allura-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From tvansteenbu...@apache.org
Subject [04/20] git commit: [#6392] ticket:432 Update tests
Date Tue, 24 Sep 2013 17:37:01 GMT
[#6392] ticket:432 Update tests


Project: http://git-wip-us.apache.org/repos/asf/incubator-allura/repo
Commit: http://git-wip-us.apache.org/repos/asf/incubator-allura/commit/12420f5a
Tree: http://git-wip-us.apache.org/repos/asf/incubator-allura/tree/12420f5a
Diff: http://git-wip-us.apache.org/repos/asf/incubator-allura/diff/12420f5a

Branch: refs/heads/master
Commit: 12420f5afbd356c37fe3a3b06581a5460679c6bf
Parents: 394ccc3
Author: Igor Bondarenko <jetmind2@gmail.com>
Authored: Wed Sep 11 16:30:00 2013 +0300
Committer: Tim Van Steenburgh <tvansteenburgh@gmail.com>
Committed: Tue Sep 24 17:36:24 2013 +0000

----------------------------------------------------------------------
 .../templates/admin_widgets/card_field.html     |  5 +-
 Allura/allura/tests/functional/test_admin.py    | 56 +++++++++++++-------
 Allura/allura/tests/test_security.py            |  8 +++
 3 files changed, 47 insertions(+), 22 deletions(-)
----------------------------------------------------------------------


http://git-wip-us.apache.org/repos/asf/incubator-allura/blob/12420f5a/Allura/allura/ext/admin/templates/admin_widgets/card_field.html
----------------------------------------------------------------------
diff --git a/Allura/allura/ext/admin/templates/admin_widgets/card_field.html b/Allura/allura/ext/admin/templates/admin_widgets/card_field.html
index 24533c7..19988d5 100644
--- a/Allura/allura/ext/admin/templates/admin_widgets/card_field.html
+++ b/Allura/allura/ext/admin/templates/admin_widgets/card_field.html
@@ -72,7 +72,7 @@
         </a>
     </li>
 
-    {% if block_list.get(name) %}
+    {% if block_list and block_list.get(name) %}
       <li>
         <a href="#" class="block-list">Block List</a>
         <div class="block-list grid-13" style="display: none">
@@ -80,8 +80,7 @@
           {% for u, reason in block_list[name] %}
           <li>
             <label>
-              <input type="checkbox" name="user_id" value="{{ u._id }}">
-              {{ u.username }} {{ '(' + reason + ')' if reason else '' }}
+              <input type="checkbox" name="user_id" value="{{ u._id }}">{{ u.username
}} {{ '(' + reason + ')' if reason else '' }}
             </label>
           </li>
           {% endfor %}

http://git-wip-us.apache.org/repos/asf/incubator-allura/blob/12420f5a/Allura/allura/tests/functional/test_admin.py
----------------------------------------------------------------------
diff --git a/Allura/allura/tests/functional/test_admin.py b/Allura/allura/tests/functional/test_admin.py
index 007746a..556eade 100644
--- a/Allura/allura/tests/functional/test_admin.py
+++ b/Allura/allura/tests/functional/test_admin.py
@@ -167,39 +167,57 @@ class TestProjectAdmin(TestController):
         assert "uninstall tool test-tool" in r.body, r.body
 
     @td.with_wiki
-    def test_add_user_to_block_list(self):
+    def test_block_user(self):
         r = self.app.get('/admin/wiki/permissions')
         assert '<a href="#" class="block-user">' in r
         assert '<a href="#" class="block-list">' not in r
 
-        self.app.post('/admin/wiki/block_user', params={'user_name': 'test-admin', 'perm':
'read', 'reason': 'Comment'})
-        user_id = M.User.by_username('test-admin')._id
-
+        self.app.post('/admin/wiki/block_user', params={'username': 'test-admin', 'perm':
'read', 'reason': 'Comment'})
+        user = M.User.by_username('test-admin')
+        admin_role = user.project_role()
         app = M.Project.query.get(shortname='test').app_instance('wiki')
-        assert_equals(app.config.block_user['read'], {str(user_id): 'Comment'})
+        ace = M.ACL.contains(M.ACE.deny(admin_role._id, 'read'), app.acl)
+        assert_equals(ace.reason, 'Comment')
         r = self.app.get('/admin/wiki/permissions')
         assert '<a href="#" class="block-list">' in r
-        assert '<input type="checkbox" name="user_id" value="%s">test-admin (Comment)'
% user_id in r
+        assert '<input type="checkbox" name="user_id" value="%s">test-admin (Comment)'
% user._id in r
 
     @td.with_wiki
-    def test_remove_user_from_block_list(self):
-        self.app.post('/admin/wiki/block_user', params={'user_name': 'test-admin', 'perm':
'read'})
+    def test_unblock_user(self):
+        self.app.post('/admin/wiki/block_user', params={'username': 'test-admin', 'perm':
'read'})
+        user = M.User.by_username('test-admin')
+        admin_role = user.project_role()
         app = M.Project.query.get(shortname='test').app_instance('wiki')
-        user_id = M.User.by_username('test-admin')._id
-        assert_equals(app.config.block_user['read'], {str(user_id): ''})
-        self.app.post('/admin/wiki/unblock_user', params={'user_id': str(user_id), 'perm':
'read'})
-        assert_equals(app.config.block_user['read'], dict())
+        ace = M.ACE.deny(admin_role._id, 'read')
+        assert M.ACL.contains(ace, app.acl) is not None
+        self.app.post('/admin/wiki/unblock_user', params={'user_id': str(user._id), 'perm':
'read'})
+        assert M.ACL.contains(ace, app.acl) is None
         r = self.app.get('/admin/wiki/permissions')
         assert '<a href="#" class="block-list">' not in r
 
     @td.with_wiki
-    def test_has_access_with_block_users(self):
-        wiki = M.Project.query.get(shortname='test').app_instance('wiki')
-        page = Page.query.get(app_config_id=wiki.config._id)
-        test_user = M.User.by_username('test-user')
-        assert has_access(page, 'read', user=test_user)()
-        self.app.post('/admin/wiki/block_user', params={'user_name': 'test-user', 'perm':
'read'})
-        assert not has_access(page, 'read', user=test_user)()
+    def test_block_unblock_multiple_users(self):
+        self.app.post('/admin/wiki/block_user', params={'username': 'test-admin', 'perm':
'read', 'reason': 'Spammer'})
+        self.app.post('/admin/wiki/block_user', params={'username': 'test-user', 'perm':
'read'})
+        admin = M.User.by_username('test-admin')
+        user = M.User.by_username('test-user')
+        admin_role = admin.project_role()
+        user_role = user.project_role()
+        app = M.Project.query.get(shortname='test').app_instance('wiki')
+        deny_admin = M.ACE.deny(admin_role._id, 'read')
+        deny_user = M.ACE.deny(user_role._id, 'read')
+        assert M.ACL.contains(deny_admin, app.acl) is not None
+        assert M.ACL.contains(deny_user, app.acl) is not None
+        r = self.app.get('/admin/wiki/permissions')
+        assert '<a href="#" class="block-list">' in r
+        assert '<input type="checkbox" name="user_id" value="%s">test-admin (Spammer)'
% admin._id in r
+        assert '<input type="checkbox" name="user_id" value="%s">test-user' % user._id
in r
+
+        self.app.post('/admin/wiki/unblock_user', params={'user_id': [str(user._id), str(admin._id)],
'perm': 'read'})
+        assert M.ACL.contains(deny_admin, app.acl) is None
+        assert M.ACL.contains(deny_user, app.acl) is None
+        r = self.app.get('/admin/wiki/permissions')
+        assert '<a href="#" class="block-list">' not in r
 
     def test_tool_permissions(self):
         BUILTIN_APPS = ['activity', 'blog', 'discussion', 'git', 'link',

http://git-wip-us.apache.org/repos/asf/incubator-allura/blob/12420f5a/Allura/allura/tests/test_security.py
----------------------------------------------------------------------
diff --git a/Allura/allura/tests/test_security.py b/Allura/allura/tests/test_security.py
index 10ae614..3cc3a16 100644
--- a/Allura/allura/tests/test_security.py
+++ b/Allura/allura/tests/test_security.py
@@ -157,3 +157,11 @@ class TestSecurity(TestController):
         assert has_access(page, 'read', test_user)()
         c.project = project2
         assert has_access(page, 'read', test_user)()
+
+    @td.with_wiki
+    def test_deny_access_for_single_user(self):
+        wiki = c.project.app_instance('wiki')
+        user = M.User.by_username('test-user')
+        assert has_access(wiki, 'read', user)()
+        wiki.acl.append(M.ACE.deny(user.project_role()._id, 'read', 'Spammer'))
+        assert not has_access(wiki, 'read', user)()


Mime
View raw message