck <rsc@runtux.com>
parents:
5037
diff
changeset
|
264 , ('issue', None, 'files', [('file', '-3')]) |
|
47ab150b7325
Allow multiple file uploads
Ralf Schlatterbeck <rsc@runtux.com>
parents:
5037
diff
changeset
|
265 ])) |
|
47ab150b7325
Allow multiple file uploads
Ralf Schlatterbeck <rsc@runtux.com>
parents:
5037
diff
changeset
|
266 |
|
1734
5a04969176dc
Regression test case to ensure FileClass attribute bug doesn't show up again.
Johannes Gijsbers <jlgijsbers@users.sourceforge.net>
parents:
1684
diff
changeset
|
267 def testEditFileClassAttributes(self): |
|
5a04969176dc
Regression test case to ensure FileClass attribute bug doesn't show up again.
Johannes Gijsbers <jlgijsbers@users.sourceforge.net>
parents:
1684
diff
changeset
|
268 self.assertEqual(self.parseForm({'name': 'foo.txt', |
|
5a04969176dc
Regression test case to ensure FileClass attribute bug doesn't show up again.
Johannes Gijsbers <jlgijsbers@users.sourceforge.net>
parents:
1684
diff
changeset
|
269 'type': 'application/octet-stream'}, |
|
5a04969176dc
Regression test case to ensure FileClass attribute bug doesn't show up again.
Johannes Gijsbers <jlgijsbers@users.sourceforge.net>
parents:
1684
diff
changeset
|
270 'file'), |
|
5a04969176dc
Regression test case to ensure FileClass attribute bug doesn't show up again.
Johannes Gijsbers <jlgijsbers@users.sourceforge.net>
parents:
1684
diff
changeset
|
271 ({('file', None): {'name': 'foo.txt', |
|
5a04969176dc
Regression test case to ensure FileClass attribute bug doesn't show up again.
Johannes Gijsbers <jlgijsbers@users.sourceforge.net>
parents:
1684
diff
changeset
|
272 'type': 'application/octet-stream'}},[])) |
|
5a04969176dc
Regression test case to ensure FileClass attribute bug doesn't show up again.
Johannes Gijsbers <jlgijsbers@users.sourceforge.net>
parents:
1684
diff
changeset
|
273 |
|
1380
4ce6820c18fa
fixes to CGI form handling (NEEDS BACKPORTING TO 0.5)
Richard Jones <richard@users.sourceforge.net>
parents:
1377
diff
changeset
|
274 # |
|
1385
2bd4822f96a6
- more fixes to CGI form handling
Richard Jones <richard@users.sourceforge.net>
parents:
1382
diff
changeset
|
275 # Link |
|
2bd4822f96a6
- more fixes to CGI form handling
Richard Jones <richard@users.sourceforge.net>
parents:
1382
diff
changeset
|
276 # |
|
2bd4822f96a6
- more fixes to CGI form handling
Richard Jones <richard@users.sourceforge.net>
parents:
1382
diff
changeset
|
277 def testEmptyLink(self): |
|
1425
58ce2c1614cd
new form handling complete
Richard Jones <richard@users.sourceforge.net>
parents:
1420
diff
changeset
|
278 self.assertEqual(self.parseForm({'link': ''}), |
|
58ce2c1614cd
new form handling complete
Richard Jones <richard@users.sourceforge.net>
parents:
1420
diff
changeset
|
279 ({('test', None): {}}, [])) |
|
58ce2c1614cd
new form handling complete
Richard Jones <richard@users.sourceforge.net>
parents:
1420
diff
changeset
|
280 self.assertEqual(self.parseForm({'link': ' '}), |
|
58ce2c1614cd
new form handling complete
Richard Jones <richard@users.sourceforge.net>
parents:
1420
diff
changeset
|
281 ({('test', None): {}}, [])) |
|
1819
e24cebaaa7e8
Use FormError.
Johannes Gijsbers <jlgijsbers@users.sourceforge.net>
parents:
1797
diff
changeset
|
282 self.assertRaises(FormError, self.parseForm, {'link': ['', '']}) |
|
1425
58ce2c1614cd
new form handling complete
Richard Jones <richard@users.sourceforge.net>
parents:
1420
diff
changeset
|
283 self.assertEqual(self.parseForm({'link': '-1'}), |
|
58ce2c1614cd
new form handling complete
Richard Jones <richard@users.sourceforge.net>
parents:
1420
diff
changeset
|
284 ({('test', None): {}}, [])) |
|
1385
2bd4822f96a6
- more fixes to CGI form handling
Richard Jones <richard@users.sourceforge.net>
parents:
1382
diff
changeset
|
285 |
|
2bd4822f96a6
- more fixes to CGI form handling
Richard Jones <richard@users.sourceforge.net>
parents:
1382
diff
changeset
|
286 def testSetLink(self): |
|
1420
3ac43c62a250
implemented extension to form parsing...
Richard Jones <richard@users.sourceforge.net>
parents:
1393
diff
changeset
|
287 self.assertEqual(self.parseForm({'status': 'unread'}, 'issue'), |
|
1425
58ce2c1614cd
new form handling complete
Richard Jones <richard@users.sourceforge.net>
parents:
1420
diff
changeset
|
288 ({('issue', None): {'status': '1'}}, [])) |
|
1420
3ac43c62a250
implemented extension to form parsing...
Richard Jones <richard@users.sourceforge.net>
parents:
1393
diff
changeset
|
289 self.assertEqual(self.parseForm({'status': '1'}, 'issue'), |
|
1425
58ce2c1614cd
new form handling complete
Richard Jones <richard@users.sourceforge.net>
parents:
1420
diff
changeset
|
290 ({('issue', None): {'status': '1'}}, [])) |
|
1393
71928bf79302
more CGI fixes and tests
Richard Jones <richard@users.sourceforge.net>
parents:
1385
diff
changeset
|
291 nodeid = self.db.issue.create(status='unread') |
|
1420
3ac43c62a250
implemented extension to form parsing...
Richard Jones <richard@users.sourceforge.net>
parents:
1393
diff
changeset
|
292 self.assertEqual(self.parseForm({'status': 'unread'}, 'issue', nodeid), |
|
1425
58ce2c1614cd
new form handling complete
Richard Jones <richard@users.sourceforge.net>
parents:
1420
diff
changeset
|
293 ({('issue', nodeid): {}}, [])) |
| 4781 | 294 self.assertEqual(self.db.issue.get(nodeid,'tx_Source'),'web') |
|
1385
2bd4822f96a6
- more fixes to CGI form handling
Richard Jones <richard@users.sourceforge.net>
parents:
1382
diff
changeset
|
295 |
|
2bd4822f96a6
- more fixes to CGI form handling
Richard Jones <richard@users.sourceforge.net>
parents:
1382
diff
changeset
|
296 def testUnsetLink(self): |
|
2bd4822f96a6
- more fixes to CGI form handling
Richard Jones <richard@users.sourceforge.net>
parents:
1382
diff
changeset
|
297 nodeid = self.db.issue.create(status='unread') |
|
1420
3ac43c62a250
implemented extension to form parsing...
Richard Jones <richard@users.sourceforge.net>
parents:
1393
diff
changeset
|
298 self.assertEqual(self.parseForm({'status': '-1'}, 'issue', nodeid), |
|
1425
58ce2c1614cd
new form handling complete
Richard Jones <richard@users.sourceforge.net>
parents:
1420
diff
changeset
|
299 ({('issue', nodeid): {'status': None}}, [])) |
| 4781 | 300 self.assertEqual(self.db.issue.get(nodeid,'tx_Source'),'web') |
|
1385
2bd4822f96a6
- more fixes to CGI form handling
Richard Jones <richard@users.sourceforge.net>
parents:
1382
diff
changeset
|
301 |
|
2bd4822f96a6
- more fixes to CGI form handling
Richard Jones <richard@users.sourceforge.net>
parents:
1382
diff
changeset
|
302 def testInvalidLinkValue(self): |
|
2bd4822f96a6
- more fixes to CGI form handling
Richard Jones <richard@users.sourceforge.net>
parents:
1382
diff
changeset
|
303 # XXX This is not the current behaviour - should we enforce this? |
|
1420
3ac43c62a250
implemented extension to form parsing...
Richard Jones <richard@users.sourceforge.net>
parents:
1393
diff
changeset
|
304 # self.assertRaises(IndexError, self.parseForm, |
|
3ac43c62a250
implemented extension to form parsing...
Richard Jones <richard@users.sourceforge.net>
parents:
1393
diff
changeset
|
305 # {'status': '4'})) |
|
1819
e24cebaaa7e8
Use FormError.
Johannes Gijsbers <jlgijsbers@users.sourceforge.net>
parents:
1797
diff
changeset
|
306 self.assertRaises(FormError, self.parseForm, {'link': 'frozzle'}) |
|
e24cebaaa7e8
Use FormError.
Johannes Gijsbers <jlgijsbers@users.sourceforge.net>
parents:
1797
diff
changeset
|
307 self.assertRaises(FormError, self.parseForm, {'status': 'frozzle'}, |
|
1425
58ce2c1614cd
new form handling complete
Richard Jones <richard@users.sourceforge.net>
parents:
1420
diff
changeset
|
308 'issue') |
|
1385
2bd4822f96a6
- more fixes to CGI form handling
Richard Jones <richard@users.sourceforge.net>
parents:
1382
diff
changeset
|
309 |
|
2bd4822f96a6
- more fixes to CGI form handling
Richard Jones <richard@users.sourceforge.net>
parents:
1382
diff
changeset
|
310 # |
|
1380
4ce6820c18fa
fixes to CGI form handling (NEEDS BACKPORTING TO 0.5)
Richard Jones <richard@users.sourceforge.net>
parents:
1377
diff
changeset
|
311 # Multilink |
|
4ce6820c18fa
fixes to CGI form handling (NEEDS BACKPORTING TO 0.5)
Richard Jones <richard@users.sourceforge.net>
parents:
1377
diff
changeset
|
312 # |
|
4ce6820c18fa
fixes to CGI form handling (NEEDS BACKPORTING TO 0.5)
Richard Jones <richard@users.sourceforge.net>
parents:
1377
diff
changeset
|
313 def testEmptyMultilink(self): |
|
1425
58ce2c1614cd
new form handling complete
Richard Jones <richard@users.sourceforge.net>
parents:
1420
diff
changeset
|
314 self.assertEqual(self.parseForm({'nosy': ''}), |
|
58ce2c1614cd
new form handling complete
Richard Jones <richard@users.sourceforge.net>
parents:
1420
diff
changeset
|
315 ({('test', None): {}}, [])) |
|
58ce2c1614cd
new form handling complete
Richard Jones <richard@users.sourceforge.net>
parents:
1420
diff
changeset
|
316 self.assertEqual(self.parseForm({'nosy': ' '}), |
|
58ce2c1614cd
new form handling complete
Richard Jones <richard@users.sourceforge.net>
parents:
1420
diff
changeset
|
317 ({('test', None): {}}, [])) |
|
1380
4ce6820c18fa
fixes to CGI form handling (NEEDS BACKPORTING TO 0.5)
Richard Jones <richard@users.sourceforge.net>
parents:
1377
diff
changeset
|
318 |
|
4ce6820c18fa
fixes to CGI form handling (NEEDS BACKPORTING TO 0.5)
Richard Jones <richard@users.sourceforge.net>
parents:
1377
diff
changeset
|
319 def testSetMultilink(self): |
|
1420
3ac43c62a250
implemented extension to form parsing...
Richard Jones <richard@users.sourceforge.net>
parents:
1393
diff
changeset
|
320 self.assertEqual(self.parseForm({'nosy': '1'}, 'issue'), |
|
1425
58ce2c1614cd
new form handling complete
Richard Jones <richard@users.sourceforge.net>
parents:
1420
diff
changeset
|
321 ({('issue', None): {'nosy': ['1']}}, [])) |
|
1420
3ac43c62a250
implemented extension to form parsing...
Richard Jones <richard@users.sourceforge.net>
parents:
1393
diff
changeset
|
322 self.assertEqual(self.parseForm({'nosy': 'admin'}, 'issue'), |
|
1425
58ce2c1614cd
new form handling complete
Richard Jones <richard@users.sourceforge.net>
parents:
1420
diff
changeset
|
323 ({('issue', None): {'nosy': ['1']}}, [])) |
|
1420
3ac43c62a250
implemented extension to form parsing...
Richard Jones <richard@users.sourceforge.net>
parents:
1393
diff
changeset
|
324 self.assertEqual(self.parseForm({'nosy': ['1','2']}, 'issue'), |
|
1425
58ce2c1614cd
new form handling complete
Richard Jones <richard@users.sourceforge.net>
parents:
1420
diff
changeset
|
325 ({('issue', None): {'nosy': ['1','2']}}, [])) |
|
1420
3ac43c62a250
implemented extension to form parsing...
Richard Jones <richard@users.sourceforge.net>
parents:
1393
diff
changeset
|
326 self.assertEqual(self.parseForm({'nosy': '1,2'}, 'issue'), |
|
1425
58ce2c1614cd
new form handling complete
Richard Jones <richard@users.sourceforge.net>
parents:
1420
diff
changeset
|
327 ({('issue', None): {'nosy': ['1','2']}}, [])) |
|
1420
3ac43c62a250
implemented extension to form parsing...
Richard Jones <richard@users.sourceforge.net>
parents:
1393
diff
changeset
|
328 self.assertEqual(self.parseForm({'nosy': 'admin,2'}, 'issue'), |
|
1425
58ce2c1614cd
new form handling complete
Richard Jones <richard@users.sourceforge.net>
parents:
1420
diff
changeset
|
329 ({('issue', None): {'nosy': ['1','2']}}, [])) |
|
1380
4ce6820c18fa
fixes to CGI form handling (NEEDS BACKPORTING TO 0.5)
Richard Jones <richard@users.sourceforge.net>
parents:
1377
diff
changeset
|
330 |
|
1631
8a908bbad1ef
A couple of form value handling changes:
Richard Jones <richard@users.sourceforge.net>
parents:
1592
diff
changeset
|
331 def testMixedMultilink(self): |
|
8a908bbad1ef
A couple of form value handling changes:
Richard Jones <richard@users.sourceforge.net>
parents:
1592
diff
changeset
|
332 form = cgi.FieldStorage() |
|
8a908bbad1ef
A couple of form value handling changes:
Richard Jones <richard@users.sourceforge.net>
parents:
1592
diff
changeset
|
333 form.list.append(cgi.MiniFieldStorage('nosy', '1,2')) |
|
8a908bbad1ef
A couple of form value handling changes:
Richard Jones <richard@users.sourceforge.net>
parents:
1592
diff
changeset
|
334 form.list.append(cgi.MiniFieldStorage('nosy', '3')) |
|
8a908bbad1ef
A couple of form value handling changes:
Richard Jones <richard@users.sourceforge.net>
parents:
1592
diff
changeset
|
335 cl = client.Client(self.instance, None, {'PATH_INFO':'/'}, form) |
|
8a908bbad1ef
A couple of form value handling changes:
Richard Jones <richard@users.sourceforge.net>
parents:
1592
diff
changeset
|
336 cl.classname = 'issue' |
|
8a908bbad1ef
A couple of form value handling changes:
Richard Jones <richard@users.sourceforge.net>
parents:
1592
diff
changeset
|
337 cl.nodeid = None |
|
8a908bbad1ef
A couple of form value handling changes:
Richard Jones <richard@users.sourceforge.net>
parents:
1592
diff
changeset
|
338 cl.db = self.db |
|
3969
905faf52a51f
fix mysql breakage in 1.4.2
Richard Jones <richard@users.sourceforge.net>
parents:
3930
diff
changeset
|
339 cl.language = ('en',) |
|
2696
a5c5a1106e3b
init.initialize() was removed in [[CVS:1.30]] (27-jul-2004)
Alexander Smishlajev <a1s@users.sourceforge.net>
parents:
2027
diff
changeset
|
340 self.assertEqual(cl.parsePropsFromForm(create=1), |
|
1631
8a908bbad1ef
A couple of form value handling changes:
Richard Jones <richard@users.sourceforge.net>
parents:
1592
diff
changeset
|
341 ({('issue', None): {'nosy': ['1','2', '3']}}, [])) |
|
8a908bbad1ef
A couple of form value handling changes:
Richard Jones <richard@users.sourceforge.net>
parents:
1592
diff
changeset
|
342 |
|
1380
4ce6820c18fa
fixes to CGI form handling (NEEDS BACKPORTING TO 0.5)
Richard Jones <richard@users.sourceforge.net>
parents:
1377
diff
changeset
|
343 def testEmptyMultilinkSet(self): |
|
4ce6820c18fa
fixes to CGI form handling (NEEDS BACKPORTING TO 0.5)
Richard Jones <richard@users.sourceforge.net>
parents:
1377
diff
changeset
|
344 nodeid = self.db.issue.create(nosy=['1','2']) |
|
2696
a5c5a1106e3b
init.initialize() was removed in [[CVS:1.30]] (27-jul-2004)
Alexander Smishlajev <a1s@users.sourceforge.net>
parents:
2027
diff
changeset
|
345 self.assertEqual(self.parseForm({'nosy': ''}, 'issue', nodeid), |
|
1425
58ce2c1614cd
new form handling complete
Richard Jones <richard@users.sourceforge.net>
parents:
1420
diff
changeset
|
346 ({('issue', nodeid): {'nosy': []}}, [])) |
|
1380
4ce6820c18fa
fixes to CGI form handling (NEEDS BACKPORTING TO 0.5)
Richard Jones <richard@users.sourceforge.net>
parents:
1377
diff
changeset
|
347 nodeid = self.db.issue.create(nosy=['1','2']) |
|
2696
a5c5a1106e3b
init.initialize() was removed in [[CVS:1.30]] (27-jul-2004)
Alexander Smishlajev <a1s@users.sourceforge.net>
parents:
2027
diff
changeset
|
348 self.assertEqual(self.parseForm({'nosy': ' '}, 'issue', nodeid), |
|
1425
58ce2c1614cd
new form handling complete
Richard Jones <richard@users.sourceforge.net>
parents:
1420
diff
changeset
|
349 ({('issue', nodeid): {'nosy': []}}, [])) |
|
1420
3ac43c62a250
implemented extension to form parsing...
Richard Jones <richard@users.sourceforge.net>
parents:
1393
diff
changeset
|
350 self.assertEqual(self.parseForm({'nosy': '1,2'}, 'issue', nodeid), |
|
1425
58ce2c1614cd
new form handling complete
Richard Jones <richard@users.sourceforge.net>
parents:
1420
diff
changeset
|
351 ({('issue', nodeid): {}}, [])) |
|
1380
4ce6820c18fa
fixes to CGI form handling (NEEDS BACKPORTING TO 0.5)
Richard Jones <richard@users.sourceforge.net>
parents:
1377
diff
changeset
|
352 |
|
1381
944bd3c6d365
more cgi form parsing tests, and a fix for an outstanding couple of bugs
Richard Jones <richard@users.sourceforge.net>
parents:
1380
diff
changeset
|
353 def testInvalidMultilinkValue(self): |
|
944bd3c6d365
more cgi form parsing tests, and a fix for an outstanding couple of bugs
Richard Jones <richard@users.sourceforge.net>
parents:
1380
diff
changeset
|
354 # XXX This is not the current behaviour - should we enforce this? |
|
1420
3ac43c62a250
implemented extension to form parsing...
Richard Jones <richard@users.sourceforge.net>
parents:
1393
diff
changeset
|
355 # self.assertRaises(IndexError, self.parseForm, |
|
3ac43c62a250
implemented extension to form parsing...
Richard Jones <richard@users.sourceforge.net>
parents:
1393
diff
changeset
|
356 # {'nosy': '4'})) |
|
1819
e24cebaaa7e8
Use FormError.
Johannes Gijsbers <jlgijsbers@users.sourceforge.net>
parents:
1797
diff
changeset
|
357 self.assertRaises(FormError, self.parseForm, {'nosy': 'frozzle'}, |
|
1420
3ac43c62a250
implemented extension to form parsing...
Richard Jones <richard@users.sourceforge.net>
parents:
1393
diff
changeset
|
358 'issue') |
|
1819
e24cebaaa7e8
Use FormError.
Johannes Gijsbers <jlgijsbers@users.sourceforge.net>
parents:
1797
diff
changeset
|
359 self.assertRaises(FormError, self.parseForm, {'nosy': '1,frozzle'}, |
|
1420
3ac43c62a250
implemented extension to form parsing...
Richard Jones <richard@users.sourceforge.net>
parents:
1393
diff
changeset
|
360 'issue') |
|
1819
e24cebaaa7e8
Use FormError.
Johannes Gijsbers <jlgijsbers@users.sourceforge.net>
parents:
1797
diff
changeset
|
361 self.assertRaises(FormError, self.parseForm, {'multilink': 'frozzle'}) |
|
1381
944bd3c6d365
more cgi form parsing tests, and a fix for an outstanding couple of bugs
Richard Jones <richard@users.sourceforge.net>
parents:
1380
diff
changeset
|
362 |
|
944bd3c6d365
more cgi form parsing tests, and a fix for an outstanding couple of bugs
Richard Jones <richard@users.sourceforge.net>
parents:
1380
diff
changeset
|
363 def testMultilinkAdd(self): |
|
944bd3c6d365
more cgi form parsing tests, and a fix for an outstanding couple of bugs
Richard Jones <richard@users.sourceforge.net>
parents:
1380
diff
changeset
|
364 nodeid = self.db.issue.create(nosy=['1']) |
|
944bd3c6d365
more cgi form parsing tests, and a fix for an outstanding couple of bugs
Richard Jones <richard@users.sourceforge.net>
parents:
1380
diff
changeset
|
365 # do nothing |
|
1420
3ac43c62a250
implemented extension to form parsing...
Richard Jones <richard@users.sourceforge.net>
parents:
1393
diff
changeset
|
366 self.assertEqual(self.parseForm({':add:nosy': ''}, 'issue', nodeid), |
|
1425
58ce2c1614cd
new form handling complete
Richard Jones <richard@users.sourceforge.net>
parents:
1420
diff
changeset
|
367 ({('issue', nodeid): {}}, [])) |
|
1381
944bd3c6d365
more cgi form parsing tests, and a fix for an outstanding couple of bugs
Richard Jones <richard@users.sourceforge.net>
parents:
1380
diff
changeset
|
368 |
|
944bd3c6d365
more cgi form parsing tests, and a fix for an outstanding couple of bugs
Richard Jones <richard@users.sourceforge.net>
parents:
1380
diff
changeset
|
369 # do something ;) |
|
1420
3ac43c62a250
implemented extension to form parsing...
Richard Jones <richard@users.sourceforge.net>
parents:
1393
diff
changeset
|
370 self.assertEqual(self.parseForm({':add:nosy': '2'}, 'issue', nodeid), |
|
1425
58ce2c1614cd
new form handling complete
Richard Jones <richard@users.sourceforge.net>
parents:
1420
diff
changeset
|
371 ({('issue', nodeid): {'nosy': ['1','2']}}, [])) |
|
1420
3ac43c62a250
implemented extension to form parsing...
Richard Jones <richard@users.sourceforge.net>
parents:
1393
diff
changeset
|
372 self.assertEqual(self.parseForm({':add:nosy': '2,mary'}, 'issue', |
|
1425
58ce2c1614cd
new form handling complete
Richard Jones <richard@users.sourceforge.net>
parents:
1420
diff
changeset
|
373 nodeid), ({('issue', nodeid): {'nosy': ['1','2','4']}}, [])) |
|
1420
3ac43c62a250
implemented extension to form parsing...
Richard Jones <richard@users.sourceforge.net>
parents:
1393
diff
changeset
|
374 self.assertEqual(self.parseForm({':add:nosy': ['2','3']}, 'issue', |
|
1425
58ce2c1614cd
new form handling complete
Richard Jones <richard@users.sourceforge.net>
parents:
1420
diff
changeset
|
375 nodeid), ({('issue', nodeid): {'nosy': ['1','2','3']}}, [])) |
|
1381
944bd3c6d365
more cgi form parsing tests, and a fix for an outstanding couple of bugs
Richard Jones <richard@users.sourceforge.net>
parents:
1380
diff
changeset
|
376 |
|
1382
87143c3d7156
really fix [SF#663235], and test it
Richard Jones <richard@users.sourceforge.net>
parents:
1381
diff
changeset
|
377 def testMultilinkAddNew(self): |
|
1420
3ac43c62a250
implemented extension to form parsing...
Richard Jones <richard@users.sourceforge.net>
parents:
1393
diff
changeset
|
378 self.assertEqual(self.parseForm({':add:nosy': ['2','3']}, 'issue'), |
|
1425
58ce2c1614cd
new form handling complete
Richard Jones <richard@users.sourceforge.net>
parents:
1420
diff
changeset
|
379 ({('issue', None): {'nosy': ['2','3']}}, [])) |
|
1382
87143c3d7156
really fix [SF#663235], and test it
Richard Jones <richard@users.sourceforge.net>
parents:
1381
diff
changeset
|
380 |
|
1381
944bd3c6d365
more cgi form parsing tests, and a fix for an outstanding couple of bugs
Richard Jones <richard@users.sourceforge.net>
parents:
1380
diff
changeset
|
381 def testMultilinkRemove(self): |
|
944bd3c6d365
more cgi form parsing tests, and a fix for an outstanding couple of bugs
Richard Jones <richard@users.sourceforge.net>
parents:
1380
diff
changeset
|
382 nodeid = self.db.issue.create(nosy=['1','2']) |
|
944bd3c6d365
more cgi form parsing tests, and a fix for an outstanding couple of bugs
Richard Jones <richard@users.sourceforge.net>
parents:
1380
diff
changeset
|
383 # do nothing |
|
1420
3ac43c62a250
implemented extension to form parsing...
Richard Jones <richard@users.sourceforge.net>
parents:
1393
diff
changeset
|
384 self.assertEqual(self.parseForm({':remove:nosy': ''}, 'issue', nodeid), |
|
1425
58ce2c1614cd
new form handling complete
Richard Jones <richard@users.sourceforge.net>
parents:
1420
diff
changeset
|
385 ({('issue', nodeid): {}}, [])) |
|
1381
944bd3c6d365
more cgi form parsing tests, and a fix for an outstanding couple of bugs
Richard Jones <richard@users.sourceforge.net>
parents:
1380
diff
changeset
|
386 |
|
944bd3c6d365
more cgi form parsing tests, and a fix for an outstanding couple of bugs
Richard Jones <richard@users.sourceforge.net>
parents:
1380
diff
changeset
|
387 # do something ;) |
|
1420
3ac43c62a250
implemented extension to form parsing...
Richard Jones <richard@users.sourceforge.net>
parents:
1393
diff
changeset
|
388 self.assertEqual(self.parseForm({':remove:nosy': '1'}, 'issue', |
|
1425
58ce2c1614cd
new form handling complete
Richard Jones <richard@users.sourceforge.net>
parents:
1420
diff
changeset
|
389 nodeid), ({('issue', nodeid): {'nosy': ['2']}}, [])) |
|
1420
3ac43c62a250
implemented extension to form parsing...
Richard Jones <richard@users.sourceforge.net>
parents:
1393
diff
changeset
|
390 self.assertEqual(self.parseForm({':remove:nosy': 'admin,2'}, |
|
1425
58ce2c1614cd
new form handling complete
Richard Jones <richard@users.sourceforge.net>
parents:
1420
diff
changeset
|
391 'issue', nodeid), ({('issue', nodeid): {'nosy': []}}, [])) |
|
1420
3ac43c62a250
implemented extension to form parsing...
Richard Jones <richard@users.sourceforge.net>
parents:
1393
diff
changeset
|
392 self.assertEqual(self.parseForm({':remove:nosy': ['1','2']}, |
|
1425
58ce2c1614cd
new form handling complete
Richard Jones <richard@users.sourceforge.net>
parents:
1420
diff
changeset
|
393 'issue', nodeid), ({('issue', nodeid): {'nosy': []}}, [])) |
|
58ce2c1614cd
new form handling complete
Richard Jones <richard@users.sourceforge.net>
parents:
1420
diff
changeset
|
394 |
|
58ce2c1614cd
new form handling complete
Richard Jones <richard@users.sourceforge.net>
parents:
1420
diff
changeset
|
395 # add and remove |
|
58ce2c1614cd
new form handling complete
Richard Jones <richard@users.sourceforge.net>
parents:
1420
diff
changeset
|
396 self.assertEqual(self.parseForm({':add:nosy': ['3'], |
|
58ce2c1614cd
new form handling complete
Richard Jones <richard@users.sourceforge.net>
parents:
1420
diff
changeset
|
397 ':remove:nosy': ['1','2']}, |
|
58ce2c1614cd
new form handling complete
Richard Jones <richard@users.sourceforge.net>
parents:
1420
diff
changeset
|
398 'issue', nodeid), ({('issue', nodeid): {'nosy': ['3']}}, [])) |
|
1381
944bd3c6d365
more cgi form parsing tests, and a fix for an outstanding couple of bugs
Richard Jones <richard@users.sourceforge.net>
parents:
1380
diff
changeset
|
399 |
|
944bd3c6d365
more cgi form parsing tests, and a fix for an outstanding couple of bugs
Richard Jones <richard@users.sourceforge.net>
parents:
1380
diff
changeset
|
400 # remove one that doesn't exist? |
|
1819
e24cebaaa7e8
Use FormError.
Johannes Gijsbers <jlgijsbers@users.sourceforge.net>
parents:
1797
diff
changeset
|
401 self.assertRaises(FormError, self.parseForm, {':remove:nosy': '4'}, |
|
1420
3ac43c62a250
implemented extension to form parsing...
Richard Jones <richard@users.sourceforge.net>
parents:
1393
diff
changeset
|
402 'issue', nodeid) |
|
1381
944bd3c6d365
more cgi form parsing tests, and a fix for an outstanding couple of bugs
Richard Jones <richard@users.sourceforge.net>
parents:
1380
diff
changeset
|
403 |
|
1385
2bd4822f96a6
- more fixes to CGI form handling
Richard Jones <richard@users.sourceforge.net>
parents:
1382
diff
changeset
|
404 def testMultilinkRetired(self): |
|
2bd4822f96a6
- more fixes to CGI form handling
Richard Jones <richard@users.sourceforge.net>
parents:
1382
diff
changeset
|
405 self.db.user.retire('2') |
|
1420
3ac43c62a250
implemented extension to form parsing...
Richard Jones <richard@users.sourceforge.net>
parents:
1393
diff
changeset
|
406 self.assertEqual(self.parseForm({'nosy': ['2','3']}, 'issue'), |
|
1425
58ce2c1614cd
new form handling complete
Richard Jones <richard@users.sourceforge.net>
parents:
1420
diff
changeset
|
407 ({('issue', None): {'nosy': ['2','3']}}, [])) |
|
1385
2bd4822f96a6
- more fixes to CGI form handling
Richard Jones <richard@users.sourceforge.net>
parents:
1382
diff
changeset
|
408 nodeid = self.db.issue.create(nosy=['1','2']) |
|
1420
3ac43c62a250
implemented extension to form parsing...
Richard Jones <richard@users.sourceforge.net>
parents:
1393
diff
changeset
|
409 self.assertEqual(self.parseForm({':remove:nosy': '2'}, 'issue', |
|
1425
58ce2c1614cd
new form handling complete
Richard Jones <richard@users.sourceforge.net>
parents:
1420
diff
changeset
|
410 nodeid), ({('issue', nodeid): {'nosy': ['1']}}, [])) |
|
1420
3ac43c62a250
implemented extension to form parsing...
Richard Jones <richard@users.sourceforge.net>
parents:
1393
diff
changeset
|
411 self.assertEqual(self.parseForm({':add:nosy': '3'}, 'issue', nodeid), |
|
1425
58ce2c1614cd
new form handling complete
Richard Jones <richard@users.sourceforge.net>
parents:
1420
diff
changeset
|
412 ({('issue', nodeid): {'nosy': ['1','2','3']}}, [])) |
|
1385
2bd4822f96a6
- more fixes to CGI form handling
Richard Jones <richard@users.sourceforge.net>
parents:
1382
diff
changeset
|
413 |
|
2bd4822f96a6
- more fixes to CGI form handling
Richard Jones <richard@users.sourceforge.net>
parents:
1382
diff
changeset
|
414 def testAddRemoveNonexistant(self): |
|
1819
e24cebaaa7e8
Use FormError.
Johannes Gijsbers <jlgijsbers@users.sourceforge.net>
parents:
1797
diff
changeset
|
415 self.assertRaises(FormError, self.parseForm, {':remove:foo': '2'}, |
|
1420
3ac43c62a250
implemented extension to form parsing...
Richard Jones <richard@users.sourceforge.net>
parents:
1393
diff
changeset
|
416 'issue') |
|
1819
e24cebaaa7e8
Use FormError.
Johannes Gijsbers <jlgijsbers@users.sourceforge.net>
parents:
1797
diff
changeset
|
417 self.assertRaises(FormError, self.parseForm, {':add:foo': '2'}, |
|
1420
3ac43c62a250
implemented extension to form parsing...
Richard Jones <richard@users.sourceforge.net>
parents:
1393
diff
changeset
|
418 'issue') |
|
1385
2bd4822f96a6
- more fixes to CGI form handling
Richard Jones <richard@users.sourceforge.net>
parents:
1382
diff
changeset
|
419 |
|
1380
4ce6820c18fa
fixes to CGI form handling (NEEDS BACKPORTING TO 0.5)
Richard Jones <richard@users.sourceforge.net>
parents:
1377
diff
changeset
|
420 # |
|
4ce6820c18fa
fixes to CGI form handling (NEEDS BACKPORTING TO 0.5)
Richard Jones <richard@users.sourceforge.net>
parents:
1377
diff
changeset
|
421 # Password |
|
4ce6820c18fa
fixes to CGI form handling (NEEDS BACKPORTING TO 0.5)
Richard Jones <richard@users.sourceforge.net>
parents:
1377
diff
changeset
|
422 # |
|
4ce6820c18fa
fixes to CGI form handling (NEEDS BACKPORTING TO 0.5)
Richard Jones <richard@users.sourceforge.net>
parents:
1377
diff
changeset
|
423 def testEmptyPassword(self): |
|
1420
3ac43c62a250
implemented extension to form parsing...
Richard Jones <richard@users.sourceforge.net>
parents:
1393
diff
changeset
|
424 self.assertEqual(self.parseForm({'password': ''}, 'user'), |
|
1425
58ce2c1614cd
new form handling complete
Richard Jones <richard@users.sourceforge.net>
parents:
1420
diff
changeset
|
425 ({('user', None): {}}, [])) |
|
1420
3ac43c62a250
implemented extension to form parsing...
Richard Jones <richard@users.sourceforge.net>
parents:
1393
diff
changeset
|
426 self.assertEqual(self.parseForm({'password': ''}, 'user'), |
|
1425
58ce2c1614cd
new form handling complete
Richard Jones <richard@users.sourceforge.net>
parents:
1420
diff
changeset
|
427 ({('user', None): {}}, [])) |
|
1819
e24cebaaa7e8
Use FormError.
Johannes Gijsbers <jlgijsbers@users.sourceforge.net>
parents:
1797
diff
changeset
|
428 self.assertRaises(FormError, self.parseForm, {'password': ['', '']}, |
|
1420
3ac43c62a250
implemented extension to form parsing...
Richard Jones <richard@users.sourceforge.net>
parents:
1393
diff
changeset
|
429 'user') |
|
1819
e24cebaaa7e8
Use FormError.
Johannes Gijsbers <jlgijsbers@users.sourceforge.net>
parents:
1797
diff
changeset
|
430 self.assertRaises(FormError, self.parseForm, {'password': 'foo', |
|
1438
13c42b803101
Better handling of the form variable labels.
Richard Jones <richard@users.sourceforge.net>
parents:
1431
diff
changeset
|
431 ':confirm:password': ['', '']}, 'user') |
|
1380
4ce6820c18fa
fixes to CGI form handling (NEEDS BACKPORTING TO 0.5)
Richard Jones <richard@users.sourceforge.net>
parents:
1377
diff
changeset
|
432 |
|
4ce6820c18fa
fixes to CGI form handling (NEEDS BACKPORTING TO 0.5)
Richard Jones <richard@users.sourceforge.net>
parents:
1377
diff
changeset
|
433 def testSetPassword(self): |
|
1420
3ac43c62a250
implemented extension to form parsing...
Richard Jones <richard@users.sourceforge.net>
parents:
1393
diff
changeset
|
434 self.assertEqual(self.parseForm({'password': 'foo', |
|
1438
13c42b803101
Better handling of the form variable labels.
Richard Jones <richard@users.sourceforge.net>
parents:
1431
diff
changeset
|
435 ':confirm:password': 'foo'}, 'user'), |
|
1425
58ce2c1614cd
new form handling complete
Richard Jones <richard@users.sourceforge.net>
parents:
1420
diff
changeset
|
436 ({('user', None): {'password': 'foo'}}, [])) |
|
1380
4ce6820c18fa
fixes to CGI form handling (NEEDS BACKPORTING TO 0.5)
Richard Jones <richard@users.sourceforge.net>
parents:
1377
diff
changeset
|
437 |
|
4ce6820c18fa
fixes to CGI form handling (NEEDS BACKPORTING TO 0.5)
Richard Jones <richard@users.sourceforge.net>
parents:
1377
diff
changeset
|
438 def testSetPasswordConfirmBad(self): |
|
1819
e24cebaaa7e8
Use FormError.
Johannes Gijsbers <jlgijsbers@users.sourceforge.net>
parents:
1797
diff
changeset
|
439 self.assertRaises(FormError, self.parseForm, {'password': 'foo'}, |
|
1420
3ac43c62a250
implemented extension to form parsing...
Richard Jones <richard@users.sourceforge.net>
parents:
1393
diff
changeset
|
440 'user') |
|
1819
e24cebaaa7e8
Use FormError.
Johannes Gijsbers <jlgijsbers@users.sourceforge.net>
parents:
1797
diff
changeset
|
441 self.assertRaises(FormError, self.parseForm, {'password': 'foo', |
|
1438
13c42b803101
Better handling of the form variable labels.
Richard Jones <richard@users.sourceforge.net>
parents:
1431
diff
changeset
|
442 ':confirm:password': 'bar'}, 'user') |
|
1380
4ce6820c18fa
fixes to CGI form handling (NEEDS BACKPORTING TO 0.5)
Richard Jones <richard@users.sourceforge.net>
parents:
1377
diff
changeset
|
443 |
|
1393
71928bf79302
more CGI fixes and tests
Richard Jones <richard@users.sourceforge.net>
parents:
1385
diff
changeset
|
444 def testEmptyPasswordNotSet(self): |
|
71928bf79302
more CGI fixes and tests
Richard Jones <richard@users.sourceforge.net>
parents:
1385
diff
changeset
|
445 nodeid = self.db.user.create(username='1', |
|
71928bf79302
more CGI fixes and tests
Richard Jones <richard@users.sourceforge.net>
parents:
1385
diff
changeset
|
446 password=password.Password('foo')) |
|
1420
3ac43c62a250
implemented extension to form parsing...
Richard Jones <richard@users.sourceforge.net>
parents:
1393
diff
changeset
|
447 self.assertEqual(self.parseForm({'password': ''}, 'user', nodeid), |
|
1425
58ce2c1614cd
new form handling complete
Richard Jones <richard@users.sourceforge.net>
parents:
1420
diff
changeset
|
448 ({('user', nodeid): {}}, [])) |
|
1393
71928bf79302
more CGI fixes and tests
Richard Jones <richard@users.sourceforge.net>
parents:
1385
diff
changeset
|
449 nodeid = self.db.user.create(username='2', |
|
71928bf79302
more CGI fixes and tests
Richard Jones <richard@users.sourceforge.net>
parents:
1385
diff
changeset
|
450 password=password.Password('foo')) |
|
1420
3ac43c62a250
implemented extension to form parsing...
Richard Jones <richard@users.sourceforge.net>
parents:
1393
diff
changeset
|
451 self.assertEqual(self.parseForm({'password': '', |
|
1438
13c42b803101
Better handling of the form variable labels.
Richard Jones <richard@users.sourceforge.net>
parents:
1431
diff
changeset
|
452 ':confirm:password': ''}, 'user', nodeid), |
|
1425
58ce2c1614cd
new form handling complete
Richard Jones <richard@users.sourceforge.net>
parents:
1420
diff
changeset
|
453 ({('user', nodeid): {}}, [])) |
|
1380
4ce6820c18fa
fixes to CGI form handling (NEEDS BACKPORTING TO 0.5)
Richard Jones <richard@users.sourceforge.net>
parents:
1377
diff
changeset
|
454 |
|
5721
abb9fdb02228
Mark the failing test I deactivated as xfail to make it easier for
John Rouillard <rouilj@ieee.org>
parents:
5720
diff
changeset
|
455 def testPasswordMigration(self): |
|
4484
52e13bf0bb40
Add new config-option 'migrate_passwords' in section 'web'...
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents:
4446
diff
changeset
|
456 chef = self.db.user.lookup('Chef') |
|
52e13bf0bb40
Add new config-option 'migrate_passwords' in section 'web'...
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents:
4446
diff
changeset
|
457 form = dict(__login_name='Chef', __login_password='foo') |
|
52e13bf0bb40
Add new config-option 'migrate_passwords' in section 'web'...
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents:
4446
diff
changeset
|
458 cl = self._make_client(form) |
|
52e13bf0bb40
Add new config-option 'migrate_passwords' in section 'web'...
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents:
4446
diff
changeset
|
459 # assume that the "best" algorithm is the first one and doesn't |
|
52e13bf0bb40
Add new config-option 'migrate_passwords' in section 'web'...
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents:
4446
diff
changeset
|
460 # need migration, all others should be migrated. |
|
5720
071625b5b7c0
Deactivate failing test till I can get somebody to look at it. I want
John Rouillard <rouilj@ieee.org>
parents:
5703
diff
changeset
|
461 cl.db.config.WEB_LOGIN_ATTEMPTS_MIN = 200 |
|
071625b5b7c0
Deactivate failing test till I can get somebody to look at it. I want
John Rouillard <rouilj@ieee.org>
parents:
5703
diff
changeset
|
462 |
|
071625b5b7c0
Deactivate failing test till I can get somebody to look at it. I want
John Rouillard <rouilj@ieee.org>
parents:
5703
diff
changeset
|
463 # The third item always fails. Regardless of what is there. |
|
071625b5b7c0
Deactivate failing test till I can get somebody to look at it. I want
John Rouillard <rouilj@ieee.org>
parents:
5703
diff
changeset
|
464 # ['plaintext', 'SHA', 'crypt', 'MD5']: |
|
071625b5b7c0
Deactivate failing test till I can get somebody to look at it. I want
John Rouillard <rouilj@ieee.org>
parents:
5703
diff
changeset
|
465 print(password.Password.deprecated_schemes) |
|
4485
95aace124a8e
use idea from Eli Collins to use a list of deprecated password encoding schemes
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents:
4484
diff
changeset
|
466 for scheme in password.Password.deprecated_schemes: |
|
5720
071625b5b7c0
Deactivate failing test till I can get somebody to look at it. I want
John Rouillard <rouilj@ieee.org>
parents:
5703
diff
changeset
|
467 print(scheme) |
|
071625b5b7c0
Deactivate failing test till I can get somebody to look at it. I want
John Rouillard <rouilj@ieee.org>
parents:
5703
diff
changeset
|
468 cl.db.Otk = self.db.Otk |
|
4684
8453c0d4acbe
windows: Fix another failing test due to missing 'crypt'
anatoly techtonik <techtonik@gmail.com>
parents:
4683
diff
changeset
|
469 if scheme == 'crypt' and os.name == 'nt': |
|
8453c0d4acbe
windows: Fix another failing test due to missing 'crypt'
anatoly techtonik <techtonik@gmail.com>
parents:
4683
diff
changeset
|
470 continue # crypt is not available on Windows |
|
4484
52e13bf0bb40
Add new config-option 'migrate_passwords' in section 'web'...
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents:
4446
diff
changeset
|
471 pw1 = password.Password('foo', scheme=scheme) |
|
5720
071625b5b7c0
Deactivate failing test till I can get somebody to look at it. I want
John Rouillard <rouilj@ieee.org>
parents:
5703
diff
changeset
|
472 print(pw1) |
|
4484
52e13bf0bb40
Add new config-option 'migrate_passwords' in section 'web'...
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents:
4446
diff
changeset
|
473 self.assertEqual(pw1.needs_migration(), True) |
|
52e13bf0bb40
Add new config-option 'migrate_passwords' in section 'web'...
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents:
4446
diff
changeset
|
474 self.db.user.set(chef, password=pw1) |
|
52e13bf0bb40
Add new config-option 'migrate_passwords' in section 'web'...
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents:
4446
diff
changeset
|
475 self.db.commit() |
|
52e13bf0bb40
Add new config-option 'migrate_passwords' in section 'web'...
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents:
4446
diff
changeset
|
476 actions.LoginAction(cl).handle() |
|
52e13bf0bb40
Add new config-option 'migrate_passwords' in section 'web'...
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents:
4446
diff
changeset
|
477 pw = self.db.user.get(chef, 'password') |
|
5720
071625b5b7c0
Deactivate failing test till I can get somebody to look at it. I want
John Rouillard <rouilj@ieee.org>
parents:
5703
diff
changeset
|
478 print(pw) |
|
4484
52e13bf0bb40
Add new config-option 'migrate_passwords' in section 'web'...
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents:
4446
diff
changeset
|
479 self.assertEqual(pw, 'foo') |
|
52e13bf0bb40
Add new config-option 'migrate_passwords' in section 'web'...
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents:
4446
diff
changeset
|
480 self.assertEqual(pw.needs_migration(), False) |
|
52e13bf0bb40
Add new config-option 'migrate_passwords' in section 'web'...
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents:
4446
diff
changeset
|
481 pw1 = pw |
|
52e13bf0bb40
Add new config-option 'migrate_passwords' in section 'web'...
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents:
4446
diff
changeset
|
482 self.assertEqual(pw1.needs_migration(), False) |
|
52e13bf0bb40
Add new config-option 'migrate_passwords' in section 'web'...
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents:
4446
diff
changeset
|
483 scheme = password.Password.known_schemes[0] |
|
52e13bf0bb40
Add new config-option 'migrate_passwords' in section 'web'...
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents:
4446
diff
changeset
|
484 self.assertEqual(scheme, pw1.scheme) |
|
52e13bf0bb40
Add new config-option 'migrate_passwords' in section 'web'...
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents:
4446
diff
changeset
|
485 actions.LoginAction(cl).handle() |
|
52e13bf0bb40
Add new config-option 'migrate_passwords' in section 'web'...
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents:
4446
diff
changeset
|
486 pw = self.db.user.get(chef, 'password') |
|
52e13bf0bb40
Add new config-option 'migrate_passwords' in section 'web'...
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents:
4446
diff
changeset
|
487 self.assertEqual(pw, 'foo') |
|
52e13bf0bb40
Add new config-option 'migrate_passwords' in section 'web'...
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents:
4446
diff
changeset
|
488 self.assertEqual(pw, pw1) |
|
4685
61e922a93112
windows: Fix cgi tests by explicitly closing db opened by test client
anatoly techtonik <techtonik@gmail.com>
parents:
4684
diff
changeset
|
489 cl.db.close() |
|
4484
52e13bf0bb40
Add new config-option 'migrate_passwords' in section 'web'...
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents:
4446
diff
changeset
|
490 |
|
4486
693c75d56ebe
Add new config-option 'password_pbkdf2_default_rounds'...
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents:
4485
diff
changeset
|
491 def testPasswordConfigOption(self): |
|
693c75d56ebe
Add new config-option 'password_pbkdf2_default_rounds'...
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents:
4485
diff
changeset
|
492 chef = self.db.user.lookup('Chef') |
|
693c75d56ebe
Add new config-option 'password_pbkdf2_default_rounds'...
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents:
4485
diff
changeset
|
493 form = dict(__login_name='Chef', __login_password='foo') |
|
693c75d56ebe
Add new config-option 'password_pbkdf2_default_rounds'...
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents:
4485
diff
changeset
|
494 cl = self._make_client(form) |
|
693c75d56ebe
Add new config-option 'password_pbkdf2_default_rounds'...
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents:
4485
diff
changeset
|
495 self.db.config.PASSWORD_PBKDF2_DEFAULT_ROUNDS = 1000 |
|
4683
2f66d44616ad
windows: Fix failing password tests due to missing crypt module
anatoly techtonik <techtonik@gmail.com>
parents:
4624
diff
changeset
|
496 pw1 = password.Password('foo', scheme='MD5') |
|
4486
693c75d56ebe
Add new config-option 'password_pbkdf2_default_rounds'...
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents:
4485
diff
changeset
|
497 self.assertEqual(pw1.needs_migration(), True) |
|
693c75d56ebe
Add new config-option 'password_pbkdf2_default_rounds'...
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents:
4485
diff
changeset
|
498 self.db.user.set(chef, password=pw1) |
|
693c75d56ebe
Add new config-option 'password_pbkdf2_default_rounds'...
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents:
4485
diff
changeset
|
499 self.db.commit() |
|
693c75d56ebe
Add new config-option 'password_pbkdf2_default_rounds'...
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents:
4485
diff
changeset
|
500 actions.LoginAction(cl).handle() |
|
693c75d56ebe
Add new config-option 'password_pbkdf2_default_rounds'...
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents:
4485
diff
changeset
|
501 pw = self.db.user.get(chef, 'password') |
|
693c75d56ebe
Add new config-option 'password_pbkdf2_default_rounds'...
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents:
4485
diff
changeset
|
502 self.assertEqual('PBKDF2', pw.scheme) |
|
693c75d56ebe
Add new config-option 'password_pbkdf2_default_rounds'...
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents:
4485
diff
changeset
|
503 self.assertEqual(1000, password.pbkdf2_unpack(pw.password)[0]) |
|
4685
61e922a93112
windows: Fix cgi tests by explicitly closing db opened by test client
anatoly techtonik <techtonik@gmail.com>
parents:
4684
diff
changeset
|
504 cl.db.close() |
|
4486
693c75d56ebe
Add new config-option 'password_pbkdf2_default_rounds'...
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents:
4485
diff
changeset
|
505 |
|
1385
2bd4822f96a6
- more fixes to CGI form handling
Richard Jones <richard@users.sourceforge.net>
parents:
1382
diff
changeset
|
506 # |
|
2bd4822f96a6
- more fixes to CGI form handling
Richard Jones <richard@users.sourceforge.net>
parents:
1382
diff
changeset
|
507 # Boolean |
|
2bd4822f96a6
- more fixes to CGI form handling
Richard Jones <richard@users.sourceforge.net>
parents:
1382
diff
changeset
|
508 # |
|
1393
71928bf79302
more CGI fixes and tests
Richard Jones <richard@users.sourceforge.net>
parents:
1385
diff
changeset
|
509 def testEmptyBoolean(self): |
|
1425
58ce2c1614cd
new form handling complete
Richard Jones <richard@users.sourceforge.net>
parents:
1420
diff
changeset
|
510 self.assertEqual(self.parseForm({'boolean': ''}), |
|
58ce2c1614cd
new form handling complete
Richard Jones <richard@users.sourceforge.net>
parents:
1420
diff
changeset
|
511 ({('test', None): {}}, [])) |
|
58ce2c1614cd
new form handling complete
Richard Jones <richard@users.sourceforge.net>
parents:
1420
diff
changeset
|
512 self.assertEqual(self.parseForm({'boolean': ' '}), |
|
58ce2c1614cd
new form handling complete
Richard Jones <richard@users.sourceforge.net>
parents:
1420
diff
changeset
|
513 ({('test', None): {}}, [])) |
|
1819
e24cebaaa7e8
Use FormError.
Johannes Gijsbers <jlgijsbers@users.sourceforge.net>
parents:
1797
diff
changeset
|
514 self.assertRaises(FormError, self.parseForm, {'boolean': ['', '']}) |
|
1393
71928bf79302
more CGI fixes and tests
Richard Jones <richard@users.sourceforge.net>
parents:
1385
diff
changeset
|
515 |
|
71928bf79302
more CGI fixes and tests
Richard Jones <richard@users.sourceforge.net>
parents:
1385
diff
changeset
|
516 def testSetBoolean(self): |
|
1420
3ac43c62a250
implemented extension to form parsing...
Richard Jones <richard@users.sourceforge.net>
parents:
1393
diff
changeset
|
517 self.assertEqual(self.parseForm({'boolean': 'yes'}), |
|
1425
58ce2c1614cd
new form handling complete
Richard Jones <richard@users.sourceforge.net>
parents:
1420
diff
changeset
|
518 ({('test', None): {'boolean': 1}}, [])) |
|
1420
3ac43c62a250
implemented extension to form parsing...
Richard Jones <richard@users.sourceforge.net>
parents:
1393
diff
changeset
|
519 self.assertEqual(self.parseForm({'boolean': 'a\r\nb\r\n'}), |
|
1425
58ce2c1614cd
new form handling complete
Richard Jones <richard@users.sourceforge.net>
parents:
1420
diff
changeset
|
520 ({('test', None): {'boolean': 0}}, [])) |
|
1393
71928bf79302
more CGI fixes and tests
Richard Jones <richard@users.sourceforge.net>
parents:
1385
diff
changeset
|
521 nodeid = self.db.test.create(boolean=1) |
|
1420
3ac43c62a250
implemented extension to form parsing...
Richard Jones <richard@users.sourceforge.net>
parents:
1393
diff
changeset
|
522 self.assertEqual(self.parseForm({'boolean': 'yes'}, 'test', nodeid), |
|
1425
58ce2c1614cd
new form handling complete
Richard Jones <richard@users.sourceforge.net>
parents:
1420
diff
changeset
|
523 ({('test', nodeid): {}}, [])) |
|
1393
71928bf79302
more CGI fixes and tests
Richard Jones <richard@users.sourceforge.net>
parents:
1385
diff
changeset
|
524 nodeid = self.db.test.create(boolean=0) |
|
1420
3ac43c62a250
implemented extension to form parsing...
Richard Jones <richard@users.sourceforge.net>
parents:
1393
diff
changeset
|
525 self.assertEqual(self.parseForm({'boolean': 'no'}, 'test', nodeid), |
|
1425
58ce2c1614cd
new form handling complete
Richard Jones <richard@users.sourceforge.net>
parents:
1420
diff
changeset
|
526 ({('test', nodeid): {}}, [])) |
|
1385
2bd4822f96a6
- more fixes to CGI form handling
Richard Jones <richard@users.sourceforge.net>
parents:
1382
diff
changeset
|
527 |
|
1393
71928bf79302
more CGI fixes and tests
Richard Jones <richard@users.sourceforge.net>
parents:
1385
diff
changeset
|
528 def testEmptyBooleanSet(self): |
|
71928bf79302
more CGI fixes and tests
Richard Jones <richard@users.sourceforge.net>
parents:
1385
diff
changeset
|
529 nodeid = self.db.test.create(boolean=0) |
|
1420
3ac43c62a250
implemented extension to form parsing...
Richard Jones <richard@users.sourceforge.net>
parents:
1393
diff
changeset
|
530 self.assertEqual(self.parseForm({'boolean': ''}, 'test', nodeid), |
|
1425
58ce2c1614cd
new form handling complete
Richard Jones <richard@users.sourceforge.net>
parents:
1420
diff
changeset
|
531 ({('test', nodeid): {'boolean': None}}, [])) |
|
1393
71928bf79302
more CGI fixes and tests
Richard Jones <richard@users.sourceforge.net>
parents:
1385
diff
changeset
|
532 nodeid = self.db.test.create(boolean=1) |
|
1420
3ac43c62a250
implemented extension to form parsing...
Richard Jones <richard@users.sourceforge.net>
parents:
1393
diff
changeset
|
533 self.assertEqual(self.parseForm({'boolean': ' '}, 'test', nodeid), |
|
1425
58ce2c1614cd
new form handling complete
Richard Jones <richard@users.sourceforge.net>
parents:
1420
diff
changeset
|
534 ({('test', nodeid): {'boolean': None}}, [])) |
|
1385
2bd4822f96a6
- more fixes to CGI form handling
Richard Jones <richard@users.sourceforge.net>
parents:
1382
diff
changeset
|
535 |
|
3777
74aebbbea305
Sorry for the mega-patch - was all done on the train:
Richard Jones <richard@users.sourceforge.net>
parents:
3656
diff
changeset
|
536 def testRequiredBoolean(self): |
|
74aebbbea305
Sorry for the mega-patch - was all done on the train:
Richard Jones <richard@users.sourceforge.net>
parents:
3656
diff
changeset
|
537 self.assertRaises(FormError, self.parseForm, {'boolean': '', |
|
74aebbbea305
Sorry for the mega-patch - was all done on the train:
Richard Jones <richard@users.sourceforge.net>
parents:
3656
diff
changeset
|
538 ':required': 'boolean'}) |
|
74aebbbea305
Sorry for the mega-patch - was all done on the train:
Richard Jones <richard@users.sourceforge.net>
parents:
3656
diff
changeset
|
539 try: |
|
74aebbbea305
Sorry for the mega-patch - was all done on the train:
Richard Jones <richard@users.sourceforge.net>
parents:
3656
diff
changeset
|
540 self.parseForm({'boolean': 'no', ':required': 'boolean'}) |
|
74aebbbea305
Sorry for the mega-patch - was all done on the train:
Richard Jones <richard@users.sourceforge.net>
parents:
3656
diff
changeset
|
541 except FormError: |
|
74aebbbea305
Sorry for the mega-patch - was all done on the train:
Richard Jones <richard@users.sourceforge.net>
parents:
3656
diff
changeset
|
542 self.fail('boolean "no" raised "required missing"') |
|
74aebbbea305
Sorry for the mega-patch - was all done on the train:
Richard Jones <richard@users.sourceforge.net>
parents:
3656
diff
changeset
|
543 |
|
1393
71928bf79302
more CGI fixes and tests
Richard Jones <richard@users.sourceforge.net>
parents:
1385
diff
changeset
|
544 # |
|
1525
c006e8166f81
added tests for Number cgi editing
Richard Jones <richard@users.sourceforge.net>
parents:
1483
diff
changeset
|
545 # Number |
|
c006e8166f81
added tests for Number cgi editing
Richard Jones <richard@users.sourceforge.net>
parents:
1483
diff
changeset
|
546 # |
|
c006e8166f81
added tests for Number cgi editing
Richard Jones <richard@users.sourceforge.net>
parents:
1483
diff
changeset
|
547 def testEmptyNumber(self): |
|
c006e8166f81
added tests for Number cgi editing
Richard Jones <richard@users.sourceforge.net>
parents:
1483
diff
changeset
|
548 self.assertEqual(self.parseForm({'number': ''}), |
|
c006e8166f81
added tests for Number cgi editing
Richard Jones <richard@users.sourceforge.net>
parents:
1483
diff
changeset
|
549 ({('test', None): {}}, [])) |
|
c006e8166f81
added tests for Number cgi editing
Richard Jones <richard@users.sourceforge.net>
parents:
1483
diff
changeset
|
550 self.assertEqual(self.parseForm({'number': ' '}), |
|
c006e8166f81
added tests for Number cgi editing
Richard Jones <richard@users.sourceforge.net>
parents:
1483
diff
changeset
|
551 ({('test', None): {}}, [])) |
|
1819
e24cebaaa7e8
Use FormError.
Johannes Gijsbers <jlgijsbers@users.sourceforge.net>
parents:
1797
diff
changeset
|
552 self.assertRaises(FormError, self.parseForm, {'number': ['', '']}) |
|
1525
c006e8166f81
added tests for Number cgi editing
Richard Jones <richard@users.sourceforge.net>
parents:
1483
diff
changeset
|
553 |
|
1562
b975da59cd11
handle invalid data input in forms better
Richard Jones <richard@users.sourceforge.net>
parents:
1525
diff
changeset
|
554 def testInvalidNumber(self): |
|
1819
e24cebaaa7e8
Use FormError.
Johannes Gijsbers <jlgijsbers@users.sourceforge.net>
parents:
1797
diff
changeset
|
555 self.assertRaises(FormError, self.parseForm, {'number': 'hi, mum!'}) |
|
1562
b975da59cd11
handle invalid data input in forms better
Richard Jones <richard@users.sourceforge.net>
parents:
1525
diff
changeset
|
556 |
|
1525
c006e8166f81
added tests for Number cgi editing
Richard Jones <richard@users.sourceforge.net>
parents:
1483
diff
changeset
|
557 def testSetNumber(self): |
|
c006e8166f81
added tests for Number cgi editing
Richard Jones <richard@users.sourceforge.net>
parents:
1483
diff
changeset
|
558 self.assertEqual(self.parseForm({'number': '1'}), |
|
c006e8166f81
added tests for Number cgi editing
Richard Jones <richard@users.sourceforge.net>
parents:
1483
diff
changeset
|
559 ({('test', None): {'number': 1}}, [])) |
|
3491
0e5f15520e70
fix detection of "missing" existing values in CGI form parser [SF#1414149]
Richard Jones <richard@users.sourceforge.net>
parents:
2929
diff
changeset
|
560 self.assertEqual(self.parseForm({'number': '0'}), |
|
0e5f15520e70
fix detection of "missing" existing values in CGI form parser [SF#1414149]
Richard Jones <richard@users.sourceforge.net>
parents:
2929
diff
changeset
|
561 ({('test', None): {'number': 0}}, [])) |
|
1525
c006e8166f81
added tests for Number cgi editing
Richard Jones <richard@users.sourceforge.net>
parents:
1483
diff
changeset
|
562 self.assertEqual(self.parseForm({'number': '\n0\n'}), |
|
c006e8166f81
added tests for Number cgi editing
Richard Jones <richard@users.sourceforge.net>
parents:
1483
diff
changeset
|
563 ({('test', None): {'number': 0}}, [])) |
|
3491
0e5f15520e70
fix detection of "missing" existing values in CGI form parser [SF#1414149]
Richard Jones <richard@users.sourceforge.net>
parents:
2929
diff
changeset
|
564 |
|
0e5f15520e70
fix detection of "missing" existing values in CGI form parser [SF#1414149]
Richard Jones <richard@users.sourceforge.net>
parents:
2929
diff
changeset
|
565 def testSetNumberReplaceOne(self): |
|
1525
c006e8166f81
added tests for Number cgi editing
Richard Jones <richard@users.sourceforge.net>
parents:
1483
diff
changeset
|
566 nodeid = self.db.test.create(number=1) |
|
c006e8166f81
added tests for Number cgi editing
Richard Jones <richard@users.sourceforge.net>
parents:
1483
diff
changeset
|
567 self.assertEqual(self.parseForm({'number': '1'}, 'test', nodeid), |
|
c006e8166f81
added tests for Number cgi editing
Richard Jones <richard@users.sourceforge.net>
parents:
1483
diff
changeset
|
568 ({('test', nodeid): {}}, [])) |
|
3491
0e5f15520e70
fix detection of "missing" existing values in CGI form parser [SF#1414149]
Richard Jones <richard@users.sourceforge.net>
parents:
2929
diff
changeset
|
569 self.assertEqual(self.parseForm({'number': '0'}, 'test', nodeid), |
|
0e5f15520e70
fix detection of "missing" existing values in CGI form parser [SF#1414149]
Richard Jones <richard@users.sourceforge.net>
parents:
2929
diff
changeset
|
570 ({('test', nodeid): {'number': 0}}, [])) |
|
0e5f15520e70
fix detection of "missing" existing values in CGI form parser [SF#1414149]
Richard Jones <richard@users.sourceforge.net>
parents:
2929
diff
changeset
|
571 |
|
0e5f15520e70
fix detection of "missing" existing values in CGI form parser [SF#1414149]
Richard Jones <richard@users.sourceforge.net>
parents:
2929
diff
changeset
|
572 def testSetNumberReplaceZero(self): |
|
1525
c006e8166f81
added tests for Number cgi editing
Richard Jones <richard@users.sourceforge.net>
parents:
1483
diff
changeset
|
573 nodeid = self.db.test.create(number=0) |
|
c006e8166f81
added tests for Number cgi editing
Richard Jones <richard@users.sourceforge.net>
parents:
1483
diff
changeset
|
574 self.assertEqual(self.parseForm({'number': '0'}, 'test', nodeid), |
|
c006e8166f81
added tests for Number cgi editing
Richard Jones <richard@users.sourceforge.net>
parents:
1483
diff
changeset
|
575 ({('test', nodeid): {}}, [])) |
|
c006e8166f81
added tests for Number cgi editing
Richard Jones <richard@users.sourceforge.net>
parents:
1483
diff
changeset
|
576 |
|
3491
0e5f15520e70
fix detection of "missing" existing values in CGI form parser [SF#1414149]
Richard Jones <richard@users.sourceforge.net>
parents:
2929
diff
changeset
|
577 def testSetNumberReplaceNone(self): |
|
0e5f15520e70
fix detection of "missing" existing values in CGI form parser [SF#1414149]
Richard Jones <richard@users.sourceforge.net>
parents:
2929
diff
changeset
|
578 nodeid = self.db.test.create() |
|
0e5f15520e70
fix detection of "missing" existing values in CGI form parser [SF#1414149]
Richard Jones <richard@users.sourceforge.net>
parents:
2929
diff
changeset
|
579 self.assertEqual(self.parseForm({'number': '0'}, 'test', nodeid), |
|
0e5f15520e70
fix detection of "missing" existing values in CGI form parser [SF#1414149]
Richard Jones <richard@users.sourceforge.net>
parents:
2929
diff
changeset
|
580 ({('test', nodeid): {'number': 0}}, [])) |
|
0e5f15520e70
fix detection of "missing" existing values in CGI form parser [SF#1414149]
Richard Jones <richard@users.sourceforge.net>
parents:
2929
diff
changeset
|
581 self.assertEqual(self.parseForm({'number': '1'}, 'test', nodeid), |
|
0e5f15520e70
fix detection of "missing" existing values in CGI form parser [SF#1414149]
Richard Jones <richard@users.sourceforge.net>
parents:
2929
diff
changeset
|
582 ({('test', nodeid): {'number': 1}}, [])) |
|
0e5f15520e70
fix detection of "missing" existing values in CGI form parser [SF#1414149]
Richard Jones <richard@users.sourceforge.net>
parents:
2929
diff
changeset
|
583 |
|
1525
c006e8166f81
added tests for Number cgi editing
Richard Jones <richard@users.sourceforge.net>
parents:
1483
diff
changeset
|
584 def testEmptyNumberSet(self): |
|
c006e8166f81
added tests for Number cgi editing
Richard Jones <richard@users.sourceforge.net>
parents:
1483
diff
changeset
|
585 nodeid = self.db.test.create(number=0) |
|
c006e8166f81
added tests for Number cgi editing
Richard Jones <richard@users.sourceforge.net>
parents:
1483
diff
changeset
|
586 self.assertEqual(self.parseForm({'number': ''}, 'test', nodeid), |
|
c006e8166f81
added tests for Number cgi editing
Richard Jones <richard@users.sourceforge.net>
parents:
1483
diff
changeset
|
587 ({('test', nodeid): {'number': None}}, [])) |
|
c006e8166f81
added tests for Number cgi editing
Richard Jones <richard@users.sourceforge.net>
parents:
1483
diff
changeset
|
588 nodeid = self.db.test.create(number=1) |
|
c006e8166f81
added tests for Number cgi editing
Richard Jones <richard@users.sourceforge.net>
parents:
1483
diff
changeset
|
589 self.assertEqual(self.parseForm({'number': ' '}, 'test', nodeid), |
|
c006e8166f81
added tests for Number cgi editing
Richard Jones <richard@users.sourceforge.net>
parents:
1483
diff
changeset
|
590 ({('test', nodeid): {'number': None}}, [])) |
|
c006e8166f81
added tests for Number cgi editing
Richard Jones <richard@users.sourceforge.net>
parents:
1483
diff
changeset
|
591 |
|
3777
74aebbbea305
Sorry for the mega-patch - was all done on the train:
Richard Jones <richard@users.sourceforge.net>
parents:
3656
diff
changeset
|
592 def testRequiredNumber(self): |
|
74aebbbea305
Sorry for the mega-patch - was all done on the train:
Richard Jones <richard@users.sourceforge.net>
parents:
3656
diff
changeset
|
593 self.assertRaises(FormError, self.parseForm, {'number': '', |
|
74aebbbea305
Sorry for the mega-patch - was all done on the train:
Richard Jones <richard@users.sourceforge.net>
parents:
3656
diff
changeset
|
594 ':required': 'number'}) |
|
74aebbbea305
Sorry for the mega-patch - was all done on the train:
Richard Jones <richard@users.sourceforge.net>
parents:
3656
diff
changeset
|
595 try: |
|
74aebbbea305
Sorry for the mega-patch - was all done on the train:
Richard Jones <richard@users.sourceforge.net>
parents:
3656
diff
changeset
|
596 self.parseForm({'number': '0', ':required': 'number'}) |
|
74aebbbea305
Sorry for the mega-patch - was all done on the train:
Richard Jones <richard@users.sourceforge.net>
parents:
3656
diff
changeset
|
597 except FormError: |
|
74aebbbea305
Sorry for the mega-patch - was all done on the train:
Richard Jones <richard@users.sourceforge.net>
parents:
3656
diff
changeset
|
598 self.fail('number "no" raised "required missing"') |
|
74aebbbea305
Sorry for the mega-patch - was all done on the train:
Richard Jones <richard@users.sourceforge.net>
parents:
3656
diff
changeset
|
599 |
|
1525
c006e8166f81
added tests for Number cgi editing
Richard Jones <richard@users.sourceforge.net>
parents:
1483
diff
changeset
|
600 # |
|
5067
e424987d294a
Add support for an integer type to join the existing number type.
John Rouillard <rouilj@ieee.org>
parents:
5065
diff
changeset
|
601 # Integer |
|
e424987d294a
Add support for an integer type to join the existing number type.
John Rouillard <rouilj@ieee.org>
parents:
5065
diff
changeset
|
602 # |
|
e424987d294a
Add support for an integer type to join the existing number type.
John Rouillard <rouilj@ieee.org>
parents:
5065
diff
changeset
|
603 def testEmptyInteger(self): |
|
e424987d294a
Add support for an integer type to join the existing number type.
John Rouillard <rouilj@ieee.org>
parents:
5065
diff
changeset
|
604 self.assertEqual(self.parseForm({'intval': ''}), |
|
e424987d294a
Add support for an integer type to join the existing number type.
John Rouillard <rouilj@ieee.org>
parents:
5065
diff
changeset
|
605 ({('test', None): {}}, [])) |
|
e424987d294a
Add support for an integer type to join the existing number type.
John Rouillard <rouilj@ieee.org>
parents:
5065
diff
changeset
|
606 self.assertEqual(self.parseForm({'intval': ' '}), |
|
e424987d294a
Add support for an integer type to join the existing number type.
John Rouillard <rouilj@ieee.org>
parents:
5065
diff
changeset
|
607 ({('test', None): {}}, [])) |
|
e424987d294a
Add support for an integer type to join the existing number type.
John Rouillard <rouilj@ieee.org>
parents:
5065
diff
changeset
|
608 self.assertRaises(FormError, self.parseForm, {'intval': ['', '']}) |
|
e424987d294a
Add support for an integer type to join the existing number type.
John Rouillard <rouilj@ieee.org>
parents:
5065
diff
changeset
|
609 |
|
e424987d294a
Add support for an integer type to join the existing number type.
John Rouillard <rouilj@ieee.org>
parents:
5065
diff
changeset
|
610 def testInvalidInteger(self): |
|
e424987d294a
Add support for an integer type to join the existing number type.
John Rouillard <rouilj@ieee.org>
parents:
5065
diff
changeset
|
611 self.assertRaises(FormError, self.parseForm, {'intval': 'hi, mum!'}) |
|
e424987d294a
Add support for an integer type to join the existing number type.
John Rouillard <rouilj@ieee.org>
parents:
5065
diff
changeset
|
612 |
|
e424987d294a
Add support for an integer type to join the existing number type.
John Rouillard <rouilj@ieee.org>
parents:
5065
diff
changeset
|
613 def testSetInteger(self): |
|
e424987d294a
Add support for an integer type to join the existing number type.
John Rouillard <rouilj@ieee.org>
parents:
5065
diff
changeset
|
614 self.assertEqual(self.parseForm({'intval': '1'}), |
|
e424987d294a
Add support for an integer type to join the existing number type.
John Rouillard <rouilj@ieee.org>
parents:
5065
diff
changeset
|
615 ({('test', None): {'intval': 1}}, [])) |
|
e424987d294a
Add support for an integer type to join the existing number type.
John Rouillard <rouilj@ieee.org>
parents:
5065
diff
changeset
|
616 self.assertEqual(self.parseForm({'intval': '0'}), |
|
e424987d294a
Add support for an integer type to join the existing number type.
John Rouillard <rouilj@ieee.org>
parents:
5065
diff
changeset
|
617 ({('test', None): {'intval': 0}}, [])) |
|
e424987d294a
Add support for an integer type to join the existing number type.
John Rouillard <rouilj@ieee.org>
parents:
5065
diff
changeset
|
618 self.assertEqual(self.parseForm({'intval': '\n0\n'}), |
|
e424987d294a
Add support for an integer type to join the existing number type.
John Rouillard <rouilj@ieee.org>
parents:
5065
diff
changeset
|
619 ({('test', None): {'intval': 0}}, [])) |
|
e424987d294a
Add support for an integer type to join the existing number type.
John Rouillard <rouilj@ieee.org>
parents:
5065
diff
changeset
|
620 |
|
e424987d294a
Add support for an integer type to join the existing number type.
John Rouillard <rouilj@ieee.org>
parents:
5065
diff
changeset
|
621 def testSetIntegerReplaceOne(self): |
|
e424987d294a
Add support for an integer type to join the existing number type.
John Rouillard <rouilj@ieee.org>
parents:
5065
diff
changeset
|
622 nodeid = self.db.test.create(intval=1) |
|
e424987d294a
Add support for an integer type to join the existing number type.
John Rouillard <rouilj@ieee.org>
parents:
5065
diff
changeset
|
623 self.assertEqual(self.parseForm({'intval': '1'}, 'test', nodeid), |
|
e424987d294a
Add support for an integer type to join the existing number type.
John Rouillard <rouilj@ieee.org>
parents:
5065
diff
changeset
|
624 ({('test', nodeid): {}}, [])) |
|
e424987d294a
Add support for an integer type to join the existing number type.
John Rouillard <rouilj@ieee.org>
parents:
5065
diff
changeset
|
625 self.assertEqual(self.parseForm({'intval': '0'}, 'test', nodeid), |
|
e424987d294a
Add support for an integer type to join the existing number type.
John Rouillard <rouilj@ieee.org>
parents:
5065
diff
changeset
|
626 ({('test', nodeid): {'intval': 0}}, [])) |
|
e424987d294a
Add support for an integer type to join the existing number type.
John Rouillard <rouilj@ieee.org>
parents:
5065
diff
changeset
|
627 |
|
e424987d294a
Add support for an integer type to join the existing number type.
John Rouillard <rouilj@ieee.org>
parents:
5065
diff
changeset
|
628 def testSetIntegerReplaceZero(self): |
|
e424987d294a
Add support for an integer type to join the existing number type.
John Rouillard <rouilj@ieee.org>
parents:
5065
diff
changeset
|
629 nodeid = self.db.test.create(intval=0) |
|
e424987d294a
Add support for an integer type to join the existing number type.
John Rouillard <rouilj@ieee.org>
parents:
5065
diff
changeset
|
630 self.assertEqual(self.parseForm({'intval': '0'}, 'test', nodeid), |
|
e424987d294a
Add support for an integer type to join the existing number type.
John Rouillard <rouilj@ieee.org>
parents:
5065
diff
changeset
|
631 ({('test', nodeid): {}}, [])) |
|
e424987d294a
Add support for an integer type to join the existing number type.
John Rouillard <rouilj@ieee.org>
parents:
5065
diff
changeset
|
632 |
|
e424987d294a
Add support for an integer type to join the existing number type.
John Rouillard <rouilj@ieee.org>
parents:
5065
diff
changeset
|
633 def testSetIntegerReplaceNone(self): |
|
e424987d294a
Add support for an integer type to join the existing number type.
John Rouillard <rouilj@ieee.org>
parents:
5065
diff
changeset
|
634 nodeid = self.db.test.create() |
|
e424987d294a
Add support for an integer type to join the existing number type.
John Rouillard <rouilj@ieee.org>
parents:
5065
diff
changeset
|
635 self.assertEqual(self.parseForm({'intval': '0'}, 'test', nodeid), |
|
e424987d294a
Add support for an integer type to join the existing number type.
John Rouillard <rouilj@ieee.org>
parents:
5065
diff
changeset
|
636 ({('test', nodeid): {'intval': 0}}, [])) |
|
e424987d294a
Add support for an integer type to join the existing number type.
John Rouillard <rouilj@ieee.org>
parents:
5065
diff
changeset
|
637 self.assertEqual(self.parseForm({'intval': '1'}, 'test', nodeid), |
|
e424987d294a
Add support for an integer type to join the existing number type.
John Rouillard <rouilj@ieee.org>
parents:
5065
diff
changeset
|
638 ({('test', nodeid): {'intval': 1}}, [])) |
|
e424987d294a
Add support for an integer type to join the existing number type.
John Rouillard <rouilj@ieee.org>
parents:
5065
diff
changeset
|
639 |
|
e424987d294a
Add support for an integer type to join the existing number type.
John Rouillard <rouilj@ieee.org>
parents:
5065
diff
changeset
|
640 def testEmptyIntegerSet(self): |
|
e424987d294a
Add support for an integer type to join the existing number type.
John Rouillard <rouilj@ieee.org>
parents:
5065
diff
changeset
|
641 nodeid = self.db.test.create(intval=0) |
|
e424987d294a
Add support for an integer type to join the existing number type.
John Rouillard <rouilj@ieee.org>
parents:
5065
diff
changeset
|
642 self.assertEqual(self.parseForm({'intval': ''}, 'test', nodeid), |
|
e424987d294a
Add support for an integer type to join the existing number type.
John Rouillard <rouilj@ieee.org>
parents:
5065
diff
changeset
|
643 ({('test', nodeid): {'intval': None}}, [])) |
|
e424987d294a
Add support for an integer type to join the existing number type.
John Rouillard <rouilj@ieee.org>
parents:
5065
diff
changeset
|
644 nodeid = self.db.test.create(intval=1) |
|
e424987d294a
Add support for an integer type to join the existing number type.
John Rouillard <rouilj@ieee.org>
parents:
5065
diff
changeset
|
645 self.assertEqual(self.parseForm({'intval': ' '}, 'test', nodeid), |
|
e424987d294a
Add support for an integer type to join the existing number type.
John Rouillard <rouilj@ieee.org>
parents:
5065
diff
changeset
|
646 ({('test', nodeid): {'intval': None}}, [])) |
|
e424987d294a
Add support for an integer type to join the existing number type.
John Rouillard <rouilj@ieee.org>
parents:
5065
diff
changeset
|
647 |
|
e424987d294a
Add support for an integer type to join the existing number type.
John Rouillard <rouilj@ieee.org>
parents:
5065
diff
changeset
|
648 def testRequiredInteger(self): |
|
e424987d294a
Add support for an integer type to join the existing number type.
John Rouillard <rouilj@ieee.org>
parents:
5065
diff
changeset
|
649 self.assertRaises(FormError, self.parseForm, {'intval': '', |
|
e424987d294a
Add support for an integer type to join the existing number type.
John Rouillard <rouilj@ieee.org>
parents:
5065
diff
changeset
|
650 ':required': 'intval'}) |
|
e424987d294a
Add support for an integer type to join the existing number type.
John Rouillard <rouilj@ieee.org>
parents:
5065
diff
changeset
|
651 try: |
|
e424987d294a
Add support for an integer type to join the existing number type.
John Rouillard <rouilj@ieee.org>
parents:
5065
diff
changeset
|
652 self.parseForm({'intval': '0', ':required': 'intval'}) |
|
e424987d294a
Add support for an integer type to join the existing number type.
John Rouillard <rouilj@ieee.org>
parents:
5065
diff
changeset
|
653 except FormError: |
|
e424987d294a
Add support for an integer type to join the existing number type.
John Rouillard <rouilj@ieee.org>
parents:
5065
diff
changeset
|
654 self.fail('intval "no" raised "required missing"') |
|
e424987d294a
Add support for an integer type to join the existing number type.
John Rouillard <rouilj@ieee.org>
parents:
5065
diff
changeset
|
655 |
|
e424987d294a
Add support for an integer type to join the existing number type.
John Rouillard <rouilj@ieee.org>
parents:
5065
diff
changeset
|
656 # |
|
1393
71928bf79302
more CGI fixes and tests
Richard Jones <richard@users.sourceforge.net>
parents:
1385
diff
changeset
|
657 # Date |
|
71928bf79302
more CGI fixes and tests
Richard Jones <richard@users.sourceforge.net>
parents:
1385
diff
changeset
|
658 # |
|
71928bf79302
more CGI fixes and tests
Richard Jones <richard@users.sourceforge.net>
parents:
1385
diff
changeset
|
659 def testEmptyDate(self): |
|
1425
58ce2c1614cd
new form handling complete
Richard Jones <richard@users.sourceforge.net>
parents:
1420
diff
changeset
|
660 self.assertEqual(self.parseForm({'date': ''}), |
|
58ce2c1614cd
new form handling complete
Richard Jones <richard@users.sourceforge.net>
parents:
1420
diff
changeset
|
661 ({('test', None): {}}, [])) |
|
58ce2c1614cd
new form handling complete
Richard Jones <richard@users.sourceforge.net>
parents:
1420
diff
changeset
|
662 self.assertEqual(self.parseForm({'date': ' '}), |
|
58ce2c1614cd
new form handling complete
Richard Jones <richard@users.sourceforge.net>
parents:
1420
diff
changeset
|
663 ({('test', None): {}}, [])) |
|
1819
e24cebaaa7e8
Use FormError.
Johannes Gijsbers <jlgijsbers@users.sourceforge.net>
parents:
1797
diff
changeset
|
664 self.assertRaises(FormError, self.parseForm, {'date': ['', '']}) |
|
1385
2bd4822f96a6
- more fixes to CGI form handling
Richard Jones <richard@users.sourceforge.net>
parents:
1382
diff
changeset
|
665 |
|
1562
b975da59cd11
handle invalid data input in forms better
Richard Jones <richard@users.sourceforge.net>
parents:
1525
diff
changeset
|
666 def testInvalidDate(self): |
|
1819
e24cebaaa7e8
Use FormError.
Johannes Gijsbers <jlgijsbers@users.sourceforge.net>
parents:
1797
diff
changeset
|
667 self.assertRaises(FormError, self.parseForm, {'date': '12'}) |
|
1562
b975da59cd11
handle invalid data input in forms better
Richard Jones <richard@users.sourceforge.net>
parents:
1525
diff
changeset
|
668 |
|
1393
71928bf79302
more CGI fixes and tests
Richard Jones <richard@users.sourceforge.net>
parents:
1385
diff
changeset
|
669 def testSetDate(self): |
|
1420
3ac43c62a250
implemented extension to form parsing...
Richard Jones <richard@users.sourceforge.net>
parents:
1393
diff
changeset
|
670 self.assertEqual(self.parseForm({'date': '2003-01-01'}), |
|
1425
58ce2c1614cd
new form handling complete
Richard Jones <richard@users.sourceforge.net>
parents:
1420
diff
changeset
|
671 ({('test', None): {'date': date.Date('2003-01-01')}}, [])) |
|
1393
71928bf79302
more CGI fixes and tests
Richard Jones <richard@users.sourceforge.net>
parents:
1385
diff
changeset
|
672 nodeid = self.db.test.create(date=date.Date('2003-01-01')) |
|
2696
a5c5a1106e3b
init.initialize() was removed in [[CVS:1.30]] (27-jul-2004)
Alexander Smishlajev <a1s@users.sourceforge.net>
parents:
2027
diff
changeset
|
673 self.assertEqual(self.parseForm({'date': '2003-01-01'}, 'test', |
|
1425
58ce2c1614cd
new form handling complete
Richard Jones <richard@users.sourceforge.net>
parents:
1420
diff
changeset
|
674 nodeid), ({('test', nodeid): {}}, [])) |
|
1393
71928bf79302
more CGI fixes and tests
Richard Jones <richard@users.sourceforge.net>
parents:
1385
diff
changeset
|
675 |
|
71928bf79302
more CGI fixes and tests
Richard Jones <richard@users.sourceforge.net>
parents:
1385
diff
changeset
|
676 def testEmptyDateSet(self): |
|
71928bf79302
more CGI fixes and tests
Richard Jones <richard@users.sourceforge.net>
parents:
1385
diff
changeset
|
677 nodeid = self.db.test.create(date=date.Date('.')) |
|
2696
a5c5a1106e3b
init.initialize() was removed in [[CVS:1.30]] (27-jul-2004)
Alexander Smishlajev <a1s@users.sourceforge.net>
parents:
2027
diff
changeset
|
678 self.assertEqual(self.parseForm({'date': ''}, 'test', nodeid), |
|
1425
58ce2c1614cd
new form handling complete
Richard Jones <richard@users.sourceforge.net>
parents:
1420
diff
changeset
|
679 ({('test', nodeid): {'date': None}}, [])) |
|
1393
71928bf79302
more CGI fixes and tests
Richard Jones <richard@users.sourceforge.net>
parents:
1385
diff
changeset
|
680 nodeid = self.db.test.create(date=date.Date('1970-01-01.00:00:00')) |
|
2696
a5c5a1106e3b
init.initialize() was removed in [[CVS:1.30]] (27-jul-2004)
Alexander Smishlajev <a1s@users.sourceforge.net>
parents:
2027
diff
changeset
|
681 self.assertEqual(self.parseForm({'date': ' '}, 'test', nodeid), |
|
1425
58ce2c1614cd
new form handling complete
Richard Jones <richard@users.sourceforge.net>
parents:
1420
diff
changeset
|
682 ({('test', nodeid): {'date': None}}, [])) |
|
1420
3ac43c62a250
implemented extension to form parsing...
Richard Jones <richard@users.sourceforge.net>
parents:
1393
diff
changeset
|
683 |
|
3ac43c62a250
implemented extension to form parsing...
Richard Jones <richard@users.sourceforge.net>
parents:
1393
diff
changeset
|
684 # |
|
3ac43c62a250
implemented extension to form parsing...
Richard Jones <richard@users.sourceforge.net>
parents:
1393
diff
changeset
|
685 # Test multiple items in form |
|
3ac43c62a250
implemented extension to form parsing...
Richard Jones <richard@users.sourceforge.net>
parents:
1393
diff
changeset
|
686 # |
|
3ac43c62a250
implemented extension to form parsing...
Richard Jones <richard@users.sourceforge.net>
parents:
1393
diff
changeset
|
687 def testMultiple(self): |
|
1425
58ce2c1614cd
new form handling complete
Richard Jones <richard@users.sourceforge.net>
parents:
1420
diff
changeset
|
688 self.assertEqual(self.parseForm({'string': 'a', 'issue-1@title': 'b'}), |
|
1438
13c42b803101
Better handling of the form variable labels.
Richard Jones <richard@users.sourceforge.net>
parents:
1431
diff
changeset
|
689 ({('test', None): {'string': 'a'}, |
|
13c42b803101
Better handling of the form variable labels.
Richard Jones <richard@users.sourceforge.net>
parents:
1431
diff
changeset
|
690 ('issue', '-1'): {'title': 'b'} |
|
13c42b803101
Better handling of the form variable labels.
Richard Jones <richard@users.sourceforge.net>
parents:
1431
diff
changeset
|
691 }, [])) |
|
13c42b803101
Better handling of the form variable labels.
Richard Jones <richard@users.sourceforge.net>
parents:
1431
diff
changeset
|
692 |
|
13c42b803101
Better handling of the form variable labels.
Richard Jones <richard@users.sourceforge.net>
parents:
1431
diff
changeset
|
693 def testMultipleExistingContext(self): |
|
1420
3ac43c62a250
implemented extension to form parsing...
Richard Jones <richard@users.sourceforge.net>
parents:
1393
diff
changeset
|
694 nodeid = self.db.test.create() |
|
1425
58ce2c1614cd
new form handling complete
Richard Jones <richard@users.sourceforge.net>
parents:
1420
diff
changeset
|
695 self.assertEqual(self.parseForm({'string': 'a', 'issue-1@title': 'b'}, |
|
1438
13c42b803101
Better handling of the form variable labels.
Richard Jones <richard@users.sourceforge.net>
parents:
1431
diff
changeset
|
696 'test', nodeid),({('test', nodeid): {'string': 'a'}, |
|
1425
58ce2c1614cd
new form handling complete
Richard Jones <richard@users.sourceforge.net>
parents:
1420
diff
changeset
|
697 ('issue', '-1'): {'title': 'b'}}, [])) |
|
1438
13c42b803101
Better handling of the form variable labels.
Richard Jones <richard@users.sourceforge.net>
parents:
1431
diff
changeset
|
698 |
|
13c42b803101
Better handling of the form variable labels.
Richard Jones <richard@users.sourceforge.net>
parents:
1431
diff
changeset
|
699 def testLinking(self): |
|
1425
58ce2c1614cd
new form handling complete
Richard Jones <richard@users.sourceforge.net>
parents:
1420
diff
changeset
|
700 self.assertEqual(self.parseForm({ |
|
58ce2c1614cd
new form handling complete
Richard Jones <richard@users.sourceforge.net>
parents:
1420
diff
changeset
|
701 'string': 'a', |
|
1438
13c42b803101
Better handling of the form variable labels.
Richard Jones <richard@users.sourceforge.net>
parents:
1431
diff
changeset
|
702 'issue-1@add@nosy': '1', |
|
13c42b803101
Better handling of the form variable labels.
Richard Jones <richard@users.sourceforge.net>
parents:
1431
diff
changeset
|
703 'issue-2@link@superseder': 'issue-1', |
|
1425
58ce2c1614cd
new form handling complete
Richard Jones <richard@users.sourceforge.net>
parents:
1420
diff
changeset
|
704 }), |
|
58ce2c1614cd
new form handling complete
Richard Jones <richard@users.sourceforge.net>
parents:
1420
diff
changeset
|
705 ({('test', None): {'string': 'a'}, |
|
58ce2c1614cd
new form handling complete
Richard Jones <richard@users.sourceforge.net>
parents:
1420
diff
changeset
|
706 ('issue', '-1'): {'nosy': ['1']}, |
|
1438
13c42b803101
Better handling of the form variable labels.
Richard Jones <richard@users.sourceforge.net>
parents:
1431
diff
changeset
|
707 }, |
|
13c42b803101
Better handling of the form variable labels.
Richard Jones <richard@users.sourceforge.net>
parents:
1431
diff
changeset
|
708 [('issue', '-2', 'superseder', [('issue', '-1')]) |
|
13c42b803101
Better handling of the form variable labels.
Richard Jones <richard@users.sourceforge.net>
parents:
1431
diff
changeset
|
709 ] |
|
1425
58ce2c1614cd
new form handling complete
Richard Jones <richard@users.sourceforge.net>
parents:
1420
diff
changeset
|
710 ) |
|
58ce2c1614cd
new form handling complete
Richard Jones <richard@users.sourceforge.net>
parents:
1420
diff
changeset
|
711 ) |
|
58ce2c1614cd
new form handling complete
Richard Jones <richard@users.sourceforge.net>
parents:
1420
diff
changeset
|
712 |
|
3982
efcea2fe69be
add new test for multiple message creation
Richard Jones <richard@users.sourceforge.net>
parents:
3980
diff
changeset
|
713 def testMessages(self): |
|
efcea2fe69be
add new test for multiple message creation
Richard Jones <richard@users.sourceforge.net>
parents:
3980
diff
changeset
|
714 self.assertEqual(self.parseForm({ |
|
efcea2fe69be
add new test for multiple message creation
Richard Jones <richard@users.sourceforge.net>
parents:
3980
diff
changeset
|
715 'msg-1@content': 'asdf', |
|
efcea2fe69be
add new test for multiple message creation
Richard Jones <richard@users.sourceforge.net>
parents:
3980
diff
changeset
|
716 'msg-2@content': 'qwer', |
|
efcea2fe69be
add new test for multiple message creation
Richard Jones <richard@users.sourceforge.net>
parents:
3980
diff
changeset
|
717 '@link@messages': 'msg-1, msg-2'}), |
|
efcea2fe69be
add new test for multiple message creation
Richard Jones <richard@users.sourceforge.net>
parents:
3980
diff
changeset
|
718 ({('test', None): {}, |
|
efcea2fe69be
add new test for multiple message creation
Richard Jones <richard@users.sourceforge.net>
parents:
3980
diff
changeset
|
719 ('msg', '-2'): {'content': 'qwer'}, |
|
efcea2fe69be
add new test for multiple message creation
Richard Jones <richard@users.sourceforge.net>
parents:
3980
diff
changeset
|
720 ('msg', '-1'): {'content': 'asdf'}}, |
|
efcea2fe69be
add new test for multiple message creation
Richard Jones <richard@users.sourceforge.net>
parents:
3980
diff
changeset
|
721 [('test', None, 'messages', [('msg', '-1'), ('msg', '-2')])] |
|
efcea2fe69be
add new test for multiple message creation
Richard Jones <richard@users.sourceforge.net>
parents:
3980
diff
changeset
|
722 ) |
|
efcea2fe69be
add new test for multiple message creation
Richard Jones <richard@users.sourceforge.net>
parents:
3980
diff
changeset
|
723 ) |
|
efcea2fe69be
add new test for multiple message creation
Richard Jones <richard@users.sourceforge.net>
parents:
3980
diff
changeset
|
724 |
|
1425
58ce2c1614cd
new form handling complete
Richard Jones <richard@users.sourceforge.net>
parents:
1420
diff
changeset
|
725 def testLinkBadDesignator(self): |
|
1819
e24cebaaa7e8
Use FormError.
Johannes Gijsbers <jlgijsbers@users.sourceforge.net>
parents:
1797
diff
changeset
|
726 self.assertRaises(FormError, self.parseForm, |
|
1438
13c42b803101
Better handling of the form variable labels.
Richard Jones <richard@users.sourceforge.net>
parents:
1431
diff
changeset
|
727 {'test-1@link@link': 'blah'}) |
|
1819
e24cebaaa7e8
Use FormError.
Johannes Gijsbers <jlgijsbers@users.sourceforge.net>
parents:
1797
diff
changeset
|
728 self.assertRaises(FormError, self.parseForm, |
|
1438
13c42b803101
Better handling of the form variable labels.
Richard Jones <richard@users.sourceforge.net>
parents:
1431
diff
changeset
|
729 {'test-1@link@link': 'issue'}) |
|
1425
58ce2c1614cd
new form handling complete
Richard Jones <richard@users.sourceforge.net>
parents:
1420
diff
changeset
|
730 |
|
1446
8ce33ce262a4
fix property type check, and dont create items that have no properties
Richard Jones <richard@users.sourceforge.net>
parents:
1438
diff
changeset
|
731 def testLinkNotLink(self): |
|
1819
e24cebaaa7e8
Use FormError.
Johannes Gijsbers <jlgijsbers@users.sourceforge.net>
parents:
1797
diff
changeset
|
732 self.assertRaises(FormError, self.parseForm, |
|
1446
8ce33ce262a4
fix property type check, and dont create items that have no properties
Richard Jones <richard@users.sourceforge.net>
parents:
1438
diff
changeset
|
733 {'test-1@link@boolean': 'issue-1'}) |
|
1819
e24cebaaa7e8
Use FormError.
Johannes Gijsbers <jlgijsbers@users.sourceforge.net>
parents:
1797
diff
changeset
|
734 self.assertRaises(FormError, self.parseForm, |
|
1446
8ce33ce262a4
fix property type check, and dont create items that have no properties
Richard Jones <richard@users.sourceforge.net>
parents:
1438
diff
changeset
|
735 {'test-1@link@string': 'issue-1'}) |
|
8ce33ce262a4
fix property type check, and dont create items that have no properties
Richard Jones <richard@users.sourceforge.net>
parents:
1438
diff
changeset
|
736 |
|
1425
58ce2c1614cd
new form handling complete
Richard Jones <richard@users.sourceforge.net>
parents:
1420
diff
changeset
|
737 def testBackwardsCompat(self): |
|
1431
c70068162e64
Altered Class.create() and FileClass.create() methods...
Richard Jones <richard@users.sourceforge.net>
parents:
1425
diff
changeset
|
738 res = self.parseForm({':note': 'spam'}, 'issue') |
|
c70068162e64
Altered Class.create() and FileClass.create() methods...
Richard Jones <richard@users.sourceforge.net>
parents:
1425
diff
changeset
|
739 date = res[0][('msg', '-1')]['date'] |
|
c70068162e64
Altered Class.create() and FileClass.create() methods...
Richard Jones <richard@users.sourceforge.net>
parents:
1425
diff
changeset
|
740 self.assertEqual(res, ({('issue', None): {}, ('msg', '-1'): |
|
c70068162e64
Altered Class.create() and FileClass.create() methods...
Richard Jones <richard@users.sourceforge.net>
parents:
1425
diff
changeset
|
741 {'content': 'spam', 'author': '1', 'date': date}}, |
|
1425
58ce2c1614cd
new form handling complete
Richard Jones <richard@users.sourceforge.net>
parents:
1420
diff
changeset
|
742 [('issue', None, 'messages', [('msg', '-1')])])) |
|
58ce2c1614cd
new form handling complete
Richard Jones <richard@users.sourceforge.net>
parents:
1420
diff
changeset
|
743 file = FileUpload('foo', 'foo.txt') |
|
58ce2c1614cd
new form handling complete
Richard Jones <richard@users.sourceforge.net>
parents:
1420
diff
changeset
|
744 self.assertEqual(self.parseForm({':file': file}, 'issue'), |
|
58ce2c1614cd
new form handling complete
Richard Jones <richard@users.sourceforge.net>
parents:
1420
diff
changeset
|
745 ({('issue', None): {}, ('file', '-1'): {'content': 'foo', |
|
58ce2c1614cd
new form handling complete
Richard Jones <richard@users.sourceforge.net>
parents:
1420
diff
changeset
|
746 'name': 'foo.txt', 'type': 'text/plain'}}, |
|
58ce2c1614cd
new form handling complete
Richard Jones <richard@users.sourceforge.net>
parents:
1420
diff
changeset
|
747 [('issue', None, 'files', [('file', '-1')])])) |
|
1377
9ddb3ab23a3f
start of CGI form handling tests
Richard Jones <richard@users.sourceforge.net>
parents:
diff
changeset
|
748 |
|
6382
b35a50d02890
Fix issue2551129 - Template not found return 500 and traceback
John Rouillard <rouilj@ieee.org>
parents:
6366
diff
changeset
|
749 def testErrorForBadTemplate(self): |
|
b35a50d02890
Fix issue2551129 - Template not found return 500 and traceback
John Rouillard <rouilj@ieee.org>
parents:
6366
diff
changeset
|
750 form = {} |
|
b35a50d02890
Fix issue2551129 - Template not found return 500 and traceback
John Rouillard <rouilj@ieee.org>
parents:
6366
diff
changeset
|
751 cl = self.setupClient(form, 'issue', '1', template="broken", |
|
b35a50d02890
Fix issue2551129 - Template not found return 500 and traceback
John Rouillard <rouilj@ieee.org>
parents:
6366
diff
changeset
|
752 env_addon = {'HTTP_REFERER': 'http://whoami.com/path/'}) |
|
b35a50d02890
Fix issue2551129 - Template not found return 500 and traceback
John Rouillard <rouilj@ieee.org>
parents:
6366
diff
changeset
|
753 out = [] |
|
b35a50d02890
Fix issue2551129 - Template not found return 500 and traceback
John Rouillard <rouilj@ieee.org>
parents:
6366
diff
changeset
|
754 |
|
b35a50d02890
Fix issue2551129 - Template not found return 500 and traceback
John Rouillard <rouilj@ieee.org>
parents:
6366
diff
changeset
|
755 out = cl.renderContext() |
|
b35a50d02890
Fix issue2551129 - Template not found return 500 and traceback
John Rouillard <rouilj@ieee.org>
parents:
6366
diff
changeset
|
756 |
|
b35a50d02890
Fix issue2551129 - Template not found return 500 and traceback
John Rouillard <rouilj@ieee.org>
parents:
6366
diff
changeset
|
757 self.assertEqual(out, '<strong>No template file exists for templating "issue" with template "broken" (neither "issue.broken" nor "_generic.broken")</strong>') |
|
b35a50d02890
Fix issue2551129 - Template not found return 500 and traceback
John Rouillard <rouilj@ieee.org>
parents:
6366
diff
changeset
|
758 self.assertEqual(cl.response_code, 400) |
|
b35a50d02890
Fix issue2551129 - Template not found return 500 and traceback
John Rouillard <rouilj@ieee.org>
parents:
6366
diff
changeset
|
759 |
|
5166
232c74973a56
issue1408570: fix that form values are lost
Ralf Schlatterbeck <rsc@runtux.com>
parents:
5162
diff
changeset
|
760 def testFormValuePreserveOnError(self): |
|
232c74973a56
issue1408570: fix that form values are lost
Ralf Schlatterbeck <rsc@runtux.com>
parents:
5162
diff
changeset
|
761 page_template = """ |
|
232c74973a56
issue1408570: fix that form values are lost
Ralf Schlatterbeck <rsc@runtux.com>
parents:
5162
diff
changeset
|
762 <html> |
|
232c74973a56
issue1408570: fix that form values are lost
Ralf Schlatterbeck <rsc@runtux.com>
parents:
5162
diff
changeset
|
763 <body> |
|
232c74973a56
issue1408570: fix that form values are lost
Ralf Schlatterbeck <rsc@runtux.com>
parents:
5162
diff
changeset
|
764 <p tal:condition="options/error_message|nothing" |
|
232c74973a56
issue1408570: fix that form values are lost
Ralf Schlatterbeck <rsc@runtux.com>
parents:
5162
diff
changeset
|
765 tal:repeat="m options/error_message" |
|
232c74973a56
issue1408570: fix that form values are lost
Ralf Schlatterbeck <rsc@runtux.com>
parents:
5162
diff
changeset
|
766 tal:content="structure m"/> |
|
232c74973a56
issue1408570: fix that form values are lost
Ralf Schlatterbeck <rsc@runtux.com>
parents:
5162
diff
changeset
|
767 <p tal:content="context/title/plain"/> |
|
232c74973a56
issue1408570: fix that form values are lost
Ralf Schlatterbeck <rsc@runtux.com>
parents:
5162
diff
changeset
|
768 <p tal:content="context/priority/plain"/> |
|
232c74973a56
issue1408570: fix that form values are lost
Ralf Schlatterbeck <rsc@runtux.com>
parents:
5162
diff
changeset
|
769 <p tal:content="context/status/plain"/> |
|
232c74973a56
issue1408570: fix that form values are lost
Ralf Schlatterbeck <rsc@runtux.com>
parents:
5162
diff
changeset
|
770 <p tal:content="context/nosy/plain"/> |
|
232c74973a56
issue1408570: fix that form values are lost
Ralf Schlatterbeck <rsc@runtux.com>
parents:
5162
diff
changeset
|
771 <p tal:content="context/keyword/plain"/> |
|
232c74973a56
issue1408570: fix that form values are lost
Ralf Schlatterbeck <rsc@runtux.com>
parents:
5162
diff
changeset
|
772 <p tal:content="structure context/superseder/field"/> |
|
232c74973a56
issue1408570: fix that form values are lost
Ralf Schlatterbeck <rsc@runtux.com>
parents:
5162
diff
changeset
|
773 </body> |
|
232c74973a56
issue1408570: fix that form values are lost
Ralf Schlatterbeck <rsc@runtux.com>
parents:
5162
diff
changeset
|
774 </html> |
|
232c74973a56
issue1408570: fix that form values are lost
Ralf Schlatterbeck <rsc@runtux.com>
parents:
5162
diff
changeset
|
775 """.strip () |
|
232c74973a56
issue1408570: fix that form values are lost
Ralf Schlatterbeck <rsc@runtux.com>
parents:
5162
diff
changeset
|
776 self.db.keyword.create (name = 'key1') |
|
232c74973a56
issue1408570: fix that form values are lost
Ralf Schlatterbeck <rsc@runtux.com>
parents:
5162
diff
changeset
|
777 self.db.keyword.create (name = 'key2') |
|
232c74973a56
issue1408570: fix that form values are lost
Ralf Schlatterbeck <rsc@runtux.com>
parents:
5162
diff
changeset
|
778 nodeid = self.db.issue.create (title = 'Title', priority = '1', |
|
232c74973a56
issue1408570: fix that form values are lost
Ralf Schlatterbeck <rsc@runtux.com>
parents:
5162
diff
changeset
|
779 status = '1', nosy = ['1'], keyword = ['1']) |
|
232c74973a56
issue1408570: fix that form values are lost
Ralf Schlatterbeck <rsc@runtux.com>
parents:
5162
diff
changeset
|
780 self.db.commit () |
|
232c74973a56
issue1408570: fix that form values are lost
Ralf Schlatterbeck <rsc@runtux.com>
parents:
5162
diff
changeset
|
781 form = {':note': 'msg-content', 'title': 'New title', |
|
232c74973a56
issue1408570: fix that form values are lost
Ralf Schlatterbeck <rsc@runtux.com>
parents:
5162
diff
changeset
|
782 'priority': '2', 'status': '2', 'nosy': '1,2', 'keyword': '', |
|
232c74973a56
issue1408570: fix that form values are lost
Ralf Schlatterbeck <rsc@runtux.com>
parents:
5162
diff
changeset
|
783 'superseder': '5000', ':action': 'edit'} |
|
5201
a9ace22e0a2f
issue 2550690 - Adding anti-csrf measures to roundup following
John Rouillard <rouilj@ieee.org>
parents:
5185
diff
changeset
|
784 cl = self.setupClient(form, 'issue', '1', |
|
a9ace22e0a2f
issue 2550690 - Adding anti-csrf measures to roundup following
John Rouillard <rouilj@ieee.org>
parents:
5185
diff
changeset
|
785 env_addon = {'HTTP_REFERER': 'http://whoami.com/path/'}) |
|
5166
232c74973a56
issue1408570: fix that form values are lost
Ralf Schlatterbeck <rsc@runtux.com>
parents:
5162
diff
changeset
|
786 pt = RoundupPageTemplate() |
|
232c74973a56
issue1408570: fix that form values are lost
Ralf Schlatterbeck <rsc@runtux.com>
parents:
5162
diff
changeset
|
787 pt.pt_edit(page_template, 'text/html') |
|
232c74973a56
issue1408570: fix that form values are lost
Ralf Schlatterbeck <rsc@runtux.com>
parents:
5162
diff
changeset
|
788 out = [] |
|
232c74973a56
issue1408570: fix that form values are lost
Ralf Schlatterbeck <rsc@runtux.com>
parents:
5162
diff
changeset
|
789 def wh(s): |
|
232c74973a56
issue1408570: fix that form values are lost
Ralf Schlatterbeck <rsc@runtux.com>
parents:
5162
diff
changeset
|
790 out.append(s) |
|
232c74973a56
issue1408570: fix that form values are lost
Ralf Schlatterbeck <rsc@runtux.com>
parents:
5162
diff
changeset
|
791 cl.write_html = wh |
|
232c74973a56
issue1408570: fix that form values are lost
Ralf Schlatterbeck <rsc@runtux.com>
parents:
5162
diff
changeset
|
792 # Enable the following if we get a templating error: |
|
232c74973a56
issue1408570: fix that form values are lost
Ralf Schlatterbeck <rsc@runtux.com>
parents:
5162
diff
changeset
|
793 #def send_error (*args, **kw): |
|
232c74973a56
issue1408570: fix that form values are lost
Ralf Schlatterbeck <rsc@runtux.com>
parents:
5162
diff
changeset
|
794 # import pdb; pdb.set_trace() |
|
232c74973a56
issue1408570: fix that form values are lost
Ralf Schlatterbeck <rsc@runtux.com>
parents:
5162
diff
changeset
|
795 #cl.send_error_to_admin = send_error |
|
232c74973a56
issue1408570: fix that form values are lost
Ralf Schlatterbeck <rsc@runtux.com>
parents:
5162
diff
changeset
|
796 # Need to rollback the database on error -- this usually happens |
|
232c74973a56
issue1408570: fix that form values are lost
Ralf Schlatterbeck <rsc@runtux.com>
parents:
5162
diff
changeset
|
797 # in web-interface (and for other databases) anyway, need it for |
|
232c74973a56
issue1408570: fix that form values are lost
Ralf Schlatterbeck <rsc@runtux.com>
parents:
5162
diff
changeset
|
798 # testing that the form values are really used, not the database! |
|
232c74973a56
issue1408570: fix that form values are lost
Ralf Schlatterbeck <rsc@runtux.com>
parents:
5162
diff
changeset
|
799 # We do this together with the setup of the easy template above |
|
232c74973a56
issue1408570: fix that form values are lost
Ralf Schlatterbeck <rsc@runtux.com>
parents:
5162
diff
changeset
|
800 def load_template(x): |
|
232c74973a56
issue1408570: fix that form values are lost
Ralf Schlatterbeck <rsc@runtux.com>
parents:
5162
diff
changeset
|
801 cl.db.rollback() |
|
232c74973a56
issue1408570: fix that form values are lost
Ralf Schlatterbeck <rsc@runtux.com>
parents:
5162
diff
changeset
|
802 return pt |
|
232c74973a56
issue1408570: fix that form values are lost
Ralf Schlatterbeck <rsc@runtux.com>
parents:
5162
diff
changeset
|
803 cl.instance.templates.load = load_template |
|
232c74973a56
issue1408570: fix that form values are lost
Ralf Schlatterbeck <rsc@runtux.com>
parents:
5162
diff
changeset
|
804 cl.selectTemplate = MockNull() |
|
232c74973a56
issue1408570: fix that form values are lost
Ralf Schlatterbeck <rsc@runtux.com>
parents:
5162
diff
changeset
|
805 cl.determine_context = MockNull () |
|
232c74973a56
issue1408570: fix that form values are lost
Ralf Schlatterbeck <rsc@runtux.com>
parents:
5162
diff
changeset
|
806 def hasPermission(s, p, classname=None, d=None, e=None, **kw): |
|
232c74973a56
issue1408570: fix that form values are lost
Ralf Schlatterbeck <rsc@runtux.com>
parents:
5162
diff
changeset
|
807 return True |
|
232c74973a56
issue1408570: fix that form values are lost
Ralf Schlatterbeck <rsc@runtux.com>
parents:
5162
diff
changeset
|
808 actions.Action.hasPermission = hasPermission |
|
232c74973a56
issue1408570: fix that form values are lost
Ralf Schlatterbeck <rsc@runtux.com>
parents:
5162
diff
changeset
|
809 e1 = _HTMLItem.is_edit_ok |
|
232c74973a56
issue1408570: fix that form values are lost
Ralf Schlatterbeck <rsc@runtux.com>
parents:
5162
diff
changeset
|
810 _HTMLItem.is_edit_ok = lambda x : True |
|
232c74973a56
issue1408570: fix that form values are lost
Ralf Schlatterbeck <rsc@runtux.com>
parents:
5162
diff
changeset
|
811 e2 = HTMLProperty.is_edit_ok |
|
232c74973a56
issue1408570: fix that form values are lost
Ralf Schlatterbeck <rsc@runtux.com>
parents:
5162
diff
changeset
|
812 HTMLProperty.is_edit_ok = lambda x : True |
|
232c74973a56
issue1408570: fix that form values are lost
Ralf Schlatterbeck <rsc@runtux.com>
parents:
5162
diff
changeset
|
813 cl.inner_main() |
|
232c74973a56
issue1408570: fix that form values are lost
Ralf Schlatterbeck <rsc@runtux.com>
parents:
5162
diff
changeset
|
814 _HTMLItem.is_edit_ok = e1 |
|
232c74973a56
issue1408570: fix that form values are lost
Ralf Schlatterbeck <rsc@runtux.com>
parents:
5162
diff
changeset
|
815 HTMLProperty.is_edit_ok = e2 |
|
232c74973a56
issue1408570: fix that form values are lost
Ralf Schlatterbeck <rsc@runtux.com>
parents:
5162
diff
changeset
|
816 self.assertEqual(len(out), 1) |
|
232c74973a56
issue1408570: fix that form values are lost
Ralf Schlatterbeck <rsc@runtux.com>
parents:
5162
diff
changeset
|
817 self.assertEqual(out [0].strip (), """ |
|
232c74973a56
issue1408570: fix that form values are lost
Ralf Schlatterbeck <rsc@runtux.com>
parents:
5162
diff
changeset
|
818 <html> |
|
232c74973a56
issue1408570: fix that form values are lost
Ralf Schlatterbeck <rsc@runtux.com>
parents:
5162
diff
changeset
|
819 <body> |
|
232c74973a56
issue1408570: fix that form values are lost
Ralf Schlatterbeck <rsc@runtux.com>
parents:
5162
diff
changeset
|
820 <p>Edit Error: issue has no node 5000</p> |
|
232c74973a56
issue1408570: fix that form values are lost
Ralf Schlatterbeck <rsc@runtux.com>
parents:
5162
diff
changeset
|
821 <p>New title</p> |
|
232c74973a56
issue1408570: fix that form values are lost
Ralf Schlatterbeck <rsc@runtux.com>
parents:
5162
diff
changeset
|
822 <p>urgent</p> |
|
232c74973a56
issue1408570: fix that form values are lost
Ralf Schlatterbeck <rsc@runtux.com>
parents:
5162
diff
changeset
|
823 <p>deferred</p> |
|
232c74973a56
issue1408570: fix that form values are lost
Ralf Schlatterbeck <rsc@runtux.com>
parents:
5162
diff
changeset
|
824 <p>admin, anonymous</p> |
|
232c74973a56
issue1408570: fix that form values are lost
Ralf Schlatterbeck <rsc@runtux.com>
parents:
5162
diff
changeset
|
825 <p></p> |
|
5485
b0359a7c5b6d
create input elements with attributes in a defined (sorted) order
Christof Meerwald <cmeerw@cmeerw.org>
parents:
5484
diff
changeset
|
826 <p><input name="superseder" size="30" type="text" value="5000"></p> |
|
5166
232c74973a56
issue1408570: fix that form values are lost
Ralf Schlatterbeck <rsc@runtux.com>
parents:
5162
diff
changeset
|
827 </body> |
|
232c74973a56
issue1408570: fix that form values are lost
Ralf Schlatterbeck <rsc@runtux.com>
parents:
5162
diff
changeset
|
828 </html> |
|
232c74973a56
issue1408570: fix that form values are lost
Ralf Schlatterbeck <rsc@runtux.com>
parents:
5162
diff
changeset
|
829 """.strip ()) |
|
232c74973a56
issue1408570: fix that form values are lost
Ralf Schlatterbeck <rsc@runtux.com>
parents:
5162
diff
changeset
|
830 |
|
5519
14a61eabcea8
Fixed unicode issues for XML template with Python 2
Christof Meerwald <cmeerw@cmeerw.org>
parents:
5515
diff
changeset
|
831 def testXMLTemplate(self): |
|
14a61eabcea8
Fixed unicode issues for XML template with Python 2
Christof Meerwald <cmeerw@cmeerw.org>
parents:
5515
diff
changeset
|
832 page_template = """<?xml version="1.0" encoding="UTF-8"?><feed xmlns="http://www.w3.org/2005/Atom" xmlns:tal="http://xml.zope.org/namespaces/tal" xmlns:metal="http://xml.zope.org/namespaces/metal"></feed>""" |
|
14a61eabcea8
Fixed unicode issues for XML template with Python 2
Christof Meerwald <cmeerw@cmeerw.org>
parents:
5515
diff
changeset
|
833 pt = RoundupPageTemplate() |
|
14a61eabcea8
Fixed unicode issues for XML template with Python 2
Christof Meerwald <cmeerw@cmeerw.org>
parents:
5515
diff
changeset
|
834 pt.pt_edit(page_template, 'application/xml') |
|
14a61eabcea8
Fixed unicode issues for XML template with Python 2
Christof Meerwald <cmeerw@cmeerw.org>
parents:
5515
diff
changeset
|
835 |
|
14a61eabcea8
Fixed unicode issues for XML template with Python 2
Christof Meerwald <cmeerw@cmeerw.org>
parents:
5515
diff
changeset
|
836 cl = self.setupClient({ }, 'issue', |
|
14a61eabcea8
Fixed unicode issues for XML template with Python 2
Christof Meerwald <cmeerw@cmeerw.org>
parents:
5515
diff
changeset
|
837 env_addon = {'HTTP_REFERER': 'http://whoami.com/path/'}) |
|
14a61eabcea8
Fixed unicode issues for XML template with Python 2
Christof Meerwald <cmeerw@cmeerw.org>
parents:
5515
diff
changeset
|
838 out = pt.render(cl, 'issue', MockNull()) |
|
5786
68b0c1767b50
Replace assertEquals (depricated) with assertEqual.
John Rouillard <rouilj@ieee.org>
parents:
5771
diff
changeset
|
839 self.assertEqual(out, '<?xml version="1.0" encoding="UTF-8"?><feed\n xmlns="http://www.w3.org/2005/Atom"/>\n') |
|
5519
14a61eabcea8
Fixed unicode issues for XML template with Python 2
Christof Meerwald <cmeerw@cmeerw.org>
parents:
5515
diff
changeset
|
840 |
|
5924
b40059d7036f
issue2550925 strip HTTP_PROXY environment variable
John Rouillard <rouilj@ieee.org>
parents:
5847
diff
changeset
|
841 def testHttpProxyStrip(self): |
|
b40059d7036f
issue2550925 strip HTTP_PROXY environment variable
John Rouillard <rouilj@ieee.org>
parents:
5847
diff
changeset
|
842 os.environ['HTTP_PROXY'] = 'http://bad.news/here/' |
|
b40059d7036f
issue2550925 strip HTTP_PROXY environment variable
John Rouillard <rouilj@ieee.org>
parents:
5847
diff
changeset
|
843 cl = self.setupClient({ }, 'issue', |
|
b40059d7036f
issue2550925 strip HTTP_PROXY environment variable
John Rouillard <rouilj@ieee.org>
parents:
5847
diff
changeset
|
844 env_addon = {'HTTP_PROXY': 'http://bad.news/here/'}) |
|
b40059d7036f
issue2550925 strip HTTP_PROXY environment variable
John Rouillard <rouilj@ieee.org>
parents:
5847
diff
changeset
|
845 out = [] |
|
b40059d7036f
issue2550925 strip HTTP_PROXY environment variable
John Rouillard <rouilj@ieee.org>
parents:
5847
diff
changeset
|
846 def wh(s): |
|
b40059d7036f
issue2550925 strip HTTP_PROXY environment variable
John Rouillard <rouilj@ieee.org>
parents:
5847
diff
changeset
|
847 out.append(s) |
|
b40059d7036f
issue2550925 strip HTTP_PROXY environment variable
John Rouillard <rouilj@ieee.org>
parents:
5847
diff
changeset
|
848 cl.write_html = wh |
|
b40059d7036f
issue2550925 strip HTTP_PROXY environment variable
John Rouillard <rouilj@ieee.org>
parents:
5847
diff
changeset
|
849 cl.main() |
|
b40059d7036f
issue2550925 strip HTTP_PROXY environment variable
John Rouillard <rouilj@ieee.org>
parents:
5847
diff
changeset
|
850 self.assertFalse('HTTP_PROXY' in cl.env) |
|
b40059d7036f
issue2550925 strip HTTP_PROXY environment variable
John Rouillard <rouilj@ieee.org>
parents:
5847
diff
changeset
|
851 self.assertFalse('HTTP_PROXY' in os.environ) |
|
b40059d7036f
issue2550925 strip HTTP_PROXY environment variable
John Rouillard <rouilj@ieee.org>
parents:
5847
diff
changeset
|
852 |
|
5203
9f490cc0effe
Also rename test to testCsrfProtection
John Rouillard <rouilj@ieee.org>
parents:
5201
diff
changeset
|
853 def testCsrfProtection(self): |
|
5201
a9ace22e0a2f
issue 2550690 - Adding anti-csrf measures to roundup following
John Rouillard <rouilj@ieee.org>
parents:
5185
diff
changeset
|
854 # need to set SENDMAILDEBUG to prevent |
|
a9ace22e0a2f
issue 2550690 - Adding anti-csrf measures to roundup following
John Rouillard <rouilj@ieee.org>
parents:
5185
diff
changeset
|
855 # downstream issue when email is sent on successful |
|
a9ace22e0a2f
issue 2550690 - Adding anti-csrf measures to roundup following
John Rouillard <rouilj@ieee.org>
parents:
5185
diff
changeset
|
856 # issue creation. Also delete the file afterwards |
|
a9ace22e0a2f
issue 2550690 - Adding anti-csrf measures to roundup following
John Rouillard <rouilj@ieee.org>
parents:
5185
diff
changeset
|
857 # just tomake sure that someother test looking for |
|
a9ace22e0a2f
issue 2550690 - Adding anti-csrf measures to roundup following
John Rouillard <rouilj@ieee.org>
parents:
5185
diff
changeset
|
858 # SENDMAILDEBUG won't trip over ours. |
|
5381
0942fe89e82e
Python 3 preparation: change "x.has_key(y)" to "y in x".
Joseph Myers <jsm@polyomino.org.uk>
parents:
5376
diff
changeset
|
859 if 'SENDMAILDEBUG' not in os.environ: |
|
5201
a9ace22e0a2f
issue 2550690 - Adding anti-csrf measures to roundup following
John Rouillard <rouilj@ieee.org>
parents:
5185
diff
changeset
|
860 os.environ['SENDMAILDEBUG'] = 'mail-test1.log' |
|
a9ace22e0a2f
issue 2550690 - Adding anti-csrf measures to roundup following
John Rouillard <rouilj@ieee.org>
parents:
5185
diff
changeset
|
861 SENDMAILDEBUG = os.environ['SENDMAILDEBUG'] |
|
a9ace22e0a2f
issue 2550690 - Adding anti-csrf measures to roundup following
John Rouillard <rouilj@ieee.org>
parents:
5185
diff
changeset
|
862 |
|
a9ace22e0a2f
issue 2550690 - Adding anti-csrf measures to roundup following
John Rouillard <rouilj@ieee.org>
parents:
5185
diff
changeset
|
863 page_template = """ |
|
a9ace22e0a2f
issue 2550690 - Adding anti-csrf measures to roundup following
John Rouillard <rouilj@ieee.org>
parents:
5185
diff
changeset
|
864 <html> |
|
a9ace22e0a2f
issue 2550690 - Adding anti-csrf measures to roundup following
John Rouillard <rouilj@ieee.org>
parents:
5185
diff
changeset
|
865 <body> |
|
a9ace22e0a2f
issue 2550690 - Adding anti-csrf measures to roundup following
John Rouillard <rouilj@ieee.org>
parents:
5185
diff
changeset
|
866 <p tal:condition="options/error_message|nothing" |
|
a9ace22e0a2f
issue 2550690 - Adding anti-csrf measures to roundup following
John Rouillard <rouilj@ieee.org>
parents:
5185
diff
changeset
|
867 tal:repeat="m options/error_message" |
|
a9ace22e0a2f
issue 2550690 - Adding anti-csrf measures to roundup following
John Rouillard <rouilj@ieee.org>
parents:
5185
diff
changeset
|
868 tal:content="structure m"/> |
|
a9ace22e0a2f
issue 2550690 - Adding anti-csrf measures to roundup following
John Rouillard <rouilj@ieee.org>
parents:
5185
diff
changeset
|
869 <p tal:content="context/title/plain"/> |
|
a9ace22e0a2f
issue 2550690 - Adding anti-csrf measures to roundup following
John Rouillard <rouilj@ieee.org>
parents:
5185
diff
changeset
|
870 <p tal:content="context/priority/plain"/> |
|
a9ace22e0a2f
issue 2550690 - Adding anti-csrf measures to roundup following
John Rouillard <rouilj@ieee.org>
parents:
5185
diff
changeset
|
871 <p tal:content="context/status/plain"/> |
|
a9ace22e0a2f
issue 2550690 - Adding anti-csrf measures to roundup following
John Rouillard <rouilj@ieee.org>
parents:
5185
diff
changeset
|
872 <p tal:content="context/nosy/plain"/> |
|
a9ace22e0a2f
issue 2550690 - Adding anti-csrf measures to roundup following
John Rouillard <rouilj@ieee.org>
parents:
5185
diff
changeset
|
873 <p tal:content="context/keyword/plain"/> |
|
a9ace22e0a2f
issue 2550690 - Adding anti-csrf measures to roundup following
John Rouillard <rouilj@ieee.org>
parents:
5185
diff
changeset
|
874 <p tal:content="structure context/superseder/field"/> |
|
a9ace22e0a2f
issue 2550690 - Adding anti-csrf measures to roundup following
John Rouillard <rouilj@ieee.org>
parents:
5185
diff
changeset
|
875 </body> |
|
a9ace22e0a2f
issue 2550690 - Adding anti-csrf measures to roundup following
John Rouillard <rouilj@ieee.org>
parents:
5185
diff
changeset
|
876 </html> |
|
a9ace22e0a2f
issue 2550690 - Adding anti-csrf measures to roundup following
John Rouillard <rouilj@ieee.org>
parents:
5185
diff
changeset
|
877 """.strip () |
|
a9ace22e0a2f
issue 2550690 - Adding anti-csrf measures to roundup following
John Rouillard <rouilj@ieee.org>
parents:
5185
diff
changeset
|
878 self.db.keyword.create (name = 'key1') |
|
a9ace22e0a2f
issue 2550690 - Adding anti-csrf measures to roundup following
John Rouillard <rouilj@ieee.org>
parents:
5185
diff
changeset
|
879 self.db.keyword.create (name = 'key2') |
|
a9ace22e0a2f
issue 2550690 - Adding anti-csrf measures to roundup following
John Rouillard <rouilj@ieee.org>
parents:
5185
diff
changeset
|
880 nodeid = self.db.issue.create (title = 'Title', priority = '1', |
|
a9ace22e0a2f
issue 2550690 - Adding anti-csrf measures to roundup following
John Rouillard <rouilj@ieee.org>
parents:
5185
diff
changeset
|
881 status = '1', nosy = ['1'], keyword = ['1']) |
|
a9ace22e0a2f
issue 2550690 - Adding anti-csrf measures to roundup following
John Rouillard <rouilj@ieee.org>
parents:
5185
diff
changeset
|
882 self.db.commit () |
|
a9ace22e0a2f
issue 2550690 - Adding anti-csrf measures to roundup following
John Rouillard <rouilj@ieee.org>
parents:
5185
diff
changeset
|
883 form = {':note': 'msg-content', 'title': 'New title', |
|
a9ace22e0a2f
issue 2550690 - Adding anti-csrf measures to roundup following
John Rouillard <rouilj@ieee.org>
parents:
5185
diff
changeset
|
884 'priority': '2', 'status': '2', 'nosy': '1,2', 'keyword': '', |
|
a9ace22e0a2f
issue 2550690 - Adding anti-csrf measures to roundup following
John Rouillard <rouilj@ieee.org>
parents:
5185
diff
changeset
|
885 ':action': 'edit'} |
|
a9ace22e0a2f
issue 2550690 - Adding anti-csrf measures to roundup following
John Rouillard <rouilj@ieee.org>
parents:
5185
diff
changeset
|
886 cl = self.setupClient(form, 'issue', '1') |
|
a9ace22e0a2f
issue 2550690 - Adding anti-csrf measures to roundup following
John Rouillard <rouilj@ieee.org>
parents:
5185
diff
changeset
|
887 pt = RoundupPageTemplate() |
|
a9ace22e0a2f
issue 2550690 - Adding anti-csrf measures to roundup following
John Rouillard <rouilj@ieee.org>
parents:
5185
diff
changeset
|
888 pt.pt_edit(page_template, 'text/html') |
|
a9ace22e0a2f
issue 2550690 - Adding anti-csrf measures to roundup following
John Rouillard <rouilj@ieee.org>
parents:
5185
diff
changeset
|
889 out = [] |
|
a9ace22e0a2f
issue 2550690 - Adding anti-csrf measures to roundup following
John Rouillard <rouilj@ieee.org>
parents:
5185
diff
changeset
|
890 def wh(s): |
|
a9ace22e0a2f
issue 2550690 - Adding anti-csrf measures to roundup following
John Rouillard <rouilj@ieee.org>
parents:
5185
diff
changeset
|
891 out.append(s) |
|
a9ace22e0a2f
issue 2550690 - Adding anti-csrf measures to roundup following
John Rouillard <rouilj@ieee.org>
parents:
5185
diff
changeset
|
892 cl.write_html = wh |
|
a9ace22e0a2f
issue 2550690 - Adding anti-csrf measures to roundup following
John Rouillard <rouilj@ieee.org>
parents:
5185
diff
changeset
|
893 # Enable the following if we get a templating error: |
|
a9ace22e0a2f
issue 2550690 - Adding anti-csrf measures to roundup following
John Rouillard <rouilj@ieee.org>
parents:
5185
diff
changeset
|
894 #def send_error (*args, **kw): |
|
a9ace22e0a2f
issue 2550690 - Adding anti-csrf measures to roundup following
John Rouillard <rouilj@ieee.org>
parents:
5185
diff
changeset
|
895 # import pdb; pdb.set_trace() |
|
a9ace22e0a2f
issue 2550690 - Adding anti-csrf measures to roundup following
John Rouillard <rouilj@ieee.org>
parents:
5185
diff
changeset
|
896 #cl.send_error_to_admin = send_error |
|
a9ace22e0a2f
issue 2550690 - Adding anti-csrf measures to roundup following
John Rouillard <rouilj@ieee.org>
parents:
5185
diff
changeset
|
897 # Need to rollback the database on error -- this usually happens |
|
a9ace22e0a2f
issue 2550690 - Adding anti-csrf measures to roundup following
John Rouillard <rouilj@ieee.org>
parents:
5185
diff
changeset
|
898 # in web-interface (and for other databases) anyway, need it for |
|
a9ace22e0a2f
issue 2550690 - Adding anti-csrf measures to roundup following
John Rouillard <rouilj@ieee.org>
parents:
5185
diff
changeset
|
899 # testing that the form values are really used, not the database! |
|
a9ace22e0a2f
issue 2550690 - Adding anti-csrf measures to roundup following
John Rouillard <rouilj@ieee.org>
parents:
5185
diff
changeset
|
900 # We do this together with the setup of the easy template above |
|
a9ace22e0a2f
issue 2550690 - Adding anti-csrf measures to roundup following
John Rouillard <rouilj@ieee.org>
parents:
5185
diff
changeset
|
901 def load_template(x): |
|
a9ace22e0a2f
issue 2550690 - Adding anti-csrf measures to roundup following
John Rouillard <rouilj@ieee.org>
parents:
5185
diff
changeset
|
902 cl.db.rollback() |
|
a9ace22e0a2f
issue 2550690 - Adding anti-csrf measures to roundup following
John Rouillard <rouilj@ieee.org>
parents:
5185
diff
changeset
|
903 return pt |
|
a9ace22e0a2f
issue 2550690 - Adding anti-csrf measures to roundup following
John Rouillard <rouilj@ieee.org>
parents:
5185
diff
changeset
|
904 cl.instance.templates.load = load_template |
|
a9ace22e0a2f
issue 2550690 - Adding anti-csrf measures to roundup following
John Rouillard <rouilj@ieee.org>
parents:
5185
diff
changeset
|
905 cl.selectTemplate = MockNull() |
|
a9ace22e0a2f
issue 2550690 - Adding anti-csrf measures to roundup following
John Rouillard <rouilj@ieee.org>
parents:
5185
diff
changeset
|
906 cl.determine_context = MockNull () |
|
a9ace22e0a2f
issue 2550690 - Adding anti-csrf measures to roundup following
John Rouillard <rouilj@ieee.org>
parents:
5185
diff
changeset
|
907 def hasPermission(s, p, classname=None, d=None, e=None, **kw): |
|
a9ace22e0a2f
issue 2550690 - Adding anti-csrf measures to roundup following
John Rouillard <rouilj@ieee.org>
parents:
5185
diff
changeset
|
908 return True |
|
a9ace22e0a2f
issue 2550690 - Adding anti-csrf measures to roundup following
John Rouillard <rouilj@ieee.org>
parents:
5185
diff
changeset
|
909 actions.Action.hasPermission = hasPermission |
|
a9ace22e0a2f
issue 2550690 - Adding anti-csrf measures to roundup following
John Rouillard <rouilj@ieee.org>
parents:
5185
diff
changeset
|
910 e1 = _HTMLItem.is_edit_ok |
|
a9ace22e0a2f
issue 2550690 - Adding anti-csrf measures to roundup following
John Rouillard <rouilj@ieee.org>
parents:
5185
diff
changeset
|
911 _HTMLItem.is_edit_ok = lambda x : True |
|
a9ace22e0a2f
issue 2550690 - Adding anti-csrf measures to roundup following
John Rouillard <rouilj@ieee.org>
parents:
5185
diff
changeset
|
912 e2 = HTMLProperty.is_edit_ok |
|
a9ace22e0a2f
issue 2550690 - Adding anti-csrf measures to roundup following
John Rouillard <rouilj@ieee.org>
parents:
5185
diff
changeset
|
913 HTMLProperty.is_edit_ok = lambda x : True |
|
a9ace22e0a2f
issue 2550690 - Adding anti-csrf measures to roundup following
John Rouillard <rouilj@ieee.org>
parents:
5185
diff
changeset
|
914 |
|
a9ace22e0a2f
issue 2550690 - Adding anti-csrf measures to roundup following
John Rouillard <rouilj@ieee.org>
parents:
5185
diff
changeset
|
915 # test with no headers and config by default requires 1 |
|
a9ace22e0a2f
issue 2550690 - Adding anti-csrf measures to roundup following
John Rouillard <rouilj@ieee.org>
parents:
5185
diff
changeset
|
916 cl.inner_main() |
|
a9ace22e0a2f
issue 2550690 - Adding anti-csrf measures to roundup following
John Rouillard <rouilj@ieee.org>
parents:
5185
diff
changeset
|
917 match_at=out[0].find('Unable to verify sufficient headers') |
|
5376
64b05e24dbd8
Python 3 preparation: convert print to a function.
Joseph Myers <jsm@polyomino.org.uk>
parents:
5316
diff
changeset
|
918 print("result of subtest 1:", out[0]) |
|
5201
a9ace22e0a2f
issue 2550690 - Adding anti-csrf measures to roundup following
John Rouillard <rouilj@ieee.org>
parents:
5185
diff
changeset
|
919 self.assertNotEqual(match_at, -1) |
|
a9ace22e0a2f
issue 2550690 - Adding anti-csrf measures to roundup following
John Rouillard <rouilj@ieee.org>
parents:
5185
diff
changeset
|
920 del(out[0]) |
|
a9ace22e0a2f
issue 2550690 - Adding anti-csrf measures to roundup following
John Rouillard <rouilj@ieee.org>
parents:
5185
diff
changeset
|
921 |
|
a9ace22e0a2f
issue 2550690 - Adding anti-csrf measures to roundup following
John Rouillard <rouilj@ieee.org>
parents:
5185
diff
changeset
|
922 # all the rest of these allow at least one header to pass |
|
a9ace22e0a2f
issue 2550690 - Adding anti-csrf measures to roundup following
John Rouillard <rouilj@ieee.org>
parents:
5185
diff
changeset
|
923 # and the edit happens with a redirect back to issue 1 |
|
a9ace22e0a2f
issue 2550690 - Adding anti-csrf measures to roundup following
John Rouillard <rouilj@ieee.org>
parents:
5185
diff
changeset
|
924 cl.env['HTTP_REFERER'] = 'http://whoami.com/path/' |
|
a9ace22e0a2f
issue 2550690 - Adding anti-csrf measures to roundup following
John Rouillard <rouilj@ieee.org>
parents:
5185
diff
changeset
|
925 cl.inner_main() |
|
a9ace22e0a2f
issue 2550690 - Adding anti-csrf measures to roundup following
John Rouillard <rouilj@ieee.org>
parents:
5185
diff
changeset
|
926 match_at=out[0].find('Redirecting to <a href="http://whoami.com/path/issue1?@ok_message') |
|
5376
64b05e24dbd8
Python 3 preparation: convert print to a function.
Joseph Myers <jsm@polyomino.org.uk>
parents:
5316
diff
changeset
|
927 print("result of subtest 2:", out[0]) |
|
5201
a9ace22e0a2f
issue 2550690 - Adding anti-csrf measures to roundup following
John Rouillard <rouilj@ieee.org>
parents:
5185
diff
changeset
|
928 self.assertEqual(match_at, 0) |
|
a9ace22e0a2f
issue 2550690 - Adding anti-csrf measures to roundup following
John Rouillard <rouilj@ieee.org>
parents:
5185
diff
changeset
|
929 del(cl.env['HTTP_REFERER']) |
|
a9ace22e0a2f
issue 2550690 - Adding anti-csrf measures to roundup following
John Rouillard <rouilj@ieee.org>
parents:
5185
diff
changeset
|
930 del(out[0]) |
|
a9ace22e0a2f
issue 2550690 - Adding anti-csrf measures to roundup following
John Rouillard <rouilj@ieee.org>
parents:
5185
diff
changeset
|
931 |
|
a9ace22e0a2f
issue 2550690 - Adding anti-csrf measures to roundup following
John Rouillard <rouilj@ieee.org>
parents:
5185
diff
changeset
|
932 cl.env['HTTP_ORIGIN'] = 'http://whoami.com' |
|
a9ace22e0a2f
issue 2550690 - Adding anti-csrf measures to roundup following
John Rouillard <rouilj@ieee.org>
parents:
5185
diff
changeset
|
933 cl.inner_main() |
|
a9ace22e0a2f
issue 2550690 - Adding anti-csrf measures to roundup following
John Rouillard <rouilj@ieee.org>
parents:
5185
diff
changeset
|
934 match_at=out[0].find('Redirecting to <a href="http://whoami.com/path/issue1?@ok_message') |
|
5376
64b05e24dbd8
Python 3 preparation: convert print to a function.
Joseph Myers <jsm@polyomino.org.uk>
parents:
5316
diff
changeset
|
935 print("result of subtest 3:", out[0]) |
|
5201
a9ace22e0a2f
issue 2550690 - Adding anti-csrf measures to roundup following
John Rouillard <rouilj@ieee.org>
parents:
5185
diff
changeset
|
936 self.assertEqual(match_at, 0) |
|
a9ace22e0a2f
issue 2550690 - Adding anti-csrf measures to roundup following
John Rouillard <rouilj@ieee.org>
parents:
5185
diff
changeset
|
937 del(cl.env['HTTP_ORIGIN']) |
|
a9ace22e0a2f
issue 2550690 - Adding anti-csrf measures to roundup following
John Rouillard <rouilj@ieee.org>
parents:
5185
diff
changeset
|
938 del(out[0]) |
|
a9ace22e0a2f
issue 2550690 - Adding anti-csrf measures to roundup following
John Rouillard <rouilj@ieee.org>
parents:
5185
diff
changeset
|
939 |
|
5624
b3618882f906
issue2551023: Fix CSRF headers for use with wsgi and cgi. The
John Rouillard <rouilj@ieee.org>
parents:
5614
diff
changeset
|
940 cl.env['HTTP_X_FORWARDED_HOST'] = 'whoami.com' |
|
5201
a9ace22e0a2f
issue 2550690 - Adding anti-csrf measures to roundup following
John Rouillard <rouilj@ieee.org>
parents:
5185
diff
changeset
|
941 # if there is an X-FORWARDED-HOST header it is used and |
|
a9ace22e0a2f
issue 2550690 - Adding anti-csrf measures to roundup following
John Rouillard <rouilj@ieee.org>
parents:
5185
diff
changeset
|
942 # HOST header is ignored. X-FORWARDED-HOST should only be |
|
a9ace22e0a2f
issue 2550690 - Adding anti-csrf measures to roundup following
John Rouillard <rouilj@ieee.org>
parents:
5185
diff
changeset
|
943 # passed/set by a proxy. In this case the HOST header is |
|
a9ace22e0a2f
issue 2550690 - Adding anti-csrf measures to roundup following
John Rouillard <rouilj@ieee.org>
parents:
5185
diff
changeset
|
944 # the proxy's name for the web server and not the name |
|
a9ace22e0a2f
issue 2550690 - Adding anti-csrf measures to roundup following
John Rouillard <rouilj@ieee.org>
parents:
5185
diff
changeset
|
945 # thatis exposed to the world. |
|
a9ace22e0a2f
issue 2550690 - Adding anti-csrf measures to roundup following
John Rouillard <rouilj@ieee.org>
parents:
5185
diff
changeset
|
946 cl.env['HTTP_HOST'] = 'frontend1.whoami.net' |
|
a9ace22e0a2f
issue 2550690 - Adding anti-csrf measures to roundup following
John Rouillard <rouilj@ieee.org>
parents:
5185
diff
changeset
|
947 cl.inner_main() |
|
a9ace22e0a2f
issue 2550690 - Adding anti-csrf measures to roundup following
John Rouillard <rouilj@ieee.org>
parents:
5185
diff
changeset
|
948 match_at=out[0].find('Redirecting to <a href="http://whoami.com/path/issue1?@ok_message') |
|
5376
64b05e24dbd8
Python 3 preparation: convert print to a function.
Joseph Myers <jsm@polyomino.org.uk>
parents:
5316
diff
changeset
|
949 print("result of subtest 4:", out[0]) |
|
5201
a9ace22e0a2f
issue 2550690 - Adding anti-csrf measures to roundup following
John Rouillard <rouilj@ieee.org>
parents:
5185
diff
changeset
|
950 self.assertNotEqual(match_at, -1) |
|
5624
b3618882f906
issue2551023: Fix CSRF headers for use with wsgi and cgi. The
John Rouillard <rouilj@ieee.org>
parents:
5614
diff
changeset
|
951 del(cl.env['HTTP_X_FORWARDED_HOST']) |
|
5201
a9ace22e0a2f
issue 2550690 - Adding anti-csrf measures to roundup following
John Rouillard <rouilj@ieee.org>
parents:
5185
diff
changeset
|
952 del(cl.env['HTTP_HOST']) |
|
a9ace22e0a2f
issue 2550690 - Adding anti-csrf measures to roundup following
John Rouillard <rouilj@ieee.org>
parents:
5185
diff
changeset
|
953 del(out[0]) |
|
a9ace22e0a2f
issue 2550690 - Adding anti-csrf measures to roundup following
John Rouillard <rouilj@ieee.org>
parents:
5185
diff
changeset
|
954 |
|
a9ace22e0a2f
issue 2550690 - Adding anti-csrf measures to roundup following
John Rouillard <rouilj@ieee.org>
parents:
5185
diff
changeset
|
955 cl.env['HTTP_HOST'] = 'whoami.com' |
|
a9ace22e0a2f
issue 2550690 - Adding anti-csrf measures to roundup following
John Rouillard <rouilj@ieee.org>
parents:
5185
diff
changeset
|
956 cl.inner_main() |
|
a9ace22e0a2f
issue 2550690 - Adding anti-csrf measures to roundup following
John Rouillard <rouilj@ieee.org>
parents:
5185
diff
changeset
|
957 match_at=out[0].find('Redirecting to <a href="http://whoami.com/path/issue1?@ok_message') |
|
5376
64b05e24dbd8
Python 3 preparation: convert print to a function.
Joseph Myers <jsm@polyomino.org.uk>
parents:
5316
diff
changeset
|
958 print("result of subtest 5:", out[0]) |
|
5201
a9ace22e0a2f
issue 2550690 - Adding anti-csrf measures to roundup following
John Rouillard <rouilj@ieee.org>
parents:
5185
diff
changeset
|
959 self.assertEqual(match_at, 0) |
|
a9ace22e0a2f
issue 2550690 - Adding anti-csrf measures to roundup following
John Rouillard <rouilj@ieee.org>
parents:
5185
diff
changeset
|
960 del(cl.env['HTTP_HOST']) |
|
a9ace22e0a2f
issue 2550690 - Adding anti-csrf measures to roundup following
John Rouillard <rouilj@ieee.org>
parents:
5185
diff
changeset
|
961 del(out[0]) |
|
a9ace22e0a2f
issue 2550690 - Adding anti-csrf measures to roundup following
John Rouillard <rouilj@ieee.org>
parents:
5185
diff
changeset
|
962 |
|
a9ace22e0a2f
issue 2550690 - Adding anti-csrf measures to roundup following
John Rouillard <rouilj@ieee.org>
parents:
5185
diff
changeset
|
963 # try failing headers |
|
5624
b3618882f906
issue2551023: Fix CSRF headers for use with wsgi and cgi. The
John Rouillard <rouilj@ieee.org>
parents:
5614
diff
changeset
|
964 cl.env['HTTP_X_FORWARDED_HOST'] = 'whoami.net' |
|
5201
a9ace22e0a2f
issue 2550690 - Adding anti-csrf measures to roundup following
John Rouillard <rouilj@ieee.org>
parents:
5185
diff
changeset
|
965 # this raises an error as the header check passes and |
|
a9ace22e0a2f
issue 2550690 - Adding anti-csrf measures to roundup following
John Rouillard <rouilj@ieee.org>
parents:
5185
diff
changeset
|
966 # it did the edit and tries to send mail. |
|
a9ace22e0a2f
issue 2550690 - Adding anti-csrf measures to roundup following
John Rouillard <rouilj@ieee.org>
parents:
5185
diff
changeset
|
967 cl.inner_main() |
|
a9ace22e0a2f
issue 2550690 - Adding anti-csrf measures to roundup following
John Rouillard <rouilj@ieee.org>
parents:
5185
diff
changeset
|
968 match_at=out[0].find('Invalid X-FORWARDED-HOST whoami.net') |
|
5376
64b05e24dbd8
Python 3 preparation: convert print to a function.
Joseph Myers <jsm@polyomino.org.uk>
parents:
5316
diff
changeset
|
969 print("result of subtest 6:", out[0]) |
|
5201
a9ace22e0a2f
issue 2550690 - Adding anti-csrf measures to roundup following
John Rouillard <rouilj@ieee.org>
parents:
5185
diff
changeset
|
970 self.assertNotEqual(match_at, -1) |
|
5624
b3618882f906
issue2551023: Fix CSRF headers for use with wsgi and cgi. The
John Rouillard <rouilj@ieee.org>
parents:
5614
diff
changeset
|
971 del(cl.env['HTTP_X_FORWARDED_HOST']) |
|
5203
9f490cc0effe
Also rename test to testCsrfProtection
John Rouillard <rouilj@ieee.org>
parents:
5201
diff
changeset
|
972 del(out[0]) |
|
9f490cc0effe
Also rename test to testCsrfProtection
John Rouillard <rouilj@ieee.org>
parents:
5201
diff
changeset
|
973 |
|
5210
7da56980754d
Remove csrf keys used with get
John Rouillard <rouilj@ieee.org>
parents:
5208
diff
changeset
|
974 # header checks succeed |
|
7da56980754d
Remove csrf keys used with get
John Rouillard <rouilj@ieee.org>
parents:
5208
diff
changeset
|
975 # check nonce handling. |
|
7da56980754d
Remove csrf keys used with get
John Rouillard <rouilj@ieee.org>
parents:
5208
diff
changeset
|
976 cl.env['HTTP_REFERER'] = 'http://whoami.com/path/' |
|
7da56980754d
Remove csrf keys used with get
John Rouillard <rouilj@ieee.org>
parents:
5208
diff
changeset
|
977 |
|
5220
14d8f61e6ef2
Reimplemented anti-csrf measures by raising exceptions rather than
John Rouillard <rouilj@ieee.org>
parents:
5218
diff
changeset
|
978 # roundup will report a missing token. |
|
14d8f61e6ef2
Reimplemented anti-csrf measures by raising exceptions rather than
John Rouillard <rouilj@ieee.org>
parents:
5218
diff
changeset
|
979 cl.db.config['WEB_CSRF_ENFORCE_TOKEN'] = 'required' |
|
14d8f61e6ef2
Reimplemented anti-csrf measures by raising exceptions rather than
John Rouillard <rouilj@ieee.org>
parents:
5218
diff
changeset
|
980 cl.inner_main() |
|
5847
26cd8e8bbed3
Change microcopy for missing csrf to follow mismatched csrf. Fix tests.
John Rouillard <rouilj@ieee.org>
parents:
5814
diff
changeset
|
981 match_at=out[0].find("<p>We can't validate your session (csrf failure). Re-enter any unsaved data and try again.</p>") |
|
5376
64b05e24dbd8
Python 3 preparation: convert print to a function.
Joseph Myers <jsm@polyomino.org.uk>
parents:
5316
diff
changeset
|
982 print("result of subtest 6a:", out[0], match_at) |
|
5220
14d8f61e6ef2
Reimplemented anti-csrf measures by raising exceptions rather than
John Rouillard <rouilj@ieee.org>
parents:
5218
diff
changeset
|
983 self.assertEqual(match_at, 33) |
|
14d8f61e6ef2
Reimplemented anti-csrf measures by raising exceptions rather than
John Rouillard <rouilj@ieee.org>
parents:
5218
diff
changeset
|
984 del(out[0]) |
|
14d8f61e6ef2
Reimplemented anti-csrf measures by raising exceptions rather than
John Rouillard <rouilj@ieee.org>
parents:
5218
diff
changeset
|
985 cl.db.config['WEB_CSRF_ENFORCE_TOKEN'] = 'yes' |
|
14d8f61e6ef2
Reimplemented anti-csrf measures by raising exceptions rather than
John Rouillard <rouilj@ieee.org>
parents:
5218
diff
changeset
|
986 |
|
5203
9f490cc0effe
Also rename test to testCsrfProtection
John Rouillard <rouilj@ieee.org>
parents:
5201
diff
changeset
|
987 import copy |
|
9f490cc0effe
Also rename test to testCsrfProtection
John Rouillard <rouilj@ieee.org>
parents:
5201
diff
changeset
|
988 form2 = copy.copy(form) |
|
9f490cc0effe
Also rename test to testCsrfProtection
John Rouillard <rouilj@ieee.org>
parents:
5201
diff
changeset
|
989 form2.update({'@csrf': 'booogus'}) |
|
9f490cc0effe
Also rename test to testCsrfProtection
John Rouillard <rouilj@ieee.org>
parents:
5201
diff
changeset
|
990 # add a bogus csrf field to the form and rerun the inner_main |
|
5310
efb34cbdba7c
Add (currently failing) test for atomic actions
Ralf Schlatterbeck <rsc@runtux.com>
parents:
5248
diff
changeset
|
991 cl.form = db_test_base.makeForm(form2) |
|
5203
9f490cc0effe
Also rename test to testCsrfProtection
John Rouillard <rouilj@ieee.org>
parents:
5201
diff
changeset
|
992 |
|
9f490cc0effe
Also rename test to testCsrfProtection
John Rouillard <rouilj@ieee.org>
parents:
5201
diff
changeset
|
993 cl.inner_main() |
|
5847
26cd8e8bbed3
Change microcopy for missing csrf to follow mismatched csrf. Fix tests.
John Rouillard <rouilj@ieee.org>
parents:
5814
diff
changeset
|
994 match_at=out[0].find("We can't validate your session (csrf failure). Re-enter any unsaved data and try again.") |
|
5376
64b05e24dbd8
Python 3 preparation: convert print to a function.
Joseph Myers <jsm@polyomino.org.uk>
parents:
5316
diff
changeset
|
995 print("result of subtest 7:", out[0]) |
|
5203
9f490cc0effe
Also rename test to testCsrfProtection
John Rouillard <rouilj@ieee.org>
parents:
5201
diff
changeset
|
996 self.assertEqual(match_at, 36) |
|
9f490cc0effe
Also rename test to testCsrfProtection
John Rouillard <rouilj@ieee.org>
parents:
5201
diff
changeset
|
997 del(out[0]) |
|
9f490cc0effe
Also rename test to testCsrfProtection
John Rouillard <rouilj@ieee.org>
parents:
5201
diff
changeset
|
998 |
|
9f490cc0effe
Also rename test to testCsrfProtection
John Rouillard <rouilj@ieee.org>
parents:
5201
diff
changeset
|
999 form2 = copy.copy(form) |
|
5488
52cb53eedf77
reworked random number use
Christof Meerwald <cmeerw@cmeerw.org>
parents:
5485
diff
changeset
|
1000 nonce = anti_csrf_nonce(cl) |
|
5210
7da56980754d
Remove csrf keys used with get
John Rouillard <rouilj@ieee.org>
parents:
5208
diff
changeset
|
1001 # verify that we can see the nonce |
|
7da56980754d
Remove csrf keys used with get
John Rouillard <rouilj@ieee.org>
parents:
5208
diff
changeset
|
1002 otks = cl.db.getOTKManager() |
|
7da56980754d
Remove csrf keys used with get
John Rouillard <rouilj@ieee.org>
parents:
5208
diff
changeset
|
1003 isitthere = otks.exists(nonce) |
|
5376
64b05e24dbd8
Python 3 preparation: convert print to a function.
Joseph Myers <jsm@polyomino.org.uk>
parents:
5316
diff
changeset
|
1004 print("result of subtest 8:", isitthere) |
|
64b05e24dbd8
Python 3 preparation: convert print to a function.
Joseph Myers <jsm@polyomino.org.uk>
parents:
5316
diff
changeset
|
1005 print("otks: user, session", otks.get(nonce, 'uid', default=None), |
|
64b05e24dbd8
Python 3 preparation: convert print to a function.
Joseph Myers <jsm@polyomino.org.uk>
parents:
5316
diff
changeset
|
1006 otks.get(nonce, 'session', default=None)) |
|
5210
7da56980754d
Remove csrf keys used with get
John Rouillard <rouilj@ieee.org>
parents:
5208
diff
changeset
|
1007 self.assertEqual(isitthere, True) |
|
7da56980754d
Remove csrf keys used with get
John Rouillard <rouilj@ieee.org>
parents:
5208
diff
changeset
|
1008 |
|
5203
9f490cc0effe
Also rename test to testCsrfProtection
John Rouillard <rouilj@ieee.org>
parents:
5201
diff
changeset
|
1009 form2.update({'@csrf': nonce}) |
|
9f490cc0effe
Also rename test to testCsrfProtection
John Rouillard <rouilj@ieee.org>
parents:
5201
diff
changeset
|
1010 # add a real csrf field to the form and rerun the inner_main |
|
5310
efb34cbdba7c
Add (currently failing) test for atomic actions
Ralf Schlatterbeck <rsc@runtux.com>
parents:
5248
diff
changeset
|
1011 cl.form = db_test_base.makeForm(form2) |
|
5203
9f490cc0effe
Also rename test to testCsrfProtection
John Rouillard <rouilj@ieee.org>
parents:
5201
diff
changeset
|
1012 cl.inner_main() |
|
9f490cc0effe
Also rename test to testCsrfProtection
John Rouillard <rouilj@ieee.org>
parents:
5201
diff
changeset
|
1013 # csrf passes and redirects to the new issue. |
|
9f490cc0effe
Also rename test to testCsrfProtection
John Rouillard <rouilj@ieee.org>
parents:
5201
diff
changeset
|
1014 match_at=out[0].find('Redirecting to <a href="http://whoami.com/path/issue1?@ok_message') |
|
5376
64b05e24dbd8
Python 3 preparation: convert print to a function.
Joseph Myers <jsm@polyomino.org.uk>
parents:
5316
diff
changeset
|
1015 print("result of subtest 9:", out[0]) |
|
5203
9f490cc0effe
Also rename test to testCsrfProtection
John Rouillard <rouilj@ieee.org>
parents:
5201
diff
changeset
|
1016 self.assertEqual(match_at, 0) |
|
5210
7da56980754d
Remove csrf keys used with get
John Rouillard <rouilj@ieee.org>
parents:
5208
diff
changeset
|
1017 del(out[0]) |
|
7da56980754d
Remove csrf keys used with get
John Rouillard <rouilj@ieee.org>
parents:
5208
diff
changeset
|
1018 |
|
7da56980754d
Remove csrf keys used with get
John Rouillard <rouilj@ieee.org>
parents:
5208
diff
changeset
|
1019 # try a replay attack |
|
7da56980754d
Remove csrf keys used with get
John Rouillard <rouilj@ieee.org>
parents:
5208
diff
changeset
|
1020 cl.inner_main() |
|
7da56980754d
Remove csrf keys used with get
John Rouillard <rouilj@ieee.org>
parents:
5208
diff
changeset
|
1021 # This should fail as token was wiped by last run. |
|
5847
26cd8e8bbed3
Change microcopy for missing csrf to follow mismatched csrf. Fix tests.
John Rouillard <rouilj@ieee.org>
parents:
5814
diff
changeset
|
1022 match_at=out[0].find("We can't validate your session (csrf failure). Re-enter any unsaved data and try again.") |
|
5376
64b05e24dbd8
Python 3 preparation: convert print to a function.
Joseph Myers <jsm@polyomino.org.uk>
parents:
5316
diff
changeset
|
1023 print("replay of csrf after post use", out[0]) |
|
64b05e24dbd8
Python 3 preparation: convert print to a function.
Joseph Myers <jsm@polyomino.org.uk>
parents:
5316
diff
changeset
|
1024 print("result of subtest 10:", out[0]) |
|
5210
7da56980754d
Remove csrf keys used with get
John Rouillard <rouilj@ieee.org>
parents:
5208
diff
changeset
|
1025 self.assertEqual(match_at, 36) |
|
5201
a9ace22e0a2f
issue 2550690 - Adding anti-csrf measures to roundup following
John Rouillard <rouilj@ieee.org>
parents:
5185
diff
changeset
|
1026 del(out[0]) |
|
a9ace22e0a2f
issue 2550690 - Adding anti-csrf measures to roundup following
John Rouillard <rouilj@ieee.org>
parents:
5185
diff
changeset
|
1027 |
|
5210
7da56980754d
Remove csrf keys used with get
John Rouillard <rouilj@ieee.org>
parents:
5208
diff
changeset
|
1028 # make sure that a get deletes the csrf. |
|
7da56980754d
Remove csrf keys used with get
John Rouillard <rouilj@ieee.org>
parents:
5208
diff
changeset
|
1029 cl.env['REQUEST_METHOD'] = 'GET' |
|
7da56980754d
Remove csrf keys used with get
John Rouillard <rouilj@ieee.org>
parents:
5208
diff
changeset
|
1030 cl.env['HTTP_REFERER'] = 'http://whoami.com/path/' |
|
7da56980754d
Remove csrf keys used with get
John Rouillard <rouilj@ieee.org>
parents:
5208
diff
changeset
|
1031 form2 = copy.copy(form) |
|
5488
52cb53eedf77
reworked random number use
Christof Meerwald <cmeerw@cmeerw.org>
parents:
5485
diff
changeset
|
1032 nonce = anti_csrf_nonce(cl) |
|
5210
7da56980754d
Remove csrf keys used with get
John Rouillard <rouilj@ieee.org>
parents:
5208
diff
changeset
|
1033 form2.update({'@csrf': nonce}) |
|
7da56980754d
Remove csrf keys used with get
John Rouillard <rouilj@ieee.org>
parents:
5208
diff
changeset
|
1034 # add a real csrf field to the form and rerun the inner_main |
|
5310
efb34cbdba7c
Add (currently failing) test for atomic actions
Ralf Schlatterbeck <rsc@runtux.com>
parents:
5248
diff
changeset
|
1035 cl.form = db_test_base.makeForm(form2) |
|
5210
7da56980754d
Remove csrf keys used with get
John Rouillard <rouilj@ieee.org>
parents:
5208
diff
changeset
|
1036 cl.inner_main() |
|
7da56980754d
Remove csrf keys used with get
John Rouillard <rouilj@ieee.org>
parents:
5208
diff
changeset
|
1037 # csrf passes but fail creating new issue because not a post |
|
7da56980754d
Remove csrf keys used with get
John Rouillard <rouilj@ieee.org>
parents:
5208
diff
changeset
|
1038 match_at=out[0].find('<p>Invalid request</p>') |
|
5376
64b05e24dbd8
Python 3 preparation: convert print to a function.
Joseph Myers <jsm@polyomino.org.uk>
parents:
5316
diff
changeset
|
1039 print("result of subtest 11:", out[0]) |
|
5210
7da56980754d
Remove csrf keys used with get
John Rouillard <rouilj@ieee.org>
parents:
5208
diff
changeset
|
1040 self.assertEqual(match_at, 33) |
|
7da56980754d
Remove csrf keys used with get
John Rouillard <rouilj@ieee.org>
parents:
5208
diff
changeset
|
1041 del(out[0]) |
|
7da56980754d
Remove csrf keys used with get
John Rouillard <rouilj@ieee.org>
parents:
5208
diff
changeset
|
1042 |
|
7da56980754d
Remove csrf keys used with get
John Rouillard <rouilj@ieee.org>
parents:
5208
diff
changeset
|
1043 # the token should be gone |
|
7da56980754d
Remove csrf keys used with get
John Rouillard <rouilj@ieee.org>
parents:
5208
diff
changeset
|
1044 isitthere = otks.exists(nonce) |
|
5376
64b05e24dbd8
Python 3 preparation: convert print to a function.
Joseph Myers <jsm@polyomino.org.uk>
parents:
5316
diff
changeset
|
1045 print("result of subtest 12:", isitthere) |
|
5210
7da56980754d
Remove csrf keys used with get
John Rouillard <rouilj@ieee.org>
parents:
5208
diff
changeset
|
1046 self.assertEqual(isitthere, False) |
|
7da56980754d
Remove csrf keys used with get
John Rouillard <rouilj@ieee.org>
parents:
5208
diff
changeset
|
1047 |
|
7da56980754d
Remove csrf keys used with get
John Rouillard <rouilj@ieee.org>
parents:
5208
diff
changeset
|
1048 # change to post and should fail w/ invalid csrf |
|
7da56980754d
Remove csrf keys used with get
John Rouillard <rouilj@ieee.org>
parents:
5208
diff
changeset
|
1049 # since get deleted the token. |
|
7da56980754d
Remove csrf keys used with get
John Rouillard <rouilj@ieee.org>
parents:
5208
diff
changeset
|
1050 cl.env.update({'REQUEST_METHOD': 'POST'}) |
|
5376
64b05e24dbd8
Python 3 preparation: convert print to a function.
Joseph Myers <jsm@polyomino.org.uk>
parents:
5316
diff
changeset
|
1051 print(cl.env) |
|
5210
7da56980754d
Remove csrf keys used with get
John Rouillard <rouilj@ieee.org>
parents:
5208
diff
changeset
|
1052 cl.inner_main() |
|
5847
26cd8e8bbed3
Change microcopy for missing csrf to follow mismatched csrf. Fix tests.
John Rouillard <rouilj@ieee.org>
parents:
5814
diff
changeset
|
1053 match_at=out[0].find("We can't validate your session (csrf failure). Re-enter any unsaved data and try again.") |
|
5376
64b05e24dbd8
Python 3 preparation: convert print to a function.
Joseph Myers <jsm@polyomino.org.uk>
parents:
5316
diff
changeset
|
1054 print("post failure after get", out[0]) |
|
64b05e24dbd8
Python 3 preparation: convert print to a function.
Joseph Myers <jsm@polyomino.org.uk>
parents:
5316
diff
changeset
|
1055 print("result of subtest 13:", out[0]) |
|
5210
7da56980754d
Remove csrf keys used with get
John Rouillard <rouilj@ieee.org>
parents:
5208
diff
changeset
|
1056 self.assertEqual(match_at, 36) |
|
7da56980754d
Remove csrf keys used with get
John Rouillard <rouilj@ieee.org>
parents:
5208
diff
changeset
|
1057 del(out[0]) |
|
7da56980754d
Remove csrf keys used with get
John Rouillard <rouilj@ieee.org>
parents:
5208
diff
changeset
|
1058 |
|
7da56980754d
Remove csrf keys used with get
John Rouillard <rouilj@ieee.org>
parents:
5208
diff
changeset
|
1059 del(cl.env['HTTP_REFERER']) |
|
7da56980754d
Remove csrf keys used with get
John Rouillard <rouilj@ieee.org>
parents:
5208
diff
changeset
|
1060 |
|
5201
a9ace22e0a2f
issue 2550690 - Adding anti-csrf measures to roundup following
John Rouillard <rouilj@ieee.org>
parents:
5185
diff
changeset
|
1061 # clean up from email log |
|
a9ace22e0a2f
issue 2550690 - Adding anti-csrf measures to roundup following
John Rouillard <rouilj@ieee.org>
parents:
5185
diff
changeset
|
1062 if os.path.exists(SENDMAILDEBUG): |
|
a9ace22e0a2f
issue 2550690 - Adding anti-csrf measures to roundup following
John Rouillard <rouilj@ieee.org>
parents:
5185
diff
changeset
|
1063 os.remove(SENDMAILDEBUG) |
|
a9ace22e0a2f
issue 2550690 - Adding anti-csrf measures to roundup following
John Rouillard <rouilj@ieee.org>
parents:
5185
diff
changeset
|
1064 #raise ValueError |
|
a9ace22e0a2f
issue 2550690 - Adding anti-csrf measures to roundup following
John Rouillard <rouilj@ieee.org>
parents:
5185
diff
changeset
|
1065 |
|
5699
b1ab8bd18e79
Adding tests for csrf protection for rest. Also test disabling of
John Rouillard <rouilj@ieee.org>
parents:
5652
diff
changeset
|
1066 def testRestCsrfProtection(self): |
|
5700
f90a534cb112
Change output comparison from strings to comparison on python
John Rouillard <rouilj@ieee.org>
parents:
5699
diff
changeset
|
1067 import json |
|
5699
b1ab8bd18e79
Adding tests for csrf protection for rest. Also test disabling of
John Rouillard <rouilj@ieee.org>
parents:
5652
diff
changeset
|
1068 # set the password for admin so we can log in. |
|
b1ab8bd18e79
Adding tests for csrf protection for rest. Also test disabling of
John Rouillard <rouilj@ieee.org>
parents:
5652
diff
changeset
|
1069 passwd=password.Password('admin') |
|
b1ab8bd18e79
Adding tests for csrf protection for rest. Also test disabling of
John Rouillard <rouilj@ieee.org>
parents:
5652
diff
changeset
|
1070 self.db.user.set('1', password=passwd) |
|
b1ab8bd18e79
Adding tests for csrf protection for rest. Also test disabling of
John Rouillard <rouilj@ieee.org>
parents:
5652
diff
changeset
|
1071 |
|
b1ab8bd18e79
Adding tests for csrf protection for rest. Also test disabling of
John Rouillard <rouilj@ieee.org>
parents:
5652
diff
changeset
|
1072 out = [] |
|
b1ab8bd18e79
Adding tests for csrf protection for rest. Also test disabling of
John Rouillard <rouilj@ieee.org>
parents:
5652
diff
changeset
|
1073 def wh(s): |
|
b1ab8bd18e79
Adding tests for csrf protection for rest. Also test disabling of
John Rouillard <rouilj@ieee.org>
parents:
5652
diff
changeset
|
1074 out.append(s) |
|
b1ab8bd18e79
Adding tests for csrf protection for rest. Also test disabling of
John Rouillard <rouilj@ieee.org>
parents:
5652
diff
changeset
|
1075 |
|
b1ab8bd18e79
Adding tests for csrf protection for rest. Also test disabling of
John Rouillard <rouilj@ieee.org>
parents:
5652
diff
changeset
|
1076 # rest has no form content |
|
b1ab8bd18e79
Adding tests for csrf protection for rest. Also test disabling of
John Rouillard <rouilj@ieee.org>
parents:
5652
diff
changeset
|
1077 form = cgi.FieldStorage() |
|
b1ab8bd18e79
Adding tests for csrf protection for rest. Also test disabling of
John Rouillard <rouilj@ieee.org>
parents:
5652
diff
changeset
|
1078 form.list = [ |
|
b1ab8bd18e79
Adding tests for csrf protection for rest. Also test disabling of
John Rouillard <rouilj@ieee.org>
parents:
5652
diff
changeset
|
1079 cgi.MiniFieldStorage('title', 'A new issue'), |
|
b1ab8bd18e79
Adding tests for csrf protection for rest. Also test disabling of
John Rouillard <rouilj@ieee.org>
parents:
5652
diff
changeset
|
1080 cgi.MiniFieldStorage('status', '1'), |
|
5700
f90a534cb112
Change output comparison from strings to comparison on python
John Rouillard <rouilj@ieee.org>
parents:
5699
diff
changeset
|
1081 cgi.MiniFieldStorage('@pretty', 'false'), |
|
5699
b1ab8bd18e79
Adding tests for csrf protection for rest. Also test disabling of
John Rouillard <rouilj@ieee.org>
parents:
5652
diff
changeset
|
1082 cgi.MiniFieldStorage('@apiver', '1'), |
|
b1ab8bd18e79
Adding tests for csrf protection for rest. Also test disabling of
John Rouillard <rouilj@ieee.org>
parents:
5652
diff
changeset
|
1083 ] |
|
b1ab8bd18e79
Adding tests for csrf protection for rest. Also test disabling of
John Rouillard <rouilj@ieee.org>
parents:
5652
diff
changeset
|
1084 cl = client.Client(self.instance, None, |
|
b1ab8bd18e79
Adding tests for csrf protection for rest. Also test disabling of
John Rouillard <rouilj@ieee.org>
parents:
5652
diff
changeset
|
1085 {'REQUEST_METHOD':'POST', |
|
b1ab8bd18e79
Adding tests for csrf protection for rest. Also test disabling of
John Rouillard <rouilj@ieee.org>
parents:
5652
diff
changeset
|
1086 'PATH_INFO':'rest/data/issue', |
|
b1ab8bd18e79
Adding tests for csrf protection for rest. Also test disabling of
John Rouillard <rouilj@ieee.org>
parents:
5652
diff
changeset
|
1087 'CONTENT_TYPE': 'application/x-www-form-urlencoded', |
|
b1ab8bd18e79
Adding tests for csrf protection for rest. Also test disabling of
John Rouillard <rouilj@ieee.org>
parents:
5652
diff
changeset
|
1088 'HTTP_AUTHORIZATION': 'Basic YWRtaW46YWRtaW4=', |
|
b1ab8bd18e79
Adding tests for csrf protection for rest. Also test disabling of
John Rouillard <rouilj@ieee.org>
parents:
5652
diff
changeset
|
1089 'HTTP_REFERER': 'http://whoami.com/path/', |
|
b1ab8bd18e79
Adding tests for csrf protection for rest. Also test disabling of
John Rouillard <rouilj@ieee.org>
parents:
5652
diff
changeset
|
1090 'HTTP_ACCEPT': "application/json;version=1" |
|
b1ab8bd18e79
Adding tests for csrf protection for rest. Also test disabling of
John Rouillard <rouilj@ieee.org>
parents:
5652
diff
changeset
|
1091 }, form) |
|
b1ab8bd18e79
Adding tests for csrf protection for rest. Also test disabling of
John Rouillard <rouilj@ieee.org>
parents:
5652
diff
changeset
|
1092 cl.db = self.db |
|
b1ab8bd18e79
Adding tests for csrf protection for rest. Also test disabling of
John Rouillard <rouilj@ieee.org>
parents:
5652
diff
changeset
|
1093 cl.base = 'http://whoami.com/path/' |
|
b1ab8bd18e79
Adding tests for csrf protection for rest. Also test disabling of
John Rouillard <rouilj@ieee.org>
parents:
5652
diff
changeset
|
1094 cl._socket_op = lambda *x : True |
|
b1ab8bd18e79
Adding tests for csrf protection for rest. Also test disabling of
John Rouillard <rouilj@ieee.org>
parents:
5652
diff
changeset
|
1095 cl._error_message = [] |
|
b1ab8bd18e79
Adding tests for csrf protection for rest. Also test disabling of
John Rouillard <rouilj@ieee.org>
parents:
5652
diff
changeset
|
1096 cl.request = MockNull() |
|
b1ab8bd18e79
Adding tests for csrf protection for rest. Also test disabling of
John Rouillard <rouilj@ieee.org>
parents:
5652
diff
changeset
|
1097 h = { 'content-type': 'application/json', |
|
b1ab8bd18e79
Adding tests for csrf protection for rest. Also test disabling of
John Rouillard <rouilj@ieee.org>
parents:
5652
diff
changeset
|
1098 'accept': 'application/json' } |
|
b1ab8bd18e79
Adding tests for csrf protection for rest. Also test disabling of
John Rouillard <rouilj@ieee.org>
parents:
5652
diff
changeset
|
1099 cl.request.headers = MockNull(**h) |
|
b1ab8bd18e79
Adding tests for csrf protection for rest. Also test disabling of
John Rouillard <rouilj@ieee.org>
parents:
5652
diff
changeset
|
1100 |
|
b1ab8bd18e79
Adding tests for csrf protection for rest. Also test disabling of
John Rouillard <rouilj@ieee.org>
parents:
5652
diff
changeset
|
1101 cl.write = wh # capture output |
|
b1ab8bd18e79
Adding tests for csrf protection for rest. Also test disabling of
John Rouillard <rouilj@ieee.org>
parents:
5652
diff
changeset
|
1102 |
|
b1ab8bd18e79
Adding tests for csrf protection for rest. Also test disabling of
John Rouillard <rouilj@ieee.org>
parents:
5652
diff
changeset
|
1103 # Should return explanation because content type is text/plain |
|
b1ab8bd18e79
Adding tests for csrf protection for rest. Also test disabling of
John Rouillard <rouilj@ieee.org>
parents:
5652
diff
changeset
|
1104 # and not text/xml |
|
b1ab8bd18e79
Adding tests for csrf protection for rest. Also test disabling of
John Rouillard <rouilj@ieee.org>
parents:
5652
diff
changeset
|
1105 cl.handle_rest() |
|
5700
f90a534cb112
Change output comparison from strings to comparison on python
John Rouillard <rouilj@ieee.org>
parents:
5699
diff
changeset
|
1106 self.assertEqual(b2s(out[0]), "<class 'roundup.exceptions.UsageError'>: Required Header Missing\n") |
|
5699
b1ab8bd18e79
Adding tests for csrf protection for rest. Also test disabling of
John Rouillard <rouilj@ieee.org>
parents:
5652
diff
changeset
|
1107 del(out[0]) |
|
b1ab8bd18e79
Adding tests for csrf protection for rest. Also test disabling of
John Rouillard <rouilj@ieee.org>
parents:
5652
diff
changeset
|
1108 |
|
b1ab8bd18e79
Adding tests for csrf protection for rest. Also test disabling of
John Rouillard <rouilj@ieee.org>
parents:
5652
diff
changeset
|
1109 cl = client.Client(self.instance, None, |
|
b1ab8bd18e79
Adding tests for csrf protection for rest. Also test disabling of
John Rouillard <rouilj@ieee.org>
parents:
5652
diff
changeset
|
1110 {'REQUEST_METHOD':'POST', |
|
b1ab8bd18e79
Adding tests for csrf protection for rest. Also test disabling of
John Rouillard <rouilj@ieee.org>
parents:
5652
diff
changeset
|
1111 'PATH_INFO':'rest/data/issue', |
|
b1ab8bd18e79
Adding tests for csrf protection for rest. Also test disabling of
John Rouillard <rouilj@ieee.org>
parents:
5652
diff
changeset
|
1112 'CONTENT_TYPE': 'application/x-www-form-urlencoded', |
|
b1ab8bd18e79
Adding tests for csrf protection for rest. Also test disabling of
John Rouillard <rouilj@ieee.org>
parents:
5652
diff
changeset
|
1113 'HTTP_AUTHORIZATION': 'Basic YWRtaW46YWRtaW4=', |
|
b1ab8bd18e79
Adding tests for csrf protection for rest. Also test disabling of
John Rouillard <rouilj@ieee.org>
parents:
5652
diff
changeset
|
1114 'HTTP_REFERER': 'http://whoami.com/path/', |
|
b1ab8bd18e79
Adding tests for csrf protection for rest. Also test disabling of
John Rouillard <rouilj@ieee.org>
parents:
5652
diff
changeset
|
1115 'HTTP_X_REQUESTED_WITH': 'rest', |
|
b1ab8bd18e79
Adding tests for csrf protection for rest. Also test disabling of
John Rouillard <rouilj@ieee.org>
parents:
5652
diff
changeset
|
1116 'HTTP_ACCEPT': "application/json;version=1" |
|
b1ab8bd18e79
Adding tests for csrf protection for rest. Also test disabling of
John Rouillard <rouilj@ieee.org>
parents:
5652
diff
changeset
|
1117 }, form) |
|
b1ab8bd18e79
Adding tests for csrf protection for rest. Also test disabling of
John Rouillard <rouilj@ieee.org>
parents:
5652
diff
changeset
|
1118 cl.db = self.db |
|
b1ab8bd18e79
Adding tests for csrf protection for rest. Also test disabling of
John Rouillard <rouilj@ieee.org>
parents:
5652
diff
changeset
|
1119 cl.base = 'http://whoami.com/path/' |
|
b1ab8bd18e79
Adding tests for csrf protection for rest. Also test disabling of
John Rouillard <rouilj@ieee.org>
parents:
5652
diff
changeset
|
1120 cl._socket_op = lambda *x : True |
|
b1ab8bd18e79
Adding tests for csrf protection for rest. Also test disabling of
John Rouillard <rouilj@ieee.org>
parents:
5652
diff
changeset
|
1121 cl._error_message = [] |
|
b1ab8bd18e79
Adding tests for csrf protection for rest. Also test disabling of
John Rouillard <rouilj@ieee.org>
parents:
5652
diff
changeset
|
1122 cl.request = MockNull() |
|
b1ab8bd18e79
Adding tests for csrf protection for rest. Also test disabling of
John Rouillard <rouilj@ieee.org>
parents:
5652
diff
changeset
|
1123 h = { 'content-type': 'application/json', |
|
b1ab8bd18e79
Adding tests for csrf protection for rest. Also test disabling of
John Rouillard <rouilj@ieee.org>
parents:
5652
diff
changeset
|
1124 'accept': 'application/json;version=1' } |
|
b1ab8bd18e79
Adding tests for csrf protection for rest. Also test disabling of
John Rouillard <rouilj@ieee.org>
parents:
5652
diff
changeset
|
1125 cl.request.headers = MockNull(**h) |
|
b1ab8bd18e79
Adding tests for csrf protection for rest. Also test disabling of
John Rouillard <rouilj@ieee.org>
parents:
5652
diff
changeset
|
1126 |
|
b1ab8bd18e79
Adding tests for csrf protection for rest. Also test disabling of
John Rouillard <rouilj@ieee.org>
parents:
5652
diff
changeset
|
1127 cl.write = wh # capture output |
|
b1ab8bd18e79
Adding tests for csrf protection for rest. Also test disabling of
John Rouillard <rouilj@ieee.org>
parents:
5652
diff
changeset
|
1128 |
|
b1ab8bd18e79
Adding tests for csrf protection for rest. Also test disabling of
John Rouillard <rouilj@ieee.org>
parents:
5652
diff
changeset
|
1129 # Should work as all required headers are present. |
|
b1ab8bd18e79
Adding tests for csrf protection for rest. Also test disabling of
John Rouillard <rouilj@ieee.org>
parents:
5652
diff
changeset
|
1130 cl.handle_rest() |
|
5700
f90a534cb112
Change output comparison from strings to comparison on python
John Rouillard <rouilj@ieee.org>
parents:
5699
diff
changeset
|
1131 answer='{"data": {"link": "http://tracker.example/cgi-bin/roundup.cgi/bugs/rest/data/issue/1", "id": "1"}}\n' |
|
5703
92c1864d5dd2
Add test for @pretty=false format change.
John Rouillard <rouilj@ieee.org>
parents:
5700
diff
changeset
|
1132 # check length to see if pretty is turned off. |
|
92c1864d5dd2
Add test for @pretty=false format change.
John Rouillard <rouilj@ieee.org>
parents:
5700
diff
changeset
|
1133 self.assertEqual(len(out[0]), 99) |
|
92c1864d5dd2
Add test for @pretty=false format change.
John Rouillard <rouilj@ieee.org>
parents:
5700
diff
changeset
|
1134 |
|
92c1864d5dd2
Add test for @pretty=false format change.
John Rouillard <rouilj@ieee.org>
parents:
5700
diff
changeset
|
1135 # compare as dicts not strings due to different key ordering |
|
92c1864d5dd2
Add test for @pretty=false format change.
John Rouillard <rouilj@ieee.org>
parents:
5700
diff
changeset
|
1136 # between python versions. |
|
5700
f90a534cb112
Change output comparison from strings to comparison on python
John Rouillard <rouilj@ieee.org>
parents:
5699
diff
changeset
|
1137 response=json.loads(b2s(out[0])) |
|
f90a534cb112
Change output comparison from strings to comparison on python
John Rouillard <rouilj@ieee.org>
parents:
5699
diff
changeset
|
1138 expected=json.loads(answer) |
|
f90a534cb112
Change output comparison from strings to comparison on python
John Rouillard <rouilj@ieee.org>
parents:
5699
diff
changeset
|
1139 self.assertEqual(response,expected) |
|
5699
b1ab8bd18e79
Adding tests for csrf protection for rest. Also test disabling of
John Rouillard <rouilj@ieee.org>
parents:
5652
diff
changeset
|
1140 del(out[0]) |
|
b1ab8bd18e79
Adding tests for csrf protection for rest. Also test disabling of
John Rouillard <rouilj@ieee.org>
parents:
5652
diff
changeset
|
1141 |
|
5218
44f7e6b958fe
Added tests for csrf with xmlrpc.
John Rouillard <rouilj@ieee.org>
parents:
5210
diff
changeset
|
1142 def testXmlrpcCsrfProtection(self): |
|
44f7e6b958fe
Added tests for csrf with xmlrpc.
John Rouillard <rouilj@ieee.org>
parents:
5210
diff
changeset
|
1143 # set the password for admin so we can log in. |
|
44f7e6b958fe
Added tests for csrf with xmlrpc.
John Rouillard <rouilj@ieee.org>
parents:
5210
diff
changeset
|
1144 passwd=password.Password('admin') |
|
44f7e6b958fe
Added tests for csrf with xmlrpc.
John Rouillard <rouilj@ieee.org>
parents:
5210
diff
changeset
|
1145 self.db.user.set('1', password=passwd) |
|
44f7e6b958fe
Added tests for csrf with xmlrpc.
John Rouillard <rouilj@ieee.org>
parents:
5210
diff
changeset
|
1146 |
|
44f7e6b958fe
Added tests for csrf with xmlrpc.
John Rouillard <rouilj@ieee.org>
parents:
5210
diff
changeset
|
1147 out = [] |
|
44f7e6b958fe
Added tests for csrf with xmlrpc.
John Rouillard <rouilj@ieee.org>
parents:
5210
diff
changeset
|
1148 def wh(s): |
|
44f7e6b958fe
Added tests for csrf with xmlrpc.
John Rouillard <rouilj@ieee.org>
parents:
5210
diff
changeset
|
1149 out.append(s) |
|
44f7e6b958fe
Added tests for csrf with xmlrpc.
John Rouillard <rouilj@ieee.org>
parents:
5210
diff
changeset
|
1150 |
|
44f7e6b958fe
Added tests for csrf with xmlrpc.
John Rouillard <rouilj@ieee.org>
parents:
5210
diff
changeset
|
1151 # xmlrpc has no form content |
|
44f7e6b958fe
Added tests for csrf with xmlrpc.
John Rouillard <rouilj@ieee.org>
parents:
5210
diff
changeset
|
1152 form = {} |
|
44f7e6b958fe
Added tests for csrf with xmlrpc.
John Rouillard <rouilj@ieee.org>
parents:
5210
diff
changeset
|
1153 cl = client.Client(self.instance, None, |
|
44f7e6b958fe
Added tests for csrf with xmlrpc.
John Rouillard <rouilj@ieee.org>
parents:
5210
diff
changeset
|
1154 {'REQUEST_METHOD':'POST', |
|
44f7e6b958fe
Added tests for csrf with xmlrpc.
John Rouillard <rouilj@ieee.org>
parents:
5210
diff
changeset
|
1155 'PATH_INFO':'xmlrpc', |
|
44f7e6b958fe
Added tests for csrf with xmlrpc.
John Rouillard <rouilj@ieee.org>
parents:
5210
diff
changeset
|
1156 'CONTENT_TYPE': 'text/plain', |
|
44f7e6b958fe
Added tests for csrf with xmlrpc.
John Rouillard <rouilj@ieee.org>
parents:
5210
diff
changeset
|
1157 'HTTP_AUTHORIZATION': 'Basic YWRtaW46YWRtaW4=', |
|
44f7e6b958fe
Added tests for csrf with xmlrpc.
John Rouillard <rouilj@ieee.org>
parents:
5210
diff
changeset
|
1158 'HTTP_REFERER': 'http://whoami.com/path/', |
|
5624
b3618882f906
issue2551023: Fix CSRF headers for use with wsgi and cgi. The
John Rouillard <rouilj@ieee.org>
parents:
5614
diff
changeset
|
1159 'HTTP_X_REQUESTED_WITH': "XMLHttpRequest" |
|
5218
44f7e6b958fe
Added tests for csrf with xmlrpc.
John Rouillard <rouilj@ieee.org>
parents:
5210
diff
changeset
|
1160 }, form) |
|
44f7e6b958fe
Added tests for csrf with xmlrpc.
John Rouillard <rouilj@ieee.org>
parents:
5210
diff
changeset
|
1161 cl.db = self.db |
|
44f7e6b958fe
Added tests for csrf with xmlrpc.
John Rouillard <rouilj@ieee.org>
parents:
5210
diff
changeset
|
1162 cl.base = 'http://whoami.com/path/' |
|
44f7e6b958fe
Added tests for csrf with xmlrpc.
John Rouillard <rouilj@ieee.org>
parents:
5210
diff
changeset
|
1163 cl._socket_op = lambda *x : True |
|
44f7e6b958fe
Added tests for csrf with xmlrpc.
John Rouillard <rouilj@ieee.org>
parents:
5210
diff
changeset
|
1164 cl._error_message = [] |
|
44f7e6b958fe
Added tests for csrf with xmlrpc.
John Rouillard <rouilj@ieee.org>
parents:
5210
diff
changeset
|
1165 cl.request = MockNull() |
|
44f7e6b958fe
Added tests for csrf with xmlrpc.
John Rouillard <rouilj@ieee.org>
parents:
5210
diff
changeset
|
1166 cl.write = wh # capture output |
|
44f7e6b958fe
Added tests for csrf with xmlrpc.
John Rouillard <rouilj@ieee.org>
parents:
5210
diff
changeset
|
1167 |
|
44f7e6b958fe
Added tests for csrf with xmlrpc.
John Rouillard <rouilj@ieee.org>
parents:
5210
diff
changeset
|
1168 # Should return explanation because content type is text/plain |
|
44f7e6b958fe
Added tests for csrf with xmlrpc.
John Rouillard <rouilj@ieee.org>
parents:
5210
diff
changeset
|
1169 # and not text/xml |
|
44f7e6b958fe
Added tests for csrf with xmlrpc.
John Rouillard <rouilj@ieee.org>
parents:
5210
diff
changeset
|
1170 cl.handle_xmlrpc() |
|
6268
bdcccd2b2141
Replace http:....roundup-tracker.org with https.
John Rouillard <rouilj@ieee.org>
parents:
6190
diff
changeset
|
|
|
5218
44f7e6b958fe
Added tests for csrf with xmlrpc.
John Rouillard <rouilj@ieee.org>
parents:
5210
diff
changeset
|
1172 del(out[0]) |
|
44f7e6b958fe
Added tests for csrf with xmlrpc.
John Rouillard <rouilj@ieee.org>
parents:
5210
diff
changeset
|
1173 |
|
44f7e6b958fe
Added tests for csrf with xmlrpc.
John Rouillard <rouilj@ieee.org>
parents:
5210
diff
changeset
|
1174 # Should return admin user indicating auth works and |
|
44f7e6b958fe
Added tests for csrf with xmlrpc.
John Rouillard <rouilj@ieee.org>
parents:
5210
diff
changeset
|
1175 # header checks succeed (REFERER and X-REQUESTED-WITH) |
|
44f7e6b958fe
Added tests for csrf with xmlrpc.
John Rouillard <rouilj@ieee.org>
parents:
5210
diff
changeset
|
1176 cl.env['CONTENT_TYPE'] = "text/xml" |
|
44f7e6b958fe
Added tests for csrf with xmlrpc.
John Rouillard <rouilj@ieee.org>
parents:
5210
diff
changeset
|
1177 # ship the form with the value holding the xml value. |
|
44f7e6b958fe
Added tests for csrf with xmlrpc.
John Rouillard <rouilj@ieee.org>
parents:
5210
diff
changeset
|
1178 # I have no clue why this works but .... |
|
44f7e6b958fe
Added tests for csrf with xmlrpc.
John Rouillard <rouilj@ieee.org>
parents:
5210
diff
changeset
|
1179 cl.form = MockNull(file = True, value = "<?xml version='1.0'?>\n<methodCall>\n<methodName>display</methodName>\n<params>\n<param>\n<value><string>user1</string></value>\n</param>\n<param>\n<value><string>username</string></value>\n</param>\n</params>\n</methodCall>\n" ) |
|
5472
e903835f0822
expect bytes from XMLRPC tests
Christof Meerwald <cmeerw@cmeerw.org>
parents:
5453
diff
changeset
|
1180 answer = b"<?xml version='1.0'?>\n<methodResponse>\n<params>\n<param>\n<value><struct>\n<member>\n<name>username</name>\n<value><string>admin</string></value>\n</member>\n</struct></value>\n</param>\n</params>\n</methodResponse>\n" |
|
5218
44f7e6b958fe
Added tests for csrf with xmlrpc.
John Rouillard <rouilj@ieee.org>
parents:
5210
diff
changeset
|
1181 cl.handle_xmlrpc() |
|
5376
64b05e24dbd8
Python 3 preparation: convert print to a function.
Joseph Myers <jsm@polyomino.org.uk>
parents:
5316
diff
changeset
|
1182 print(out) |
|
5218
44f7e6b958fe
Added tests for csrf with xmlrpc.
John Rouillard <rouilj@ieee.org>
parents:
5210
diff
changeset
|
1183 self.assertEqual(out[0], answer) |
|
44f7e6b958fe
Added tests for csrf with xmlrpc.
John Rouillard <rouilj@ieee.org>
parents:
5210
diff
changeset
|
1184 del(out[0]) |
|
44f7e6b958fe
Added tests for csrf with xmlrpc.
John Rouillard <rouilj@ieee.org>
parents:
5210
diff
changeset
|
1185 |
|
5220
14d8f61e6ef2
Reimplemented anti-csrf measures by raising exceptions rather than
John Rouillard <rouilj@ieee.org>
parents:
5218
diff
changeset
|
1186 # remove the X-REQUESTED-WITH header and get an xmlrpc fault returned |
|
5624
b3618882f906
issue2551023: Fix CSRF headers for use with wsgi and cgi. The
John Rouillard <rouilj@ieee.org>
parents:
5614
diff
changeset
|
1187 del(cl.env['HTTP_X_REQUESTED_WITH']) |
|
5220
14d8f61e6ef2
Reimplemented anti-csrf measures by raising exceptions rather than
John Rouillard <rouilj@ieee.org>
parents:
5218
diff
changeset
|
1188 cl.handle_xmlrpc() |
|
5513
19bd4b413ed6
be more lenient when comparing string results
Christof Meerwald <cmeerw@cmeerw.org>
parents:
5488
diff
changeset
|
1189 frag_faultCode = "<member>\n<name>faultCode</name>\n<value><int>1</int></value>\n</member>\n" |
|
19bd4b413ed6
be more lenient when comparing string results
Christof Meerwald <cmeerw@cmeerw.org>
parents:
5488
diff
changeset
|
1190 frag_faultString = "<member>\n<name>faultString</name>\n<value><string><class 'roundup.exceptions.UsageError'>:Required Header Missing</string></value>\n</member>\n" |
|
19bd4b413ed6
be more lenient when comparing string results
Christof Meerwald <cmeerw@cmeerw.org>
parents:
5488
diff
changeset
|
1191 output_fragments = ["<?xml version='1.0'?>\n", |
|
19bd4b413ed6
be more lenient when comparing string results
Christof Meerwald <cmeerw@cmeerw.org>
parents:
5488
diff
changeset
|
1192 "<methodResponse>\n", |
|
19bd4b413ed6
be more lenient when comparing string results
Christof Meerwald <cmeerw@cmeerw.org>
parents:
5488
diff
changeset
|
1193 "<fault>\n", |
|
19bd4b413ed6
be more lenient when comparing string results
Christof Meerwald <cmeerw@cmeerw.org>
parents:
5488
diff
changeset
|
1194 "<value><struct>\n", |
|
19bd4b413ed6
be more lenient when comparing string results
Christof Meerwald <cmeerw@cmeerw.org>
parents:
5488
diff
changeset
|
1195 (frag_faultCode + frag_faultString, |
|
19bd4b413ed6
be more lenient when comparing string results
Christof Meerwald <cmeerw@cmeerw.org>
parents:
5488
diff
changeset
|
1196 frag_faultString + frag_faultCode), |
|
19bd4b413ed6
be more lenient when comparing string results
Christof Meerwald <cmeerw@cmeerw.org>
parents:
5488
diff
changeset
|
1197 "</struct></value>\n", |
|
19bd4b413ed6
be more lenient when comparing string results
Christof Meerwald <cmeerw@cmeerw.org>
parents:
5488
diff
changeset
|
1198 "</fault>\n", |
|
19bd4b413ed6
be more lenient when comparing string results
Christof Meerwald <cmeerw@cmeerw.org>
parents:
5488
diff
changeset
|
1199 "</methodResponse>\n"] |
|
5376
64b05e24dbd8
Python 3 preparation: convert print to a function.
Joseph Myers <jsm@polyomino.org.uk>
parents:
5316
diff
changeset
|
1200 print(out[0]) |
|
5513
19bd4b413ed6
be more lenient when comparing string results
Christof Meerwald <cmeerw@cmeerw.org>
parents:
5488
diff
changeset
|
1201 self.compareStringFragments(out[0], output_fragments) |
|
5220
14d8f61e6ef2
Reimplemented anti-csrf measures by raising exceptions rather than
John Rouillard <rouilj@ieee.org>
parents:
5218
diff
changeset
|
1202 del(out[0]) |
|
5218
44f7e6b958fe
Added tests for csrf with xmlrpc.
John Rouillard <rouilj@ieee.org>
parents:
5210
diff
changeset
|
1203 |
|
44f7e6b958fe
Added tests for csrf with xmlrpc.
John Rouillard <rouilj@ieee.org>
parents:
5210
diff
changeset
|
1204 # change config to not require X-REQUESTED-WITH header |
|
44f7e6b958fe
Added tests for csrf with xmlrpc.
John Rouillard <rouilj@ieee.org>
parents:
5210
diff
changeset
|
1205 cl.db.config['WEB_CSRF_ENFORCE_HEADER_X-REQUESTED-WITH'] = 'logfailure' |
|
44f7e6b958fe
Added tests for csrf with xmlrpc.
John Rouillard <rouilj@ieee.org>
parents:
5210
diff
changeset
|
1206 cl.handle_xmlrpc() |
|
5376
64b05e24dbd8
Python 3 preparation: convert print to a function.
Joseph Myers <jsm@polyomino.org.uk>
parents:
5316
diff
changeset
|
1207 print(out) |
|
5218
44f7e6b958fe
Added tests for csrf with xmlrpc.
John Rouillard <rouilj@ieee.org>
parents:
5210
diff
changeset
|
1208 self.assertEqual(out[0], answer) |
|
44f7e6b958fe
Added tests for csrf with xmlrpc.
John Rouillard <rouilj@ieee.org>
parents:
5210
diff
changeset
|
1209 del(out[0]) |
|
44f7e6b958fe
Added tests for csrf with xmlrpc.
John Rouillard <rouilj@ieee.org>
parents:
5210
diff
changeset
|
1210 |
|
3930
1b84355e346a
add tests for through-the-web permission checking
Richard Jones <richard@users.sourceforge.net>
parents:
3904
diff
changeset
|
1211 # |
|
1b84355e346a
add tests for through-the-web permission checking
Richard Jones <richard@users.sourceforge.net>
parents:
3904
diff
changeset
|
1212 # SECURITY |
|
1b84355e346a
add tests for through-the-web permission checking
Richard Jones <richard@users.sourceforge.net>
parents:
3904
diff
changeset
|
1213 # |
|
1b84355e346a
add tests for through-the-web permission checking
Richard Jones <richard@users.sourceforge.net>
parents:
3904
diff
changeset
|
1214 # XXX test all default permissions |
|
4437
261c9f913ff7
- Add explicit "Search" permissions, see Security Fix below.
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents:
4310
diff
changeset
|
1215 def _make_client(self, form, classname='user', nodeid='1', |
|
261c9f913ff7
- Add explicit "Search" permissions, see Security Fix below.
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents:
4310
diff
changeset
|
1216 userid='2', template='item'): |
|
4088
34434785f308
Plug a number of security holes:
Richard Jones <richard@users.sourceforge.net>
parents:
3982
diff
changeset
|
1217 cl = client.Client(self.instance, None, {'PATH_INFO':'/', |
|
5310
efb34cbdba7c
Add (currently failing) test for atomic actions
Ralf Schlatterbeck <rsc@runtux.com>
parents:
5248
diff
changeset
|
1218 'REQUEST_METHOD':'POST'}, db_test_base.makeForm(form)) |
|
4437
261c9f913ff7
- Add explicit "Search" permissions, see Security Fix below.
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents:
4310
diff
changeset
|
1219 cl.classname = classname |
|
4310
8e0d350ce644
Proper handling of 'Create' permissions in both mail gateway...
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents:
4306
diff
changeset
|
1220 if nodeid is not None: |
|
8e0d350ce644
Proper handling of 'Create' permissions in both mail gateway...
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents:
4306
diff
changeset
|
1221 cl.nodeid = nodeid |
|
3930
1b84355e346a
add tests for through-the-web permission checking
Richard Jones <richard@users.sourceforge.net>
parents:
3904
diff
changeset
|
1222 cl.db = self.db |
|
5720
071625b5b7c0
Deactivate failing test till I can get somebody to look at it. I want
John Rouillard <rouilj@ieee.org>
parents:
5703
diff
changeset
|
1223 #cl.db.Otk = MockNull() |
|
071625b5b7c0
Deactivate failing test till I can get somebody to look at it. I want
John Rouillard <rouilj@ieee.org>
parents:
5703
diff
changeset
|
1224 #cl.db.Otk.data = {} |
|
071625b5b7c0
Deactivate failing test till I can get somebody to look at it. I want
John Rouillard <rouilj@ieee.org>
parents:
5703
diff
changeset
|
1225 #cl.db.Otk.getall = self.data_get |
|
071625b5b7c0
Deactivate failing test till I can get somebody to look at it. I want
John Rouillard <rouilj@ieee.org>
parents:
5703
diff
changeset
|
1226 #cl.db.Otk.set = self.data_set |
|
4112
6441ffe588f7
fix bug introduced into CSV export and view (issue 2550529)
Richard Jones <richard@users.sourceforge.net>
parents:
4088
diff
changeset
|
1227 cl.userid = userid |
|
3969
905faf52a51f
fix mysql breakage in 1.4.2
Richard Jones <richard@users.sourceforge.net>
parents:
3930
diff
changeset
|
1228 cl.language = ('en',) |
|
4880
ca692423e401
Different approach to fix XSS in issue2550817
Ralf Schlatterbeck <rsc@runtux.com>
parents:
4851
diff
changeset
|
1229 cl._error_message = [] |
|
5094
92d33d3125a0
Validate properties specified for sorting and grouping in index
John Rouillard <rouilj@ieee.org>
parents:
5067
diff
changeset
|
1230 cl._ok_message = [] |
|
4437
261c9f913ff7
- Add explicit "Search" permissions, see Security Fix below.
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents:
4310
diff
changeset
|
1231 cl.template = template |
|
3930
1b84355e346a
add tests for through-the-web permission checking
Richard Jones <richard@users.sourceforge.net>
parents:
3904
diff
changeset
|
1232 return cl |
|
1b84355e346a
add tests for through-the-web permission checking
Richard Jones <richard@users.sourceforge.net>
parents:
3904
diff
changeset
|
1233 |
|
5720
071625b5b7c0
Deactivate failing test till I can get somebody to look at it. I want
John Rouillard <rouilj@ieee.org>
parents:
5703
diff
changeset
|
1234 def data_get(self, key): |
|
071625b5b7c0
Deactivate failing test till I can get somebody to look at it. I want
John Rouillard <rouilj@ieee.org>
parents:
5703
diff
changeset
|
1235 return self.db.Otk.data[key] |
|
071625b5b7c0
Deactivate failing test till I can get somebody to look at it. I want
John Rouillard <rouilj@ieee.org>
parents:
5703
diff
changeset
|
1236 |
|
071625b5b7c0
Deactivate failing test till I can get somebody to look at it. I want
John Rouillard <rouilj@ieee.org>
parents:
5703
diff
changeset
|
1237 def data_set(self, key, **value): |
|
071625b5b7c0
Deactivate failing test till I can get somebody to look at it. I want
John Rouillard <rouilj@ieee.org>
parents:
5703
diff
changeset
|
1238 self.db.Otk.data[key] = value |
|
071625b5b7c0
Deactivate failing test till I can get somebody to look at it. I want
John Rouillard <rouilj@ieee.org>
parents:
5703
diff
changeset
|
1239 |
|
3930
1b84355e346a
add tests for through-the-web permission checking
Richard Jones <richard@users.sourceforge.net>
parents:
3904
diff
changeset
|
1240 def testClassPermission(self): |
|
1b84355e346a
add tests for through-the-web permission checking
Richard Jones <richard@users.sourceforge.net>
parents:
3904
diff
changeset
|
1241 cl = self._make_client(dict(username='bob')) |
|
5794
95a366d46065
Replace deprecated assertEquals with assertEqual and failUnlessRaises
John Rouillard <rouilj@ieee.org>
parents:
5786
diff
changeset
|
1242 self.assertRaises(exceptions.Unauthorised, |
|
3930
1b84355e346a
add tests for through-the-web permission checking
Richard Jones <richard@users.sourceforge.net>
parents:
3904
diff
changeset
|
1243 actions.EditItemAction(cl).handle) |
|
1b84355e346a
add tests for through-the-web permission checking
Richard Jones <richard@users.sourceforge.net>
parents:
3904
diff
changeset
|
1244 cl.nodeid = '1' |
|
1b84355e346a
add tests for through-the-web permission checking
Richard Jones <richard@users.sourceforge.net>
parents:
3904
diff
changeset
|
1245 self.assertRaises(exceptions.Unauthorised, |
|
1b84355e346a
add tests for through-the-web permission checking
Richard Jones <richard@users.sourceforge.net>
parents:
3904
diff
changeset
|
1246 actions.EditItemAction(cl).handle) |
|
1b84355e346a
add tests for through-the-web permission checking
Richard Jones <richard@users.sourceforge.net>
parents:
3904
diff
changeset
|
1247 |
|
1b84355e346a
add tests for through-the-web permission checking
Richard Jones <richard@users.sourceforge.net>
parents:
3904
diff
changeset
|
1248 def testCheckAndPropertyPermission(self): |
|
1b84355e346a
add tests for through-the-web permission checking
Richard Jones <richard@users.sourceforge.net>
parents:
3904
diff
changeset
|
1249 self.db.security.permissions = {} |
|
4310
8e0d350ce644
Proper handling of 'Create' permissions in both mail gateway...
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents:
4306
diff
changeset
|
1250 def own_record(db, userid, itemid): |
|
8e0d350ce644
Proper handling of 'Create' permissions in both mail gateway...
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents:
4306
diff
changeset
|
1251 return userid == itemid |
|
3930
1b84355e346a
add tests for through-the-web permission checking
Richard Jones <richard@users.sourceforge.net>
parents:
3904
diff
changeset
|
1252 p = self.db.security.addPermission(name='Edit', klass='user', |
|
1b84355e346a
add tests for through-the-web permission checking
Richard Jones <richard@users.sourceforge.net>
parents:
3904
diff
changeset
|
1253 check=own_record, properties=("password", )) |
|
1b84355e346a
add tests for through-the-web permission checking
Richard Jones <richard@users.sourceforge.net>
parents:
3904
diff
changeset
|
1254 self.db.security.addPermissionToRole('User', p) |
|
1b84355e346a
add tests for through-the-web permission checking
Richard Jones <richard@users.sourceforge.net>
parents:
3904
diff
changeset
|
1255 |
|
1b84355e346a
add tests for through-the-web permission checking
Richard Jones <richard@users.sourceforge.net>
parents:
3904
diff
changeset
|
1256 cl = self._make_client(dict(username='bob')) |
|
1b84355e346a
add tests for through-the-web permission checking
Richard Jones <richard@users.sourceforge.net>
parents:
3904
diff
changeset
|
1257 self.assertRaises(exceptions.Unauthorised, |
|
1b84355e346a
add tests for through-the-web permission checking
Richard Jones <richard@users.sourceforge.net>
parents:
3904
diff
changeset
|
1258 actions.EditItemAction(cl).handle) |
|
4310
8e0d350ce644
Proper handling of 'Create' permissions in both mail gateway...
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents:
4306
diff
changeset
|
1259 cl = self._make_client(dict(roles='User,Admin'), userid='4', nodeid='4') |
|
8e0d350ce644
Proper handling of 'Create' permissions in both mail gateway...
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents:
4306
diff
changeset
|
1260 self.assertRaises(exceptions.Unauthorised, |
|
8e0d350ce644
Proper handling of 'Create' permissions in both mail gateway...
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents:
4306
diff
changeset
|
1261 actions.EditItemAction(cl).handle) |
|
8e0d350ce644
Proper handling of 'Create' permissions in both mail gateway...
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents:
4306
diff
changeset
|
1262 cl = self._make_client(dict(roles='User,Admin'), userid='4') |
|
8e0d350ce644
Proper handling of 'Create' permissions in both mail gateway...
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents:
4306
diff
changeset
|
1263 self.assertRaises(exceptions.Unauthorised, |
|
8e0d350ce644
Proper handling of 'Create' permissions in both mail gateway...
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents:
4306
diff
changeset
|
1264 actions.EditItemAction(cl).handle) |
|
8e0d350ce644
Proper handling of 'Create' permissions in both mail gateway...
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents:
4306
diff
changeset
|
1265 cl = self._make_client(dict(roles='User,Admin')) |
|
8e0d350ce644
Proper handling of 'Create' permissions in both mail gateway...
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents:
4306
diff
changeset
|
1266 self.assertRaises(exceptions.Unauthorised, |
|
8e0d350ce644
Proper handling of 'Create' permissions in both mail gateway...
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents:
4306
diff
changeset
|
1267 actions.EditItemAction(cl).handle) |
|
8e0d350ce644
Proper handling of 'Create' permissions in both mail gateway...
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents:
4306
diff
changeset
|
1268 # working example, mary may change her pw |
|
8e0d350ce644
Proper handling of 'Create' permissions in both mail gateway...
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents:
4306
diff
changeset
|
1269 cl = self._make_client({'password':'ob', '@confirm@password':'ob'}, |
|
8e0d350ce644
Proper handling of 'Create' permissions in both mail gateway...
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents:
4306
diff
changeset
|
1270 nodeid='4', userid='4') |
|
8e0d350ce644
Proper handling of 'Create' permissions in both mail gateway...
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents:
4306
diff
changeset
|
1271 self.assertRaises(exceptions.Redirect, |
|
8e0d350ce644
Proper handling of 'Create' permissions in both mail gateway...
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents:
4306
diff
changeset
|
1272 actions.EditItemAction(cl).handle) |
|
3930
1b84355e346a
add tests for through-the-web permission checking
Richard Jones <richard@users.sourceforge.net>
parents:
3904
diff
changeset
|
1273 cl = self._make_client({'password':'bob', '@confirm@password':'bob'}) |
|
5794
95a366d46065
Replace deprecated assertEquals with assertEqual and failUnlessRaises
John Rouillard <rouilj@ieee.org>
parents:
5786
diff
changeset
|
1274 self.assertRaises(exceptions.Unauthorised, |
|
3930
1b84355e346a
add tests for through-the-web permission checking
Richard Jones <richard@users.sourceforge.net>
parents:
3904
diff
changeset
|
1275 actions.EditItemAction(cl).handle) |
|
1b84355e346a
add tests for through-the-web permission checking
Richard Jones <richard@users.sourceforge.net>
parents:
3904
diff
changeset
|
1276 |
|
4310
8e0d350ce644
Proper handling of 'Create' permissions in both mail gateway...
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents:
4306
diff
changeset
|
1277 def testCreatePermission(self): |
|
8e0d350ce644
Proper handling of 'Create' permissions in both mail gateway...
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents:
4306
diff
changeset
|
1278 # this checks if we properly differentiate between create and |
|
8e0d350ce644
Proper handling of 'Create' permissions in both mail gateway...
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents:
4306
diff
changeset
|
1279 # edit permissions |
|
8e0d350ce644
Proper handling of 'Create' permissions in both mail gateway...
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents:
4306
diff
changeset
|
1280 self.db.security.permissions = {} |
|
8e0d350ce644
Proper handling of 'Create' permissions in both mail gateway...
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents:
4306
diff
changeset
|
1281 self.db.security.addRole(name='UserAdd') |
|
8e0d350ce644
Proper handling of 'Create' permissions in both mail gateway...
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents:
4306
diff
changeset
|
1282 # Don't allow roles |
|
8e0d350ce644
Proper handling of 'Create' permissions in both mail gateway...
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents:
4306
diff
changeset
|
1283 p = self.db.security.addPermission(name='Create', klass='user', |
|
8e0d350ce644
Proper handling of 'Create' permissions in both mail gateway...
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents:
4306
diff
changeset
|
1284 properties=("username", "password", "address", |
|
8e0d350ce644
Proper handling of 'Create' permissions in both mail gateway...
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents:
4306
diff
changeset
|
1285 "alternate_address", "realname", "phone", "organisation", |
|
8e0d350ce644
Proper handling of 'Create' permissions in both mail gateway...
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents:
4306
diff
changeset
|
1286 "timezone")) |
|
8e0d350ce644
Proper handling of 'Create' permissions in both mail gateway...
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents:
4306
diff
changeset
|
1287 self.db.security.addPermissionToRole('UserAdd', p) |
|
8e0d350ce644
Proper handling of 'Create' permissions in both mail gateway...
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents:
4306
diff
changeset
|
1288 # Don't allow roles *and* don't allow username |
|
8e0d350ce644
Proper handling of 'Create' permissions in both mail gateway...
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents:
4306
diff
changeset
|
1289 p = self.db.security.addPermission(name='Edit', klass='user', |
|
8e0d350ce644
Proper handling of 'Create' permissions in both mail gateway...
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents:
4306
diff
changeset
|
1290 properties=("password", "address", "alternate_address", |
|
8e0d350ce644
Proper handling of 'Create' permissions in both mail gateway...
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents:
4306
diff
changeset
|
1291 "realname", "phone", "organisation", "timezone")) |
|
8e0d350ce644
Proper handling of 'Create' permissions in both mail gateway...
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents:
4306
diff
changeset
|
1292 self.db.security.addPermissionToRole('UserAdd', p) |
|
8e0d350ce644
Proper handling of 'Create' permissions in both mail gateway...
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents:
4306
diff
changeset
|
1293 self.db.user.set('4', roles='UserAdd') |
|
8e0d350ce644
Proper handling of 'Create' permissions in both mail gateway...
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents:
4306
diff
changeset
|
1294 |
|
8e0d350ce644
Proper handling of 'Create' permissions in both mail gateway...
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents:
4306
diff
changeset
|
1295 # anonymous may not |
|
8e0d350ce644
Proper handling of 'Create' permissions in both mail gateway...
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents:
4306
diff
changeset
|
1296 cl = self._make_client({'username':'new_user', 'password':'secret', |
|
8e0d350ce644
Proper handling of 'Create' permissions in both mail gateway...
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents:
4306
diff
changeset
|
1297 '@confirm@password':'secret', 'address':'new_user@bork.bork', |
|
8e0d350ce644
Proper handling of 'Create' permissions in both mail gateway...
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents:
4306
diff
changeset
|
1298 'roles':'Admin'}, nodeid=None, userid='2') |
|
8e0d350ce644
Proper handling of 'Create' permissions in both mail gateway...
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents:
4306
diff
changeset
|
1299 self.assertRaises(exceptions.Unauthorised, |
|
8e0d350ce644
Proper handling of 'Create' permissions in both mail gateway...
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents:
4306
diff
changeset
|
1300 actions.NewItemAction(cl).handle) |
|
8e0d350ce644
Proper handling of 'Create' permissions in both mail gateway...
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents:
4306
diff
changeset
|
1301 # Don't allow creating new user with roles |
|
8e0d350ce644
Proper handling of 'Create' permissions in both mail gateway...
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents:
4306
diff
changeset
|
1302 cl = self._make_client({'username':'new_user', 'password':'secret', |
|
8e0d350ce644
Proper handling of 'Create' permissions in both mail gateway...
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents:
4306
diff
changeset
|
1303 '@confirm@password':'secret', 'address':'new_user@bork.bork', |
|
8e0d350ce644
Proper handling of 'Create' permissions in both mail gateway...
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents:
4306
diff
changeset
|
1304 'roles':'Admin'}, nodeid=None, userid='4') |
|
8e0d350ce644
Proper handling of 'Create' permissions in both mail gateway...
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents:
4306
diff
changeset
|
1305 self.assertRaises(exceptions.Unauthorised, |
|
8e0d350ce644
Proper handling of 'Create' permissions in both mail gateway...
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents:
4306
diff
changeset
|
1306 actions.NewItemAction(cl).handle) |
|
4880
ca692423e401
Different approach to fix XSS in issue2550817
Ralf Schlatterbeck <rsc@runtux.com>
parents:
4851
diff
changeset
|
1307 self.assertEqual(cl._error_message,[]) |
|
4310
8e0d350ce644
Proper handling of 'Create' permissions in both mail gateway...
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents:
4306
diff
changeset
|
1308 # this should work |
|
8e0d350ce644
Proper handling of 'Create' permissions in both mail gateway...
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents:
4306
diff
changeset
|
1309 cl = self._make_client({'username':'new_user', 'password':'secret', |
|
8e0d350ce644
Proper handling of 'Create' permissions in both mail gateway...
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents:
4306
diff
changeset
|
1310 '@confirm@password':'secret', 'address':'new_user@bork.bork'}, |
|
8e0d350ce644
Proper handling of 'Create' permissions in both mail gateway...
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents:
4306
diff
changeset
|
1311 nodeid=None, userid='4') |
|
8e0d350ce644
Proper handling of 'Create' permissions in both mail gateway...
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents:
4306
diff
changeset
|
1312 self.assertRaises(exceptions.Redirect, |
|
8e0d350ce644
Proper handling of 'Create' permissions in both mail gateway...
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents:
4306
diff
changeset
|
1313 actions.NewItemAction(cl).handle) |
|
4880
ca692423e401
Different approach to fix XSS in issue2550817
Ralf Schlatterbeck <rsc@runtux.com>
parents:
4851
diff
changeset
|
1314 self.assertEqual(cl._error_message,[]) |
|
4310
8e0d350ce644
Proper handling of 'Create' permissions in both mail gateway...
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents:
4306
diff
changeset
|
1315 # don't allow changing (my own) username (in this example) |
|
8e0d350ce644
Proper handling of 'Create' permissions in both mail gateway...
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents:
4306
diff
changeset
|
1316 cl = self._make_client(dict(username='new_user42'), userid='4') |
|
8e0d350ce644
Proper handling of 'Create' permissions in both mail gateway...
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents:
4306
diff
changeset
|
1317 self.assertRaises(exceptions.Unauthorised, |
|
8e0d350ce644
Proper handling of 'Create' permissions in both mail gateway...
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents:
4306
diff
changeset
|
1318 actions.EditItemAction(cl).handle) |
|
8e0d350ce644
Proper handling of 'Create' permissions in both mail gateway...
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents:
4306
diff
changeset
|
1319 cl = self._make_client(dict(username='new_user42'), userid='4', |
|
8e0d350ce644
Proper handling of 'Create' permissions in both mail gateway...
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents:
4306
diff
changeset
|
1320 nodeid='4') |
|
8e0d350ce644
Proper handling of 'Create' permissions in both mail gateway...
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents:
4306
diff
changeset
|
1321 self.assertRaises(exceptions.Unauthorised, |
|
8e0d350ce644
Proper handling of 'Create' permissions in both mail gateway...
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents:
4306
diff
changeset
|
1322 actions.EditItemAction(cl).handle) |
|
8e0d350ce644
Proper handling of 'Create' permissions in both mail gateway...
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents:
4306
diff
changeset
|
1323 # don't allow changing (my own) roles |
|
8e0d350ce644
Proper handling of 'Create' permissions in both mail gateway...
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents:
4306
diff
changeset
|
1324 cl = self._make_client(dict(roles='User,Admin'), userid='4', |
|
8e0d350ce644
Proper handling of 'Create' permissions in both mail gateway...
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents:
4306
diff
changeset
|
1325 nodeid='4') |
|
8e0d350ce644
Proper handling of 'Create' permissions in both mail gateway...
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents:
4306
diff
changeset
|
1326 self.assertRaises(exceptions.Unauthorised, |
|
8e0d350ce644
Proper handling of 'Create' permissions in both mail gateway...
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents:
4306
diff
changeset
|
1327 actions.EditItemAction(cl).handle) |
|
8e0d350ce644
Proper handling of 'Create' permissions in both mail gateway...
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents:
4306
diff
changeset
|
1328 cl = self._make_client(dict(roles='User,Admin'), userid='4') |
|
8e0d350ce644
Proper handling of 'Create' permissions in both mail gateway...
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents:
4306
diff
changeset
|
1329 self.assertRaises(exceptions.Unauthorised, |
|
8e0d350ce644
Proper handling of 'Create' permissions in both mail gateway...
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents:
4306
diff
changeset
|
1330 actions.EditItemAction(cl).handle) |
|
8e0d350ce644
Proper handling of 'Create' permissions in both mail gateway...
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents:
4306
diff
changeset
|
1331 cl = self._make_client(dict(roles='User,Admin')) |
|
8e0d350ce644
Proper handling of 'Create' permissions in both mail gateway...
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents:
4306
diff
changeset
|
1332 self.assertRaises(exceptions.Unauthorised, |
|
8e0d350ce644
Proper handling of 'Create' permissions in both mail gateway...
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents:
4306
diff
changeset
|
1333 actions.EditItemAction(cl).handle) |
|
8e0d350ce644
Proper handling of 'Create' permissions in both mail gateway...
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents:
4306
diff
changeset
|
1334 |
|
4437
261c9f913ff7
- Add explicit "Search" permissions, see Security Fix below.
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents:
4310
diff
changeset
|
1335 def testSearchPermission(self): |
|
261c9f913ff7
- Add explicit "Search" permissions, see Security Fix below.
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents:
4310
diff
changeset
|
1336 # this checks if we properly check for search permissions |
|
261c9f913ff7
- Add explicit "Search" permissions, see Security Fix below.
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents:
4310
diff
changeset
|
1337 self.db.security.permissions = {} |
|
261c9f913ff7
- Add explicit "Search" permissions, see Security Fix below.
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents:
4310
diff
changeset
|
1338 self.db.security.addRole(name='User') |
|
261c9f913ff7
- Add explicit "Search" permissions, see Security Fix below.
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents:
4310
diff
changeset
|
1339 self.db.security.addRole(name='Project') |
|
261c9f913ff7
- Add explicit "Search" permissions, see Security Fix below.
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents:
4310
diff
changeset
|
1340 self.db.security.addPermissionToRole('User', 'Web Access') |
|
261c9f913ff7
- Add explicit "Search" permissions, see Security Fix below.
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents:
4310
diff
changeset
|
1341 self.db.security.addPermissionToRole('Project', 'Web Access') |
|
261c9f913ff7
- Add explicit "Search" permissions, see Security Fix below.
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents:
4310
diff
changeset
|
1342 # Allow viewing department |
|
261c9f913ff7
- Add explicit "Search" permissions, see Security Fix below.
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents:
4310
diff
changeset
|
1343 p = self.db.security.addPermission(name='View', klass='department') |
|
261c9f913ff7
- Add explicit "Search" permissions, see Security Fix below.
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents:
4310
diff
changeset
|
1344 self.db.security.addPermissionToRole('User', p) |
|
261c9f913ff7
- Add explicit "Search" permissions, see Security Fix below.
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents:
4310
diff
changeset
|
1345 # Allow viewing interesting things (but not department) on iss |
|
261c9f913ff7
- Add explicit "Search" permissions, see Security Fix below.
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents:
4310
diff
changeset
|
1346 # But users might only view issues where they are on nosy |
|
261c9f913ff7
- Add explicit "Search" permissions, see Security Fix below.
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents:
4310
diff
changeset
|
1347 # (so in the real world the check method would be better) |
|
261c9f913ff7
- Add explicit "Search" permissions, see Security Fix below.
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents:
4310
diff
changeset
|
1348 p = self.db.security.addPermission(name='View', klass='iss', |
|
261c9f913ff7
- Add explicit "Search" permissions, see Security Fix below.
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents:
4310
diff
changeset
|
1349 properties=("title", "status"), check=lambda x,y,z: True) |
|
261c9f913ff7
- Add explicit "Search" permissions, see Security Fix below.
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents:
4310
diff
changeset
|
1350 self.db.security.addPermissionToRole('User', p) |
|
4446
17f796a78647
fix broken tests by adding additional permissions...
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents:
4437
diff
changeset
|
1351 # Allow all relevant roles access to stat |
|
17f796a78647
fix broken tests by adding additional permissions...
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents:
4437
diff
changeset
|
1352 p = self.db.security.addPermission(name='View', klass='stat') |
|
17f796a78647
fix broken tests by adding additional permissions...
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents:
4437
diff
changeset
|
1353 self.db.security.addPermissionToRole('User', p) |
|
17f796a78647
fix broken tests by adding additional permissions...
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents:
4437
diff
changeset
|
1354 self.db.security.addPermissionToRole('Project', p) |
|
4437
261c9f913ff7
- Add explicit "Search" permissions, see Security Fix below.
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents:
4310
diff
changeset
|
1355 # Allow role "Project" access to whole iss |
|
261c9f913ff7
- Add explicit "Search" permissions, see Security Fix below.
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents:
4310
diff
changeset
|
1356 p = self.db.security.addPermission(name='View', klass='iss') |
|
261c9f913ff7
- Add explicit "Search" permissions, see Security Fix below.
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents:
4310
diff
changeset
|
1357 self.db.security.addPermissionToRole('Project', p) |
|
261c9f913ff7
- Add explicit "Search" permissions, see Security Fix below.
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents:
4310
diff
changeset
|
1358 |
|
261c9f913ff7
- Add explicit "Search" permissions, see Security Fix below.
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents:
4310
diff
changeset
|
1359 department = self.instance.backend.Class(self.db, "department", |
|
261c9f913ff7
- Add explicit "Search" permissions, see Security Fix below.
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents:
4310
diff
changeset
|
1360 name=hyperdb.String()) |
|
261c9f913ff7
- Add explicit "Search" permissions, see Security Fix below.
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents:
4310
diff
changeset
|
1361 status = self.instance.backend.Class(self.db, "stat", |
|
261c9f913ff7
- Add explicit "Search" permissions, see Security Fix below.
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents:
4310
diff
changeset
|
1362 name=hyperdb.String()) |
|
261c9f913ff7
- Add explicit "Search" permissions, see Security Fix below.
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents:
4310
diff
changeset
|
1363 issue = self.instance.backend.Class(self.db, "iss", |
|
261c9f913ff7
- Add explicit "Search" permissions, see Security Fix below.
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents:
4310
diff
changeset
|
1364 title=hyperdb.String(), status=hyperdb.Link('stat'), |
|
261c9f913ff7
- Add explicit "Search" permissions, see Security Fix below.
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents:
4310
diff
changeset
|
1365 department=hyperdb.Link('department')) |
|
261c9f913ff7
- Add explicit "Search" permissions, see Security Fix below.
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents:
4310
diff
changeset
|
1366 |
|
261c9f913ff7
- Add explicit "Search" permissions, see Security Fix below.
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents:
4310
diff
changeset
|
1367 d1 = department.create(name='d1') |
|
261c9f913ff7
- Add explicit "Search" permissions, see Security Fix below.
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents:
4310
diff
changeset
|
1368 d2 = department.create(name='d2') |
|
261c9f913ff7
- Add explicit "Search" permissions, see Security Fix below.
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents:
4310
diff
changeset
|
1369 open = status.create(name='open') |
|
261c9f913ff7
- Add explicit "Search" permissions, see Security Fix below.
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents:
4310
diff
changeset
|
1370 closed = status.create(name='closed') |
|
261c9f913ff7
- Add explicit "Search" permissions, see Security Fix below.
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents:
4310
diff
changeset
|
1371 issue.create(title='i1', status=open, department=d2) |
|
261c9f913ff7
- Add explicit "Search" permissions, see Security Fix below.
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents:
4310
diff
changeset
|
1372 issue.create(title='i2', status=open, department=d1) |
|
261c9f913ff7
- Add explicit "Search" permissions, see Security Fix below.
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents:
4310
diff
changeset
|
1373 issue.create(title='i2', status=closed, department=d1) |
|
261c9f913ff7
- Add explicit "Search" permissions, see Security Fix below.
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents:
4310
diff
changeset
|
1374 |
|
261c9f913ff7
- Add explicit "Search" permissions, see Security Fix below.
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents:
4310
diff
changeset
|
1375 chef = self.db.user.lookup('Chef') |
|
261c9f913ff7
- Add explicit "Search" permissions, see Security Fix below.
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents:
4310
diff
changeset
|
1376 mary = self.db.user.lookup('mary') |
|
261c9f913ff7
- Add explicit "Search" permissions, see Security Fix below.
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents:
4310
diff
changeset
|
1377 self.db.user.set(chef, roles = 'User, Project') |
|
261c9f913ff7
- Add explicit "Search" permissions, see Security Fix below.
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents:
4310
diff
changeset
|
1378 |
|
261c9f913ff7
- Add explicit "Search" permissions, see Security Fix below.
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents:
4310
diff
changeset
|
1379 perm = self.db.security.hasPermission |
|
261c9f913ff7
- Add explicit "Search" permissions, see Security Fix below.
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents:
4310
diff
changeset
|
1380 search = self.db.security.hasSearchPermission |
|
5649
f8893e1cde0d
assert_ is depricated. Replacing with assertTrue to reduce logs in travisci.
John Rouillard <rouilj@ieee.org>
parents:
5624
diff
changeset
|
1381 self.assertTrue(perm('View', chef, 'iss', 'department', '1')) |
|
f8893e1cde0d
assert_ is depricated. Replacing with assertTrue to reduce logs in travisci.
John Rouillard <rouilj@ieee.org>
parents:
5624
diff
changeset
|
1382 self.assertTrue(perm('View', chef, 'iss', 'department', '2')) |
|
f8893e1cde0d
assert_ is depricated. Replacing with assertTrue to reduce logs in travisci.
John Rouillard <rouilj@ieee.org>
parents:
5624
diff
changeset
|
1383 self.assertTrue(perm('View', chef, 'iss', 'department', '3')) |
|
f8893e1cde0d
assert_ is depricated. Replacing with assertTrue to reduce logs in travisci.
John Rouillard <rouilj@ieee.org>
parents:
5624
diff
changeset
|
1384 self.assertTrue(search(chef, 'iss', 'department')) |
|
4437
261c9f913ff7
- Add explicit "Search" permissions, see Security Fix below.
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents:
4310
diff
changeset
|
1385 |
|
5649
f8893e1cde0d
assert_ is depricated. Replacing with assertTrue to reduce logs in travisci.
John Rouillard <rouilj@ieee.org>
parents:
5624
diff
changeset
|
1386 self.assertTrue(not perm('View', mary, 'iss', 'department')) |
|
f8893e1cde0d
assert_ is depricated. Replacing with assertTrue to reduce logs in travisci.
John Rouillard <rouilj@ieee.org>
parents:
5624
diff
changeset
|
1387 self.assertTrue(perm('View', mary, 'iss', 'status')) |
|
4437
261c9f913ff7
- Add explicit "Search" permissions, see Security Fix below.
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents:
4310
diff
changeset
|
1388 # Conditionally allow view of whole iss (check is False here, |
|
261c9f913ff7
- Add explicit "Search" permissions, see Security Fix below.
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents:
4310
diff
changeset
|
1389 # this might check for department owner in the real world) |
|
261c9f913ff7
- Add explicit "Search" permissions, see Security Fix below.
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents:
4310
diff
changeset
|
1390 p = self.db.security.addPermission(name='View', klass='iss', |
|
261c9f913ff7
- Add explicit "Search" permissions, see Security Fix below.
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents:
4310
diff
changeset
|
1391 check=lambda x,y,z: False) |
|
261c9f913ff7
- Add explicit "Search" permissions, see Security Fix below.
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents:
4310
diff
changeset
|
1392 self.db.security.addPermissionToRole('User', p) |
|
5649
f8893e1cde0d
assert_ is depricated. Replacing with assertTrue to reduce logs in travisci.
John Rouillard <rouilj@ieee.org>
parents:
5624
diff
changeset
|
1393 self.assertTrue(perm('View', mary, 'iss', 'department')) |
|
f8893e1cde0d
assert_ is depricated. Replacing with assertTrue to reduce logs in travisci.
John Rouillard <rouilj@ieee.org>
parents:
5624
diff
changeset
|
1394 self.assertTrue(not perm('View', mary, 'iss', 'department', '1')) |
|
f8893e1cde0d
assert_ is depricated. Replacing with assertTrue to reduce logs in travisci.
John Rouillard <rouilj@ieee.org>
parents:
5624
diff
changeset
|
1395 self.assertTrue(not search(mary, 'iss', 'department')) |
|
4437
261c9f913ff7
- Add explicit "Search" permissions, see Security Fix below.
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents:
4310
diff
changeset
|
1396 |
|
5649
f8893e1cde0d
assert_ is depricated. Replacing with assertTrue to reduce logs in travisci.
John Rouillard <rouilj@ieee.org>
parents:
5624
diff
changeset
|
1397 self.assertTrue(perm('View', mary, 'iss', 'status')) |
|
f8893e1cde0d
assert_ is depricated. Replacing with assertTrue to reduce logs in travisci.
John Rouillard <rouilj@ieee.org>
parents:
5624
diff
changeset
|
1398 self.assertTrue(not search(mary, 'iss', 'status')) |
|
4437
261c9f913ff7
- Add explicit "Search" permissions, see Security Fix below.
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents:
4310
diff
changeset
|
1399 # Allow user to search for iss.status |
|
261c9f913ff7
- Add explicit "Search" permissions, see Security Fix below.
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents:
4310
diff
changeset
|
1400 p = self.db.security.addPermission(name='Search', klass='iss', |
|
261c9f913ff7
- Add explicit "Search" permissions, see Security Fix below.
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents:
4310
diff
changeset
|
1401 properties=("status",)) |
|
261c9f913ff7
- Add explicit "Search" permissions, see Security Fix below.
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents:
4310
diff
changeset
|
1402 self.db.security.addPermissionToRole('User', p) |
|
5649
f8893e1cde0d
assert_ is depricated. Replacing with assertTrue to reduce logs in travisci.
John Rouillard <rouilj@ieee.org>
parents:
5624
diff
changeset
|
1403 self.assertTrue(search(mary, 'iss', 'status')) |
|
4437
261c9f913ff7
- Add explicit "Search" permissions, see Security Fix below.
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents:
4310
diff
changeset
|
1404 |
|
261c9f913ff7
- Add explicit "Search" permissions, see Security Fix below.
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents:
4310
diff
changeset
|
1405 dep = {'@action':'search','columns':'id','@filter':'department', |
|
261c9f913ff7
- Add explicit "Search" permissions, see Security Fix below.
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents:
4310
diff
changeset
|
1406 'department':'1'} |
|
261c9f913ff7
- Add explicit "Search" permissions, see Security Fix below.
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents:
4310
diff
changeset
|
1407 stat = {'@action':'search','columns':'id','@filter':'status', |
|
261c9f913ff7
- Add explicit "Search" permissions, see Security Fix below.
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents:
4310
diff
changeset
|
1408 'status':'1'} |
|
261c9f913ff7
- Add explicit "Search" permissions, see Security Fix below.
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents:
4310
diff
changeset
|
1409 depsort = {'@action':'search','columns':'id','@sort':'department'} |
|
261c9f913ff7
- Add explicit "Search" permissions, see Security Fix below.
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents:
4310
diff
changeset
|
1410 depgrp = {'@action':'search','columns':'id','@group':'department'} |
|
261c9f913ff7
- Add explicit "Search" permissions, see Security Fix below.
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents:
4310
diff
changeset
|
1411 |
|
261c9f913ff7
- Add explicit "Search" permissions, see Security Fix below.
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents:
4310
diff
changeset
|
1412 # Filter on department ignored for role 'User': |
|
261c9f913ff7
- Add explicit "Search" permissions, see Security Fix below.
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents:
4310
diff
changeset
|
1413 cl = self._make_client(dep, classname='iss', nodeid=None, userid=mary, |
|
261c9f913ff7
- Add explicit "Search" permissions, see Security Fix below.
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents:
4310
diff
changeset
|
1414 template='index') |
|
261c9f913ff7
- Add explicit "Search" permissions, see Security Fix below.
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents:
4310
diff
changeset
|
1415 h = HTMLRequest(cl) |
|
261c9f913ff7
- Add explicit "Search" permissions, see Security Fix below.
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents:
4310
diff
changeset
|
1416 self.assertEqual([x.id for x in h.batch()],['1', '2', '3']) |
|
261c9f913ff7
- Add explicit "Search" permissions, see Security Fix below.
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents:
4310
diff
changeset
|
1417 # Filter on department works for role 'Project': |
|
261c9f913ff7
- Add explicit "Search" permissions, see Security Fix below.
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents:
4310
diff
changeset
|
1418 cl = self._make_client(dep, classname='iss', nodeid=None, userid=chef, |
|
261c9f913ff7
- Add explicit "Search" permissions, see Security Fix below.
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents:
4310
diff
changeset
|
1419 template='index') |
|
261c9f913ff7
- Add explicit "Search" permissions, see Security Fix below.
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents:
4310
diff
changeset
|
1420 h = HTMLRequest(cl) |
|
261c9f913ff7
- Add explicit "Search" permissions, see Security Fix below.
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents:
4310
diff
changeset
|
1421 self.assertEqual([x.id for x in h.batch()],['2', '3']) |
|
261c9f913ff7
- Add explicit "Search" permissions, see Security Fix below.
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents:
4310
diff
changeset
|
1422 # Filter on status works for all: |
|
261c9f913ff7
- Add explicit "Search" permissions, see Security Fix below.
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents:
4310
diff
changeset
|
1423 cl = self._make_client(stat, classname='iss', nodeid=None, userid=mary, |
|
261c9f913ff7
- Add explicit "Search" permissions, see Security Fix below.
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents:
4310
diff
changeset
|
1424 template='index') |
|
261c9f913ff7
- Add explicit "Search" permissions, see Security Fix below.
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents:
4310
diff
changeset
|
1425 h = HTMLRequest(cl) |
|
261c9f913ff7
- Add explicit "Search" permissions, see Security Fix below.
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents:
4310
diff
changeset
|
1426 self.assertEqual([x.id for x in h.batch()],['1', '2']) |
|
261c9f913ff7
- Add explicit "Search" permissions, see Security Fix below.
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents:
4310
diff
changeset
|
1427 cl = self._make_client(stat, classname='iss', nodeid=None, userid=chef, |
|
261c9f913ff7
- Add explicit "Search" permissions, see Security Fix below.
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents:
4310
diff
changeset
|
1428 template='index') |
|
261c9f913ff7
- Add explicit "Search" permissions, see Security Fix below.
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents:
4310
diff
changeset
|
1429 h = HTMLRequest(cl) |
|
261c9f913ff7
- Add explicit "Search" permissions, see Security Fix below.
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents:
4310
diff
changeset
|
1430 self.assertEqual([x.id for x in h.batch()],['1', '2']) |
|
261c9f913ff7
- Add explicit "Search" permissions, see Security Fix below.
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents:
4310
diff
changeset
|
1431 # Sorting and grouping for class Project works: |
|
261c9f913ff7
- Add explicit "Search" permissions, see Security Fix below.
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents:
4310
diff
changeset
|
1432 cl = self._make_client(depsort, classname='iss', nodeid=None, |
|
261c9f913ff7
- Add explicit "Search" permissions, see Security Fix below.
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents:
4310
diff
changeset
|
1433 userid=chef, template='index') |
|
261c9f913ff7
- Add explicit "Search" permissions, see Security Fix below.
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents:
4310
diff
changeset
|
1434 h = HTMLRequest(cl) |
|
261c9f913ff7
- Add explicit "Search" permissions, see Security Fix below.
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents:
4310
diff
changeset
|
1435 self.assertEqual([x.id for x in h.batch()],['2', '3', '1']) |
|
5094
92d33d3125a0
Validate properties specified for sorting and grouping in index
John Rouillard <rouilj@ieee.org>
parents:
5067
diff
changeset
|
1436 self.assertEqual(cl._error_message, []) # test for empty _error_message when sort is valid |
|
92d33d3125a0
Validate properties specified for sorting and grouping in index
John Rouillard <rouilj@ieee.org>
parents:
5067
diff
changeset
|
1437 self.assertEqual(cl._ok_message, []) # test for empty _ok_message when sort is valid |
|
92d33d3125a0
Validate properties specified for sorting and grouping in index
John Rouillard <rouilj@ieee.org>
parents:
5067
diff
changeset
|
1438 |
|
92d33d3125a0
Validate properties specified for sorting and grouping in index
John Rouillard <rouilj@ieee.org>
parents:
5067
diff
changeset
|
1439 # Test for correct _error_message for invalid sort/group properties |
|
92d33d3125a0
Validate properties specified for sorting and grouping in index
John Rouillard <rouilj@ieee.org>
parents:
5067
diff
changeset
|
1440 baddepsort = {'@action':'search','columns':'id','@sort':'dep'} |
|
92d33d3125a0
Validate properties specified for sorting and grouping in index
John Rouillard <rouilj@ieee.org>
parents:
5067
diff
changeset
|
1441 baddepgrp = {'@action':'search','columns':'id','@group':'dep'} |
|
92d33d3125a0
Validate properties specified for sorting and grouping in index
John Rouillard <rouilj@ieee.org>
parents:
5067
diff
changeset
|
1442 cl = self._make_client(baddepsort, classname='iss', nodeid=None, |
|
92d33d3125a0
Validate properties specified for sorting and grouping in index
John Rouillard <rouilj@ieee.org>
parents:
5067
diff
changeset
|
1443 userid=chef, template='index') |
|
92d33d3125a0
Validate properties specified for sorting and grouping in index
John Rouillard <rouilj@ieee.org>
parents:
5067
diff
changeset
|
1444 h = HTMLRequest(cl) |
|
92d33d3125a0
Validate properties specified for sorting and grouping in index
John Rouillard <rouilj@ieee.org>
parents:
5067
diff
changeset
|
1445 self.assertEqual(cl._error_message, ['Unknown sort property dep']) |
|
92d33d3125a0
Validate properties specified for sorting and grouping in index
John Rouillard <rouilj@ieee.org>
parents:
5067
diff
changeset
|
1446 cl = self._make_client(baddepgrp, classname='iss', nodeid=None, |
|
92d33d3125a0
Validate properties specified for sorting and grouping in index
John Rouillard <rouilj@ieee.org>
parents:
5067
diff
changeset
|
1447 userid=chef, template='index') |
|
92d33d3125a0
Validate properties specified for sorting and grouping in index
John Rouillard <rouilj@ieee.org>
parents:
5067
diff
changeset
|
1448 h = HTMLRequest(cl) |
|
92d33d3125a0
Validate properties specified for sorting and grouping in index
John Rouillard <rouilj@ieee.org>
parents:
5067
diff
changeset
|
1449 self.assertEqual(cl._error_message, ['Unknown group property dep']) |
|
92d33d3125a0
Validate properties specified for sorting and grouping in index
John Rouillard <rouilj@ieee.org>
parents:
5067
diff
changeset
|
1450 |
|
4437
261c9f913ff7
- Add explicit "Search" permissions, see Security Fix below.
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents:
4310
diff
changeset
|
1451 cl = self._make_client(depgrp, classname='iss', nodeid=None, |
|
261c9f913ff7
- Add explicit "Search" permissions, see Security Fix below.
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents:
4310
diff
changeset
|
1452 userid=chef, template='index') |
|
261c9f913ff7
- Add explicit "Search" permissions, see Security Fix below.
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents:
4310
diff
changeset
|
1453 h = HTMLRequest(cl) |
|
261c9f913ff7
- Add explicit "Search" permissions, see Security Fix below.
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents:
4310
diff
changeset
|
1454 self.assertEqual([x.id for x in h.batch()],['2', '3', '1']) |
|
261c9f913ff7
- Add explicit "Search" permissions, see Security Fix below.
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents:
4310
diff
changeset
|
1455 # Sorting and grouping for class User fails: |
|
261c9f913ff7
- Add explicit "Search" permissions, see Security Fix below.
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents:
4310
diff
changeset
|
1456 cl = self._make_client(depsort, classname='iss', nodeid=None, |
|
261c9f913ff7
- Add explicit "Search" permissions, see Security Fix below.
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents:
4310
diff
changeset
|
1457 userid=mary, template='index') |
|
261c9f913ff7
- Add explicit "Search" permissions, see Security Fix below.
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents:
4310
diff
changeset
|
1458 h = HTMLRequest(cl) |
|
261c9f913ff7
- Add explicit "Search" permissions, see Security Fix below.
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents:
4310
diff
changeset
|
1459 self.assertEqual([x.id for x in h.batch()],['1', '2', '3']) |
|
261c9f913ff7
- Add explicit "Search" permissions, see Security Fix below.
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents:
4310
diff
changeset
|
1460 cl = self._make_client(depgrp, classname='iss', nodeid=None, |
|
261c9f913ff7
- Add explicit "Search" permissions, see Security Fix below.
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents:
4310
diff
changeset
|
1461 userid=mary, template='index') |
|
261c9f913ff7
- Add explicit "Search" permissions, see Security Fix below.
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents:
4310
diff
changeset
|
1462 h = HTMLRequest(cl) |
|
261c9f913ff7
- Add explicit "Search" permissions, see Security Fix below.
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents:
4310
diff
changeset
|
1463 self.assertEqual([x.id for x in h.batch()],['1', '2', '3']) |
|
261c9f913ff7
- Add explicit "Search" permissions, see Security Fix below.
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents:
4310
diff
changeset
|
1464 |
|
5814
bd6d41f21a5a
More extensive EditCSV testing.
John Rouillard <rouilj@ieee.org>
parents:
5805
diff
changeset
|
1465 def testEditCSVKeyword(self): |
|
4521
abd2db0a159a
Fix StringIO issue2550713:
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents:
4486
diff
changeset
|
1466 form = dict(rows='id,name\n1,newkey') |
|
abd2db0a159a
Fix StringIO issue2550713:
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents:
4486
diff
changeset
|
1467 cl = self._make_client(form, userid='1', classname='keyword') |
|
4880
ca692423e401
Different approach to fix XSS in issue2550817
Ralf Schlatterbeck <rsc@runtux.com>
parents:
4851
diff
changeset
|
1468 cl._ok_message = [] |
|
4521
abd2db0a159a
Fix StringIO issue2550713:
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents:
4486
diff
changeset
|
1469 actions.EditCSVAction(cl).handle() |
|
4880
ca692423e401
Different approach to fix XSS in issue2550817
Ralf Schlatterbeck <rsc@runtux.com>
parents:
4851
diff
changeset
|
1470 self.assertEqual(cl._ok_message, ['Items edited OK']) |
|
4521
abd2db0a159a
Fix StringIO issue2550713:
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents:
4486
diff
changeset
|
1471 k = self.db.keyword.getnode('1') |
|
abd2db0a159a
Fix StringIO issue2550713:
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents:
4486
diff
changeset
|
1472 self.assertEqual(k.name, 'newkey') |
|
5484
ca8050fa5e78
fixed string encoding in test case
Christof Meerwald <cmeerw@cmeerw.org>
parents:
5472
diff
changeset
|
1473 form = dict(rows=u2s(u'id,name\n1,\xe4\xf6\xfc')) |
|
4521
abd2db0a159a
Fix StringIO issue2550713:
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents:
4486
diff
changeset
|
1474 cl = self._make_client(form, userid='1', classname='keyword') |
|
4880
ca692423e401
Different approach to fix XSS in issue2550817
Ralf Schlatterbeck <rsc@runtux.com>
parents:
4851
diff
changeset
|
1475 cl._ok_message = [] |
|
4521
abd2db0a159a
Fix StringIO issue2550713:
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents:
4486
diff
changeset
|
1476 actions.EditCSVAction(cl).handle() |
|
4880
ca692423e401
Different approach to fix XSS in issue2550817
Ralf Schlatterbeck <rsc@runtux.com>
parents:
4851
diff
changeset
|
1477 self.assertEqual(cl._ok_message, ['Items edited OK']) |
|
4521
abd2db0a159a
Fix StringIO issue2550713:
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents:
4486
diff
changeset
|
1478 k = self.db.keyword.getnode('1') |
|
5484
ca8050fa5e78
fixed string encoding in test case
Christof Meerwald <cmeerw@cmeerw.org>
parents:
5472
diff
changeset
|
1479 self.assertEqual(k.name, u2s(u'\xe4\xf6\xfc')) |
|
6435
ada96db8ec62
Ignore blank lines when editing class via CSV
John Rouillard <rouilj@ieee.org>
parents:
6382
diff
changeset
|
1480 form = dict(rows='id,name\n1,newkey\n\n2,newerkey\n\n') |
|
ada96db8ec62
Ignore blank lines when editing class via CSV
John Rouillard <rouilj@ieee.org>
parents:
6382
diff
changeset
|
1481 cl = self._make_client(form, userid='1', classname='keyword') |
|
ada96db8ec62
Ignore blank lines when editing class via CSV
John Rouillard <rouilj@ieee.org>
parents:
6382
diff
changeset
|
1482 cl._ok_message = [] |
|
ada96db8ec62
Ignore blank lines when editing class via CSV
John Rouillard <rouilj@ieee.org>
parents:
6382
diff
changeset
|
1483 actions.EditCSVAction(cl).handle() |
|
ada96db8ec62
Ignore blank lines when editing class via CSV
John Rouillard <rouilj@ieee.org>
parents:
6382
diff
changeset
|
1484 self.assertEqual(cl._ok_message, ['Items edited OK']) |
|
ada96db8ec62
Ignore blank lines when editing class via CSV
John Rouillard <rouilj@ieee.org>
parents:
6382
diff
changeset
|
1485 k = self.db.keyword.getnode('1') |
|
ada96db8ec62
Ignore blank lines when editing class via CSV
John Rouillard <rouilj@ieee.org>
parents:
6382
diff
changeset
|
1486 self.assertEqual(k.name, 'newkey') |
|
ada96db8ec62
Ignore blank lines when editing class via CSV
John Rouillard <rouilj@ieee.org>
parents:
6382
diff
changeset
|
1487 k = self.db.keyword.getnode('2') |
|
ada96db8ec62
Ignore blank lines when editing class via CSV
John Rouillard <rouilj@ieee.org>
parents:
6382
diff
changeset
|
1488 self.assertEqual(k.name, 'newerkey') |
|
4521
abd2db0a159a
Fix StringIO issue2550713:
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents:
4486
diff
changeset
|
1489 |
|
5814
bd6d41f21a5a
More extensive EditCSV testing.
John Rouillard <rouilj@ieee.org>
parents:
5805
diff
changeset
|
1490 def testEditCSVTest(self): |
|
bd6d41f21a5a
More extensive EditCSV testing.
John Rouillard <rouilj@ieee.org>
parents:
5805
diff
changeset
|
1491 |
|
bd6d41f21a5a
More extensive EditCSV testing.
John Rouillard <rouilj@ieee.org>
parents:
5805
diff
changeset
|
1492 form = dict(rows='\nid,boolean,date,interval,intval,link,messages,multilink,number,pw,string\n1,true,2019-02-10,2d,4,,,,3.4,pass,foo\n2,no,2017-02-10,1d,-9,1,,1,-2.4,poof,bar\n3,no,2017-02-10,1d,-9,2,,1:2,-2.4,ping,bar') |
|
bd6d41f21a5a
More extensive EditCSV testing.
John Rouillard <rouilj@ieee.org>
parents:
5805
diff
changeset
|
1493 cl = self._make_client(form, userid='1', classname='test') |
|
bd6d41f21a5a
More extensive EditCSV testing.
John Rouillard <rouilj@ieee.org>
parents:
5805
diff
changeset
|
1494 cl._ok_message = [] |
|
bd6d41f21a5a
More extensive EditCSV testing.
John Rouillard <rouilj@ieee.org>
parents:
5805
diff
changeset
|
1495 actions.EditCSVAction(cl).handle() |
|
bd6d41f21a5a
More extensive EditCSV testing.
John Rouillard <rouilj@ieee.org>
parents:
5805
diff
changeset
|
1496 self.assertEqual(cl._ok_message, ['Items edited OK']) |
|
bd6d41f21a5a
More extensive EditCSV testing.
John Rouillard <rouilj@ieee.org>
parents:
5805
diff
changeset
|
1497 t = self.db.test.getnode('1') |
|
bd6d41f21a5a
More extensive EditCSV testing.
John Rouillard <rouilj@ieee.org>
parents:
5805
diff
changeset
|
1498 self.assertEqual(t.string, 'foo') |
|
bd6d41f21a5a
More extensive EditCSV testing.
John Rouillard <rouilj@ieee.org>
parents:
5805
diff
changeset
|
1499 self.assertEqual(t['string'], 'foo') |
|
bd6d41f21a5a
More extensive EditCSV testing.
John Rouillard <rouilj@ieee.org>
parents:
5805
diff
changeset
|
1500 self.assertEqual(t.boolean, True) |
|
bd6d41f21a5a
More extensive EditCSV testing.
John Rouillard <rouilj@ieee.org>
parents:
5805
diff
changeset
|
1501 t = self.db.test.getnode('3') |
|
bd6d41f21a5a
More extensive EditCSV testing.
John Rouillard <rouilj@ieee.org>
parents:
5805
diff
changeset
|
1502 self.assertEqual(t.multilink, [ "1", "2" ]) |
|
bd6d41f21a5a
More extensive EditCSV testing.
John Rouillard <rouilj@ieee.org>
parents:
5805
diff
changeset
|
1503 |
|
bd6d41f21a5a
More extensive EditCSV testing.
John Rouillard <rouilj@ieee.org>
parents:
5805
diff
changeset
|
1504 # now edit existing row and delete row |
|
bd6d41f21a5a
More extensive EditCSV testing.
John Rouillard <rouilj@ieee.org>
parents:
5805
diff
changeset
|
1505 form = dict(rows='\nid,boolean,date,interval,intval,link,messages,multilink,number,pw,string\n1,false,2019-03-10,1d,3,1,,1:2,2.2,pass,bar\n2,,,,,1,,1,,,bar') |
|
bd6d41f21a5a
More extensive EditCSV testing.
John Rouillard <rouilj@ieee.org>
parents:
5805
diff
changeset
|
1506 cl = self._make_client(form, userid='1', classname='test') |
|
bd6d41f21a5a
More extensive EditCSV testing.
John Rouillard <rouilj@ieee.org>
parents:
5805
diff
changeset
|
1507 cl._ok_message = [] |
|
bd6d41f21a5a
More extensive EditCSV testing.
John Rouillard <rouilj@ieee.org>
parents:
5805
diff
changeset
|
1508 actions.EditCSVAction(cl).handle() |
|
bd6d41f21a5a
More extensive EditCSV testing.
John Rouillard <rouilj@ieee.org>
parents:
5805
diff
changeset
|
1509 self.assertEqual(cl._ok_message, ['Items edited OK']) |
|
bd6d41f21a5a
More extensive EditCSV testing.
John Rouillard <rouilj@ieee.org>
parents:
5805
diff
changeset
|
1510 t = self.db.test.getnode('1') |
|
bd6d41f21a5a
More extensive EditCSV testing.
John Rouillard <rouilj@ieee.org>
parents:
5805
diff
changeset
|
1511 self.assertEqual(t.string, 'bar') |
|
bd6d41f21a5a
More extensive EditCSV testing.
John Rouillard <rouilj@ieee.org>
parents:
5805
diff
changeset
|
1512 self.assertEqual(t['string'], 'bar') |
|
bd6d41f21a5a
More extensive EditCSV testing.
John Rouillard <rouilj@ieee.org>
parents:
5805
diff
changeset
|
1513 self.assertEqual(t.boolean, False) |
|
bd6d41f21a5a
More extensive EditCSV testing.
John Rouillard <rouilj@ieee.org>
parents:
5805
diff
changeset
|
1514 self.assertEqual(t.multilink, [ "1", "2" ]) |
|
bd6d41f21a5a
More extensive EditCSV testing.
John Rouillard <rouilj@ieee.org>
parents:
5805
diff
changeset
|
1515 self.assertEqual(t.link, "1") |
|
bd6d41f21a5a
More extensive EditCSV testing.
John Rouillard <rouilj@ieee.org>
parents:
5805
diff
changeset
|
1516 |
|
bd6d41f21a5a
More extensive EditCSV testing.
John Rouillard <rouilj@ieee.org>
parents:
5805
diff
changeset
|
1517 t = self.db.test.getnode('3') |
|
bd6d41f21a5a
More extensive EditCSV testing.
John Rouillard <rouilj@ieee.org>
parents:
5805
diff
changeset
|
1518 self.assertTrue(t.cl.is_retired('3')) |
|
bd6d41f21a5a
More extensive EditCSV testing.
John Rouillard <rouilj@ieee.org>
parents:
5805
diff
changeset
|
1519 |
|
bd6d41f21a5a
More extensive EditCSV testing.
John Rouillard <rouilj@ieee.org>
parents:
5805
diff
changeset
|
1520 |
|
bd6d41f21a5a
More extensive EditCSV testing.
John Rouillard <rouilj@ieee.org>
parents:
5805
diff
changeset
|
1521 def testEditCSVTestBadRow(self): |
|
bd6d41f21a5a
More extensive EditCSV testing.
John Rouillard <rouilj@ieee.org>
parents:
5805
diff
changeset
|
1522 form = dict(rows='\nid,boolean,date,interval,intval,link,messages,multilink,number,pw,string\n1,2019-02-10,2d,4,,,,3.4,pass,foo') |
|
bd6d41f21a5a
More extensive EditCSV testing.
John Rouillard <rouilj@ieee.org>
parents:
5805
diff
changeset
|
1523 cl = self._make_client(form, userid='1', classname='test') |
|
bd6d41f21a5a
More extensive EditCSV testing.
John Rouillard <rouilj@ieee.org>
parents:
5805
diff
changeset
|
1524 cl._ok_message = [] |
|
bd6d41f21a5a
More extensive EditCSV testing.
John Rouillard <rouilj@ieee.org>
parents:
5805
diff
changeset
|
1525 cl._error_message = [] |
|
bd6d41f21a5a
More extensive EditCSV testing.
John Rouillard <rouilj@ieee.org>
parents:
5805
diff
changeset
|
1526 actions.EditCSVAction(cl).handle() |
|
bd6d41f21a5a
More extensive EditCSV testing.
John Rouillard <rouilj@ieee.org>
parents:
5805
diff
changeset
|
1527 print(cl._error_message) |
|
bd6d41f21a5a
More extensive EditCSV testing.
John Rouillard <rouilj@ieee.org>
parents:
5805
diff
changeset
|
1528 self.assertEqual(cl._error_message, ['Not enough values on line 3']) |
|
bd6d41f21a5a
More extensive EditCSV testing.
John Rouillard <rouilj@ieee.org>
parents:
5805
diff
changeset
|
1529 |
|
5515
cd0ceb2afdb8
fixed issue2550993 and added test case
Christof Meerwald <cmeerw@cmeerw.org>
parents:
5513
diff
changeset
|
1530 def testEditCSVRestore(self): |
|
cd0ceb2afdb8
fixed issue2550993 and added test case
Christof Meerwald <cmeerw@cmeerw.org>
parents:
5513
diff
changeset
|
1531 form = dict(rows='id,name\n1,key1\n2,key2') |
|
cd0ceb2afdb8
fixed issue2550993 and added test case
Christof Meerwald <cmeerw@cmeerw.org>
parents:
5513
diff
changeset
|
1532 cl = self._make_client(form, userid='1', classname='keyword') |
|
cd0ceb2afdb8
fixed issue2550993 and added test case
Christof Meerwald <cmeerw@cmeerw.org>
parents:
5513
diff
changeset
|
1533 cl._ok_message = [] |
|
cd0ceb2afdb8
fixed issue2550993 and added test case
Christof Meerwald <cmeerw@cmeerw.org>
parents:
5513
diff
changeset
|
1534 actions.EditCSVAction(cl).handle() |
|
cd0ceb2afdb8
fixed issue2550993 and added test case
Christof Meerwald <cmeerw@cmeerw.org>
parents:
5513
diff
changeset
|
1535 self.assertEqual(cl._ok_message, ['Items edited OK']) |
|
cd0ceb2afdb8
fixed issue2550993 and added test case
Christof Meerwald <cmeerw@cmeerw.org>
parents:
5513
diff
changeset
|
1536 k = self.db.keyword.getnode('1') |
|
cd0ceb2afdb8
fixed issue2550993 and added test case
Christof Meerwald <cmeerw@cmeerw.org>
parents:
5513
diff
changeset
|
1537 self.assertEqual(k.name, 'key1') |
|
cd0ceb2afdb8
fixed issue2550993 and added test case
Christof Meerwald <cmeerw@cmeerw.org>
parents:
5513
diff
changeset
|
1538 k = self.db.keyword.getnode('2') |
|
cd0ceb2afdb8
fixed issue2550993 and added test case
Christof Meerwald <cmeerw@cmeerw.org>
parents:
5513
diff
changeset
|
1539 self.assertEqual(k.name, 'key2') |
|
cd0ceb2afdb8
fixed issue2550993 and added test case
Christof Meerwald <cmeerw@cmeerw.org>
parents:
5513
diff
changeset
|
1540 |
|
cd0ceb2afdb8
fixed issue2550993 and added test case
Christof Meerwald <cmeerw@cmeerw.org>
parents:
5513
diff
changeset
|
1541 form = dict(rows='id,name\n1,key1') |
|
cd0ceb2afdb8
fixed issue2550993 and added test case
Christof Meerwald <cmeerw@cmeerw.org>
parents:
5513
diff
changeset
|
1542 cl = self._make_client(form, userid='1', classname='keyword') |
|
cd0ceb2afdb8
fixed issue2550993 and added test case
Christof Meerwald <cmeerw@cmeerw.org>
parents:
5513
diff
changeset
|
1543 cl._ok_message = [] |
|
cd0ceb2afdb8
fixed issue2550993 and added test case
Christof Meerwald <cmeerw@cmeerw.org>
parents:
5513
diff
changeset
|
1544 actions.EditCSVAction(cl).handle() |
|
cd0ceb2afdb8
fixed issue2550993 and added test case
Christof Meerwald <cmeerw@cmeerw.org>
parents:
5513
diff
changeset
|
1545 self.assertEqual(cl._ok_message, ['Items edited OK']) |
|
cd0ceb2afdb8
fixed issue2550993 and added test case
Christof Meerwald <cmeerw@cmeerw.org>
parents:
5513
diff
changeset
|
1546 k = self.db.keyword.getnode('1') |
|
cd0ceb2afdb8
fixed issue2550993 and added test case
Christof Meerwald <cmeerw@cmeerw.org>
parents:
5513
diff
changeset
|
1547 self.assertEqual(k.name, 'key1') |
|
cd0ceb2afdb8
fixed issue2550993 and added test case
Christof Meerwald <cmeerw@cmeerw.org>
parents:
5513
diff
changeset
|
1548 self.assertEqual(self.db.keyword.is_retired('2'), True) |
|
cd0ceb2afdb8
fixed issue2550993 and added test case
Christof Meerwald <cmeerw@cmeerw.org>
parents:
5513
diff
changeset
|
1549 |
|
cd0ceb2afdb8
fixed issue2550993 and added test case
Christof Meerwald <cmeerw@cmeerw.org>
parents:
5513
diff
changeset
|
1550 form = dict(rows='id,name\n1,newkey1\n2,newkey2') |
|
cd0ceb2afdb8
fixed issue2550993 and added test case
Christof Meerwald <cmeerw@cmeerw.org>
parents:
5513
diff
changeset
|
1551 cl = self._make_client(form, userid='1', classname='keyword') |
|
cd0ceb2afdb8
fixed issue2550993 and added test case
Christof Meerwald <cmeerw@cmeerw.org>
parents:
5513
diff
changeset
|
1552 cl._ok_message = [] |
|
cd0ceb2afdb8
fixed issue2550993 and added test case
Christof Meerwald <cmeerw@cmeerw.org>
parents:
5513
diff
changeset
|
1553 actions.EditCSVAction(cl).handle() |
|
cd0ceb2afdb8
fixed issue2550993 and added test case
Christof Meerwald <cmeerw@cmeerw.org>
parents:
5513
diff
changeset
|
1554 self.assertEqual(cl._ok_message, ['Items edited OK']) |
|
cd0ceb2afdb8
fixed issue2550993 and added test case
Christof Meerwald <cmeerw@cmeerw.org>
parents:
5513
diff
changeset
|
1555 k = self.db.keyword.getnode('1') |
|
cd0ceb2afdb8
fixed issue2550993 and added test case
Christof Meerwald <cmeerw@cmeerw.org>
parents:
5513
diff
changeset
|
1556 self.assertEqual(k.name, 'newkey1') |
|
cd0ceb2afdb8
fixed issue2550993 and added test case
Christof Meerwald <cmeerw@cmeerw.org>
parents:
5513
diff
changeset
|
1557 k = self.db.keyword.getnode('2') |
|
cd0ceb2afdb8
fixed issue2550993 and added test case
Christof Meerwald <cmeerw@cmeerw.org>
parents:
5513
diff
changeset
|
1558 self.assertEqual(k.name, 'newkey2') |
|
cd0ceb2afdb8
fixed issue2550993 and added test case
Christof Meerwald <cmeerw@cmeerw.org>
parents:
5513
diff
changeset
|
1559 |
|
5976
71c68961d9f4
- issue2550920 - Optionally detect duplicate username at registration.
John Rouillard <rouilj@ieee.org>
parents:
5973
diff
changeset
|
1560 def testRegisterActionDelay(self): |
|
5973
fe334430ca07
issue2550919 - Anti-bot signup using 4 second delay
John Rouillard <rouilj@ieee.org>
parents:
5924
diff
changeset
|
1561 from roundup.cgi.timestamp import pack_timestamp |
|
fe334430ca07
issue2550919 - Anti-bot signup using 4 second delay
John Rouillard <rouilj@ieee.org>
parents:
5924
diff
changeset
|
1562 |
|
fe334430ca07
issue2550919 - Anti-bot signup using 4 second delay
John Rouillard <rouilj@ieee.org>
parents:
5924
diff
changeset
|
1563 # need to set SENDMAILDEBUG to prevent |
|
fe334430ca07
issue2550919 - Anti-bot signup using 4 second delay
John Rouillard <rouilj@ieee.org>
parents:
5924
diff
changeset
|
1564 # downstream issue when email is sent on successful |
|
fe334430ca07
issue2550919 - Anti-bot signup using 4 second delay
John Rouillard <rouilj@ieee.org>
parents:
5924
diff
changeset
|
1565 # issue creation. Also delete the file afterwards |
|
fe334430ca07
issue2550919 - Anti-bot signup using 4 second delay
John Rouillard <rouilj@ieee.org>
parents:
5924
diff
changeset
|
1566 # just tomake sure that someother test looking for |
|
fe334430ca07
issue2550919 - Anti-bot signup using 4 second delay
John Rouillard <rouilj@ieee.org>
parents:
5924
diff
changeset
|
1567 # SENDMAILDEBUG won't trip over ours. |
|
fe334430ca07
issue2550919 - Anti-bot signup using 4 second delay
John Rouillard <rouilj@ieee.org>
parents:
5924
diff
changeset
|
1568 if 'SENDMAILDEBUG' not in os.environ: |
|
fe334430ca07
issue2550919 - Anti-bot signup using 4 second delay
John Rouillard <rouilj@ieee.org>
parents:
5924
diff
changeset
|
1569 os.environ['SENDMAILDEBUG'] = 'mail-test1.log' |
|
fe334430ca07
issue2550919 - Anti-bot signup using 4 second delay
John Rouillard <rouilj@ieee.org>
parents:
5924
diff
changeset
|
1570 SENDMAILDEBUG = os.environ['SENDMAILDEBUG'] |
|
fe334430ca07
issue2550919 - Anti-bot signup using 4 second delay
John Rouillard <rouilj@ieee.org>
parents:
5924
diff
changeset
|
1571 |
|
fe334430ca07
issue2550919 - Anti-bot signup using 4 second delay
John Rouillard <rouilj@ieee.org>
parents:
5924
diff
changeset
|
1572 |
|
fe334430ca07
issue2550919 - Anti-bot signup using 4 second delay
John Rouillard <rouilj@ieee.org>
parents:
5924
diff
changeset
|
1573 # missing opaqueregister |
|
fe334430ca07
issue2550919 - Anti-bot signup using 4 second delay
John Rouillard <rouilj@ieee.org>
parents:
5924
diff
changeset
|
1574 cl = self._make_client({'username':'new_user1', 'password':'secret', |
|
fe334430ca07
issue2550919 - Anti-bot signup using 4 second delay
John Rouillard <rouilj@ieee.org>
parents:
5924
diff
changeset
|
1575 '@confirm@password':'secret', 'address':'new_user@bork.bork'}, |
|
fe334430ca07
issue2550919 - Anti-bot signup using 4 second delay
John Rouillard <rouilj@ieee.org>
parents:
5924
diff
changeset
|
1576 nodeid=None, userid='2') |
|
fe334430ca07
issue2550919 - Anti-bot signup using 4 second delay
John Rouillard <rouilj@ieee.org>
parents:
5924
diff
changeset
|
1577 with self.assertRaises(FormError) as cm: |
|
fe334430ca07
issue2550919 - Anti-bot signup using 4 second delay
John Rouillard <rouilj@ieee.org>
parents:
5924
diff
changeset
|
1578 actions.RegisterAction(cl).handle() |
|
fe334430ca07
issue2550919 - Anti-bot signup using 4 second delay
John Rouillard <rouilj@ieee.org>
parents:
5924
diff
changeset
|
1579 self.assertEqual(cm.exception.args, |
|
fe334430ca07
issue2550919 - Anti-bot signup using 4 second delay
John Rouillard <rouilj@ieee.org>
parents:
5924
diff
changeset
|
1580 ('Form is corrupted, missing: opaqueregister.',)) |
|
fe334430ca07
issue2550919 - Anti-bot signup using 4 second delay
John Rouillard <rouilj@ieee.org>
parents:
5924
diff
changeset
|
1581 |
|
fe334430ca07
issue2550919 - Anti-bot signup using 4 second delay
John Rouillard <rouilj@ieee.org>
parents:
5924
diff
changeset
|
1582 # broken/invalid opaqueregister |
|
fe334430ca07
issue2550919 - Anti-bot signup using 4 second delay
John Rouillard <rouilj@ieee.org>
parents:
5924
diff
changeset
|
1583 # strings chosen to generate: |
|
fe334430ca07
issue2550919 - Anti-bot signup using 4 second delay
John Rouillard <rouilj@ieee.org>
parents:
5924
diff
changeset
|
1584 # binascii.Error Incorrect padding |
|
fe334430ca07
issue2550919 - Anti-bot signup using 4 second delay
John Rouillard <rouilj@ieee.org>
parents:
5924
diff
changeset
|
1585 # struct.error requires a string argument of length 4 |
|
fe334430ca07
issue2550919 - Anti-bot signup using 4 second delay
John Rouillard <rouilj@ieee.org>
parents:
5924
diff
changeset
|
1586 cl = self._make_client({'username':'new_user1', |
|
fe334430ca07
issue2550919 - Anti-bot signup using 4 second delay
John Rouillard <rouilj@ieee.org>
parents:
5924
diff
changeset
|
1587 'password':'secret', |
|
fe334430ca07
issue2550919 - Anti-bot signup using 4 second delay
John Rouillard <rouilj@ieee.org>
parents:
5924
diff
changeset
|
1588 '@confirm@password':'secret', |
|
fe334430ca07
issue2550919 - Anti-bot signup using 4 second delay
John Rouillard <rouilj@ieee.org>
parents:
5924
diff
changeset
|
1589 'address':'new_user@bork.bork', |
|
fe334430ca07
issue2550919 - Anti-bot signup using 4 second delay
John Rouillard <rouilj@ieee.org>
parents:
5924
diff
changeset
|
1590 'opaqueregister': 'zzz' }, |
|
fe334430ca07
issue2550919 - Anti-bot signup using 4 second delay
John Rouillard <rouilj@ieee.org>
parents:
5924
diff
changeset
|
1591 nodeid=None, userid='2') |
|
fe334430ca07
issue2550919 - Anti-bot signup using 4 second delay
John Rouillard <rouilj@ieee.org>
parents:
5924
diff
changeset
|
1592 with self.assertRaises(FormError) as cm: |
|
fe334430ca07
issue2550919 - Anti-bot signup using 4 second delay
John Rouillard <rouilj@ieee.org>
parents:
5924
diff
changeset
|
1593 actions.RegisterAction(cl).handle() |
|
fe334430ca07
issue2550919 - Anti-bot signup using 4 second delay
John Rouillard <rouilj@ieee.org>
parents:
5924
diff
changeset
|
1594 self.assertEqual(cm.exception.args, ('Form is corrupted.',)) |
|
fe334430ca07
issue2550919 - Anti-bot signup using 4 second delay
John Rouillard <rouilj@ieee.org>
parents:
5924
diff
changeset
|
1595 |
|
fe334430ca07
issue2550919 - Anti-bot signup using 4 second delay
John Rouillard <rouilj@ieee.org>
parents:
5924
diff
changeset
|
1596 cl = self._make_client({'username':'new_user1', |
|
fe334430ca07
issue2550919 - Anti-bot signup using 4 second delay
John Rouillard <rouilj@ieee.org>
parents:
5924
diff
changeset
|
1597 'password':'secret', |
|
fe334430ca07
issue2550919 - Anti-bot signup using 4 second delay
John Rouillard <rouilj@ieee.org>
parents:
5924
diff
changeset
|
1598 '@confirm@password':'secret', |
|
fe334430ca07
issue2550919 - Anti-bot signup using 4 second delay
John Rouillard <rouilj@ieee.org>
parents:
5924
diff
changeset
|
1599 'address':'new_user@bork.bork', |
|
fe334430ca07
issue2550919 - Anti-bot signup using 4 second delay
John Rouillard <rouilj@ieee.org>
parents:
5924
diff
changeset
|
1600 'opaqueregister': 'xyzzyzl=' }, |
|
fe334430ca07
issue2550919 - Anti-bot signup using 4 second delay
John Rouillard <rouilj@ieee.org>
parents:
5924
diff
changeset
|
1601 nodeid=None, userid='2') |
|
fe334430ca07
issue2550919 - Anti-bot signup using 4 second delay
John Rouillard <rouilj@ieee.org>
parents:
5924
diff
changeset
|
1602 with self.assertRaises(FormError) as cm: |
|
fe334430ca07
issue2550919 - Anti-bot signup using 4 second delay
John Rouillard <rouilj@ieee.org>
parents:
5924
diff
changeset
|
1603 actions.RegisterAction(cl).handle() |
|
fe334430ca07
issue2550919 - Anti-bot signup using 4 second delay
John Rouillard <rouilj@ieee.org>
parents:
5924
diff
changeset
|
1604 self.assertEqual(cm.exception.args, ('Form is corrupted.',)) |
|
fe334430ca07
issue2550919 - Anti-bot signup using 4 second delay
John Rouillard <rouilj@ieee.org>
parents:
5924
diff
changeset
|
1605 |
|
fe334430ca07
issue2550919 - Anti-bot signup using 4 second delay
John Rouillard <rouilj@ieee.org>
parents:
5924
diff
changeset
|
1606 # valid opaqueregister |
|
fe334430ca07
issue2550919 - Anti-bot signup using 4 second delay
John Rouillard <rouilj@ieee.org>
parents:
5924
diff
changeset
|
1607 cl = self._make_client({'username':'new_user1', 'password':'secret', |
|
fe334430ca07
issue2550919 - Anti-bot signup using 4 second delay
John Rouillard <rouilj@ieee.org>
parents:
5924
diff
changeset
|
1608 '@confirm@password':'secret', 'address':'new_user@bork.bork', |
|
fe334430ca07
issue2550919 - Anti-bot signup using 4 second delay
John Rouillard <rouilj@ieee.org>
parents:
5924
diff
changeset
|
1609 'opaqueregister': pack_timestamp() }, |
|
fe334430ca07
issue2550919 - Anti-bot signup using 4 second delay
John Rouillard <rouilj@ieee.org>
parents:
5924
diff
changeset
|
1610 nodeid=None, userid='2') |
|
fe334430ca07
issue2550919 - Anti-bot signup using 4 second delay
John Rouillard <rouilj@ieee.org>
parents:
5924
diff
changeset
|
1611 # submitted too fast, so raises error |
|
fe334430ca07
issue2550919 - Anti-bot signup using 4 second delay
John Rouillard <rouilj@ieee.org>
parents:
5924
diff
changeset
|
1612 with self.assertRaises(FormError) as cm: |
|
fe334430ca07
issue2550919 - Anti-bot signup using 4 second delay
John Rouillard <rouilj@ieee.org>
parents:
5924
diff
changeset
|
1613 actions.RegisterAction(cl).handle() |
|
fe334430ca07
issue2550919 - Anti-bot signup using 4 second delay
John Rouillard <rouilj@ieee.org>
parents:
5924
diff
changeset
|
1614 self.assertEqual(cm.exception.args, |
|
fe334430ca07
issue2550919 - Anti-bot signup using 4 second delay
John Rouillard <rouilj@ieee.org>
parents:
5924
diff
changeset
|
1615 ('Responding to form too quickly.',)) |
|
fe334430ca07
issue2550919 - Anti-bot signup using 4 second delay
John Rouillard <rouilj@ieee.org>
parents:
5924
diff
changeset
|
1616 |
|
fe334430ca07
issue2550919 - Anti-bot signup using 4 second delay
John Rouillard <rouilj@ieee.org>
parents:
5924
diff
changeset
|
1617 sleep(4.1) # sleep as requested so submit will take long enough |
|
fe334430ca07
issue2550919 - Anti-bot signup using 4 second delay
John Rouillard <rouilj@ieee.org>
parents:
5924
diff
changeset
|
1618 self.assertRaises(Redirect, actions.RegisterAction(cl).handle) |
|
fe334430ca07
issue2550919 - Anti-bot signup using 4 second delay
John Rouillard <rouilj@ieee.org>
parents:
5924
diff
changeset
|
1619 |
|
fe334430ca07
issue2550919 - Anti-bot signup using 4 second delay
John Rouillard <rouilj@ieee.org>
parents:
5924
diff
changeset
|
1620 # FIXME check that email output makes sense at some point |
|
fe334430ca07
issue2550919 - Anti-bot signup using 4 second delay
John Rouillard <rouilj@ieee.org>
parents:
5924
diff
changeset
|
1621 |
|
fe334430ca07
issue2550919 - Anti-bot signup using 4 second delay
John Rouillard <rouilj@ieee.org>
parents:
5924
diff
changeset
|
1622 # clean up from email log |
|
fe334430ca07
issue2550919 - Anti-bot signup using 4 second delay
John Rouillard <rouilj@ieee.org>
parents:
5924
diff
changeset
|
1623 if os.path.exists(SENDMAILDEBUG): |
|
fe334430ca07
issue2550919 - Anti-bot signup using 4 second delay
John Rouillard <rouilj@ieee.org>
parents:
5924
diff
changeset
|
1624 os.remove(SENDMAILDEBUG) |
|
fe334430ca07
issue2550919 - Anti-bot signup using 4 second delay
John Rouillard <rouilj@ieee.org>
parents:
5924
diff
changeset
|
1625 |
|
5976
71c68961d9f4
- issue2550920 - Optionally detect duplicate username at registration.
John Rouillard <rouilj@ieee.org>
parents:
5973
diff
changeset
|
1626 def testRegisterActionUnusedUserCheck(self): |
|
71c68961d9f4
- issue2550920 - Optionally detect duplicate username at registration.
John Rouillard <rouilj@ieee.org>
parents:
5973
diff
changeset
|
1627 # need to set SENDMAILDEBUG to prevent |
|
71c68961d9f4
- issue2550920 - Optionally detect duplicate username at registration.
John Rouillard <rouilj@ieee.org>
parents:
5973
diff
changeset
|
1628 # downstream issue when email is sent on successful |
|
71c68961d9f4
- issue2550920 - Optionally detect duplicate username at registration.
John Rouillard <rouilj@ieee.org>
parents:
5973
diff
changeset
|
1629 # issue creation. Also delete the file afterwards |
|
71c68961d9f4
- issue2550920 - Optionally detect duplicate username at registration.
John Rouillard <rouilj@ieee.org>
parents:
5973
diff
changeset
|
1630 # just tomake sure that someother test looking for |
|
71c68961d9f4
- issue2550920 - Optionally detect duplicate username at registration.
John Rouillard <rouilj@ieee.org>
parents:
5973
diff
changeset
|
1631 # SENDMAILDEBUG won't trip over ours. |
|
71c68961d9f4
- issue2550920 - Optionally detect duplicate username at registration.
John Rouillard <rouilj@ieee.org>
parents:
5973
diff
changeset
|
1632 if 'SENDMAILDEBUG' not in os.environ: |
|
71c68961d9f4
- issue2550920 - Optionally detect duplicate username at registration.
John Rouillard <rouilj@ieee.org>
parents:
5973
diff
changeset
|
1633 os.environ['SENDMAILDEBUG'] = 'mail-test1.log' |
|
71c68961d9f4
- issue2550920 - Optionally detect duplicate username at registration.
John Rouillard <rouilj@ieee.org>
parents:
5973
diff
changeset
|
1634 SENDMAILDEBUG = os.environ['SENDMAILDEBUG'] |
|
71c68961d9f4
- issue2550920 - Optionally detect duplicate username at registration.
John Rouillard <rouilj@ieee.org>
parents:
5973
diff
changeset
|
1635 |
|
71c68961d9f4
- issue2550920 - Optionally detect duplicate username at registration.
John Rouillard <rouilj@ieee.org>
parents:
5973
diff
changeset
|
1636 nodeid = self.db.user.create(username='iexist', |
|
71c68961d9f4
- issue2550920 - Optionally detect duplicate username at registration.
John Rouillard <rouilj@ieee.org>
parents:
5973
diff
changeset
|
1637 password=password.Password('foo')) |
|
71c68961d9f4
- issue2550920 - Optionally detect duplicate username at registration.
John Rouillard <rouilj@ieee.org>
parents:
5973
diff
changeset
|
1638 |
|
71c68961d9f4
- issue2550920 - Optionally detect duplicate username at registration.
John Rouillard <rouilj@ieee.org>
parents:
5973
diff
changeset
|
1639 # enable check and remove delay time |
|
71c68961d9f4
- issue2550920 - Optionally detect duplicate username at registration.
John Rouillard <rouilj@ieee.org>
parents:
5973
diff
changeset
|
1640 self.db.config.WEB_REGISTRATION_PREVALIDATE_USERNAME = 1 |
|
71c68961d9f4
- issue2550920 - Optionally detect duplicate username at registration.
John Rouillard <rouilj@ieee.org>
parents:
5973
diff
changeset
|
1641 self.db.config.WEB_REGISTRATION_DELAY = 0 |
|
71c68961d9f4
- issue2550920 - Optionally detect duplicate username at registration.
John Rouillard <rouilj@ieee.org>
parents:
5973
diff
changeset
|
1642 |
|
71c68961d9f4
- issue2550920 - Optionally detect duplicate username at registration.
John Rouillard <rouilj@ieee.org>
parents:
5973
diff
changeset
|
1643 # Make a request with existing user. Use iexist. |
|
71c68961d9f4
- issue2550920 - Optionally detect duplicate username at registration.
John Rouillard <rouilj@ieee.org>
parents:
5973
diff
changeset
|
1644 # do not need opaqueregister as we have disabled the delay check |
|
71c68961d9f4
- issue2550920 - Optionally detect duplicate username at registration.
John Rouillard <rouilj@ieee.org>
parents:
5973
diff
changeset
|
1645 cl = self._make_client({'username':'iexist', 'password':'secret', |
|
71c68961d9f4
- issue2550920 - Optionally detect duplicate username at registration.
John Rouillard <rouilj@ieee.org>
parents:
5973
diff
changeset
|
1646 '@confirm@password':'secret', 'address':'iexist@bork.bork'}, |
|
71c68961d9f4
- issue2550920 - Optionally detect duplicate username at registration.
John Rouillard <rouilj@ieee.org>
parents:
5973
diff
changeset
|
1647 nodeid=None, userid='2') |
|
71c68961d9f4
- issue2550920 - Optionally detect duplicate username at registration.
John Rouillard <rouilj@ieee.org>
parents:
5973
diff
changeset
|
1648 with self.assertRaises(Reject) as cm: |
|
71c68961d9f4
- issue2550920 - Optionally detect duplicate username at registration.
John Rouillard <rouilj@ieee.org>
parents:
5973
diff
changeset
|
1649 actions.RegisterAction(cl).handle() |
|
71c68961d9f4
- issue2550920 - Optionally detect duplicate username at registration.
John Rouillard <rouilj@ieee.org>
parents:
5973
diff
changeset
|
1650 self.assertEqual(cm.exception.args, |
|
71c68961d9f4
- issue2550920 - Optionally detect duplicate username at registration.
John Rouillard <rouilj@ieee.org>
parents:
5973
diff
changeset
|
1651 ("Username 'iexist' is already used.",)) |
|
71c68961d9f4
- issue2550920 - Optionally detect duplicate username at registration.
John Rouillard <rouilj@ieee.org>
parents:
5973
diff
changeset
|
1652 |
|
71c68961d9f4
- issue2550920 - Optionally detect duplicate username at registration.
John Rouillard <rouilj@ieee.org>
parents:
5973
diff
changeset
|
1653 cl = self._make_client({'username':'i-do@not.exist', |
|
71c68961d9f4
- issue2550920 - Optionally detect duplicate username at registration.
John Rouillard <rouilj@ieee.org>
parents:
5973
diff
changeset
|
1654 'password':'secret', |
|
71c68961d9f4
- issue2550920 - Optionally detect duplicate username at registration.
John Rouillard <rouilj@ieee.org>
parents:
5973
diff
changeset
|
1655 '@confirm@password':'secret', 'address':'iexist@bork.bork'}, |
|
71c68961d9f4
- issue2550920 - Optionally detect duplicate username at registration.
John Rouillard <rouilj@ieee.org>
parents:
5973
diff
changeset
|
1656 nodeid=None, userid='2') |
|
71c68961d9f4
- issue2550920 - Optionally detect duplicate username at registration.
John Rouillard <rouilj@ieee.org>
parents:
5973
diff
changeset
|
1657 self.assertRaises(Redirect, actions.RegisterAction(cl).handle) |
|
71c68961d9f4
- issue2550920 - Optionally detect duplicate username at registration.
John Rouillard <rouilj@ieee.org>
parents:
5973
diff
changeset
|
1658 |
|
5978
fefdf5f97c50
Clean up SENDMAILDEBUG in test case.
John Rouillard <rouilj@ieee.org>
parents:
5976
diff
changeset
|
1659 # clean up from email log |
|
fefdf5f97c50
Clean up SENDMAILDEBUG in test case.
John Rouillard <rouilj@ieee.org>
parents:
5976
diff
changeset
|
1660 if os.path.exists(SENDMAILDEBUG): |
|
fefdf5f97c50
Clean up SENDMAILDEBUG in test case.
John Rouillard <rouilj@ieee.org>
parents:
5976
diff
changeset
|
1661 os.remove(SENDMAILDEBUG) |
|
5976
71c68961d9f4
- issue2550920 - Optionally detect duplicate username at registration.
John Rouillard <rouilj@ieee.org>
parents:
5973
diff
changeset
|
1662 |
|
5231
8743b7226dc7
Fix issue with retreiving raw template files using the @@file mechanism.
John Rouillard <rouilj@ieee.org>
parents:
5220
diff
changeset
|
1663 def testserve_static_files(self): |
|
8743b7226dc7
Fix issue with retreiving raw template files using the @@file mechanism.
John Rouillard <rouilj@ieee.org>
parents:
5220
diff
changeset
|
1664 # make a client instance |
|
8743b7226dc7
Fix issue with retreiving raw template files using the @@file mechanism.
John Rouillard <rouilj@ieee.org>
parents:
5220
diff
changeset
|
1665 cl = self._make_client({}) |
|
8743b7226dc7
Fix issue with retreiving raw template files using the @@file mechanism.
John Rouillard <rouilj@ieee.org>
parents:
5220
diff
changeset
|
1666 |
|
8743b7226dc7
Fix issue with retreiving raw template files using the @@file mechanism.
John Rouillard <rouilj@ieee.org>
parents:
5220
diff
changeset
|
1667 # hijack _serve_file so I can see what is found |
|
8743b7226dc7
Fix issue with retreiving raw template files using the @@file mechanism.
John Rouillard <rouilj@ieee.org>
parents:
5220
diff
changeset
|
1668 output = [] |
|
8743b7226dc7
Fix issue with retreiving raw template files using the @@file mechanism.
John Rouillard <rouilj@ieee.org>
parents:
5220
diff
changeset
|
1669 def my_serve_file(a, b, c, d): |
|
8743b7226dc7
Fix issue with retreiving raw template files using the @@file mechanism.
John Rouillard <rouilj@ieee.org>
parents:
5220
diff
changeset
|
1670 output.append((a,b,c,d)) |
|
8743b7226dc7
Fix issue with retreiving raw template files using the @@file mechanism.
John Rouillard <rouilj@ieee.org>
parents:
5220
diff
changeset
|
1671 cl._serve_file = my_serve_file |
|
8743b7226dc7
Fix issue with retreiving raw template files using the @@file mechanism.
John Rouillard <rouilj@ieee.org>
parents:
5220
diff
changeset
|
1672 |
|
8743b7226dc7
Fix issue with retreiving raw template files using the @@file mechanism.
John Rouillard <rouilj@ieee.org>
parents:
5220
diff
changeset
|
1673 # check case where file is not found. |
|
8743b7226dc7
Fix issue with retreiving raw template files using the @@file mechanism.
John Rouillard <rouilj@ieee.org>
parents:
5220
diff
changeset
|
1674 self.assertRaises(NotFound, |
|
8743b7226dc7
Fix issue with retreiving raw template files using the @@file mechanism.
John Rouillard <rouilj@ieee.org>
parents:
5220
diff
changeset
|
1675 cl.serve_static_file,"missing.css") |
|
8743b7226dc7
Fix issue with retreiving raw template files using the @@file mechanism.
John Rouillard <rouilj@ieee.org>
parents:
5220
diff
changeset
|
1676 |
|
8743b7226dc7
Fix issue with retreiving raw template files using the @@file mechanism.
John Rouillard <rouilj@ieee.org>
parents:
5220
diff
changeset
|
1677 # TEMPLATES dir is searched by default. So this file exists. |
|
8743b7226dc7
Fix issue with retreiving raw template files using the @@file mechanism.
John Rouillard <rouilj@ieee.org>
parents:
5220
diff
changeset
|
1678 # Check the returned values. |
|
8743b7226dc7
Fix issue with retreiving raw template files using the @@file mechanism.
John Rouillard <rouilj@ieee.org>
parents:
5220
diff
changeset
|
1679 cl.serve_static_file("issue.index.html") |
|
5786
68b0c1767b50
Replace assertEquals (depricated) with assertEqual.
John Rouillard <rouilj@ieee.org>
parents:
5771
diff
changeset
|
1680 self.assertEqual(output[0][1], "text/html") |
|
68b0c1767b50
Replace assertEquals (depricated) with assertEqual.
John Rouillard <rouilj@ieee.org>
parents:
5771
diff
changeset
|
1681 self.assertEqual(output[0][3], "_test_cgi_form/html/issue.index.html") |
|
5231
8743b7226dc7
Fix issue with retreiving raw template files using the @@file mechanism.
John Rouillard <rouilj@ieee.org>
parents:
5220
diff
changeset
|
1682 del output[0] # reset output buffer |
|
8743b7226dc7
Fix issue with retreiving raw template files using the @@file mechanism.
John Rouillard <rouilj@ieee.org>
parents:
5220
diff
changeset
|
1683 |
|
8743b7226dc7
Fix issue with retreiving raw template files using the @@file mechanism.
John Rouillard <rouilj@ieee.org>
parents:
5220
diff
changeset
|
1684 # stop searching TEMPLATES for the files. |
|
8743b7226dc7
Fix issue with retreiving raw template files using the @@file mechanism.
John Rouillard <rouilj@ieee.org>
parents:
5220
diff
changeset
|
1685 cl.instance.config['STATIC_FILES'] = '-' |
|
8743b7226dc7
Fix issue with retreiving raw template files using the @@file mechanism.
John Rouillard <rouilj@ieee.org>
parents:
5220
diff
changeset
|
1686 # previously found file should not be found |
|
8743b7226dc7
Fix issue with retreiving raw template files using the @@file mechanism.
John Rouillard <rouilj@ieee.org>
parents:
5220
diff
changeset
|
1687 self.assertRaises(NotFound, |
|
8743b7226dc7
Fix issue with retreiving raw template files using the @@file mechanism.
John Rouillard <rouilj@ieee.org>
parents:
5220
diff
changeset
|
1688 cl.serve_static_file,"issue.index.html") |
|
8743b7226dc7
Fix issue with retreiving raw template files using the @@file mechanism.
John Rouillard <rouilj@ieee.org>
parents:
5220
diff
changeset
|
1689 |
|
8743b7226dc7
Fix issue with retreiving raw template files using the @@file mechanism.
John Rouillard <rouilj@ieee.org>
parents:
5220
diff
changeset
|
1690 # explicitly allow html directory |
|
8743b7226dc7
Fix issue with retreiving raw template files using the @@file mechanism.
John Rouillard <rouilj@ieee.org>
parents:
5220
diff
changeset
|
1691 cl.instance.config['STATIC_FILES'] = 'html -' |
|
8743b7226dc7
Fix issue with retreiving raw template files using the @@file mechanism.
John Rouillard <rouilj@ieee.org>
parents:
5220
diff
changeset
|
1692 cl.serve_static_file("issue.index.html") |
|
5786
68b0c1767b50
Replace assertEquals (depricated) with assertEqual.
John Rouillard <rouilj@ieee.org>
parents:
5771
diff
changeset
|
1693 self.assertEqual(output[0][1], "text/html") |
|
68b0c1767b50
Replace assertEquals (depricated) with assertEqual.
John Rouillard <rouilj@ieee.org>
parents:
5771
diff
changeset
|
1694 self.assertEqual(output[0][3], "_test_cgi_form/html/issue.index.html") |
|
5231
8743b7226dc7
Fix issue with retreiving raw template files using the @@file mechanism.
John Rouillard <rouilj@ieee.org>
parents:
5220
diff
changeset
|
1695 del output[0] # reset output buffer |
|
8743b7226dc7
Fix issue with retreiving raw template files using the @@file mechanism.
John Rouillard <rouilj@ieee.org>
parents:
5220
diff
changeset
|
1696 |
|
8743b7226dc7
Fix issue with retreiving raw template files using the @@file mechanism.
John Rouillard <rouilj@ieee.org>
parents:
5220
diff
changeset
|
1697 # set the list of files and do not look at the templates directory |
|
8743b7226dc7
Fix issue with retreiving raw template files using the @@file mechanism.
John Rouillard <rouilj@ieee.org>
parents:
5220
diff
changeset
|
1698 cl.instance.config['STATIC_FILES'] = 'detectors extensions - ' |
|
8743b7226dc7
Fix issue with retreiving raw template files using the @@file mechanism.
John Rouillard <rouilj@ieee.org>
parents:
5220
diff
changeset
|
1699 |
|
8743b7226dc7
Fix issue with retreiving raw template files using the @@file mechanism.
John Rouillard <rouilj@ieee.org>
parents:
5220
diff
changeset
|
1700 # find file in first directory |
|
8743b7226dc7
Fix issue with retreiving raw template files using the @@file mechanism.
John Rouillard <rouilj@ieee.org>
parents:
5220
diff
changeset
|
1701 cl.serve_static_file("messagesummary.py") |
|
5786
68b0c1767b50
Replace assertEquals (depricated) with assertEqual.
John Rouillard <rouilj@ieee.org>
parents:
5771
diff
changeset
|
1702 self.assertEqual(output[0][1], "text/x-python") |
|
68b0c1767b50
Replace assertEquals (depricated) with assertEqual.
John Rouillard <rouilj@ieee.org>
parents:
5771
diff
changeset
|
1703 self.assertEqual(output[0][3], "_test_cgi_form/detectors/messagesummary.py") |
|
5231
8743b7226dc7
Fix issue with retreiving raw template files using the @@file mechanism.
John Rouillard <rouilj@ieee.org>
parents:
5220
diff
changeset
|
1704 del output[0] # reset output buffer |
|
8743b7226dc7
Fix issue with retreiving raw template files using the @@file mechanism.
John Rouillard <rouilj@ieee.org>
parents:
5220
diff
changeset
|
1705 |
|
8743b7226dc7
Fix issue with retreiving raw template files using the @@file mechanism.
John Rouillard <rouilj@ieee.org>
parents:
5220
diff
changeset
|
1706 # find file in second directory |
|
8743b7226dc7
Fix issue with retreiving raw template files using the @@file mechanism.
John Rouillard <rouilj@ieee.org>
parents:
5220
diff
changeset
|
1707 cl.serve_static_file("README.txt") |
|
5786
68b0c1767b50
Replace assertEquals (depricated) with assertEqual.
John Rouillard <rouilj@ieee.org>
parents:
5771
diff
changeset
|
1708 self.assertEqual(output[0][1], "text/plain") |
|
68b0c1767b50
Replace assertEquals (depricated) with assertEqual.
John Rouillard <rouilj@ieee.org>
parents:
5771
diff
changeset
|
1709 self.assertEqual(output[0][3], "_test_cgi_form/extensions/README.txt") |
|
5231
8743b7226dc7
Fix issue with retreiving raw template files using the @@file mechanism.
John Rouillard <rouilj@ieee.org>
parents:
5220
diff
changeset
|
1710 del output[0] # reset output buffer |
|
8743b7226dc7
Fix issue with retreiving raw template files using the @@file mechanism.
John Rouillard <rouilj@ieee.org>
parents:
5220
diff
changeset
|
1711 |
|
8743b7226dc7
Fix issue with retreiving raw template files using the @@file mechanism.
John Rouillard <rouilj@ieee.org>
parents:
5220
diff
changeset
|
1712 # make sure an embedded - ends the searching. |
|
8743b7226dc7
Fix issue with retreiving raw template files using the @@file mechanism.
John Rouillard <rouilj@ieee.org>
parents:
5220
diff
changeset
|
1713 cl.instance.config['STATIC_FILES'] = ' detectors - extensions ' |
|
8743b7226dc7
Fix issue with retreiving raw template files using the @@file mechanism.
John Rouillard <rouilj@ieee.org>
parents:
5220
diff
changeset
|
1714 self.assertRaises(NotFound, cl.serve_static_file, "README.txt") |
|
8743b7226dc7
Fix issue with retreiving raw template files using the @@file mechanism.
John Rouillard <rouilj@ieee.org>
parents:
5220
diff
changeset
|
1715 |
|
8743b7226dc7
Fix issue with retreiving raw template files using the @@file mechanism.
John Rouillard <rouilj@ieee.org>
parents:
5220
diff
changeset
|
1716 cl.instance.config['STATIC_FILES'] = ' detectors - extensions ' |
|
8743b7226dc7
Fix issue with retreiving raw template files using the @@file mechanism.
John Rouillard <rouilj@ieee.org>
parents:
5220
diff
changeset
|
1717 self.assertRaises(NotFound, cl.serve_static_file, "issue.index.html") |
|
8743b7226dc7
Fix issue with retreiving raw template files using the @@file mechanism.
John Rouillard <rouilj@ieee.org>
parents:
5220
diff
changeset
|
1718 |
|
8743b7226dc7
Fix issue with retreiving raw template files using the @@file mechanism.
John Rouillard <rouilj@ieee.org>
parents:
5220
diff
changeset
|
1719 # create an empty README.txt in the first directory |
|
8743b7226dc7
Fix issue with retreiving raw template files using the @@file mechanism.
John Rouillard <rouilj@ieee.org>
parents:
5220
diff
changeset
|
1720 f = open('_test_cgi_form/detectors/README.txt', 'a').close() |
|
8743b7226dc7
Fix issue with retreiving raw template files using the @@file mechanism.
John Rouillard <rouilj@ieee.org>
parents:
5220
diff
changeset
|
1721 # find file now in first directory |
|
8743b7226dc7
Fix issue with retreiving raw template files using the @@file mechanism.
John Rouillard <rouilj@ieee.org>
parents:
5220
diff
changeset
|
1722 cl.serve_static_file("README.txt") |
|
5786
68b0c1767b50
Replace assertEquals (depricated) with assertEqual.
John Rouillard <rouilj@ieee.org>
parents:
5771
diff
changeset
|
1723 self.assertEqual(output[0][1], "text/plain") |
|
68b0c1767b50
Replace assertEquals (depricated) with assertEqual.
John Rouillard <rouilj@ieee.org>
parents:
5771
diff
changeset
|
1724 self.assertEqual(output[0][3], "_test_cgi_form/detectors/README.txt") |
|
5231
8743b7226dc7
Fix issue with retreiving raw template files using the @@file mechanism.
John Rouillard <rouilj@ieee.org>
parents:
5220
diff
changeset
|
1725 del output[0] # reset output buffer |
|
8743b7226dc7
Fix issue with retreiving raw template files using the @@file mechanism.
John Rouillard <rouilj@ieee.org>
parents:
5220
diff
changeset
|
1726 |
|
8743b7226dc7
Fix issue with retreiving raw template files using the @@file mechanism.
John Rouillard <rouilj@ieee.org>
parents:
5220
diff
changeset
|
1727 cl.instance.config['STATIC_FILES'] = ' detectors extensions ' |
|
8743b7226dc7
Fix issue with retreiving raw template files using the @@file mechanism.
John Rouillard <rouilj@ieee.org>
parents:
5220
diff
changeset
|
1728 # make sure lack of trailing - allows searching TEMPLATES |
|
8743b7226dc7
Fix issue with retreiving raw template files using the @@file mechanism.
John Rouillard <rouilj@ieee.org>
parents:
5220
diff
changeset
|
1729 cl.serve_static_file("issue.index.html") |
|
5786
68b0c1767b50
Replace assertEquals (depricated) with assertEqual.
John Rouillard <rouilj@ieee.org>
parents:
5771
diff
changeset
|
1730 self.assertEqual(output[0][1], "text/html") |
|
68b0c1767b50
Replace assertEquals (depricated) with assertEqual.
John Rouillard <rouilj@ieee.org>
parents:
5771
diff
changeset
|
1731 self.assertEqual(output[0][3], "_test_cgi_form/html/issue.index.html") |
|
5231
8743b7226dc7
Fix issue with retreiving raw template files using the @@file mechanism.
John Rouillard <rouilj@ieee.org>
parents:
5220
diff
changeset
|
1732 del output[0] # reset output buffer |
|
8743b7226dc7
Fix issue with retreiving raw template files using the @@file mechanism.
John Rouillard <rouilj@ieee.org>
parents:
5220
diff
changeset
|
1733 |
|
8743b7226dc7
Fix issue with retreiving raw template files using the @@file mechanism.
John Rouillard <rouilj@ieee.org>
parents:
5220
diff
changeset
|
1734 # Make STATIC_FILES a single element. |
|
8743b7226dc7
Fix issue with retreiving raw template files using the @@file mechanism.
John Rouillard <rouilj@ieee.org>
parents:
5220
diff
changeset
|
1735 cl.instance.config['STATIC_FILES'] = 'detectors' |
|
8743b7226dc7
Fix issue with retreiving raw template files using the @@file mechanism.
John Rouillard <rouilj@ieee.org>
parents:
5220
diff
changeset
|
1736 # find file now in first directory |
|
8743b7226dc7
Fix issue with retreiving raw template files using the @@file mechanism.
John Rouillard <rouilj@ieee.org>
parents:
5220
diff
changeset
|
1737 cl.serve_static_file("messagesummary.py") |
|
5786
68b0c1767b50
Replace assertEquals (depricated) with assertEqual.
John Rouillard <rouilj@ieee.org>
parents:
5771
diff
changeset
|
1738 self.assertEqual(output[0][1], "text/x-python") |
|
68b0c1767b50
Replace assertEquals (depricated) with assertEqual.
John Rouillard <rouilj@ieee.org>
parents:
5771
diff
changeset
|
1739 self.assertEqual(output[0][3], "_test_cgi_form/detectors/messagesummary.py") |
|
5231
8743b7226dc7
Fix issue with retreiving raw template files using the @@file mechanism.
John Rouillard <rouilj@ieee.org>
parents:
5220
diff
changeset
|
1740 del output[0] # reset output buffer |
|
8743b7226dc7
Fix issue with retreiving raw template files using the @@file mechanism.
John Rouillard <rouilj@ieee.org>
parents:
5220
diff
changeset
|
1741 |
|
8743b7226dc7
Fix issue with retreiving raw template files using the @@file mechanism.
John Rouillard <rouilj@ieee.org>
parents:
5220
diff
changeset
|
1742 # make sure files found in subdirectory |
|
8743b7226dc7
Fix issue with retreiving raw template files using the @@file mechanism.
John Rouillard <rouilj@ieee.org>
parents:
5220
diff
changeset
|
1743 os.mkdir('_test_cgi_form/detectors/css') |
|
8743b7226dc7
Fix issue with retreiving raw template files using the @@file mechanism.
John Rouillard <rouilj@ieee.org>
parents:
5220
diff
changeset
|
1744 f = open('_test_cgi_form/detectors/css/README.css', 'a').close() |
|
8743b7226dc7
Fix issue with retreiving raw template files using the @@file mechanism.
John Rouillard <rouilj@ieee.org>
parents:
5220
diff
changeset
|
1745 # use subdir in filename |
|
8743b7226dc7
Fix issue with retreiving raw template files using the @@file mechanism.
John Rouillard <rouilj@ieee.org>
parents:
5220
diff
changeset
|
1746 cl.serve_static_file("css/README.css") |
|
5786
68b0c1767b50
Replace assertEquals (depricated) with assertEqual.
John Rouillard <rouilj@ieee.org>
parents:
5771
diff
changeset
|
1747 self.assertEqual(output[0][1], "text/css") |
|
68b0c1767b50
Replace assertEquals (depricated) with assertEqual.
John Rouillard <rouilj@ieee.org>
parents:
5771
diff
changeset
|
1748 self.assertEqual(output[0][3], "_test_cgi_form/detectors/css/README.css") |
|
5231
8743b7226dc7
Fix issue with retreiving raw template files using the @@file mechanism.
John Rouillard <rouilj@ieee.org>
parents:
5220
diff
changeset
|
1749 del output[0] # reset output buffer |
|
5980
54d0080769f9
Support setting cache-control headers for static files
John Rouillard <rouilj@ieee.org>
parents:
5978
diff
changeset
|
1750 |
|
54d0080769f9
Support setting cache-control headers for static files
John Rouillard <rouilj@ieee.org>
parents:
5978
diff
changeset
|
1751 cl.Cache_Control['text/css'] = 'public, max-age=3600' |
|
5231
8743b7226dc7
Fix issue with retreiving raw template files using the @@file mechanism.
John Rouillard <rouilj@ieee.org>
parents:
5220
diff
changeset
|
1752 # use subdir in static files path |
|
8743b7226dc7
Fix issue with retreiving raw template files using the @@file mechanism.
John Rouillard <rouilj@ieee.org>
parents:
5220
diff
changeset
|
1753 cl.instance.config['STATIC_FILES'] = 'detectors html/css' |
|
8743b7226dc7
Fix issue with retreiving raw template files using the @@file mechanism.
John Rouillard <rouilj@ieee.org>
parents:
5220
diff
changeset
|
1754 os.mkdir('_test_cgi_form/html/css') |
|
8743b7226dc7
Fix issue with retreiving raw template files using the @@file mechanism.
John Rouillard <rouilj@ieee.org>
parents:
5220
diff
changeset
|
1755 f = open('_test_cgi_form/html/css/README1.css', 'a').close() |
|
8743b7226dc7
Fix issue with retreiving raw template files using the @@file mechanism.
John Rouillard <rouilj@ieee.org>
parents:
5220
diff
changeset
|
1756 cl.serve_static_file("README1.css") |
|
5786
68b0c1767b50
Replace assertEquals (depricated) with assertEqual.
John Rouillard <rouilj@ieee.org>
parents:
5771
diff
changeset
|
1757 self.assertEqual(output[0][1], "text/css") |
|
68b0c1767b50
Replace assertEquals (depricated) with assertEqual.
John Rouillard <rouilj@ieee.org>
parents:
5771
diff
changeset
|
1758 self.assertEqual(output[0][3], "_test_cgi_form/html/css/README1.css") |
|
5980
54d0080769f9
Support setting cache-control headers for static files
John Rouillard <rouilj@ieee.org>
parents:
5978
diff
changeset
|
1759 self.assertTrue( "Cache-Control" in cl.additional_headers ) |
|
54d0080769f9
Support setting cache-control headers for static files
John Rouillard <rouilj@ieee.org>
parents:
5978
diff
changeset
|
1760 self.assertEqual( cl.additional_headers, |
|
54d0080769f9
Support setting cache-control headers for static files
John Rouillard <rouilj@ieee.org>
parents:
5978
diff
changeset
|
1761 {'Cache-Control': 'public, max-age=3600'} ) |
|
54d0080769f9
Support setting cache-control headers for static files
John Rouillard <rouilj@ieee.org>
parents:
5978
diff
changeset
|
1762 del output[0] # reset output buffer |
|
54d0080769f9
Support setting cache-control headers for static files
John Rouillard <rouilj@ieee.org>
parents:
5978
diff
changeset
|
1763 |
|
54d0080769f9
Support setting cache-control headers for static files
John Rouillard <rouilj@ieee.org>
parents:
5978
diff
changeset
|
1764 cl.Cache_Control['README1.css'] = 'public, max-age=60' |
|
54d0080769f9
Support setting cache-control headers for static files
John Rouillard <rouilj@ieee.org>
parents:
5978
diff
changeset
|
1765 cl.serve_static_file("README1.css") |
|
54d0080769f9
Support setting cache-control headers for static files
John Rouillard <rouilj@ieee.org>
parents:
5978
diff
changeset
|
1766 self.assertEqual(output[0][1], "text/css") |
|
54d0080769f9
Support setting cache-control headers for static files
John Rouillard <rouilj@ieee.org>
parents:
5978
diff
changeset
|
1767 self.assertEqual(output[0][3], "_test_cgi_form/html/css/README1.css") |
|
54d0080769f9
Support setting cache-control headers for static files
John Rouillard <rouilj@ieee.org>
parents:
5978
diff
changeset
|
1768 self.assertTrue( "Cache-Control" in cl.additional_headers ) |
|
54d0080769f9
Support setting cache-control headers for static files
John Rouillard <rouilj@ieee.org>
parents:
5978
diff
changeset
|
1769 self.assertEqual( cl.additional_headers, |
|
54d0080769f9
Support setting cache-control headers for static files
John Rouillard <rouilj@ieee.org>
parents:
5978
diff
changeset
|
1770 {'Cache-Control': 'public, max-age=60'} ) |
|
5231
8743b7226dc7
Fix issue with retreiving raw template files using the @@file mechanism.
John Rouillard <rouilj@ieee.org>
parents:
5220
diff
changeset
|
1771 del output[0] # reset output buffer |
|
8743b7226dc7
Fix issue with retreiving raw template files using the @@file mechanism.
John Rouillard <rouilj@ieee.org>
parents:
5220
diff
changeset
|
1772 |
|
8743b7226dc7
Fix issue with retreiving raw template files using the @@file mechanism.
John Rouillard <rouilj@ieee.org>
parents:
5220
diff
changeset
|
1773 |
|
4306
966592263fb8
Clean up all the places where role processing occurs.
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents:
4112
diff
changeset
|
1774 def testRoles(self): |
|
966592263fb8
Clean up all the places where role processing occurs.
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents:
4112
diff
changeset
|
1775 cl = self._make_client({}) |
|
966592263fb8
Clean up all the places where role processing occurs.
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents:
4112
diff
changeset
|
1776 self.db.user.set('1', roles='aDmin, uSer') |
|
966592263fb8
Clean up all the places where role processing occurs.
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents:
4112
diff
changeset
|
1777 item = HTMLItem(cl, 'user', '1') |
|
5649
f8893e1cde0d
assert_ is depricated. Replacing with assertTrue to reduce logs in travisci.
John Rouillard <rouilj@ieee.org>
parents:
5624
diff
changeset
|
1778 self.assertTrue(item.hasRole('Admin')) |
|
f8893e1cde0d
assert_ is depricated. Replacing with assertTrue to reduce logs in travisci.
John Rouillard <rouilj@ieee.org>
parents:
5624
diff
changeset
|
1779 self.assertTrue(item.hasRole('User')) |
|
f8893e1cde0d
assert_ is depricated. Replacing with assertTrue to reduce logs in travisci.
John Rouillard <rouilj@ieee.org>
parents:
5624
diff
changeset
|
1780 self.assertTrue(item.hasRole('AdmiN')) |
|
f8893e1cde0d
assert_ is depricated. Replacing with assertTrue to reduce logs in travisci.
John Rouillard <rouilj@ieee.org>
parents:
5624
diff
changeset
|
1781 self.assertTrue(item.hasRole('UseR')) |
|
f8893e1cde0d
assert_ is depricated. Replacing with assertTrue to reduce logs in travisci.
John Rouillard <rouilj@ieee.org>
parents:
5624
diff
changeset
|
1782 self.assertTrue(item.hasRole('UseR','Admin')) |
|
f8893e1cde0d
assert_ is depricated. Replacing with assertTrue to reduce logs in travisci.
John Rouillard <rouilj@ieee.org>
parents:
5624
diff
changeset
|
1783 self.assertTrue(item.hasRole('UseR','somethingelse')) |
|
f8893e1cde0d
assert_ is depricated. Replacing with assertTrue to reduce logs in travisci.
John Rouillard <rouilj@ieee.org>
parents:
5624
diff
changeset
|
1784 self.assertTrue(item.hasRole('somethingelse','Admin')) |
|
f8893e1cde0d
assert_ is depricated. Replacing with assertTrue to reduce logs in travisci.
John Rouillard <rouilj@ieee.org>
parents:
5624
diff
changeset
|
1785 self.assertTrue(not item.hasRole('userr')) |
|
f8893e1cde0d
assert_ is depricated. Replacing with assertTrue to reduce logs in travisci.
John Rouillard <rouilj@ieee.org>
parents:
5624
diff
changeset
|
1786 self.assertTrue(not item.hasRole('adminn')) |
|
f8893e1cde0d
assert_ is depricated. Replacing with assertTrue to reduce logs in travisci.
John Rouillard <rouilj@ieee.org>
parents:
5624
diff
changeset
|
1787 self.assertTrue(not item.hasRole('')) |
|
f8893e1cde0d
assert_ is depricated. Replacing with assertTrue to reduce logs in travisci.
John Rouillard <rouilj@ieee.org>
parents:
5624
diff
changeset
|
1788 self.assertTrue(not item.hasRole(' ')) |
|
4306
966592263fb8
Clean up all the places where role processing occurs.
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents:
4112
diff
changeset
|
1789 self.db.user.set('1', roles='') |
|
5649
f8893e1cde0d
assert_ is depricated. Replacing with assertTrue to reduce logs in travisci.
John Rouillard <rouilj@ieee.org>
parents:
5624
diff
changeset
|
1790 self.assertTrue(not item.hasRole('')) |
|
4306
966592263fb8
Clean up all the places where role processing occurs.
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents:
4112
diff
changeset
|
1791 |
|
4112
6441ffe588f7
fix bug introduced into CSV export and view (issue 2550529)
Richard Jones <richard@users.sourceforge.net>
parents:
4088
diff
changeset
|
1792 def testCSVExport(self): |
|
5614
be99aa02c616
issue2550833 enhance the export csv action to include the keys for
John Rouillard <rouilj@ieee.org>
parents:
5519
diff
changeset
|
1793 cl = self._make_client( |
|
be99aa02c616
issue2550833 enhance the export csv action to include the keys for
John Rouillard <rouilj@ieee.org>
parents:
5519
diff
changeset
|
1794 {'@columns': 'id,title,status,keyword,assignedto,nosy'}, |
|
be99aa02c616
issue2550833 enhance the export csv action to include the keys for
John Rouillard <rouilj@ieee.org>
parents:
5519
diff
changeset
|
1795 nodeid=None, userid='1') |
|
be99aa02c616
issue2550833 enhance the export csv action to include the keys for
John Rouillard <rouilj@ieee.org>
parents:
5519
diff
changeset
|
1796 cl.classname = 'issue' |
|
be99aa02c616
issue2550833 enhance the export csv action to include the keys for
John Rouillard <rouilj@ieee.org>
parents:
5519
diff
changeset
|
1797 |
|
be99aa02c616
issue2550833 enhance the export csv action to include the keys for
John Rouillard <rouilj@ieee.org>
parents:
5519
diff
changeset
|
1798 demo_id=self.db.user.create(username='demo', address='demo@test.test', |
|
be99aa02c616
issue2550833 enhance the export csv action to include the keys for
John Rouillard <rouilj@ieee.org>
parents:
5519
diff
changeset
|
1799 roles='User', realname='demo') |
|
be99aa02c616
issue2550833 enhance the export csv action to include the keys for
John Rouillard <rouilj@ieee.org>
parents:
5519
diff
changeset
|
1800 key_id1=self.db.keyword.create(name='keyword1') |
|
be99aa02c616
issue2550833 enhance the export csv action to include the keys for
John Rouillard <rouilj@ieee.org>
parents:
5519
diff
changeset
|
1801 key_id2=self.db.keyword.create(name='keyword2') |
|
be99aa02c616
issue2550833 enhance the export csv action to include the keys for
John Rouillard <rouilj@ieee.org>
parents:
5519
diff
changeset
|
1802 self.db.issue.create(title='foo1', status='2', assignedto='4', nosy=['3',demo_id]) |
|
be99aa02c616
issue2550833 enhance the export csv action to include the keys for
John Rouillard <rouilj@ieee.org>
parents:
5519
diff
changeset
|
1803 self.db.issue.create(title='bar2', status='1', assignedto='3', keyword=[key_id1,key_id2]) |
|
be99aa02c616
issue2550833 enhance the export csv action to include the keys for
John Rouillard <rouilj@ieee.org>
parents:
5519
diff
changeset
|
1804 self.db.issue.create(title='baz32', status='4') |
|
6083
f74d078cfd9a
issue2551019 needs to be handled in the action code itself, not the WSGI handler
Christof Meerwald <cmeerw@cmeerw.org>
parents:
5980
diff
changeset
|
1805 output = io.BytesIO() |
|
4112
6441ffe588f7
fix bug introduced into CSV export and view (issue 2550529)
Richard Jones <richard@users.sourceforge.net>
parents:
4088
diff
changeset
|
1806 cl.request = MockNull() |
|
6441ffe588f7
fix bug introduced into CSV export and view (issue 2550529)
Richard Jones <richard@users.sourceforge.net>
parents:
4088
diff
changeset
|
1807 cl.request.wfile = output |
|
5614
be99aa02c616
issue2550833 enhance the export csv action to include the keys for
John Rouillard <rouilj@ieee.org>
parents:
5519
diff
changeset
|
1808 # call export version that outputs names |
|
4112
6441ffe588f7
fix bug introduced into CSV export and view (issue 2550529)
Richard Jones <richard@users.sourceforge.net>
parents:
4088
diff
changeset
|
1809 actions.ExportCSVAction(cl).handle() |
|
6190
15fd91fd3c4c
Quote all exported CSV data
John Rouillard <rouilj@ieee.org>
parents:
6083
diff
changeset
|
1810 should_be=(s2b('"id","title","status","keyword","assignedto","nosy"\r\n' |
|
15fd91fd3c4c
Quote all exported CSV data
John Rouillard <rouilj@ieee.org>
parents:
6083
diff
changeset
|
1811 '"1","foo1","deferred","","Contrary, Mary","Bork, Chef;Contrary, Mary;demo"\r\n' |
|
15fd91fd3c4c
Quote all exported CSV data
John Rouillard <rouilj@ieee.org>
parents:
6083
diff
changeset
|
1812 '"2","bar2","unread","keyword1;keyword2","Bork, Chef","Bork, Chef"\r\n' |
|
15fd91fd3c4c
Quote all exported CSV data
John Rouillard <rouilj@ieee.org>
parents:
6083
diff
changeset
|
1813 '"3","baz32","need-eg","","",""\r\n')) |
|
5652
9689d1bf9bb0
python2/python3 normalization. When exporting CSV, sort lists as they
John Rouillard <rouilj@ieee.org>
parents:
5649
diff
changeset
|
1814 #print(should_be) |
|
6190
15fd91fd3c4c
Quote all exported CSV data
John Rouillard <rouilj@ieee.org>
parents:
6083
diff
changeset
|
1815 print(output.getvalue()) |
|
5652
9689d1bf9bb0
python2/python3 normalization. When exporting CSV, sort lists as they
John Rouillard <rouilj@ieee.org>
parents:
5649
diff
changeset
|
1816 self.assertEqual(output.getvalue(), should_be) |
|
6083
f74d078cfd9a
issue2551019 needs to be handled in the action code itself, not the WSGI handler
Christof Meerwald <cmeerw@cmeerw.org>
parents:
5980
diff
changeset
|
1817 output = io.BytesIO() |
|
5614
be99aa02c616
issue2550833 enhance the export csv action to include the keys for
John Rouillard <rouilj@ieee.org>
parents:
5519
diff
changeset
|
1818 cl.request = MockNull() |
|
be99aa02c616
issue2550833 enhance the export csv action to include the keys for
John Rouillard <rouilj@ieee.org>
parents:
5519
diff
changeset
|
1819 cl.request.wfile = output |
|
be99aa02c616
issue2550833 enhance the export csv action to include the keys for
John Rouillard <rouilj@ieee.org>
parents:
5519
diff
changeset
|
1820 # call export version that outputs id numbers |
|
be99aa02c616
issue2550833 enhance the export csv action to include the keys for
John Rouillard <rouilj@ieee.org>
parents:
5519
diff
changeset
|
1821 actions.ExportCSVWithIdAction(cl).handle() |
|
6190
15fd91fd3c4c
Quote all exported CSV data
John Rouillard <rouilj@ieee.org>
parents:
6083
diff
changeset
|
1822 should_be = s2b('"id","title","status","keyword","assignedto","nosy"\r\n' |
|
15fd91fd3c4c
Quote all exported CSV data
John Rouillard <rouilj@ieee.org>
parents:
6083
diff
changeset
|
1823 "\"1\",\"foo1\",\"2\",\"[]\",\"4\",\"['3', '4', '5']\"\r\n" |
|
15fd91fd3c4c
Quote all exported CSV data
John Rouillard <rouilj@ieee.org>
parents:
6083
diff
changeset
|
1824 "\"2\",\"bar2\",\"1\",\"['1', '2']\",\"3\",\"['3']\"\r\n" |
|
15fd91fd3c4c
Quote all exported CSV data
John Rouillard <rouilj@ieee.org>
parents:
6083
diff
changeset
|
1825 '\"3\","baz32",\"4\","[]","None","[]"\r\n') |
|
15fd91fd3c4c
Quote all exported CSV data
John Rouillard <rouilj@ieee.org>
parents:
6083
diff
changeset
|
1826 #print(should_be) |
|
5652
9689d1bf9bb0
python2/python3 normalization. When exporting CSV, sort lists as they
John Rouillard <rouilj@ieee.org>
parents:
5649
diff
changeset
|
1827 print(output.getvalue()) |
|
6190
15fd91fd3c4c
Quote all exported CSV data
John Rouillard <rouilj@ieee.org>
parents:
6083
diff
changeset
|
1828 self.assertEqual(output.getvalue(), should_be) |
|
4112
6441ffe588f7
fix bug introduced into CSV export and view (issue 2550529)
Richard Jones <richard@users.sourceforge.net>
parents:
4088
diff
changeset
|
1829 |
|
6083
f74d078cfd9a
issue2551019 needs to be handled in the action code itself, not the WSGI handler
Christof Meerwald <cmeerw@cmeerw.org>
parents:
5980
diff
changeset
|
1830 def testCSVExportCharset(self): |
|
f74d078cfd9a
issue2551019 needs to be handled in the action code itself, not the WSGI handler
Christof Meerwald <cmeerw@cmeerw.org>
parents:
5980
diff
changeset
|
1831 cl = self._make_client( |
|
f74d078cfd9a
issue2551019 needs to be handled in the action code itself, not the WSGI handler
Christof Meerwald <cmeerw@cmeerw.org>
parents:
5980
diff
changeset
|
1832 {'@columns': 'id,title,status,keyword,assignedto,nosy'}, |
|
f74d078cfd9a
issue2551019 needs to be handled in the action code itself, not the WSGI handler
Christof Meerwald <cmeerw@cmeerw.org>
parents:
5980
diff
changeset
|
1833 nodeid=None, userid='1') |
|
f74d078cfd9a
issue2551019 needs to be handled in the action code itself, not the WSGI handler
Christof Meerwald <cmeerw@cmeerw.org>
parents:
5980
diff
changeset
|
1834 cl.classname = 'issue' |
|
f74d078cfd9a
issue2551019 needs to be handled in the action code itself, not the WSGI handler
Christof Meerwald <cmeerw@cmeerw.org>
parents:
5980
diff
changeset
|
1835 |
|
f74d078cfd9a
issue2551019 needs to be handled in the action code itself, not the WSGI handler
Christof Meerwald <cmeerw@cmeerw.org>
parents:
5980
diff
changeset
|
1836 demo_id=self.db.user.create(username='demo', address='demo@test.test', |
|
f74d078cfd9a
issue2551019 needs to be handled in the action code itself, not the WSGI handler
Christof Meerwald <cmeerw@cmeerw.org>
parents:
5980
diff
changeset
|
1837 roles='User', realname='demo') |
|
f74d078cfd9a
issue2551019 needs to be handled in the action code itself, not the WSGI handler
Christof Meerwald <cmeerw@cmeerw.org>
parents:
5980
diff
changeset
|
1838 self.db.issue.create(title=b2s(b'foo1\xc3\xa4'), status='2', assignedto='4', nosy=['3',demo_id]) |
|
f74d078cfd9a
issue2551019 needs to be handled in the action code itself, not the WSGI handler
Christof Meerwald <cmeerw@cmeerw.org>
parents:
5980
diff
changeset
|
1839 |
|
f74d078cfd9a
issue2551019 needs to be handled in the action code itself, not the WSGI handler
Christof Meerwald <cmeerw@cmeerw.org>
parents:
5980
diff
changeset
|
1840 output = io.BytesIO() |
|
f74d078cfd9a
issue2551019 needs to be handled in the action code itself, not the WSGI handler
Christof Meerwald <cmeerw@cmeerw.org>
parents:
5980
diff
changeset
|
1841 cl.request = MockNull() |
|
f74d078cfd9a
issue2551019 needs to be handled in the action code itself, not the WSGI handler
Christof Meerwald <cmeerw@cmeerw.org>
parents:
5980
diff
changeset
|
1842 cl.request.wfile = output |
|
f74d078cfd9a
issue2551019 needs to be handled in the action code itself, not the WSGI handler
Christof Meerwald <cmeerw@cmeerw.org>
parents:
5980
diff
changeset
|
1843 # call export version that outputs names |
|
f74d078cfd9a
issue2551019 needs to be handled in the action code itself, not the WSGI handler
Christof Meerwald <cmeerw@cmeerw.org>
parents:
5980
diff
changeset
|
1844 actions.ExportCSVAction(cl).handle() |
|
6190
15fd91fd3c4c
Quote all exported CSV data
John Rouillard <rouilj@ieee.org>
parents:
6083
diff
changeset
|
1845 should_be=(b'"id","title","status","keyword","assignedto","nosy"\r\n' |
|
15fd91fd3c4c
Quote all exported CSV data
John Rouillard <rouilj@ieee.org>
parents:
6083
diff
changeset
|
1846 b'"1","foo1\xc3\xa4","deferred","","Contrary, Mary","Bork, Chef;Contrary, Mary;demo"\r\n') |
|
6083
f74d078cfd9a
issue2551019 needs to be handled in the action code itself, not the WSGI handler
Christof Meerwald <cmeerw@cmeerw.org>
parents:
5980
diff
changeset
|
1847 self.assertEqual(output.getvalue(), should_be) |
|
f74d078cfd9a
issue2551019 needs to be handled in the action code itself, not the WSGI handler
Christof Meerwald <cmeerw@cmeerw.org>
parents:
5980
diff
changeset
|
1848 |
|
f74d078cfd9a
issue2551019 needs to be handled in the action code itself, not the WSGI handler
Christof Meerwald <cmeerw@cmeerw.org>
parents:
5980
diff
changeset
|
1849 output = io.BytesIO() |
|
f74d078cfd9a
issue2551019 needs to be handled in the action code itself, not the WSGI handler
Christof Meerwald <cmeerw@cmeerw.org>
parents:
5980
diff
changeset
|
1850 cl.request = MockNull() |
|
f74d078cfd9a
issue2551019 needs to be handled in the action code itself, not the WSGI handler
Christof Meerwald <cmeerw@cmeerw.org>
parents:
5980
diff
changeset
|
1851 cl.request.wfile = output |
|
f74d078cfd9a
issue2551019 needs to be handled in the action code itself, not the WSGI handler
Christof Meerwald <cmeerw@cmeerw.org>
parents:
5980
diff
changeset
|
1852 # call export version that outputs id numbers |
|
f74d078cfd9a
issue2551019 needs to be handled in the action code itself, not the WSGI handler
Christof Meerwald <cmeerw@cmeerw.org>
parents:
5980
diff
changeset
|
1853 actions.ExportCSVWithIdAction(cl).handle() |
|
f74d078cfd9a
issue2551019 needs to be handled in the action code itself, not the WSGI handler
Christof Meerwald <cmeerw@cmeerw.org>
parents:
5980
diff
changeset
|
1854 print(output.getvalue()) |
|
6190
15fd91fd3c4c
Quote all exported CSV data
John Rouillard <rouilj@ieee.org>
parents:
6083
diff
changeset
|
1855 self.assertEqual(b'"id","title","status","keyword","assignedto","nosy"\r\n' |
|
15fd91fd3c4c
Quote all exported CSV data
John Rouillard <rouilj@ieee.org>
parents:
6083
diff
changeset
|
1856 b"\"1\",\"foo1\xc3\xa4\",\"2\",\"[]\",\"4\",\"['3', '4', '5']\"\r\n", |
|
6083
f74d078cfd9a
issue2551019 needs to be handled in the action code itself, not the WSGI handler
Christof Meerwald <cmeerw@cmeerw.org>
parents:
5980
diff
changeset
|
1857 output.getvalue()) |
|
f74d078cfd9a
issue2551019 needs to be handled in the action code itself, not the WSGI handler
Christof Meerwald <cmeerw@cmeerw.org>
parents:
5980
diff
changeset
|
1858 |
|
f74d078cfd9a
issue2551019 needs to be handled in the action code itself, not the WSGI handler
Christof Meerwald <cmeerw@cmeerw.org>
parents:
5980
diff
changeset
|
1859 # again with ISO-8859-1 client charset |
|
f74d078cfd9a
issue2551019 needs to be handled in the action code itself, not the WSGI handler
Christof Meerwald <cmeerw@cmeerw.org>
parents:
5980
diff
changeset
|
1860 cl.charset = 'iso8859-1' |
|
f74d078cfd9a
issue2551019 needs to be handled in the action code itself, not the WSGI handler
Christof Meerwald <cmeerw@cmeerw.org>
parents:
5980
diff
changeset
|
1861 output = io.BytesIO() |
|
f74d078cfd9a
issue2551019 needs to be handled in the action code itself, not the WSGI handler
Christof Meerwald <cmeerw@cmeerw.org>
parents:
5980
diff
changeset
|
1862 cl.request = MockNull() |
|
f74d078cfd9a
issue2551019 needs to be handled in the action code itself, not the WSGI handler
Christof Meerwald <cmeerw@cmeerw.org>
parents:
5980
diff
changeset
|
1863 cl.request.wfile = output |
|
f74d078cfd9a
issue2551019 needs to be handled in the action code itself, not the WSGI handler
Christof Meerwald <cmeerw@cmeerw.org>
parents:
5980
diff
changeset
|
1864 # call export version that outputs names |
|
f74d078cfd9a
issue2551019 needs to be handled in the action code itself, not the WSGI handler
Christof Meerwald <cmeerw@cmeerw.org>
parents:
5980
diff
changeset
|
1865 actions.ExportCSVAction(cl).handle() |
|
6190
15fd91fd3c4c
Quote all exported CSV data
John Rouillard <rouilj@ieee.org>
parents:
6083
diff
changeset
|
1866 should_be=(b'"id","title","status","keyword","assignedto","nosy"\r\n' |
|
15fd91fd3c4c
Quote all exported CSV data
John Rouillard <rouilj@ieee.org>
parents:
6083
diff
changeset
|
1867 b'"1","foo1\xe4","deferred","","Contrary, Mary","Bork, Chef;Contrary, Mary;demo"\r\n') |
|
6083
f74d078cfd9a
issue2551019 needs to be handled in the action code itself, not the WSGI handler
Christof Meerwald <cmeerw@cmeerw.org>
parents:
5980
diff
changeset
|
1868 self.assertEqual(output.getvalue(), should_be) |
|
f74d078cfd9a
issue2551019 needs to be handled in the action code itself, not the WSGI handler
Christof Meerwald <cmeerw@cmeerw.org>
parents:
5980
diff
changeset
|
1869 |
|
f74d078cfd9a
issue2551019 needs to be handled in the action code itself, not the WSGI handler
Christof Meerwald <cmeerw@cmeerw.org>
parents:
5980
diff
changeset
|
1870 output = io.BytesIO() |
|
f74d078cfd9a
issue2551019 needs to be handled in the action code itself, not the WSGI handler
Christof Meerwald <cmeerw@cmeerw.org>
parents:
5980
diff
changeset
|
1871 cl.request = MockNull() |
|
f74d078cfd9a
issue2551019 needs to be handled in the action code itself, not the WSGI handler
Christof Meerwald <cmeerw@cmeerw.org>
parents:
5980
diff
changeset
|
1872 cl.request.wfile = output |
|
f74d078cfd9a
issue2551019 needs to be handled in the action code itself, not the WSGI handler
Christof Meerwald <cmeerw@cmeerw.org>
parents:
5980
diff
changeset
|
1873 # call export version that outputs id numbers |
|
f74d078cfd9a
issue2551019 needs to be handled in the action code itself, not the WSGI handler
Christof Meerwald <cmeerw@cmeerw.org>
parents:
5980
diff
changeset
|
1874 actions.ExportCSVWithIdAction(cl).handle() |
|
f74d078cfd9a
issue2551019 needs to be handled in the action code itself, not the WSGI handler
Christof Meerwald <cmeerw@cmeerw.org>
parents:
5980
diff
changeset
|
1875 print(output.getvalue()) |
|
6190
15fd91fd3c4c
Quote all exported CSV data
John Rouillard <rouilj@ieee.org>
parents:
6083
diff
changeset
|
1876 self.assertEqual(b'"id","title","status","keyword","assignedto","nosy"\r\n' |
|
15fd91fd3c4c
Quote all exported CSV data
John Rouillard <rouilj@ieee.org>
parents:
6083
diff
changeset
|
1877 b"\"1\",\"foo1\xe4\",\"2\",\"[]\",\"4\",\"['3', '4', '5']\"\r\n", |
|
6083
f74d078cfd9a
issue2551019 needs to be handled in the action code itself, not the WSGI handler
Christof Meerwald <cmeerw@cmeerw.org>
parents:
5980
diff
changeset
|
1878 output.getvalue()) |
|
f74d078cfd9a
issue2551019 needs to be handled in the action code itself, not the WSGI handler
Christof Meerwald <cmeerw@cmeerw.org>
parents:
5980
diff
changeset
|
1879 |
|
4624
21705126dafa
Committed edited fix for issue2550712 by Cedric Krier.
Bernhard Reiter <bernhard@intevation.de>
parents:
4623
diff
changeset
|
1880 def testCSVExportBadColumnName(self): |
|
21705126dafa
Committed edited fix for issue2550712 by Cedric Krier.
Bernhard Reiter <bernhard@intevation.de>
parents:
4623
diff
changeset
|
1881 cl = self._make_client({'@columns': 'falseid,name'}, nodeid=None, |
|
21705126dafa
Committed edited fix for issue2550712 by Cedric Krier.
Bernhard Reiter <bernhard@intevation.de>
parents:
4623
diff
changeset
|
1882 userid='1') |
|
21705126dafa
Committed edited fix for issue2550712 by Cedric Krier.
Bernhard Reiter <bernhard@intevation.de>
parents:
4623
diff
changeset
|
1883 cl.classname = 'status' |
|
6083
f74d078cfd9a
issue2551019 needs to be handled in the action code itself, not the WSGI handler
Christof Meerwald <cmeerw@cmeerw.org>
parents:
5980
diff
changeset
|
1884 output = io.BytesIO() |
|
4624
21705126dafa
Committed edited fix for issue2550712 by Cedric Krier.
Bernhard Reiter <bernhard@intevation.de>
parents:
4623
diff
changeset
|
1885 cl.request = MockNull() |
|
21705126dafa
Committed edited fix for issue2550712 by Cedric Krier.
Bernhard Reiter <bernhard@intevation.de>
parents:
4623
diff
changeset
|
1886 cl.request.wfile = output |
|
5168
9e41254430fe
issue2550755: exceptions.NotFound(msg) msg is not reported to user in cgi fix tests
John Rouillard <rouilj@ieee.org>
parents:
5166
diff
changeset
|
1887 self.assertRaises(exceptions.NotFound, |
|
4624
21705126dafa
Committed edited fix for issue2550712 by Cedric Krier.
Bernhard Reiter <bernhard@intevation.de>
parents:
4623
diff
changeset
|
1888 actions.ExportCSVAction(cl).handle) |
|
21705126dafa
Committed edited fix for issue2550712 by Cedric Krier.
Bernhard Reiter <bernhard@intevation.de>
parents:
4623
diff
changeset
|
1889 |
|
5168
9e41254430fe
issue2550755: exceptions.NotFound(msg) msg is not reported to user in cgi fix tests
John Rouillard <rouilj@ieee.org>
parents:
5166
diff
changeset
|
1890 def testCSVExportFailPermissionBadColumn(self): |
|
4112
6441ffe588f7
fix bug introduced into CSV export and view (issue 2550529)
Richard Jones <richard@users.sourceforge.net>
parents:
4088
diff
changeset
|
1891 cl = self._make_client({'@columns': 'id,email,password'}, nodeid=None, |
|
6441ffe588f7
fix bug introduced into CSV export and view (issue 2550529)
Richard Jones <richard@users.sourceforge.net>
parents:
4088
diff
changeset
|
1892 userid='2') |
|
6441ffe588f7
fix bug introduced into CSV export and view (issue 2550529)
Richard Jones <richard@users.sourceforge.net>
parents:
4088
diff
changeset
|
1893 cl.classname = 'user' |
|
6083
f74d078cfd9a
issue2551019 needs to be handled in the action code itself, not the WSGI handler
Christof Meerwald <cmeerw@cmeerw.org>
parents:
5980
diff
changeset
|
1894 output = io.BytesIO() |
|
4112
6441ffe588f7
fix bug introduced into CSV export and view (issue 2550529)
Richard Jones <richard@users.sourceforge.net>
parents:
4088
diff
changeset
|
1895 cl.request = MockNull() |
|
6441ffe588f7
fix bug introduced into CSV export and view (issue 2550529)
Richard Jones <richard@users.sourceforge.net>
parents:
4088
diff
changeset
|
1896 cl.request.wfile = output |
|
4624
21705126dafa
Committed edited fix for issue2550712 by Cedric Krier.
Bernhard Reiter <bernhard@intevation.de>
parents:
4623
diff
changeset
|
1897 # used to be self.assertRaises(exceptions.Unauthorised, |
|
21705126dafa
Committed edited fix for issue2550712 by Cedric Krier.
Bernhard Reiter <bernhard@intevation.de>
parents:
4623
diff
changeset
|
1898 # but not acting like the column name is not found |
|
5168
9e41254430fe
issue2550755: exceptions.NotFound(msg) msg is not reported to user in cgi fix tests
John Rouillard <rouilj@ieee.org>
parents:
5166
diff
changeset
|
1899 # see issue2550755 - should this return Unauthorised? |
|
9e41254430fe
issue2550755: exceptions.NotFound(msg) msg is not reported to user in cgi fix tests
John Rouillard <rouilj@ieee.org>
parents:
5166
diff
changeset
|
1900 # The unauthorised user should never get to the point where |
|
9e41254430fe
issue2550755: exceptions.NotFound(msg) msg is not reported to user in cgi fix tests
John Rouillard <rouilj@ieee.org>
parents:
5166
diff
changeset
|
1901 # they can determine if the column name is valid or not. |
|
9e41254430fe
issue2550755: exceptions.NotFound(msg) msg is not reported to user in cgi fix tests
John Rouillard <rouilj@ieee.org>
parents:
5166
diff
changeset
|
1902 self.assertRaises(exceptions.NotFound, |
|
9e41254430fe
issue2550755: exceptions.NotFound(msg) msg is not reported to user in cgi fix tests
John Rouillard <rouilj@ieee.org>
parents:
5166
diff
changeset
|
1903 actions.ExportCSVAction(cl).handle) |
|
9e41254430fe
issue2550755: exceptions.NotFound(msg) msg is not reported to user in cgi fix tests
John Rouillard <rouilj@ieee.org>
parents:
5166
diff
changeset
|
1904 |
|
9e41254430fe
issue2550755: exceptions.NotFound(msg) msg is not reported to user in cgi fix tests
John Rouillard <rouilj@ieee.org>
parents:
5166
diff
changeset
|
1905 def testCSVExportFailPermissionValidColumn(self): |
|
5614
be99aa02c616
issue2550833 enhance the export csv action to include the keys for
John Rouillard <rouilj@ieee.org>
parents:
5519
diff
changeset
|
1906 passwd=password.Password('foo') |
|
be99aa02c616
issue2550833 enhance the export csv action to include the keys for
John Rouillard <rouilj@ieee.org>
parents:
5519
diff
changeset
|
1907 demo_id=self.db.user.create(username='demo', address='demo@test.test', |
|
be99aa02c616
issue2550833 enhance the export csv action to include the keys for
John Rouillard <rouilj@ieee.org>
parents:
5519
diff
changeset
|
1908 roles='User', realname='demo', |
|
be99aa02c616
issue2550833 enhance the export csv action to include the keys for
John Rouillard <rouilj@ieee.org>
parents:
5519
diff
changeset
|
1909 password=passwd) |
|
be99aa02c616
issue2550833 enhance the export csv action to include the keys for
John Rouillard <rouilj@ieee.org>
parents:
5519
diff
changeset
|
1910 cl = self._make_client({'@columns': 'id,username,address,password'}, |
|
be99aa02c616
issue2550833 enhance the export csv action to include the keys for
John Rouillard <rouilj@ieee.org>
parents:
5519
diff
changeset
|
1911 nodeid=None, userid=demo_id) |
|
be99aa02c616
issue2550833 enhance the export csv action to include the keys for
John Rouillard <rouilj@ieee.org>
parents:
5519
diff
changeset
|
1912 cl.classname = 'user' |
|
6083
f74d078cfd9a
issue2551019 needs to be handled in the action code itself, not the WSGI handler
Christof Meerwald <cmeerw@cmeerw.org>
parents:
5980
diff
changeset
|
1913 output = io.BytesIO() |
|
5614
be99aa02c616
issue2550833 enhance the export csv action to include the keys for
John Rouillard <rouilj@ieee.org>
parents:
5519
diff
changeset
|
1914 cl.request = MockNull() |
|
be99aa02c616
issue2550833 enhance the export csv action to include the keys for
John Rouillard <rouilj@ieee.org>
parents:
5519
diff
changeset
|
1915 cl.request.wfile = output |
|
be99aa02c616
issue2550833 enhance the export csv action to include the keys for
John Rouillard <rouilj@ieee.org>
parents:
5519
diff
changeset
|
1916 # used to be self.assertRaises(exceptions.Unauthorised, |
|
be99aa02c616
issue2550833 enhance the export csv action to include the keys for
John Rouillard <rouilj@ieee.org>
parents:
5519
diff
changeset
|
1917 # but not acting like the column name is not found |
|
be99aa02c616
issue2550833 enhance the export csv action to include the keys for
John Rouillard <rouilj@ieee.org>
parents:
5519
diff
changeset
|
1918 |
|
be99aa02c616
issue2550833 enhance the export csv action to include the keys for
John Rouillard <rouilj@ieee.org>
parents:
5519
diff
changeset
|
1919 actions.ExportCSVAction(cl).handle() |
|
be99aa02c616
issue2550833 enhance the export csv action to include the keys for
John Rouillard <rouilj@ieee.org>
parents:
5519
diff
changeset
|
1920 #print(output.getvalue()) |
|
6190
15fd91fd3c4c
Quote all exported CSV data
John Rouillard <rouilj@ieee.org>
parents:
6083
diff
changeset
|
1921 self.assertEqual(s2b('"id","username","address","password"\r\n' |
|
15fd91fd3c4c
Quote all exported CSV data
John Rouillard <rouilj@ieee.org>
parents:
6083
diff
changeset
|
1922 '"1","admin","[hidden]","[hidden]"\r\n' |
|
15fd91fd3c4c
Quote all exported CSV data
John Rouillard <rouilj@ieee.org>
parents:
6083
diff
changeset
|
1923 '"2","anonymous","[hidden]","[hidden]"\r\n' |
|
15fd91fd3c4c
Quote all exported CSV data
John Rouillard <rouilj@ieee.org>
parents:
6083
diff
changeset
|
1924 '"3","Chef","[hidden]","[hidden]"\r\n' |
|
15fd91fd3c4c
Quote all exported CSV data
John Rouillard <rouilj@ieee.org>
parents:
6083
diff
changeset
|
1925 '"4","mary","[hidden]","[hidden]"\r\n' |
|
15fd91fd3c4c
Quote all exported CSV data
John Rouillard <rouilj@ieee.org>
parents:
6083
diff
changeset
|
1926 '"5","demo","demo@test.test","%s"\r\n'%(passwd)), |
|
5614
be99aa02c616
issue2550833 enhance the export csv action to include the keys for
John Rouillard <rouilj@ieee.org>
parents:
5519
diff
changeset
|
1927 output.getvalue()) |
|
be99aa02c616
issue2550833 enhance the export csv action to include the keys for
John Rouillard <rouilj@ieee.org>
parents:
5519
diff
changeset
|
1928 |
|
be99aa02c616
issue2550833 enhance the export csv action to include the keys for
John Rouillard <rouilj@ieee.org>
parents:
5519
diff
changeset
|
1929 def testCSVExportWithId(self): |
|
be99aa02c616
issue2550833 enhance the export csv action to include the keys for
John Rouillard <rouilj@ieee.org>
parents:
5519
diff
changeset
|
1930 cl = self._make_client({'@columns': 'id,name'}, nodeid=None, |
|
be99aa02c616
issue2550833 enhance the export csv action to include the keys for
John Rouillard <rouilj@ieee.org>
parents:
5519
diff
changeset
|
1931 userid='1') |
|
be99aa02c616
issue2550833 enhance the export csv action to include the keys for
John Rouillard <rouilj@ieee.org>
parents:
5519
diff
changeset
|
1932 cl.classname = 'status' |
|
6083
f74d078cfd9a
issue2551019 needs to be handled in the action code itself, not the WSGI handler
Christof Meerwald <cmeerw@cmeerw.org>
parents:
5980
diff
changeset
|
1933 output = io.BytesIO() |
|
5614
be99aa02c616
issue2550833 enhance the export csv action to include the keys for
John Rouillard <rouilj@ieee.org>
parents:
5519
diff
changeset
|
1934 cl.request = MockNull() |
|
be99aa02c616
issue2550833 enhance the export csv action to include the keys for
John Rouillard <rouilj@ieee.org>
parents:
5519
diff
changeset
|
1935 cl.request.wfile = output |
|
be99aa02c616
issue2550833 enhance the export csv action to include the keys for
John Rouillard <rouilj@ieee.org>
parents:
5519
diff
changeset
|
1936 actions.ExportCSVWithIdAction(cl).handle() |
|
6190
15fd91fd3c4c
Quote all exported CSV data
John Rouillard <rouilj@ieee.org>
parents:
6083
diff
changeset
|
1937 self.assertEqual(s2b('"id","name"\r\n"1","unread"\r\n"2","deferred"\r\n"3","chatting"\r\n' |
|
15fd91fd3c4c
Quote all exported CSV data
John Rouillard <rouilj@ieee.org>
parents:
6083
diff
changeset
|
1938 '"4","need-eg"\r\n"5","in-progress"\r\n"6","testing"\r\n"7","done-cbb"\r\n' |
|
15fd91fd3c4c
Quote all exported CSV data
John Rouillard <rouilj@ieee.org>
parents:
6083
diff
changeset
|
1939 '"8","resolved"\r\n'), |
|
5614
be99aa02c616
issue2550833 enhance the export csv action to include the keys for
John Rouillard <rouilj@ieee.org>
parents:
5519
diff
changeset
|
1940 output.getvalue()) |
|
be99aa02c616
issue2550833 enhance the export csv action to include the keys for
John Rouillard <rouilj@ieee.org>
parents:
5519
diff
changeset
|
1941 |
|
be99aa02c616
issue2550833 enhance the export csv action to include the keys for
John Rouillard <rouilj@ieee.org>
parents:
5519
diff
changeset
|
1942 def testCSVExportWithIdBadColumnName(self): |
|
be99aa02c616
issue2550833 enhance the export csv action to include the keys for
John Rouillard <rouilj@ieee.org>
parents:
5519
diff
changeset
|
1943 cl = self._make_client({'@columns': 'falseid,name'}, nodeid=None, |
|
be99aa02c616
issue2550833 enhance the export csv action to include the keys for
John Rouillard <rouilj@ieee.org>
parents:
5519
diff
changeset
|
1944 userid='1') |
|
be99aa02c616
issue2550833 enhance the export csv action to include the keys for
John Rouillard <rouilj@ieee.org>
parents:
5519
diff
changeset
|
1945 cl.classname = 'status' |
|
6083
f74d078cfd9a
issue2551019 needs to be handled in the action code itself, not the WSGI handler
Christof Meerwald <cmeerw@cmeerw.org>
parents:
5980
diff
changeset
|
1946 output = io.BytesIO() |
|
5614
be99aa02c616
issue2550833 enhance the export csv action to include the keys for
John Rouillard <rouilj@ieee.org>
parents:
5519
diff
changeset
|
1947 cl.request = MockNull() |
|
be99aa02c616
issue2550833 enhance the export csv action to include the keys for
John Rouillard <rouilj@ieee.org>
parents:
5519
diff
changeset
|
1948 cl.request.wfile = output |
|
be99aa02c616
issue2550833 enhance the export csv action to include the keys for
John Rouillard <rouilj@ieee.org>
parents:
5519
diff
changeset
|
1949 self.assertRaises(exceptions.NotFound, |
|
be99aa02c616
issue2550833 enhance the export csv action to include the keys for
John Rouillard <rouilj@ieee.org>
parents:
5519
diff
changeset
|
1950 actions.ExportCSVWithIdAction(cl).handle) |
|
be99aa02c616
issue2550833 enhance the export csv action to include the keys for
John Rouillard <rouilj@ieee.org>
parents:
5519
diff
changeset
|
1951 |
|
be99aa02c616
issue2550833 enhance the export csv action to include the keys for
John Rouillard <rouilj@ieee.org>
parents:
5519
diff
changeset
|
1952 def testCSVExportWithIdFailPermissionBadColumn(self): |
|
be99aa02c616
issue2550833 enhance the export csv action to include the keys for
John Rouillard <rouilj@ieee.org>
parents:
5519
diff
changeset
|
1953 cl = self._make_client({'@columns': 'id,email,password'}, nodeid=None, |
|
be99aa02c616
issue2550833 enhance the export csv action to include the keys for
John Rouillard <rouilj@ieee.org>
parents:
5519
diff
changeset
|
1954 userid='2') |
|
be99aa02c616
issue2550833 enhance the export csv action to include the keys for
John Rouillard <rouilj@ieee.org>
parents:
5519
diff
changeset
|
1955 cl.classname = 'user' |
|
6083
f74d078cfd9a
issue2551019 needs to be handled in the action code itself, not the WSGI handler
Christof Meerwald <cmeerw@cmeerw.org>
parents:
5980
diff
changeset
|
1956 output = io.BytesIO() |
|
5614
be99aa02c616
issue2550833 enhance the export csv action to include the keys for
John Rouillard <rouilj@ieee.org>
parents:
5519
diff
changeset
|
1957 cl.request = MockNull() |
|
be99aa02c616
issue2550833 enhance the export csv action to include the keys for
John Rouillard <rouilj@ieee.org>
parents:
5519
diff
changeset
|
1958 cl.request.wfile = output |
|
be99aa02c616
issue2550833 enhance the export csv action to include the keys for
John Rouillard <rouilj@ieee.org>
parents:
5519
diff
changeset
|
1959 # used to be self.assertRaises(exceptions.Unauthorised, |
|
be99aa02c616
issue2550833 enhance the export csv action to include the keys for
John Rouillard <rouilj@ieee.org>
parents:
5519
diff
changeset
|
1960 # but not acting like the column name is not found |
|
be99aa02c616
issue2550833 enhance the export csv action to include the keys for
John Rouillard <rouilj@ieee.org>
parents:
5519
diff
changeset
|
1961 # see issue2550755 - should this return Unauthorised? |
|
be99aa02c616
issue2550833 enhance the export csv action to include the keys for
John Rouillard <rouilj@ieee.org>
parents:
5519
diff
changeset
|
1962 # The unauthorised user should never get to the point where |
|
be99aa02c616
issue2550833 enhance the export csv action to include the keys for
John Rouillard <rouilj@ieee.org>
parents:
5519
diff
changeset
|
1963 # they can determine if the column name is valid or not. |
|
be99aa02c616
issue2550833 enhance the export csv action to include the keys for
John Rouillard <rouilj@ieee.org>
parents:
5519
diff
changeset
|
1964 self.assertRaises(exceptions.NotFound, |
|
be99aa02c616
issue2550833 enhance the export csv action to include the keys for
John Rouillard <rouilj@ieee.org>
parents:
5519
diff
changeset
|
1965 actions.ExportCSVWithIdAction(cl).handle) |
|
be99aa02c616
issue2550833 enhance the export csv action to include the keys for
John Rouillard <rouilj@ieee.org>
parents:
5519
diff
changeset
|
1966 |
|
be99aa02c616
issue2550833 enhance the export csv action to include the keys for
John Rouillard <rouilj@ieee.org>
parents:
5519
diff
changeset
|
1967 def testCSVExportWithIdFailPermissionValidColumn(self): |
|
5168
9e41254430fe
issue2550755: exceptions.NotFound(msg) msg is not reported to user in cgi fix tests
John Rouillard <rouilj@ieee.org>
parents:
5166
diff
changeset
|
1968 cl = self._make_client({'@columns': 'id,address,password'}, nodeid=None, |
|
9e41254430fe
issue2550755: exceptions.NotFound(msg) msg is not reported to user in cgi fix tests
John Rouillard <rouilj@ieee.org>
parents:
5166
diff
changeset
|
1969 userid='2') |
|
9e41254430fe
issue2550755: exceptions.NotFound(msg) msg is not reported to user in cgi fix tests
John Rouillard <rouilj@ieee.org>
parents:
5166
diff
changeset
|
1970 cl.classname = 'user' |
|
6083
f74d078cfd9a
issue2551019 needs to be handled in the action code itself, not the WSGI handler
Christof Meerwald <cmeerw@cmeerw.org>
parents:
5980
diff
changeset
|
1971 output = io.BytesIO() |
|
5168
9e41254430fe
issue2550755: exceptions.NotFound(msg) msg is not reported to user in cgi fix tests
John Rouillard <rouilj@ieee.org>
parents:
5166
diff
changeset
|
1972 cl.request = MockNull() |
|
9e41254430fe
issue2550755: exceptions.NotFound(msg) msg is not reported to user in cgi fix tests
John Rouillard <rouilj@ieee.org>
parents:
5166
diff
changeset
|
1973 cl.request.wfile = output |
|
9e41254430fe
issue2550755: exceptions.NotFound(msg) msg is not reported to user in cgi fix tests
John Rouillard <rouilj@ieee.org>
parents:
5166
diff
changeset
|
1974 # used to be self.assertRaises(exceptions.Unauthorised, |
|
9e41254430fe
issue2550755: exceptions.NotFound(msg) msg is not reported to user in cgi fix tests
John Rouillard <rouilj@ieee.org>
parents:
5166
diff
changeset
|
1975 # but not acting like the column name is not found |
|
9e41254430fe
issue2550755: exceptions.NotFound(msg) msg is not reported to user in cgi fix tests
John Rouillard <rouilj@ieee.org>
parents:
5166
diff
changeset
|
1976 self.assertRaises(exceptions.Unauthorised, |
|
5614
be99aa02c616
issue2550833 enhance the export csv action to include the keys for
John Rouillard <rouilj@ieee.org>
parents:
5519
diff
changeset
|
1977 actions.ExportCSVWithIdAction(cl).handle) |
|
4112
6441ffe588f7
fix bug introduced into CSV export and view (issue 2550529)
Richard Jones <richard@users.sourceforge.net>
parents:
4088
diff
changeset
|
1978 |
|
5160
f8a32b7331f1
add basic crappy test framework for the client.py::Client::renderFrontPage() ::determine_context() and ::renderContext() methods.
John Rouillard <rouilj@ieee.org>
parents:
5159
diff
changeset
|
1979 class TemplateHtmlRendering(unittest.TestCase): |
|
f8a32b7331f1
add basic crappy test framework for the client.py::Client::renderFrontPage() ::determine_context() and ::renderContext() methods.
John Rouillard <rouilj@ieee.org>
parents:
5159
diff
changeset
|
1980 ''' try to test the rendering code for tal ''' |
|
f8a32b7331f1
add basic crappy test framework for the client.py::Client::renderFrontPage() ::determine_context() and ::renderContext() methods.
John Rouillard <rouilj@ieee.org>
parents:
5159
diff
changeset
|
1981 def setUp(self): |
|
f8a32b7331f1
add basic crappy test framework for the client.py::Client::renderFrontPage() ::determine_context() and ::renderContext() methods.
John Rouillard <rouilj@ieee.org>
parents:
5159
diff
changeset
|
1982 self.dirname = '_test_template' |
|
f8a32b7331f1
add basic crappy test framework for the client.py::Client::renderFrontPage() ::determine_context() and ::renderContext() methods.
John Rouillard <rouilj@ieee.org>
parents:
5159
diff
changeset
|
1983 # set up and open a tracker |
|
5310
efb34cbdba7c
Add (currently failing) test for atomic actions
Ralf Schlatterbeck <rsc@runtux.com>
parents:
5248
diff
changeset
|
1984 self.instance = setupTracker(self.dirname) |
|
5160
f8a32b7331f1
add basic crappy test framework for the client.py::Client::renderFrontPage() ::determine_context() and ::renderContext() methods.
John Rouillard <rouilj@ieee.org>
parents:
5159
diff
changeset
|
1985 |
|
f8a32b7331f1
add basic crappy test framework for the client.py::Client::renderFrontPage() ::determine_context() and ::renderContext() methods.
John Rouillard <rouilj@ieee.org>
parents:
5159
diff
changeset
|
1986 # open the database |
|
f8a32b7331f1
add basic crappy test framework for the client.py::Client::renderFrontPage() ::determine_context() and ::renderContext() methods.
John Rouillard <rouilj@ieee.org>
parents:
5159
diff
changeset
|
1987 self.db = self.instance.open('admin') |
|
f8a32b7331f1
add basic crappy test framework for the client.py::Client::renderFrontPage() ::determine_context() and ::renderContext() methods.
John Rouillard <rouilj@ieee.org>
parents:
5159
diff
changeset
|
1988 self.db.tx_Source = "web" |
|
f8a32b7331f1
add basic crappy test framework for the client.py::Client::renderFrontPage() ::determine_context() and ::renderContext() methods.
John Rouillard <rouilj@ieee.org>
parents:
5159
diff
changeset
|
1989 self.db.user.create(username='Chef', address='chef@bork.bork.bork', |
|
f8a32b7331f1
add basic crappy test framework for the client.py::Client::renderFrontPage() ::determine_context() and ::renderContext() methods.
John Rouillard <rouilj@ieee.org>
parents:
5159
diff
changeset
|
1990 realname='Bork, Chef', roles='User') |
|
f8a32b7331f1
add basic crappy test framework for the client.py::Client::renderFrontPage() ::determine_context() and ::renderContext() methods.
John Rouillard <rouilj@ieee.org>
parents:
5159
diff
changeset
|
1991 self.db.user.create(username='mary', address='mary@test.test', |
|
f8a32b7331f1
add basic crappy test framework for the client.py::Client::renderFrontPage() ::determine_context() and ::renderContext() methods.
John Rouillard <rouilj@ieee.org>
parents:
5159
diff
changeset
|
1992 roles='User', realname='Contrary, Mary') |
|
f8a32b7331f1
add basic crappy test framework for the client.py::Client::renderFrontPage() ::determine_context() and ::renderContext() methods.
John Rouillard <rouilj@ieee.org>
parents:
5159
diff
changeset
|
1993 self.db.post_init() |
|
f8a32b7331f1
add basic crappy test framework for the client.py::Client::renderFrontPage() ::determine_context() and ::renderContext() methods.
John Rouillard <rouilj@ieee.org>
parents:
5159
diff
changeset
|
1994 |
|
f8a32b7331f1
add basic crappy test framework for the client.py::Client::renderFrontPage() ::determine_context() and ::renderContext() methods.
John Rouillard <rouilj@ieee.org>
parents:
5159
diff
changeset
|
1995 # create a client instance and hijack write_html |
|
f8a32b7331f1
add basic crappy test framework for the client.py::Client::renderFrontPage() ::determine_context() and ::renderContext() methods.
John Rouillard <rouilj@ieee.org>
parents:
5159
diff
changeset
|
1996 self.client = client.Client(self.instance, "user", |
|
f8a32b7331f1
add basic crappy test framework for the client.py::Client::renderFrontPage() ::determine_context() and ::renderContext() methods.
John Rouillard <rouilj@ieee.org>
parents:
5159
diff
changeset
|
1997 {'PATH_INFO':'/user', 'REQUEST_METHOD':'POST'}, |
|
5310
efb34cbdba7c
Add (currently failing) test for atomic actions
Ralf Schlatterbeck <rsc@runtux.com>
parents:
5248
diff
changeset
|
1998 form=db_test_base.makeForm({"@template": "item"})) |
|
5160
f8a32b7331f1
add basic crappy test framework for the client.py::Client::renderFrontPage() ::determine_context() and ::renderContext() methods.
John Rouillard <rouilj@ieee.org>
parents:
5159
diff
changeset
|
1999 |
|
f8a32b7331f1
add basic crappy test framework for the client.py::Client::renderFrontPage() ::determine_context() and ::renderContext() methods.
John Rouillard <rouilj@ieee.org>
parents:
5159
diff
changeset
|
2000 self.client._error_message = [] |
|
f8a32b7331f1
add basic crappy test framework for the client.py::Client::renderFrontPage() ::determine_context() and ::renderContext() methods.
John Rouillard <rouilj@ieee.org>
parents:
5159
diff
changeset
|
2001 self.client._ok_message = [] |
|
f8a32b7331f1
add basic crappy test framework for the client.py::Client::renderFrontPage() ::determine_context() and ::renderContext() methods.
John Rouillard <rouilj@ieee.org>
parents:
5159
diff
changeset
|
2002 self.client.db = self.db |
|
f8a32b7331f1
add basic crappy test framework for the client.py::Client::renderFrontPage() ::determine_context() and ::renderContext() methods.
John Rouillard <rouilj@ieee.org>
parents:
5159
diff
changeset
|
2003 self.client.userid = '1' |
|
f8a32b7331f1
add basic crappy test framework for the client.py::Client::renderFrontPage() ::determine_context() and ::renderContext() methods.
John Rouillard <rouilj@ieee.org>
parents:
5159
diff
changeset
|
2004 self.client.language = ('en',) |
|
5208
23b8eeaf9864
fixing some tests due to changes to classic template by adding anti-csrf code
John Rouillard <rouilj@ieee.org>
parents:
5203
diff
changeset
|
2005 self.client.session_api = MockNull(_sid="1234567890") |
|
5160
f8a32b7331f1
add basic crappy test framework for the client.py::Client::renderFrontPage() ::determine_context() and ::renderContext() methods.
John Rouillard <rouilj@ieee.org>
parents:
5159
diff
changeset
|
2006 |
|
f8a32b7331f1
add basic crappy test framework for the client.py::Client::renderFrontPage() ::determine_context() and ::renderContext() methods.
John Rouillard <rouilj@ieee.org>
parents:
5159
diff
changeset
|
2007 self.output = [] |
|
f8a32b7331f1
add basic crappy test framework for the client.py::Client::renderFrontPage() ::determine_context() and ::renderContext() methods.
John Rouillard <rouilj@ieee.org>
parents:
5159
diff
changeset
|
2008 # ugly hack to get html_write to return data here. |
|
f8a32b7331f1
add basic crappy test framework for the client.py::Client::renderFrontPage() ::determine_context() and ::renderContext() methods.
John Rouillard <rouilj@ieee.org>
parents:
5159
diff
changeset
|
2009 def html_write(s): |
|
f8a32b7331f1
add basic crappy test framework for the client.py::Client::renderFrontPage() ::determine_context() and ::renderContext() methods.
John Rouillard <rouilj@ieee.org>
parents:
5159
diff
changeset
|
2010 self.output.append(s) |
|
f8a32b7331f1
add basic crappy test framework for the client.py::Client::renderFrontPage() ::determine_context() and ::renderContext() methods.
John Rouillard <rouilj@ieee.org>
parents:
5159
diff
changeset
|
2011 |
|
f8a32b7331f1
add basic crappy test framework for the client.py::Client::renderFrontPage() ::determine_context() and ::renderContext() methods.
John Rouillard <rouilj@ieee.org>
parents:
5159
diff
changeset
|
2012 # hijack html_write |
|
f8a32b7331f1
add basic crappy test framework for the client.py::Client::renderFrontPage() ::determine_context() and ::renderContext() methods.
John Rouillard <rouilj@ieee.org>
parents:
5159
diff
changeset
|
2013 self.client.write_html = html_write |
|
f8a32b7331f1
add basic crappy test framework for the client.py::Client::renderFrontPage() ::determine_context() and ::renderContext() methods.
John Rouillard <rouilj@ieee.org>
parents:
5159
diff
changeset
|
2014 |
|
f8a32b7331f1
add basic crappy test framework for the client.py::Client::renderFrontPage() ::determine_context() and ::renderContext() methods.
John Rouillard <rouilj@ieee.org>
parents:
5159
diff
changeset
|
2015 self.db.issue.create(title='foo') |
|
f8a32b7331f1
add basic crappy test framework for the client.py::Client::renderFrontPage() ::determine_context() and ::renderContext() methods.
John Rouillard <rouilj@ieee.org>
parents:
5159
diff
changeset
|
2016 |
|
f8a32b7331f1
add basic crappy test framework for the client.py::Client::renderFrontPage() ::determine_context() and ::renderContext() methods.
John Rouillard <rouilj@ieee.org>
parents:
5159
diff
changeset
|
2017 def tearDown(self): |
|
f8a32b7331f1
add basic crappy test framework for the client.py::Client::renderFrontPage() ::determine_context() and ::renderContext() methods.
John Rouillard <rouilj@ieee.org>
parents:
5159
diff
changeset
|
2018 self.db.close() |
|
f8a32b7331f1
add basic crappy test framework for the client.py::Client::renderFrontPage() ::determine_context() and ::renderContext() methods.
John Rouillard <rouilj@ieee.org>
parents:
5159
diff
changeset
|
2019 try: |
|
f8a32b7331f1
add basic crappy test framework for the client.py::Client::renderFrontPage() ::determine_context() and ::renderContext() methods.
John Rouillard <rouilj@ieee.org>
parents:
5159
diff
changeset
|
2020 shutil.rmtree(self.dirname) |
|
5248
198b6e810c67
Use Python-3-compatible 'as' syntax for except statements
Eric S. Raymond <esr@thyrsus.com>
parents:
5231
diff
changeset
|
2021 except OSError as error: |
|
5160
f8a32b7331f1
add basic crappy test framework for the client.py::Client::renderFrontPage() ::determine_context() and ::renderContext() methods.
John Rouillard <rouilj@ieee.org>
parents:
5159
diff
changeset
|
2022 if error.errno not in (errno.ENOENT, errno.ESRCH): raise |
|
f8a32b7331f1
add basic crappy test framework for the client.py::Client::renderFrontPage() ::determine_context() and ::renderContext() methods.
John Rouillard <rouilj@ieee.org>
parents:
5159
diff
changeset
|
2023 |
|
f8a32b7331f1
add basic crappy test framework for the client.py::Client::renderFrontPage() ::determine_context() and ::renderContext() methods.
John Rouillard <rouilj@ieee.org>
parents:
5159
diff
changeset
|
2024 def testrenderFrontPage(self): |
|
f8a32b7331f1
add basic crappy test framework for the client.py::Client::renderFrontPage() ::determine_context() and ::renderContext() methods.
John Rouillard <rouilj@ieee.org>
parents:
5159
diff
changeset
|
2025 self.client.renderFrontPage("hello world RaNdOmJunk") |
|
f8a32b7331f1
add basic crappy test framework for the client.py::Client::renderFrontPage() ::determine_context() and ::renderContext() methods.
John Rouillard <rouilj@ieee.org>
parents:
5159
diff
changeset
|
2026 # make sure we can find the "hello world RaNdOmJunk" |
|
f8a32b7331f1
add basic crappy test framework for the client.py::Client::renderFrontPage() ::determine_context() and ::renderContext() methods.
John Rouillard <rouilj@ieee.org>
parents:
5159
diff
changeset
|
2027 # message in the output. |
|
f8a32b7331f1
add basic crappy test framework for the client.py::Client::renderFrontPage() ::determine_context() and ::renderContext() methods.
John Rouillard <rouilj@ieee.org>
parents:
5159
diff
changeset
|
2028 self.assertNotEqual(-1, |
|
f8a32b7331f1
add basic crappy test framework for the client.py::Client::renderFrontPage() ::determine_context() and ::renderContext() methods.
John Rouillard <rouilj@ieee.org>
parents:
5159
diff
changeset
|
2029 self.output[0].index('<p class="error-message">hello world RaNdOmJunk <br/ > </p>')) |
|
f8a32b7331f1
add basic crappy test framework for the client.py::Client::renderFrontPage() ::determine_context() and ::renderContext() methods.
John Rouillard <rouilj@ieee.org>
parents:
5159
diff
changeset
|
2030 # make sure we can find issue 1 title foo in the output |
|
f8a32b7331f1
add basic crappy test framework for the client.py::Client::renderFrontPage() ::determine_context() and ::renderContext() methods.
John Rouillard <rouilj@ieee.org>
parents:
5159
diff
changeset
|
2031 self.assertNotEqual(-1, |
|
f8a32b7331f1
add basic crappy test framework for the client.py::Client::renderFrontPage() ::determine_context() and ::renderContext() methods.
John Rouillard <rouilj@ieee.org>
parents:
5159
diff
changeset
|
2032 self.output[0].index('<a href="issue1">foo</a>')) |
|
f8a32b7331f1
add basic crappy test framework for the client.py::Client::renderFrontPage() ::determine_context() and ::renderContext() methods.
John Rouillard <rouilj@ieee.org>
parents:
5159
diff
changeset
|
2033 |
|
f8a32b7331f1
add basic crappy test framework for the client.py::Client::renderFrontPage() ::determine_context() and ::renderContext() methods.
John Rouillard <rouilj@ieee.org>
parents:
5159
diff
changeset
|
2034 # make sure we can find the last SHA1 sum line at the end of the |
|
f8a32b7331f1
add basic crappy test framework for the client.py::Client::renderFrontPage() ::determine_context() and ::renderContext() methods.
John Rouillard <rouilj@ieee.org>
parents:
5159
diff
changeset
|
2035 # page |
|
f8a32b7331f1
add basic crappy test framework for the client.py::Client::renderFrontPage() ::determine_context() and ::renderContext() methods.
John Rouillard <rouilj@ieee.org>
parents:
5159
diff
changeset
|
2036 self.assertNotEqual(-1, |
|
f8a32b7331f1
add basic crappy test framework for the client.py::Client::renderFrontPage() ::determine_context() and ::renderContext() methods.
John Rouillard <rouilj@ieee.org>
parents:
5159
diff
changeset
|
2037 self.output[0].index('<!-- SHA: c87a4e18d59a527331f1d367c0c6cc67ee123e63 -->')) |
|
f8a32b7331f1
add basic crappy test framework for the client.py::Client::renderFrontPage() ::determine_context() and ::renderContext() methods.
John Rouillard <rouilj@ieee.org>
parents:
5159
diff
changeset
|
2038 |
|
f8a32b7331f1
add basic crappy test framework for the client.py::Client::renderFrontPage() ::determine_context() and ::renderContext() methods.
John Rouillard <rouilj@ieee.org>
parents:
5159
diff
changeset
|
2039 def testrenderContext(self): |
|
f8a32b7331f1
add basic crappy test framework for the client.py::Client::renderFrontPage() ::determine_context() and ::renderContext() methods.
John Rouillard <rouilj@ieee.org>
parents:
5159
diff
changeset
|
2040 # set up the client; |
|
f8a32b7331f1
add basic crappy test framework for the client.py::Client::renderFrontPage() ::determine_context() and ::renderContext() methods.
John Rouillard <rouilj@ieee.org>
parents:
5159
diff
changeset
|
2041 # run determine_context to set the required client attributes |
|
f8a32b7331f1
add basic crappy test framework for the client.py::Client::renderFrontPage() ::determine_context() and ::renderContext() methods.
John Rouillard <rouilj@ieee.org>
parents:
5159
diff
changeset
|
2042 # run renderContext(); check result for proper page |
|
f8a32b7331f1
add basic crappy test framework for the client.py::Client::renderFrontPage() ::determine_context() and ::renderContext() methods.
John Rouillard <rouilj@ieee.org>
parents:
5159
diff
changeset
|
2043 |
|
f8a32b7331f1
add basic crappy test framework for the client.py::Client::renderFrontPage() ::determine_context() and ::renderContext() methods.
John Rouillard <rouilj@ieee.org>
parents:
5159
diff
changeset
|
2044 # this will generate the default home page like |
|
f8a32b7331f1
add basic crappy test framework for the client.py::Client::renderFrontPage() ::determine_context() and ::renderContext() methods.
John Rouillard <rouilj@ieee.org>
parents:
5159
diff
changeset
|
2045 # testrenderFrontPage |
|
5310
efb34cbdba7c
Add (currently failing) test for atomic actions
Ralf Schlatterbeck <rsc@runtux.com>
parents:
5248
diff
changeset
|
2046 self.client.form=db_test_base.makeForm({}) |
|
5160
f8a32b7331f1
add basic crappy test framework for the client.py::Client::renderFrontPage() ::determine_context() and ::renderContext() methods.
John Rouillard <rouilj@ieee.org>
parents:
5159
diff
changeset
|
2047 self.client.path = '' |
|
f8a32b7331f1
add basic crappy test framework for the client.py::Client::renderFrontPage() ::determine_context() and ::renderContext() methods.
John Rouillard <rouilj@ieee.org>
parents:
5159
diff
changeset
|
2048 self.client.determine_context() |
|
f8a32b7331f1
add basic crappy test framework for the client.py::Client::renderFrontPage() ::determine_context() and ::renderContext() methods.
John Rouillard <rouilj@ieee.org>
parents:
5159
diff
changeset
|
2049 self.assertEqual((self.client.classname, self.client.template, self.client.nodeid), (None, '', None)) |
|
f8a32b7331f1
add basic crappy test framework for the client.py::Client::renderFrontPage() ::determine_context() and ::renderContext() methods.
John Rouillard <rouilj@ieee.org>
parents:
5159
diff
changeset
|
2050 self.assertEqual(self.client._ok_message, []) |
|
f8a32b7331f1
add basic crappy test framework for the client.py::Client::renderFrontPage() ::determine_context() and ::renderContext() methods.
John Rouillard <rouilj@ieee.org>
parents:
5159
diff
changeset
|
2051 |
|
f8a32b7331f1
add basic crappy test framework for the client.py::Client::renderFrontPage() ::determine_context() and ::renderContext() methods.
John Rouillard <rouilj@ieee.org>
parents:
5159
diff
changeset
|
2052 result = self.client.renderContext() |
|
f8a32b7331f1
add basic crappy test framework for the client.py::Client::renderFrontPage() ::determine_context() and ::renderContext() methods.
John Rouillard <rouilj@ieee.org>
parents:
5159
diff
changeset
|
2053 self.assertNotEqual(-1, |
|
f8a32b7331f1
add basic crappy test framework for the client.py::Client::renderFrontPage() ::determine_context() and ::renderContext() methods.
John Rouillard <rouilj@ieee.org>
parents:
5159
diff
changeset
|
2054 result.index('<!-- SHA: c87a4e18d59a527331f1d367c0c6cc67ee123e63 -->')) |
|
f8a32b7331f1
add basic crappy test framework for the client.py::Client::renderFrontPage() ::determine_context() and ::renderContext() methods.
John Rouillard <rouilj@ieee.org>
parents:
5159
diff
changeset
|
2055 |
|
f8a32b7331f1
add basic crappy test framework for the client.py::Client::renderFrontPage() ::determine_context() and ::renderContext() methods.
John Rouillard <rouilj@ieee.org>
parents:
5159
diff
changeset
|
2056 # now look at the user index page |
|
5310
efb34cbdba7c
Add (currently failing) test for atomic actions
Ralf Schlatterbeck <rsc@runtux.com>
parents:
5248
diff
changeset
|
2057 self.client.form=db_test_base.makeForm( |
|
efb34cbdba7c
Add (currently failing) test for atomic actions
Ralf Schlatterbeck <rsc@runtux.com>
parents:
5248
diff
changeset
|
2058 { "@ok_message": "ok message", "@template": "index"}) |
|
5160
f8a32b7331f1
add basic crappy test framework for the client.py::Client::renderFrontPage() ::determine_context() and ::renderContext() methods.
John Rouillard <rouilj@ieee.org>
parents:
5159
diff
changeset
|
2059 self.client.path = 'user' |
|
f8a32b7331f1
add basic crappy test framework for the client.py::Client::renderFrontPage() ::determine_context() and ::renderContext() methods.
John Rouillard <rouilj@ieee.org>
parents:
5159
diff
changeset
|
2060 self.client.determine_context() |
|
f8a32b7331f1
add basic crappy test framework for the client.py::Client::renderFrontPage() ::determine_context() and ::renderContext() methods.
John Rouillard <rouilj@ieee.org>
parents:
5159
diff
changeset
|
2061 self.assertEqual((self.client.classname, self.client.template, self.client.nodeid), ('user', 'index', None)) |
|
f8a32b7331f1
add basic crappy test framework for the client.py::Client::renderFrontPage() ::determine_context() and ::renderContext() methods.
John Rouillard <rouilj@ieee.org>
parents:
5159
diff
changeset
|
2062 self.assertEqual(self.client._ok_message, ['ok message']) |
|
f8a32b7331f1
add basic crappy test framework for the client.py::Client::renderFrontPage() ::determine_context() and ::renderContext() methods.
John Rouillard <rouilj@ieee.org>
parents:
5159
diff
changeset
|
2063 |
|
f8a32b7331f1
add basic crappy test framework for the client.py::Client::renderFrontPage() ::determine_context() and ::renderContext() methods.
John Rouillard <rouilj@ieee.org>
parents:
5159
diff
changeset
|
2064 result = self.client.renderContext() |
|
f8a32b7331f1
add basic crappy test framework for the client.py::Client::renderFrontPage() ::determine_context() and ::renderContext() methods.
John Rouillard <rouilj@ieee.org>
parents:
5159
diff
changeset
|
2065 self.assertNotEqual(-1, result.index('<title>User listing - Roundup issue tracker</title>')) |
|
f8a32b7331f1
add basic crappy test framework for the client.py::Client::renderFrontPage() ::determine_context() and ::renderContext() methods.
John Rouillard <rouilj@ieee.org>
parents:
5159
diff
changeset
|
2066 self.assertNotEqual(-1, result.index('ok message')) |
|
f8a32b7331f1
add basic crappy test framework for the client.py::Client::renderFrontPage() ::determine_context() and ::renderContext() methods.
John Rouillard <rouilj@ieee.org>
parents:
5159
diff
changeset
|
2067 # print result |
|
f8a32b7331f1
add basic crappy test framework for the client.py::Client::renderFrontPage() ::determine_context() and ::renderContext() methods.
John Rouillard <rouilj@ieee.org>
parents:
5159
diff
changeset
|
2068 |
|
5185
349bef975367
Make @template support two alternate templates for error and ok cases.
John Rouillard <rouilj@ieee.org>
parents:
5168
diff
changeset
|
2069 def testRenderAltTemplates(self): |
|
349bef975367
Make @template support two alternate templates for error and ok cases.
John Rouillard <rouilj@ieee.org>
parents:
5168
diff
changeset
|
2070 # check that right page is returned when rendering |
|
349bef975367
Make @template support two alternate templates for error and ok cases.
John Rouillard <rouilj@ieee.org>
parents:
5168
diff
changeset
|
2071 # @template=oktempl|errortmpl |
|
349bef975367
Make @template support two alternate templates for error and ok cases.
John Rouillard <rouilj@ieee.org>
parents:
5168
diff
changeset
|
2072 |
|
349bef975367
Make @template support two alternate templates for error and ok cases.
John Rouillard <rouilj@ieee.org>
parents:
5168
diff
changeset
|
2073 # set up the client; |
|
349bef975367
Make @template support two alternate templates for error and ok cases.
John Rouillard <rouilj@ieee.org>
parents:
5168
diff
changeset
|
2074 # run determine_context to set the required client attributes |
|
349bef975367
Make @template support two alternate templates for error and ok cases.
John Rouillard <rouilj@ieee.org>
parents:
5168
diff
changeset
|
2075 # run renderContext(); check result for proper page |
|
349bef975367
Make @template support two alternate templates for error and ok cases.
John Rouillard <rouilj@ieee.org>
parents:
5168
diff
changeset
|
2076 |
|
349bef975367
Make @template support two alternate templates for error and ok cases.
John Rouillard <rouilj@ieee.org>
parents:
5168
diff
changeset
|
2077 # Test ok state template that uses user.forgotten.html |
|
5310
efb34cbdba7c
Add (currently failing) test for atomic actions
Ralf Schlatterbeck <rsc@runtux.com>
parents:
5248
diff
changeset
|
2078 self.client.form=db_test_base.makeForm({"@template": "forgotten|item"}) |
|
5185
349bef975367
Make @template support two alternate templates for error and ok cases.
John Rouillard <rouilj@ieee.org>
parents:
5168
diff
changeset
|
2079 self.client.path = 'user' |
|
349bef975367
Make @template support two alternate templates for error and ok cases.
John Rouillard <rouilj@ieee.org>
parents:
5168
diff
changeset
|
2080 self.client.determine_context() |
|
5201
a9ace22e0a2f
issue 2550690 - Adding anti-csrf measures to roundup following
John Rouillard <rouilj@ieee.org>
parents:
5185
diff
changeset
|
2081 self.client.session_api = MockNull(_sid="1234567890") |
|
5316
351763d6400a
Fix failing test after recent tab changes
Ralf Schlatterbeck <rsc@runtux.com>
parents:
5310
diff
changeset
|
2082 self.assertEqual( |
|
351763d6400a
Fix failing test after recent tab changes
Ralf Schlatterbeck <rsc@runtux.com>
parents:
5310
diff
changeset
|
2083 (self.client.classname, self.client.template, self.client.nodeid), |
|
351763d6400a
Fix failing test after recent tab changes
Ralf Schlatterbeck <rsc@runtux.com>
parents:
5310
diff
changeset
|
2084 ('user', 'forgotten|item', None)) |
|
5185
349bef975367
Make @template support two alternate templates for error and ok cases.
John Rouillard <rouilj@ieee.org>
parents:
5168
diff
changeset
|
2085 self.assertEqual(self.client._ok_message, []) |
|
349bef975367
Make @template support two alternate templates for error and ok cases.
John Rouillard <rouilj@ieee.org>
parents:
5168
diff
changeset
|
2086 |
|
349bef975367
Make @template support two alternate templates for error and ok cases.
John Rouillard <rouilj@ieee.org>
parents:
5168
diff
changeset
|
2087 result = self.client.renderContext() |
|
5376
64b05e24dbd8
Python 3 preparation: convert print to a function.
Joseph Myers <jsm@polyomino.org.uk>
parents:
5316
diff
changeset
|
2088 print(result) |
|
5218
44f7e6b958fe
Added tests for csrf with xmlrpc.
John Rouillard <rouilj@ieee.org>
parents:
5210
diff
changeset
|
2089 # sha1sum of classic tracker user.forgotten.template must be found |
|
5316
351763d6400a
Fix failing test after recent tab changes
Ralf Schlatterbeck <rsc@runtux.com>
parents:
5310
diff
changeset
|
2090 sha1sum = '<!-- SHA: f93570f95f861da40f9c45bbd2b049bb3a7c0fc5 -->' |
|
351763d6400a
Fix failing test after recent tab changes
Ralf Schlatterbeck <rsc@runtux.com>
parents:
5310
diff
changeset
|
2091 self.assertNotEqual(-1, result.index(sha1sum)) |
|
5185
349bef975367
Make @template support two alternate templates for error and ok cases.
John Rouillard <rouilj@ieee.org>
parents:
5168
diff
changeset
|
2092 |
|
349bef975367
Make @template support two alternate templates for error and ok cases.
John Rouillard <rouilj@ieee.org>
parents:
5168
diff
changeset
|
2093 # now set an error in the form to get error template user.item.html |
|
5310
efb34cbdba7c
Add (currently failing) test for atomic actions
Ralf Schlatterbeck <rsc@runtux.com>
parents:
5248
diff
changeset
|
2094 self.client.form=db_test_base.makeForm({"@template": "forgotten|item", |
|
5185
349bef975367
Make @template support two alternate templates for error and ok cases.
John Rouillard <rouilj@ieee.org>
parents:
5168
diff
changeset
|
2095 "@error_message": "this is an error"}) |
|
349bef975367
Make @template support two alternate templates for error and ok cases.
John Rouillard <rouilj@ieee.org>
parents:
5168
diff
changeset
|
2096 self.client.path = 'user' |
|
349bef975367
Make @template support two alternate templates for error and ok cases.
John Rouillard <rouilj@ieee.org>
parents:
5168
diff
changeset
|
2097 self.client.determine_context() |
|
5316
351763d6400a
Fix failing test after recent tab changes
Ralf Schlatterbeck <rsc@runtux.com>
parents:
5310
diff
changeset
|
2098 self.assertEqual( |
|
351763d6400a
Fix failing test after recent tab changes
Ralf Schlatterbeck <rsc@runtux.com>
parents:
5310
diff
changeset
|
2099 (self.client.classname, self.client.template, self.client.nodeid), |
|
351763d6400a
Fix failing test after recent tab changes
Ralf Schlatterbeck <rsc@runtux.com>
parents:
5310
diff
changeset
|
2100 ('user', 'forgotten|item', None)) |
|
5185
349bef975367
Make @template support two alternate templates for error and ok cases.
John Rouillard <rouilj@ieee.org>
parents:
5168
diff
changeset
|
2101 self.assertEqual(self.client._ok_message, []) |
|
349bef975367
Make @template support two alternate templates for error and ok cases.
John Rouillard <rouilj@ieee.org>
parents:
5168
diff
changeset
|
2102 self.assertEqual(self.client._error_message, ["this is an error"]) |
|
349bef975367
Make @template support two alternate templates for error and ok cases.
John Rouillard <rouilj@ieee.org>
parents:
5168
diff
changeset
|
2103 |
|
349bef975367
Make @template support two alternate templates for error and ok cases.
John Rouillard <rouilj@ieee.org>
parents:
5168
diff
changeset
|
2104 result = self.client.renderContext() |
|
5376
64b05e24dbd8
Python 3 preparation: convert print to a function.
Joseph Myers <jsm@polyomino.org.uk>
parents:
5316
diff
changeset
|
2105 print(result) |
|
5218
44f7e6b958fe
Added tests for csrf with xmlrpc.
John Rouillard <rouilj@ieee.org>
parents:
5210
diff
changeset
|
2106 # sha1sum of classic tracker user.item.template must be found |
|
5316
351763d6400a
Fix failing test after recent tab changes
Ralf Schlatterbeck <rsc@runtux.com>
parents:
5310
diff
changeset
|
2107 sha1sum = '<!-- SHA: 3b7ce7cbf24f77733c9b9f64a569d6429390cc3f -->' |
|
351763d6400a
Fix failing test after recent tab changes
Ralf Schlatterbeck <rsc@runtux.com>
parents:
5310
diff
changeset
|
2108 self.assertNotEqual(-1, result.index(sha1sum)) |
|
5185
349bef975367
Make @template support two alternate templates for error and ok cases.
John Rouillard <rouilj@ieee.org>
parents:
5168
diff
changeset
|
2109 |
|
349bef975367
Make @template support two alternate templates for error and ok cases.
John Rouillard <rouilj@ieee.org>
parents:
5168
diff
changeset
|
2110 |
|
5162
3ee79a2d95d4
rename clean_url method to examine_url. the method doesn't realy clean anything, it throws a ValueError if it finds a problem
John Rouillard <rouilj@ieee.org>
parents:
5161
diff
changeset
|
2111 def testexamine_url(self): |
|
3ee79a2d95d4
rename clean_url method to examine_url. the method doesn't realy clean anything, it throws a ValueError if it finds a problem
John Rouillard <rouilj@ieee.org>
parents:
5161
diff
changeset
|
2112 ''' test the examine_url function ''' |
|
3ee79a2d95d4
rename clean_url method to examine_url. the method doesn't realy clean anything, it throws a ValueError if it finds a problem
John Rouillard <rouilj@ieee.org>
parents:
5161
diff
changeset
|
2113 |
|
3ee79a2d95d4
rename clean_url method to examine_url. the method doesn't realy clean anything, it throws a ValueError if it finds a problem
John Rouillard <rouilj@ieee.org>
parents:
5161
diff
changeset
|
2114 def te(url, exception, raises=ValueError): |
|
3ee79a2d95d4
rename clean_url method to examine_url. the method doesn't realy clean anything, it throws a ValueError if it finds a problem
John Rouillard <rouilj@ieee.org>
parents:
5161
diff
changeset
|
2115 with self.assertRaises(raises) as cm: |
|
3ee79a2d95d4
rename clean_url method to examine_url. the method doesn't realy clean anything, it throws a ValueError if it finds a problem
John Rouillard <rouilj@ieee.org>
parents:
5161
diff
changeset
|
2116 examine_url(url) |
|
5453
2b4f606d8e72
use exception.args instead of exception.message
Christof Meerwald <cmeerw@cmeerw.org>
parents:
5418
diff
changeset
|
2117 self.assertEqual(cm.exception.args, (exception,)) |
|
5162
3ee79a2d95d4
rename clean_url method to examine_url. the method doesn't realy clean anything, it throws a ValueError if it finds a problem
John Rouillard <rouilj@ieee.org>
parents:
5161
diff
changeset
|
2118 |
|
3ee79a2d95d4
rename clean_url method to examine_url. the method doesn't realy clean anything, it throws a ValueError if it finds a problem
John Rouillard <rouilj@ieee.org>
parents:
5161
diff
changeset
|
2119 |
|
5161
12190efa30d4
I realized that the __came_from and __redirect_to url parameters I
John Rouillard <rouilj@ieee.org>
parents:
5160
diff
changeset
|
2120 action = actions.Action(self.client) |
|
5162
3ee79a2d95d4
rename clean_url method to examine_url. the method doesn't realy clean anything, it throws a ValueError if it finds a problem
John Rouillard <rouilj@ieee.org>
parents:
5161
diff
changeset
|
2121 examine_url = action.examine_url |
|
5161
12190efa30d4
I realized that the __came_from and __redirect_to url parameters I
John Rouillard <rouilj@ieee.org>
parents:
5160
diff
changeset
|
2122 |
|
12190efa30d4
I realized that the __came_from and __redirect_to url parameters I
John Rouillard <rouilj@ieee.org>
parents:
5160
diff
changeset
|
2123 # Christmas tree url: test of every component that passes |
|
12190efa30d4
I realized that the __came_from and __redirect_to url parameters I
John Rouillard <rouilj@ieee.org>
parents:
5160
diff
changeset
|
2124 self.assertEqual( |
|
5162
3ee79a2d95d4
rename clean_url method to examine_url. the method doesn't realy clean anything, it throws a ValueError if it finds a problem
John Rouillard <rouilj@ieee.org>
parents:
5161
diff
changeset
|
2125 examine_url("http://tracker.example/cgi-bin/roundup.cgi/bugs/user3;parm=bar?@template=foo&parm=(zot)#issue"), |
|
5161
12190efa30d4
I realized that the __came_from and __redirect_to url parameters I
John Rouillard <rouilj@ieee.org>
parents:
5160
diff
changeset
|
2126 'http://tracker.example/cgi-bin/roundup.cgi/bugs/user3;parm=bar?@template=foo&parm=(zot)#issue') |
|
12190efa30d4
I realized that the __came_from and __redirect_to url parameters I
John Rouillard <rouilj@ieee.org>
parents:
5160
diff
changeset
|
2127 |
|
12190efa30d4
I realized that the __came_from and __redirect_to url parameters I
John Rouillard <rouilj@ieee.org>
parents:
5160
diff
changeset
|
2128 # allow replacing http with https if base is http |
|
12190efa30d4
I realized that the __came_from and __redirect_to url parameters I
John Rouillard <rouilj@ieee.org>
parents:
5160
diff
changeset
|
2129 self.assertEqual( |
|
5162
3ee79a2d95d4
rename clean_url method to examine_url. the method doesn't realy clean anything, it throws a ValueError if it finds a problem
John Rouillard <rouilj@ieee.org>
parents:
5161
diff
changeset
|
2130 examine_url("https://tracker.example/cgi-bin/roundup.cgi/bugs/user3;parm=bar?@template=foo&parm=(zot)#issue"), |
|
5161
12190efa30d4
I realized that the __came_from and __redirect_to url parameters I
John Rouillard <rouilj@ieee.org>
parents:
5160
diff
changeset
|
2131 'https://tracker.example/cgi-bin/roundup.cgi/bugs/user3;parm=bar?@template=foo&parm=(zot)#issue') |
|
12190efa30d4
I realized that the __came_from and __redirect_to url parameters I
John Rouillard <rouilj@ieee.org>
parents:
5160
diff
changeset
|
2132 |
|
12190efa30d4
I realized that the __came_from and __redirect_to url parameters I
John Rouillard <rouilj@ieee.org>
parents:
5160
diff
changeset
|
2133 |
|
12190efa30d4
I realized that the __came_from and __redirect_to url parameters I
John Rouillard <rouilj@ieee.org>
parents:
5160
diff
changeset
|
2134 # change base to use https and make sure we don't redirect to http |
|
12190efa30d4
I realized that the __came_from and __redirect_to url parameters I
John Rouillard <rouilj@ieee.org>
parents:
5160
diff
changeset
|
2135 saved_base = action.base |
|
12190efa30d4
I realized that the __came_from and __redirect_to url parameters I
John Rouillard <rouilj@ieee.org>
parents:
5160
diff
changeset
|
2136 action.base = "https://tracker.example/cgi-bin/roundup.cgi/bugs/" |
|
5162
3ee79a2d95d4
rename clean_url method to examine_url. the method doesn't realy clean anything, it throws a ValueError if it finds a problem
John Rouillard <rouilj@ieee.org>
parents:
5161
diff
changeset
|
2137 te("http://tracker.example/cgi-bin/roundup.cgi/bugs/user3;parm=bar?@template=foo&parm=(zot)#issue", |
|
3ee79a2d95d4
rename clean_url method to examine_url. the method doesn't realy clean anything, it throws a ValueError if it finds a problem
John Rouillard <rouilj@ieee.org>
parents:
5161
diff
changeset
|
2138 'Base url https://tracker.example/cgi-bin/roundup.cgi/bugs/ requires https. Redirect url http://tracker.example/cgi-bin/roundup.cgi/bugs/user3;parm=bar?@template=foo&parm=(zot)#issue uses http.') |
|
5161
12190efa30d4
I realized that the __came_from and __redirect_to url parameters I
John Rouillard <rouilj@ieee.org>
parents:
5160
diff
changeset
|
2139 action.base = saved_base |
|
12190efa30d4
I realized that the __came_from and __redirect_to url parameters I
John Rouillard <rouilj@ieee.org>
parents:
5160
diff
changeset
|
2140 |
|
12190efa30d4
I realized that the __came_from and __redirect_to url parameters I
John Rouillard <rouilj@ieee.org>
parents:
5160
diff
changeset
|
2141 # url doesn't have to be valid to roundup, just has to be contained |
|
12190efa30d4
I realized that the __came_from and __redirect_to url parameters I
John Rouillard <rouilj@ieee.org>
parents:
5160
diff
changeset
|
2142 # inside of roundup. No zoik class is defined |
|
5162
3ee79a2d95d4
rename clean_url method to examine_url. the method doesn't realy clean anything, it throws a ValueError if it finds a problem
John Rouillard <rouilj@ieee.org>
parents:
5161
diff
changeset
|
2143 self.assertEqual(examine_url("http://tracker.example/cgi-bin/roundup.cgi/bugs/zoik7;parm=bar?@template=foo&parm=(zot)#issue"), "http://tracker.example/cgi-bin/roundup.cgi/bugs/zoik7;parm=bar?@template=foo&parm=(zot)#issue") |
|
5161
12190efa30d4
I realized that the __came_from and __redirect_to url parameters I
John Rouillard <rouilj@ieee.org>
parents:
5160
diff
changeset
|
2144 |
|
12190efa30d4
I realized that the __came_from and __redirect_to url parameters I
John Rouillard <rouilj@ieee.org>
parents:
5160
diff
changeset
|
2145 # test with wonky schemes |
|
5162
3ee79a2d95d4
rename clean_url method to examine_url. the method doesn't realy clean anything, it throws a ValueError if it finds a problem
John Rouillard <rouilj@ieee.org>
parents:
5161
diff
changeset
|
2146 te("email://tracker.example/cgi-bin/roundup.cgi/bugs/user3;parm=bar?@template=foo&parm=(zot)#issue", |
|
3ee79a2d95d4
rename clean_url method to examine_url. the method doesn't realy clean anything, it throws a ValueError if it finds a problem
John Rouillard <rouilj@ieee.org>
parents:
5161
diff
changeset
|
2147 'Unrecognized scheme in email://tracker.example/cgi-bin/roundup.cgi/bugs/user3;parm=bar?@template=foo&parm=(zot)#issue') |
|
5161
12190efa30d4
I realized that the __came_from and __redirect_to url parameters I
John Rouillard <rouilj@ieee.org>
parents:
5160
diff
changeset
|
2148 |
|
5162
3ee79a2d95d4
rename clean_url method to examine_url. the method doesn't realy clean anything, it throws a ValueError if it finds a problem
John Rouillard <rouilj@ieee.org>
parents:
5161
diff
changeset
|
2149 te("http%3a//tracker.example/cgi-bin/roundup.cgi/bugs/user3;parm=bar?@template=foo&parm=(zot)#issue", 'Unrecognized scheme in http%3a//tracker.example/cgi-bin/roundup.cgi/bugs/user3;parm=bar?@template=foo&parm=(zot)#issue') |
|
5161
12190efa30d4
I realized that the __came_from and __redirect_to url parameters I
John Rouillard <rouilj@ieee.org>
parents:
5160
diff
changeset
|
2150 |
|
12190efa30d4
I realized that the __came_from and __redirect_to url parameters I
John Rouillard <rouilj@ieee.org>
parents:
5160
diff
changeset
|
2151 # test different netloc/path prefix |
|
12190efa30d4
I realized that the __came_from and __redirect_to url parameters I
John Rouillard <rouilj@ieee.org>
parents:
5160
diff
changeset
|
2152 # assert port |
|
5162
3ee79a2d95d4
rename clean_url method to examine_url. the method doesn't realy clean anything, it throws a ValueError if it finds a problem
John Rouillard <rouilj@ieee.org>
parents:
5161
diff
changeset
|
2153 te("http://tracker.example:1025/cgi-bin/roundup.cgi/bugs/user3;parm=bar?@template=foo&parm=(zot)#issue",'Net location in http://tracker.example:1025/cgi-bin/roundup.cgi/bugs/user3;parm=bar?@template=foo&parm=(zot)#issue does not match base: tracker.example') |
|
5161
12190efa30d4
I realized that the __came_from and __redirect_to url parameters I
John Rouillard <rouilj@ieee.org>
parents:
5160
diff
changeset
|
2154 |
|
12190efa30d4
I realized that the __came_from and __redirect_to url parameters I
John Rouillard <rouilj@ieee.org>
parents:
5160
diff
changeset
|
2155 #assert user |
|
5162
3ee79a2d95d4
rename clean_url method to examine_url. the method doesn't realy clean anything, it throws a ValueError if it finds a problem
John Rouillard <rouilj@ieee.org>
parents:
5161
diff
changeset
|
2156 te("http://user@tracker.example/cgi-bin/roundup.cgi/bugs/user3;parm=bar?@template=foo&parm=(zot)#issue", 'Net location in http://user@tracker.example/cgi-bin/roundup.cgi/bugs/user3;parm=bar?@template=foo&parm=(zot)#issue does not match base: tracker.example') |
|
5161
12190efa30d4
I realized that the __came_from and __redirect_to url parameters I
John Rouillard <rouilj@ieee.org>
parents:
5160
diff
changeset
|
2157 |
|
12190efa30d4
I realized that the __came_from and __redirect_to url parameters I
John Rouillard <rouilj@ieee.org>
parents:
5160
diff
changeset
|
2158 #assert user:password |
|
5162
3ee79a2d95d4
rename clean_url method to examine_url. the method doesn't realy clean anything, it throws a ValueError if it finds a problem
John Rouillard <rouilj@ieee.org>
parents:
5161
diff
changeset
|
2159 te("http://user:pass@tracker.example/cgi-bin/roundup.cgi/bugs/user3;parm=bar?@template=foo&parm=(zot)#issue", 'Net location in http://user:pass@tracker.example/cgi-bin/roundup.cgi/bugs/user3;parm=bar?@template=foo&parm=(zot)#issue does not match base: tracker.example') |
|
5161
12190efa30d4
I realized that the __came_from and __redirect_to url parameters I
John Rouillard <rouilj@ieee.org>
parents:
5160
diff
changeset
|
2160 |
|
12190efa30d4
I realized that the __came_from and __redirect_to url parameters I
John Rouillard <rouilj@ieee.org>
parents:
5160
diff
changeset
|
2161 # try localhost http scheme |
|
5162
3ee79a2d95d4
rename clean_url method to examine_url. the method doesn't realy clean anything, it throws a ValueError if it finds a problem
John Rouillard <rouilj@ieee.org>
parents:
5161
diff
changeset
|
2162 te("http://localhost/cgi-bin/roundup.cgi/bugs/user3", 'Net location in http://localhost/cgi-bin/roundup.cgi/bugs/user3 does not match base: tracker.example') |
|
5161
12190efa30d4
I realized that the __came_from and __redirect_to url parameters I
John Rouillard <rouilj@ieee.org>
parents:
5160
diff
changeset
|
2163 |
|
12190efa30d4
I realized that the __came_from and __redirect_to url parameters I
John Rouillard <rouilj@ieee.org>
parents:
5160
diff
changeset
|
2164 # try localhost https scheme |
|
5162
3ee79a2d95d4
rename clean_url method to examine_url. the method doesn't realy clean anything, it throws a ValueError if it finds a problem
John Rouillard <rouilj@ieee.org>
parents:
5161
diff
changeset
|
2165 te("https://localhost/cgi-bin/roundup.cgi/bugs/user3", 'Net location in https://localhost/cgi-bin/roundup.cgi/bugs/user3 does not match base: tracker.example') |
|
5161
12190efa30d4
I realized that the __came_from and __redirect_to url parameters I
John Rouillard <rouilj@ieee.org>
parents:
5160
diff
changeset
|
2166 |
|
12190efa30d4
I realized that the __came_from and __redirect_to url parameters I
John Rouillard <rouilj@ieee.org>
parents:
5160
diff
changeset
|
2167 # try different host |
|
5162
3ee79a2d95d4
rename clean_url method to examine_url. the method doesn't realy clean anything, it throws a ValueError if it finds a problem
John Rouillard <rouilj@ieee.org>
parents:
5161
diff
changeset
|
2168 te("http://bad.guys.are.us/cgi-bin/roundup.cgi/bugs/user3;parm=bar?@template=foo&parm=(zot)#issue", 'Net location in http://bad.guys.are.us/cgi-bin/roundup.cgi/bugs/user3;parm=bar?@template=foo&parm=(zot)#issue does not match base: tracker.example') |
|
5161
12190efa30d4
I realized that the __came_from and __redirect_to url parameters I
John Rouillard <rouilj@ieee.org>
parents:
5160
diff
changeset
|
2169 |
|
12190efa30d4
I realized that the __came_from and __redirect_to url parameters I
John Rouillard <rouilj@ieee.org>
parents:
5160
diff
changeset
|
2170 # change the base path to .../bug from .../bugs |
|
5162
3ee79a2d95d4
rename clean_url method to examine_url. the method doesn't realy clean anything, it throws a ValueError if it finds a problem
John Rouillard <rouilj@ieee.org>
parents:
5161
diff
changeset
|
2171 te("http://tracker.example/cgi-bin/roundup.cgi/bug/user3;parm=bar?@template=foo&parm=(zot)#issue", 'Base path /cgi-bin/roundup.cgi/bugs/ is not a prefix for url http://tracker.example/cgi-bin/roundup.cgi/bug/user3;parm=bar?@template=foo&parm=(zot)#issue') |
|
5161
12190efa30d4
I realized that the __came_from and __redirect_to url parameters I
John Rouillard <rouilj@ieee.org>
parents:
5160
diff
changeset
|
2172 |
|
12190efa30d4
I realized that the __came_from and __redirect_to url parameters I
John Rouillard <rouilj@ieee.org>
parents:
5160
diff
changeset
|
2173 # change the base path eliminate - in cgi-bin |
|
5162
3ee79a2d95d4
rename clean_url method to examine_url. the method doesn't realy clean anything, it throws a ValueError if it finds a problem
John Rouillard <rouilj@ieee.org>
parents:
5161
diff
changeset
|
2174 te("http://tracker.example/cgibin/roundup.cgi/bug/user3;parm=bar?@template=foo&parm=(zot)#issue",'Base path /cgi-bin/roundup.cgi/bugs/ is not a prefix for url http://tracker.example/cgibin/roundup.cgi/bug/user3;parm=bar?@template=foo&parm=(zot)#issue') |
|
5161
12190efa30d4
I realized that the __came_from and __redirect_to url parameters I
John Rouillard <rouilj@ieee.org>
parents:
5160
diff
changeset
|
2175 |
|
12190efa30d4
I realized that the __came_from and __redirect_to url parameters I
John Rouillard <rouilj@ieee.org>
parents:
5160
diff
changeset
|
2176 |
|
12190efa30d4
I realized that the __came_from and __redirect_to url parameters I
John Rouillard <rouilj@ieee.org>
parents:
5160
diff
changeset
|
2177 # scan for unencoded characters |
|
12190efa30d4
I realized that the __came_from and __redirect_to url parameters I
John Rouillard <rouilj@ieee.org>
parents:
5160
diff
changeset
|
2178 # we skip schema and net location since unencoded character |
|
12190efa30d4
I realized that the __came_from and __redirect_to url parameters I
John Rouillard <rouilj@ieee.org>
parents:
5160
diff
changeset
|
2179 # are allowed only by an explicit match to a reference. |
|
12190efa30d4
I realized that the __came_from and __redirect_to url parameters I
John Rouillard <rouilj@ieee.org>
parents:
5160
diff
changeset
|
2180 # |
|
12190efa30d4
I realized that the __came_from and __redirect_to url parameters I
John Rouillard <rouilj@ieee.org>
parents:
5160
diff
changeset
|
2181 # break components with unescaped character '<' |
|
12190efa30d4
I realized that the __came_from and __redirect_to url parameters I
John Rouillard <rouilj@ieee.org>
parents:
5160
diff
changeset
|
2182 # path component |
|
5162
3ee79a2d95d4
rename clean_url method to examine_url. the method doesn't realy clean anything, it throws a ValueError if it finds a problem
John Rouillard <rouilj@ieee.org>
parents:
5161
diff
changeset
|
2183 te("http://tracker.example/cgi-bin/roundup.cgi/bugs/<user3;parm=bar?@template=foo&parm=(zot)#issue", 'Path component (/cgi-bin/roundup.cgi/bugs/<user3) in http://tracker.example/cgi-bin/roundup.cgi/bugs/<user3;parm=bar?@template=foo&parm=(zot)#issue is not properly escaped') |
|
5161
12190efa30d4
I realized that the __came_from and __redirect_to url parameters I
John Rouillard <rouilj@ieee.org>
parents:
5160
diff
changeset
|
2184 |
|
12190efa30d4
I realized that the __came_from and __redirect_to url parameters I
John Rouillard <rouilj@ieee.org>
parents:
5160
diff
changeset
|
2185 # params component |
|
5162
3ee79a2d95d4
rename clean_url method to examine_url. the method doesn't realy clean anything, it throws a ValueError if it finds a problem
John Rouillard <rouilj@ieee.org>
parents:
5161
diff
changeset
|
2186 te("http://tracker.example/cgi-bin/roundup.cgi/bugs/user3;parm=b<ar?@template=foo&parm=(zot)#issue", 'Params component (parm=b<ar) in http://tracker.example/cgi-bin/roundup.cgi/bugs/user3;parm=b<ar?@template=foo&parm=(zot)#issue is not properly escaped') |
|
5161
12190efa30d4
I realized that the __came_from and __redirect_to url parameters I
John Rouillard <rouilj@ieee.org>
parents:
5160
diff
changeset
|
2187 |
|
12190efa30d4
I realized that the __came_from and __redirect_to url parameters I
John Rouillard <rouilj@ieee.org>
parents:
5160
diff
changeset
|
2188 # query component |
|
5162
3ee79a2d95d4
rename clean_url method to examine_url. the method doesn't realy clean anything, it throws a ValueError if it finds a problem
John Rouillard <rouilj@ieee.org>
parents:
5161
diff
changeset
|
2189 te("http://tracker.example/cgi-bin/roundup.cgi/bugs/user3;parm=bar?@template=<foo>&parm=(zot)#issue", 'Query component (@template=<foo>&parm=(zot)) in http://tracker.example/cgi-bin/roundup.cgi/bugs/user3;parm=bar?@template=<foo>&parm=(zot)#issue is not properly escaped') |
|
5161
12190efa30d4
I realized that the __came_from and __redirect_to url parameters I
John Rouillard <rouilj@ieee.org>
parents:
5160
diff
changeset
|
2190 |
|
12190efa30d4
I realized that the __came_from and __redirect_to url parameters I
John Rouillard <rouilj@ieee.org>
parents:
5160
diff
changeset
|
2191 # fragment component |
|
5162
3ee79a2d95d4
rename clean_url method to examine_url. the method doesn't realy clean anything, it throws a ValueError if it finds a problem
John Rouillard <rouilj@ieee.org>
parents:
5161
diff
changeset
|
2192 te("http://tracker.example/cgi-bin/roundup.cgi/bugs/user3;parm=bar?@template=foo&parm=(zot)#iss<ue", 'Fragment component (iss<ue) in http://tracker.example/cgi-bin/roundup.cgi/bugs/user3;parm=bar?@template=foo&parm=(zot)#iss<ue is not properly escaped') |
|
5161
12190efa30d4
I realized that the __came_from and __redirect_to url parameters I
John Rouillard <rouilj@ieee.org>
parents:
5160
diff
changeset
|
2193 |
|
5154
f608eeecf638
issue2550891: Allow subdir in template value. Anthony (antmail)
John Rouillard <rouilj@ieee.org>
parents:
5094
diff
changeset
|
2194 class TemplateTestCase(unittest.TestCase): |
|
f608eeecf638
issue2550891: Allow subdir in template value. Anthony (antmail)
John Rouillard <rouilj@ieee.org>
parents:
5094
diff
changeset
|
2195 ''' Test the template resolving code, i.e. what can be given to @template |
|
f608eeecf638
issue2550891: Allow subdir in template value. Anthony (antmail)
John Rouillard <rouilj@ieee.org>
parents:
5094
diff
changeset
|
2196 ''' |
|
f608eeecf638
issue2550891: Allow subdir in template value. Anthony (antmail)
John Rouillard <rouilj@ieee.org>
parents:
5094
diff
changeset
|
2197 def setUp(self): |
|
f608eeecf638
issue2550891: Allow subdir in template value. Anthony (antmail)
John Rouillard <rouilj@ieee.org>
parents:
5094
diff
changeset
|
2198 self.dirname = '_test_template' |
|
f608eeecf638
issue2550891: Allow subdir in template value. Anthony (antmail)
John Rouillard <rouilj@ieee.org>
parents:
5094
diff
changeset
|
2199 # set up and open a tracker |
|
5310
efb34cbdba7c
Add (currently failing) test for atomic actions
Ralf Schlatterbeck <rsc@runtux.com>
parents:
5248
diff
changeset
|
2200 self.instance = setupTracker(self.dirname) |
|
5154
f608eeecf638
issue2550891: Allow subdir in template value. Anthony (antmail)
John Rouillard <rouilj@ieee.org>
parents:
5094
diff
changeset
|
2201 |
|
f608eeecf638
issue2550891: Allow subdir in template value. Anthony (antmail)
John Rouillard <rouilj@ieee.org>
parents:
5094
diff
changeset
|
2202 # open the database |
|
f608eeecf638
issue2550891: Allow subdir in template value. Anthony (antmail)
John Rouillard <rouilj@ieee.org>
parents:
5094
diff
changeset
|
2203 self.db = self.instance.open('admin') |
|
f608eeecf638
issue2550891: Allow subdir in template value. Anthony (antmail)
John Rouillard <rouilj@ieee.org>
parents:
5094
diff
changeset
|
2204 self.db.tx_Source = "web" |
|
f608eeecf638
issue2550891: Allow subdir in template value. Anthony (antmail)
John Rouillard <rouilj@ieee.org>
parents:
5094
diff
changeset
|
2205 self.db.user.create(username='Chef', address='chef@bork.bork.bork', |
|
f608eeecf638
issue2550891: Allow subdir in template value. Anthony (antmail)
John Rouillard <rouilj@ieee.org>
parents:
5094
diff
changeset
|
2206 realname='Bork, Chef', roles='User') |
|
f608eeecf638
issue2550891: Allow subdir in template value. Anthony (antmail)
John Rouillard <rouilj@ieee.org>
parents:
5094
diff
changeset
|
2207 self.db.user.create(username='mary', address='mary@test.test', |
|
f608eeecf638
issue2550891: Allow subdir in template value. Anthony (antmail)
John Rouillard <rouilj@ieee.org>
parents:
5094
diff
changeset
|
2208 roles='User', realname='Contrary, Mary') |
|
f608eeecf638
issue2550891: Allow subdir in template value. Anthony (antmail)
John Rouillard <rouilj@ieee.org>
parents:
5094
diff
changeset
|
2209 self.db.post_init() |
|
f608eeecf638
issue2550891: Allow subdir in template value. Anthony (antmail)
John Rouillard <rouilj@ieee.org>
parents:
5094
diff
changeset
|
2210 |
|
f608eeecf638
issue2550891: Allow subdir in template value. Anthony (antmail)
John Rouillard <rouilj@ieee.org>
parents:
5094
diff
changeset
|
2211 def tearDown(self): |
|
f608eeecf638
issue2550891: Allow subdir in template value. Anthony (antmail)
John Rouillard <rouilj@ieee.org>
parents:
5094
diff
changeset
|
2212 self.db.close() |
|
f608eeecf638
issue2550891: Allow subdir in template value. Anthony (antmail)
John Rouillard <rouilj@ieee.org>
parents:
5094
diff
changeset
|
2213 try: |
|
f608eeecf638
issue2550891: Allow subdir in template value. Anthony (antmail)
John Rouillard <rouilj@ieee.org>
parents:
5094
diff
changeset
|
2214 shutil.rmtree(self.dirname) |
|
5248
198b6e810c67
Use Python-3-compatible 'as' syntax for except statements
Eric S. Raymond <esr@thyrsus.com>
parents:
5231
diff
changeset
|
2215 except OSError as error: |
|
5154
f608eeecf638
issue2550891: Allow subdir in template value. Anthony (antmail)
John Rouillard <rouilj@ieee.org>
parents:
5094
diff
changeset
|
2216 if error.errno not in (errno.ENOENT, errno.ESRCH): raise |
|
f608eeecf638
issue2550891: Allow subdir in template value. Anthony (antmail)
John Rouillard <rouilj@ieee.org>
parents:
5094
diff
changeset
|
2217 |
|
f608eeecf638
issue2550891: Allow subdir in template value. Anthony (antmail)
John Rouillard <rouilj@ieee.org>
parents:
5094
diff
changeset
|
2218 def testTemplateSubdirectory(self): |
|
f608eeecf638
issue2550891: Allow subdir in template value. Anthony (antmail)
John Rouillard <rouilj@ieee.org>
parents:
5094
diff
changeset
|
2219 # test for templates in subdirectories |
|
f608eeecf638
issue2550891: Allow subdir in template value. Anthony (antmail)
John Rouillard <rouilj@ieee.org>
parents:
5094
diff
changeset
|
2220 |
|
f608eeecf638
issue2550891: Allow subdir in template value. Anthony (antmail)
John Rouillard <rouilj@ieee.org>
parents:
5094
diff
changeset
|
2221 # make the directory |
|
f608eeecf638
issue2550891: Allow subdir in template value. Anthony (antmail)
John Rouillard <rouilj@ieee.org>
parents:
5094
diff
changeset
|
2222 subdir = self.dirname + "/html/subdir" |
|
f608eeecf638
issue2550891: Allow subdir in template value. Anthony (antmail)
John Rouillard <rouilj@ieee.org>
parents:
5094
diff
changeset
|
2223 os.mkdir(subdir) |
|
f608eeecf638
issue2550891: Allow subdir in template value. Anthony (antmail)
John Rouillard <rouilj@ieee.org>
parents:
5094
diff
changeset
|
2224 |
|
f608eeecf638
issue2550891: Allow subdir in template value. Anthony (antmail)
John Rouillard <rouilj@ieee.org>
parents:
5094
diff
changeset
|
2225 # get the client instance The form is needed to initialize, |
|
f608eeecf638
issue2550891: Allow subdir in template value. Anthony (antmail)
John Rouillard <rouilj@ieee.org>
parents:
5094
diff
changeset
|
2226 # but not used since I call selectTemplate directly. |
|
f608eeecf638
issue2550891: Allow subdir in template value. Anthony (antmail)
John Rouillard <rouilj@ieee.org>
parents:
5094
diff
changeset
|
2227 t = client.Client(self.instance, "user", |
|
f608eeecf638
issue2550891: Allow subdir in template value. Anthony (antmail)
John Rouillard <rouilj@ieee.org>
parents:
5094
diff
changeset
|
2228 {'PATH_INFO':'/user', 'REQUEST_METHOD':'POST'}, |
|
5310
efb34cbdba7c
Add (currently failing) test for atomic actions
Ralf Schlatterbeck <rsc@runtux.com>
parents:
5248
diff
changeset
|
2229 form=db_test_base.makeForm({"@template": "item"})) |
|
5154
f608eeecf638
issue2550891: Allow subdir in template value. Anthony (antmail)
John Rouillard <rouilj@ieee.org>
parents:
5094
diff
changeset
|
2230 |
|
f608eeecf638
issue2550891: Allow subdir in template value. Anthony (antmail)
John Rouillard <rouilj@ieee.org>
parents:
5094
diff
changeset
|
2231 # create new file in subdir and a dummy file outside of |
|
f608eeecf638
issue2550891: Allow subdir in template value. Anthony (antmail)
John Rouillard <rouilj@ieee.org>
parents:
5094
diff
changeset
|
2232 # the tracker's html subdirectory |
|
f608eeecf638
issue2550891: Allow subdir in template value. Anthony (antmail)
John Rouillard <rouilj@ieee.org>
parents:
5094
diff
changeset
|
2233 shutil.copyfile(self.dirname + "/html/issue.item.html", |
|
f608eeecf638
issue2550891: Allow subdir in template value. Anthony (antmail)
John Rouillard <rouilj@ieee.org>
parents:
5094
diff
changeset
|
2234 subdir + "/issue.item.html") |
|
f608eeecf638
issue2550891: Allow subdir in template value. Anthony (antmail)
John Rouillard <rouilj@ieee.org>
parents:
5094
diff
changeset
|
2235 shutil.copyfile(self.dirname + "/html/user.item.html", |
|
f608eeecf638
issue2550891: Allow subdir in template value. Anthony (antmail)
John Rouillard <rouilj@ieee.org>
parents:
5094
diff
changeset
|
2236 self.dirname + "/user.item.html") |
|
f608eeecf638
issue2550891: Allow subdir in template value. Anthony (antmail)
John Rouillard <rouilj@ieee.org>
parents:
5094
diff
changeset
|
2237 |
|
f608eeecf638
issue2550891: Allow subdir in template value. Anthony (antmail)
John Rouillard <rouilj@ieee.org>
parents:
5094
diff
changeset
|
2238 # create link outside the html subdir. This should fail due to |
|
f608eeecf638
issue2550891: Allow subdir in template value. Anthony (antmail)
John Rouillard <rouilj@ieee.org>
parents:
5094
diff
changeset
|
2239 # path traversal check. |
|
f608eeecf638
issue2550891: Allow subdir in template value. Anthony (antmail)
John Rouillard <rouilj@ieee.org>
parents:
5094
diff
changeset
|
2240 os.symlink("../../user.item.html", subdir + "/user.item.html") |
|
f608eeecf638
issue2550891: Allow subdir in template value. Anthony (antmail)
John Rouillard <rouilj@ieee.org>
parents:
5094
diff
changeset
|
2241 # it will be removed and replaced by a later test |
|
f608eeecf638
issue2550891: Allow subdir in template value. Anthony (antmail)
John Rouillard <rouilj@ieee.org>
parents:
5094
diff
changeset
|
2242 |
|
f608eeecf638
issue2550891: Allow subdir in template value. Anthony (antmail)
John Rouillard <rouilj@ieee.org>
parents:
5094
diff
changeset
|
2243 # make sure a simple non-subdir template works. |
|
f608eeecf638
issue2550891: Allow subdir in template value. Anthony (antmail)
John Rouillard <rouilj@ieee.org>
parents:
5094
diff
changeset
|
2244 # user.item.html exists so this works. |
|
f608eeecf638
issue2550891: Allow subdir in template value. Anthony (antmail)
John Rouillard <rouilj@ieee.org>
parents:
5094
diff
changeset
|
2245 # note that the extension is not included just the basename |
|
f608eeecf638
issue2550891: Allow subdir in template value. Anthony (antmail)
John Rouillard <rouilj@ieee.org>
parents:
5094
diff
changeset
|
2246 self.assertEqual("user.item", t.selectTemplate("user", "item")) |
|
f608eeecf638
issue2550891: Allow subdir in template value. Anthony (antmail)
John Rouillard <rouilj@ieee.org>
parents:
5094
diff
changeset
|
2247 |
|
5159
7fb697267fdb
adding test case for home templates in various incantations. Also added comment about possibly creating/raising PageTraversal exception. I don't think we need it since @@file doesn't do it but...
John Rouillard <rouilj@ieee.org>
parents:
5154
diff
changeset
|
2248 |
|
7fb697267fdb
adding test case for home templates in various incantations. Also added comment about possibly creating/raising PageTraversal exception. I don't think we need it since @@file doesn't do it but...
John Rouillard <rouilj@ieee.org>
parents:
5154
diff
changeset
|
2249 # make sure home templates work |
|
7fb697267fdb
adding test case for home templates in various incantations. Also added comment about possibly creating/raising PageTraversal exception. I don't think we need it since @@file doesn't do it but...
John Rouillard <rouilj@ieee.org>
parents:
5154
diff
changeset
|
2250 self.assertEqual("home", t.selectTemplate(None, "")) |
|
7fb697267fdb
adding test case for home templates in various incantations. Also added comment about possibly creating/raising PageTraversal exception. I don't think we need it since @@file doesn't do it but...
John Rouillard <rouilj@ieee.org>
parents:
5154
diff
changeset
|
2251 self.assertEqual("home.classlist", t.selectTemplate(None, "classlist")) |
|
7fb697267fdb
adding test case for home templates in various incantations. Also added comment about possibly creating/raising PageTraversal exception. I don't think we need it since @@file doesn't do it but...
John Rouillard <rouilj@ieee.org>
parents:
5154
diff
changeset
|
2252 |
|
7fb697267fdb
adding test case for home templates in various incantations. Also added comment about possibly creating/raising PageTraversal exception. I don't think we need it since @@file doesn't do it but...
John Rouillard <rouilj@ieee.org>
parents:
5154
diff
changeset
|
2253 # home.item doesn't exist should return _generic.item. |
|
7fb697267fdb
adding test case for home templates in various incantations. Also added comment about possibly creating/raising PageTraversal exception. I don't think we need it since @@file doesn't do it but...
John Rouillard <rouilj@ieee.org>
parents:
5154
diff
changeset
|
2254 self.assertEqual("_generic.item", t.selectTemplate(None, "item")) |
|
7fb697267fdb
adding test case for home templates in various incantations. Also added comment about possibly creating/raising PageTraversal exception. I don't think we need it since @@file doesn't do it but...
John Rouillard <rouilj@ieee.org>
parents:
5154
diff
changeset
|
2255 |
|
7fb697267fdb
adding test case for home templates in various incantations. Also added comment about possibly creating/raising PageTraversal exception. I don't think we need it since @@file doesn't do it but...
John Rouillard <rouilj@ieee.org>
parents:
5154
diff
changeset
|
2256 # test case where there is no view so generic template can't |
|
7fb697267fdb
adding test case for home templates in various incantations. Also added comment about possibly creating/raising PageTraversal exception. I don't think we need it since @@file doesn't do it but...
John Rouillard <rouilj@ieee.org>
parents:
5154
diff
changeset
|
2257 # be determined. |
|
7fb697267fdb
adding test case for home templates in various incantations. Also added comment about possibly creating/raising PageTraversal exception. I don't think we need it since @@file doesn't do it but...
John Rouillard <rouilj@ieee.org>
parents:
5154
diff
changeset
|
2258 with self.assertRaises(NoTemplate) as cm: |
|
7fb697267fdb
adding test case for home templates in various incantations. Also added comment about possibly creating/raising PageTraversal exception. I don't think we need it since @@file doesn't do it but...
John Rouillard <rouilj@ieee.org>
parents:
5154
diff
changeset
|
2259 t.selectTemplate("user", "") |
|
5453
2b4f606d8e72
use exception.args instead of exception.message
Christof Meerwald <cmeerw@cmeerw.org>
parents:
5418
diff
changeset
|
2260 self.assertEqual(cm.exception.args, |
|
2b4f606d8e72
use exception.args instead of exception.message
Christof Meerwald <cmeerw@cmeerw.org>
parents:
5418
diff
changeset
|
2261 ('''Template "user" doesn't exist''',)) |
|
5159
7fb697267fdb
adding test case for home templates in various incantations. Also added comment about possibly creating/raising PageTraversal exception. I don't think we need it since @@file doesn't do it but...
John Rouillard <rouilj@ieee.org>
parents:
5154
diff
changeset
|
2262 |
|
5154
f608eeecf638
issue2550891: Allow subdir in template value. Anthony (antmail)
John Rouillard <rouilj@ieee.org>
parents:
5094
diff
changeset
|
2263 # there is no html/subdir/user.item.{,xml,html} so it will |
|
f608eeecf638
issue2550891: Allow subdir in template value. Anthony (antmail)
John Rouillard <rouilj@ieee.org>
parents:
5094
diff
changeset
|
2264 # raise NoTemplate. |
|
f608eeecf638
issue2550891: Allow subdir in template value. Anthony (antmail)
John Rouillard <rouilj@ieee.org>
parents:
5094
diff
changeset
|
2265 self.assertRaises(NoTemplate, |
|
f608eeecf638
issue2550891: Allow subdir in template value. Anthony (antmail)
John Rouillard <rouilj@ieee.org>
parents:
5094
diff
changeset
|
2266 t.selectTemplate, "user", "subdir/item") |
|
f608eeecf638
issue2550891: Allow subdir in template value. Anthony (antmail)
John Rouillard <rouilj@ieee.org>
parents:
5094
diff
changeset
|
2267 |
|
f608eeecf638
issue2550891: Allow subdir in template value. Anthony (antmail)
John Rouillard <rouilj@ieee.org>
parents:
5094
diff
changeset
|
2268 # there is an html/subdir/issue.item.html so this succeeeds |
|
f608eeecf638
issue2550891: Allow subdir in template value. Anthony (antmail)
John Rouillard <rouilj@ieee.org>
parents:
5094
diff
changeset
|
2269 r = t.selectTemplate("issue", "subdir/item") |
|
f608eeecf638
issue2550891: Allow subdir in template value. Anthony (antmail)
John Rouillard <rouilj@ieee.org>
parents:
5094
diff
changeset
|
2270 self.assertEqual("subdir/issue.item", r) |
|
f608eeecf638
issue2550891: Allow subdir in template value. Anthony (antmail)
John Rouillard <rouilj@ieee.org>
parents:
5094
diff
changeset
|
2271 |
|
f608eeecf638
issue2550891: Allow subdir in template value. Anthony (antmail)
John Rouillard <rouilj@ieee.org>
parents:
5094
diff
changeset
|
2272 # there is a self.directory + /html/subdir/user.item.html file, |
|
f608eeecf638
issue2550891: Allow subdir in template value. Anthony (antmail)
John Rouillard <rouilj@ieee.org>
parents:
5094
diff
changeset
|
2273 # but it is a link to self.dir /user.item.html which is outside |
|
f608eeecf638
issue2550891: Allow subdir in template value. Anthony (antmail)
John Rouillard <rouilj@ieee.org>
parents:
5094
diff
changeset
|
2274 # the html subdir so is rejected by the path traversal check. |
|
5159
7fb697267fdb
adding test case for home templates in various incantations. Also added comment about possibly creating/raising PageTraversal exception. I don't think we need it since @@file doesn't do it but...
John Rouillard <rouilj@ieee.org>
parents:
5154
diff
changeset
|
2275 # Prefer NoTemplate here, or should the code be changed to |
|
7fb697267fdb
adding test case for home templates in various incantations. Also added comment about possibly creating/raising PageTraversal exception. I don't think we need it since @@file doesn't do it but...
John Rouillard <rouilj@ieee.org>
parents:
5154
diff
changeset
|
2276 # report a new PathTraversal exception? Could the PathTraversal |
|
7fb697267fdb
adding test case for home templates in various incantations. Also added comment about possibly creating/raising PageTraversal exception. I don't think we need it since @@file doesn't do it but...
John Rouillard <rouilj@ieee.org>
parents:
5154
diff
changeset
|
2277 # exception leak useful info to an attacker?? |
|
5154
f608eeecf638
issue2550891: Allow subdir in template value. Anthony (antmail)
John Rouillard <rouilj@ieee.org>
parents:
5094
diff
changeset
|
2278 self.assertRaises(NoTemplate, |
|
f608eeecf638
issue2550891: Allow subdir in template value. Anthony (antmail)
John Rouillard <rouilj@ieee.org>
parents:
5094
diff
changeset
|
2279 t.selectTemplate, "user", "subdir/item") |
|
f608eeecf638
issue2550891: Allow subdir in template value. Anthony (antmail)
John Rouillard <rouilj@ieee.org>
parents:
5094
diff
changeset
|
2280 |
|
f608eeecf638
issue2550891: Allow subdir in template value. Anthony (antmail)
John Rouillard <rouilj@ieee.org>
parents:
5094
diff
changeset
|
2281 # clear out the link and create a new one to self.dirname + |
|
f608eeecf638
issue2550891: Allow subdir in template value. Anthony (antmail)
John Rouillard <rouilj@ieee.org>
parents:
5094
diff
changeset
|
2282 # html/user.item.html which is inside the html subdir |
|
f608eeecf638
issue2550891: Allow subdir in template value. Anthony (antmail)
John Rouillard <rouilj@ieee.org>
parents:
5094
diff
changeset
|
2283 # so the template check returns the symbolic link path. |
|
f608eeecf638
issue2550891: Allow subdir in template value. Anthony (antmail)
John Rouillard <rouilj@ieee.org>
parents:
5094
diff
changeset
|
2284 os.remove(subdir + "/user.item.html") |
|
f608eeecf638
issue2550891: Allow subdir in template value. Anthony (antmail)
John Rouillard <rouilj@ieee.org>
parents:
5094
diff
changeset
|
2285 os.symlink("../user.item.html", subdir + "/user.item.xml") |
|
f608eeecf638
issue2550891: Allow subdir in template value. Anthony (antmail)
John Rouillard <rouilj@ieee.org>
parents:
5094
diff
changeset
|
2286 |
|
f608eeecf638
issue2550891: Allow subdir in template value. Anthony (antmail)
John Rouillard <rouilj@ieee.org>
parents:
5094
diff
changeset
|
2287 # template check works |
|
f608eeecf638
issue2550891: Allow subdir in template value. Anthony (antmail)
John Rouillard <rouilj@ieee.org>
parents:
5094
diff
changeset
|
2288 r = t.selectTemplate("user", "subdir/item") |
|
5786
68b0c1767b50
Replace assertEquals (depricated) with assertEqual.
John Rouillard <rouilj@ieee.org>
parents:
5771
diff
changeset
|
2289 self.assertEqual("subdir/user.item", r) |
|
5154
f608eeecf638
issue2550891: Allow subdir in template value. Anthony (antmail)
John Rouillard <rouilj@ieee.org>
parents:
5094
diff
changeset
|
2290 |
|
2696
a5c5a1106e3b
init.initialize() was removed in [[CVS:1.30]] (27-jul-2004)
Alexander Smishlajev <a1s@users.sourceforge.net>
parents:
2027
diff
changeset
|
2291 # vim: set filetype=python sts=4 sw=4 et si : |