Mercurial > p > roundup > code

view test/cmp_helper.py @ 6375:c4371ec7d1c0

Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
Call verifyPassword even if user does not exist. Address timing attack caused by not doing the password check if the user doesn't exist. Can expose valid usernames. Really only useful for a tracker that doesn't allow anonymous access to issues. Issues usually show usernames as part of the message display.
author John Rouillard <rouilj@ieee.org>
date Tue, 06 Apr 2021 22:51:55 -0400
parents 19bd4b413ed6
children
line wrap: on
line source

class StringFragmentCmpHelper:
    def compareStringFragments(self, s, fragments):
        """Compare a string agains a list of fragments where a tuple denotes a
        set of alternatives
        """
        pos = 0
        for frag in fragments:
            if type(frag) != tuple:
                self.assertEqual(s[pos:pos + len(frag)], frag)
                pos += len(frag)
            else:
                found = False
                for alt in frag:
                    if s[pos:pos + len(alt)] == alt:
                        pos += len(alt)
                        found = True
                        break

                if not found:
                    l = max(map(len, frag))
                    raise AssertionError('%s != %s' %
                                         (repr(s[pos:pos + l]), str(frag)))
        self.assertEqual(s[pos:], '')
Roundup Issue Tracker: http://roundup-tracker.org/