Mercurial > p > roundup > code
comparison test/test_xmlrpc.py @ 4781:6e9b9743de89
Implementation for:
http://issues.roundup-tracker.org/issue2550731
Add mechanism for the detectors to be able to tell the source of the
data changes.
Support for tx_Source property on database handle. Can be
used by detectors to find out the source of a change in an auditor to
block changes arriving by unauthenticated mechanisms (e.g. plain email
where headers can be faked). The property db.tx_Source has the
following values:
* None - Default value set to None. May be valid if it's a script
that is created by the user. Otherwise it's an error and indicates
that some code path is not properly setting the tx_Source property.
* "cli" - this string value is set when using roundup-admin and
supplied scripts.
* "web" - this string value is set when using any web based
technique: html interface, xmlrpc ....
* "email" - this string value is set when using an unauthenticated
email based technique.
* "email-sig-openpgp" - this string value is set when email with a
valid pgp signature is used. (*NOTE* the testing for this mode
is incomplete. If you have a pgp infrastructure you should test
and verify that this is properly set.)
This also includes some (possibly incomplete) tests cases for the
modes above and an example of using ts_Source in the customization.txt
document.
| author | John Rouillard <rouilj@ieee.org> |
|---|---|
| date | Tue, 23 Apr 2013 23:06:09 -0400 |
| parents | 17f796a78647 |
| children | d9e5539303bd |
comparison
equal
deleted
inserted
replaced
| 4774:3adff0fb0207 | 4781:6e9b9743de89 |
|---|---|
| 8 | 8 |
| 9 from roundup.cgi.exceptions import * | 9 from roundup.cgi.exceptions import * |
| 10 from roundup import init, instance, password, hyperdb, date | 10 from roundup import init, instance, password, hyperdb, date |
| 11 from roundup.xmlrpc import RoundupInstance | 11 from roundup.xmlrpc import RoundupInstance |
| 12 from roundup.backends import list_backends | 12 from roundup.backends import list_backends |
| 13 from roundup.hyperdb import String | |
| 13 | 14 |
| 14 import db_test_base | 15 import db_test_base |
| 15 | 16 |
| 16 NEEDS_INSTANCE = 1 | 17 NEEDS_INSTANCE = 1 |
| 17 | 18 |
| 24 # set up and open a tracker | 25 # set up and open a tracker |
| 25 self.instance = db_test_base.setupTracker(self.dirname, self.backend) | 26 self.instance = db_test_base.setupTracker(self.dirname, self.backend) |
| 26 | 27 |
| 27 # open the database | 28 # open the database |
| 28 self.db = self.instance.open('admin') | 29 self.db = self.instance.open('admin') |
| 30 | |
| 31 # Get user id (user4 maybe). Used later to get data from db. | |
| 29 self.joeid = 'user' + self.db.user.create(username='joe', | 32 self.joeid = 'user' + self.db.user.create(username='joe', |
| 30 password=password.Password('random'), address='random@home.org', | 33 password=password.Password('random'), address='random@home.org', |
| 31 realname='Joe Random', roles='User') | 34 realname='Joe Random', roles='User') |
| 32 | 35 |
| 33 self.db.commit() | 36 self.db.commit() |
| 34 self.db.close() | 37 self.db.close() |
| 35 self.db = self.instance.open('joe') | 38 self.db = self.instance.open('joe') |
| 39 | |
| 40 self.db.tx_Source = 'web' | |
| 41 | |
| 42 self.db.issue.addprop(tx_Source=hyperdb.String()) | |
| 43 self.db.msg.addprop(tx_Source=hyperdb.String()) | |
| 44 | |
| 45 self.db.post_init() | |
| 46 | |
| 47 vars = dict(globals()) | |
| 48 vars['db'] = self.db | |
| 49 vars = {} | |
| 50 execfile("test/tx_Source_detector.py", vars) | |
| 51 vars['init'](self.db) | |
| 52 | |
| 36 self.server = RoundupInstance(self.db, self.instance.actions, None) | 53 self.server = RoundupInstance(self.db, self.instance.actions, None) |
| 37 | 54 |
| 38 def tearDown(self): | 55 def tearDown(self): |
| 39 self.db.close() | 56 self.db.close() |
| 40 try: | 57 try: |
| 64 def testCreate(self): | 81 def testCreate(self): |
| 65 results = self.server.create('issue', 'title=foo') | 82 results = self.server.create('issue', 'title=foo') |
| 66 issueid = 'issue' + results | 83 issueid = 'issue' + results |
| 67 results = self.server.display(issueid, 'title') | 84 results = self.server.display(issueid, 'title') |
| 68 self.assertEqual(results['title'], 'foo') | 85 self.assertEqual(results['title'], 'foo') |
| 86 self.assertEqual(self.db.issue.get('1', "tx_Source"), 'web') | |
| 69 | 87 |
| 70 def testFileCreate(self): | 88 def testFileCreate(self): |
| 71 results = self.server.create('file', 'content=hello\r\nthere') | 89 results = self.server.create('file', 'content=hello\r\nthere') |
| 72 fileid = 'file' + results | 90 fileid = 'file' + results |
| 73 results = self.server.display(fileid, 'content') | 91 results = self.server.display(fileid, 'content') |
| 181 r = self.server.filter('issue', None, {}, group=keygroup) | 199 r = self.server.filter('issue', None, {}, group=keygroup) |
| 182 self.assertEqual(r, ['1', '2', '3']) | 200 self.assertEqual(r, ['1', '2', '3']) |
| 183 | 201 |
| 184 self.db.close() | 202 self.db.close() |
| 185 self.db = self.instance.open('chef') | 203 self.db = self.instance.open('chef') |
| 204 self.db.tx_Source = 'web' | |
| 205 | |
| 206 self.db.issue.addprop(tx_Source=hyperdb.String()) | |
| 207 self.db.msg.addprop(tx_Source=hyperdb.String()) | |
| 208 self.db.post_init() | |
| 209 | |
| 186 self.server = RoundupInstance(self.db, self.instance.actions, None) | 210 self.server = RoundupInstance(self.db, self.instance.actions, None) |
| 187 | 211 |
| 188 # Filter on keyword works for role 'Project': | 212 # Filter on keyword works for role 'Project': |
| 189 r = self.server.filter('issue', None, keyw) | 213 r = self.server.filter('issue', None, keyw) |
| 190 self.assertEqual(r, ['2', '3']) | 214 self.assertEqual(r, ['2', '3']) |