Mercurial > p > roundup > code
comparison test/test_cgi.py @ 5168:9e41254430fe
issue2550755: exceptions.NotFound(msg) msg is not reported to user in cgi fix tests
Correct tests so they now expect NotFound exception rather than
SeriousError.
Renamed:
test/test_cgi.py::FormTestCase::testCSVExportFailPermission
to
test/test_cgi.py::FormTestCase::testCSVExportFailPermissionBadColumn
I think this test should return Unauthorised rather than
NotFound. Discussion is on the issue.
Also added a new test case to verify that exceptions.Unauthorised is
raised if all columns are valid and the user is not allowed to access
the class.
| author | John Rouillard <rouilj@ieee.org> |
|---|---|
| date | Thu, 01 Sep 2016 21:26:59 -0400 |
| parents | 232c74973a56 |
| children | 349bef975367 |
comparison
equal
deleted
inserted
replaced
| 5167:984134ca9a55 | 5168:9e41254430fe |
|---|---|
| 1149 userid='1') | 1149 userid='1') |
| 1150 cl.classname = 'status' | 1150 cl.classname = 'status' |
| 1151 output = StringIO.StringIO() | 1151 output = StringIO.StringIO() |
| 1152 cl.request = MockNull() | 1152 cl.request = MockNull() |
| 1153 cl.request.wfile = output | 1153 cl.request.wfile = output |
| 1154 self.assertRaises(exceptions.SeriousError, | 1154 self.assertRaises(exceptions.NotFound, |
| 1155 actions.ExportCSVAction(cl).handle) | 1155 actions.ExportCSVAction(cl).handle) |
| 1156 | 1156 |
| 1157 def testCSVExportFailPermission(self): | 1157 def testCSVExportFailPermissionBadColumn(self): |
| 1158 cl = self._make_client({'@columns': 'id,email,password'}, nodeid=None, | 1158 cl = self._make_client({'@columns': 'id,email,password'}, nodeid=None, |
| 1159 userid='2') | 1159 userid='2') |
| 1160 cl.classname = 'user' | 1160 cl.classname = 'user' |
| 1161 output = StringIO.StringIO() | 1161 output = StringIO.StringIO() |
| 1162 cl.request = MockNull() | 1162 cl.request = MockNull() |
| 1163 cl.request.wfile = output | 1163 cl.request.wfile = output |
| 1164 # used to be self.assertRaises(exceptions.Unauthorised, | 1164 # used to be self.assertRaises(exceptions.Unauthorised, |
| 1165 # but not acting like the column name is not found | 1165 # but not acting like the column name is not found |
| 1166 self.assertRaises(exceptions.SeriousError, | 1166 # see issue2550755 - should this return Unauthorised? |
| 1167 # The unauthorised user should never get to the point where | |
| 1168 # they can determine if the column name is valid or not. | |
| 1169 self.assertRaises(exceptions.NotFound, | |
| 1170 actions.ExportCSVAction(cl).handle) | |
| 1171 | |
| 1172 def testCSVExportFailPermissionValidColumn(self): | |
| 1173 cl = self._make_client({'@columns': 'id,address,password'}, nodeid=None, | |
| 1174 userid='2') | |
| 1175 cl.classname = 'user' | |
| 1176 output = StringIO.StringIO() | |
| 1177 cl.request = MockNull() | |
| 1178 cl.request.wfile = output | |
| 1179 # used to be self.assertRaises(exceptions.Unauthorised, | |
| 1180 # but not acting like the column name is not found | |
| 1181 self.assertRaises(exceptions.Unauthorised, | |
| 1167 actions.ExportCSVAction(cl).handle) | 1182 actions.ExportCSVAction(cl).handle) |
| 1168 | 1183 |
| 1169 class TemplateHtmlRendering(unittest.TestCase): | 1184 class TemplateHtmlRendering(unittest.TestCase): |
| 1170 ''' try to test the rendering code for tal ''' | 1185 ''' try to test the rendering code for tal ''' |
| 1171 def setUp(self): | 1186 def setUp(self): |