Mercurial > p > roundup > code

annotate test/session_common.py @ 5232:462b0f76fce8

Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
issue2550864 - Potential information leakage via journal/history Fix this by making the hyperdb::Class::history function check for view permissions on the journaled properties. So a user that sees [hidden] for a property in the web interface doesn;t see the property changes in the history. While doing this, relocated the filter for quiet properties from the templating class to the hyperdb. Also added the skipquiet option to the history command in roundup-admin.py to enable filtering of quiet params. Also changed calls to history() in the backend databases to report all items. Changed inline documentation for all history calls that document the actions. The create action (before nov 6 2002) used to record all parameters. After that point the create call uses an empty dictionary. The filtering code depends on the create dictionary being empty. It may not operate properly on very old roundup databases. Changed calls to logging.getLogger to roundup.hyperdb.backends to allow filtering the back end while keeping hyperdb logging. In cgi/templating.py, changed history() function consolidating handiling of link and unlink actions Added tests for quiet property filtering and permission filtering of history.
author John Rouillard <rouilj@ieee.org>
date Fri, 14 Apr 2017 23:24:18 -0400
parents 63c79c0992ae
children 62de601bdf6f
Ignore whitespace changes - Everywhere: Within whitespace: At end of lines:
rev   line source
2082
c091cacdc505 Finished implementation of session and one-time-key stores for RDBMS backends.
Richard Jones <richard@users.sourceforge.net>
parents:
diff changeset
1 import os, shutil, unittest
c091cacdc505 Finished implementation of session and one-time-key stores for RDBMS backends.
Richard Jones <richard@users.sourceforge.net>
parents:
diff changeset
2
c091cacdc505 Finished implementation of session and one-time-key stores for RDBMS backends.
Richard Jones <richard@users.sourceforge.net>
parents:
diff changeset
3 from db_test_base import config
c091cacdc505 Finished implementation of session and one-time-key stores for RDBMS backends.
Richard Jones <richard@users.sourceforge.net>
parents:
diff changeset
4
5033
63c79c0992ae Update tests to work with py.test
John Kristensen <john@jerrykan.com>
parents: 4386
diff changeset
5
63c79c0992ae Update tests to work with py.test
John Kristensen <john@jerrykan.com>
parents: 4386
diff changeset
6 class SessionTest(object):
2082
c091cacdc505 Finished implementation of session and one-time-key stores for RDBMS backends.
Richard Jones <richard@users.sourceforge.net>
parents:
diff changeset
7 def setUp(self):
c091cacdc505 Finished implementation of session and one-time-key stores for RDBMS backends.
Richard Jones <richard@users.sourceforge.net>
parents:
diff changeset
8 # remove previous test, ignore errors
c091cacdc505 Finished implementation of session and one-time-key stores for RDBMS backends.
Richard Jones <richard@users.sourceforge.net>
parents:
diff changeset
9 if os.path.exists(config.DATABASE):
c091cacdc505 Finished implementation of session and one-time-key stores for RDBMS backends.
Richard Jones <richard@users.sourceforge.net>
parents:
diff changeset
10 shutil.rmtree(config.DATABASE)
c091cacdc505 Finished implementation of session and one-time-key stores for RDBMS backends.
Richard Jones <richard@users.sourceforge.net>
parents:
diff changeset
11 os.makedirs(config.DATABASE + '/files')
c091cacdc505 Finished implementation of session and one-time-key stores for RDBMS backends.
Richard Jones <richard@users.sourceforge.net>
parents:
diff changeset
12 self.db = self.module.Database(config, 'admin')
c091cacdc505 Finished implementation of session and one-time-key stores for RDBMS backends.
Richard Jones <richard@users.sourceforge.net>
parents:
diff changeset
13 self.sessions = self.sessions_module.Sessions(self.db)
c091cacdc505 Finished implementation of session and one-time-key stores for RDBMS backends.
Richard Jones <richard@users.sourceforge.net>
parents:
diff changeset
14 self.otks = self.sessions_module.OneTimeKeys(self.db)
c091cacdc505 Finished implementation of session and one-time-key stores for RDBMS backends.
Richard Jones <richard@users.sourceforge.net>
parents:
diff changeset
15
c091cacdc505 Finished implementation of session and one-time-key stores for RDBMS backends.
Richard Jones <richard@users.sourceforge.net>
parents:
diff changeset
16 def tearDown(self):
c091cacdc505 Finished implementation of session and one-time-key stores for RDBMS backends.
Richard Jones <richard@users.sourceforge.net>
parents:
diff changeset
17 del self.otks
c091cacdc505 Finished implementation of session and one-time-key stores for RDBMS backends.
Richard Jones <richard@users.sourceforge.net>
parents:
diff changeset
18 del self.sessions
c091cacdc505 Finished implementation of session and one-time-key stores for RDBMS backends.
Richard Jones <richard@users.sourceforge.net>
parents:
diff changeset
19 if hasattr(self, 'db'):
c091cacdc505 Finished implementation of session and one-time-key stores for RDBMS backends.
Richard Jones <richard@users.sourceforge.net>
parents:
diff changeset
20 self.db.close()
c091cacdc505 Finished implementation of session and one-time-key stores for RDBMS backends.
Richard Jones <richard@users.sourceforge.net>
parents:
diff changeset
21 if os.path.exists(config.DATABASE):
c091cacdc505 Finished implementation of session and one-time-key stores for RDBMS backends.
Richard Jones <richard@users.sourceforge.net>
parents:
diff changeset
22 shutil.rmtree(config.DATABASE)
c091cacdc505 Finished implementation of session and one-time-key stores for RDBMS backends.
Richard Jones <richard@users.sourceforge.net>
parents:
diff changeset
23
4386
cc33dc9aa3f2 moar test coverage
Richard Jones <richard@users.sourceforge.net>
parents: 2089
diff changeset
24 def testList(self):
cc33dc9aa3f2 moar test coverage
Richard Jones <richard@users.sourceforge.net>
parents: 2089
diff changeset
25 self.sessions.list()
cc33dc9aa3f2 moar test coverage
Richard Jones <richard@users.sourceforge.net>
parents: 2089
diff changeset
26 self.sessions.set('random_key', text='hello, world!')
cc33dc9aa3f2 moar test coverage
Richard Jones <richard@users.sourceforge.net>
parents: 2089
diff changeset
27 self.sessions.list()
cc33dc9aa3f2 moar test coverage
Richard Jones <richard@users.sourceforge.net>
parents: 2089
diff changeset
28
cc33dc9aa3f2 moar test coverage
Richard Jones <richard@users.sourceforge.net>
parents: 2089
diff changeset
29 def testGetAll(self):
cc33dc9aa3f2 moar test coverage
Richard Jones <richard@users.sourceforge.net>
parents: 2089
diff changeset
30 self.sessions.set('random_key', text='hello, world!')
cc33dc9aa3f2 moar test coverage
Richard Jones <richard@users.sourceforge.net>
parents: 2089
diff changeset
31 self.assertEqual(self.sessions.getall('random_key'),
cc33dc9aa3f2 moar test coverage
Richard Jones <richard@users.sourceforge.net>
parents: 2089
diff changeset
32 {'text': 'hello, world!'})
cc33dc9aa3f2 moar test coverage
Richard Jones <richard@users.sourceforge.net>
parents: 2089
diff changeset
33
cc33dc9aa3f2 moar test coverage
Richard Jones <richard@users.sourceforge.net>
parents: 2089
diff changeset
34 def testDestroy(self):
cc33dc9aa3f2 moar test coverage
Richard Jones <richard@users.sourceforge.net>
parents: 2089
diff changeset
35 self.sessions.set('random_key', text='hello, world!')
cc33dc9aa3f2 moar test coverage
Richard Jones <richard@users.sourceforge.net>
parents: 2089
diff changeset
36 self.assertEquals(self.sessions.getall('random_key'),
cc33dc9aa3f2 moar test coverage
Richard Jones <richard@users.sourceforge.net>
parents: 2089
diff changeset
37 {'text': 'hello, world!'})
cc33dc9aa3f2 moar test coverage
Richard Jones <richard@users.sourceforge.net>
parents: 2089
diff changeset
38 self.sessions.destroy('random_key')
cc33dc9aa3f2 moar test coverage
Richard Jones <richard@users.sourceforge.net>
parents: 2089
diff changeset
39 self.assertRaises(KeyError, self.sessions.getall, 'random_key')
cc33dc9aa3f2 moar test coverage
Richard Jones <richard@users.sourceforge.net>
parents: 2089
diff changeset
40
2082
c091cacdc505 Finished implementation of session and one-time-key stores for RDBMS backends.
Richard Jones <richard@users.sourceforge.net>
parents:
diff changeset
41 def testSetSession(self):
c091cacdc505 Finished implementation of session and one-time-key stores for RDBMS backends.
Richard Jones <richard@users.sourceforge.net>
parents:
diff changeset
42 self.sessions.set('random_key', text='hello, world!')
c091cacdc505 Finished implementation of session and one-time-key stores for RDBMS backends.
Richard Jones <richard@users.sourceforge.net>
parents:
diff changeset
43 self.assertEqual(self.sessions.get('random_key', 'text'),
c091cacdc505 Finished implementation of session and one-time-key stores for RDBMS backends.
Richard Jones <richard@users.sourceforge.net>
parents:
diff changeset
44 'hello, world!')
c091cacdc505 Finished implementation of session and one-time-key stores for RDBMS backends.
Richard Jones <richard@users.sourceforge.net>
parents:
diff changeset
45
c091cacdc505 Finished implementation of session and one-time-key stores for RDBMS backends.
Richard Jones <richard@users.sourceforge.net>
parents:
diff changeset
46 def testUpdateSession(self):
c091cacdc505 Finished implementation of session and one-time-key stores for RDBMS backends.
Richard Jones <richard@users.sourceforge.net>
parents:
diff changeset
47 self.sessions.set('random_key', text='hello, world!')
c091cacdc505 Finished implementation of session and one-time-key stores for RDBMS backends.
Richard Jones <richard@users.sourceforge.net>
parents:
diff changeset
48 self.assertEqual(self.sessions.get('random_key', 'text'),
c091cacdc505 Finished implementation of session and one-time-key stores for RDBMS backends.
Richard Jones <richard@users.sourceforge.net>
parents:
diff changeset
49 'hello, world!')
c091cacdc505 Finished implementation of session and one-time-key stores for RDBMS backends.
Richard Jones <richard@users.sourceforge.net>
parents:
diff changeset
50 self.sessions.set('random_key', text='nope')
c091cacdc505 Finished implementation of session and one-time-key stores for RDBMS backends.
Richard Jones <richard@users.sourceforge.net>
parents:
diff changeset
51 self.assertEqual(self.sessions.get('random_key', 'text'), 'nope')
c091cacdc505 Finished implementation of session and one-time-key stores for RDBMS backends.
Richard Jones <richard@users.sourceforge.net>
parents:
diff changeset
52
c091cacdc505 Finished implementation of session and one-time-key stores for RDBMS backends.
Richard Jones <richard@users.sourceforge.net>
parents:
diff changeset
53 class DBMTest(SessionTest):
c091cacdc505 Finished implementation of session and one-time-key stores for RDBMS backends.
Richard Jones <richard@users.sourceforge.net>
parents:
diff changeset
54 import roundup.backends.sessions_dbm as sessions_module
c091cacdc505 Finished implementation of session and one-time-key stores for RDBMS backends.
Richard Jones <richard@users.sourceforge.net>
parents:
diff changeset
55
c091cacdc505 Finished implementation of session and one-time-key stores for RDBMS backends.
Richard Jones <richard@users.sourceforge.net>
parents:
diff changeset
56 class RDBMSTest(SessionTest):
c091cacdc505 Finished implementation of session and one-time-key stores for RDBMS backends.
Richard Jones <richard@users.sourceforge.net>
parents:
diff changeset
57 import roundup.backends.sessions_rdbms as sessions_module
c091cacdc505 Finished implementation of session and one-time-key stores for RDBMS backends.
Richard Jones <richard@users.sourceforge.net>
parents:
diff changeset
58
Roundup Issue Tracker: http://roundup-tracker.org/