incubator-allura-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From brond...@apache.org
Subject [12/20] git commit: [#6529] Refactored login overlay logic out of allura.lib.security and added tests
Date Tue, 17 Sep 2013 19:12:10 GMT
[#6529] Refactored login overlay logic out of allura.lib.security and added tests

Signed-off-by: Cory Johns <cjohns@slashdotmedia.com>


Project: http://git-wip-us.apache.org/repos/asf/incubator-allura/repo
Commit: http://git-wip-us.apache.org/repos/asf/incubator-allura/commit/b930a634
Tree: http://git-wip-us.apache.org/repos/asf/incubator-allura/tree/b930a634
Diff: http://git-wip-us.apache.org/repos/asf/incubator-allura/diff/b930a634

Branch: refs/heads/db/5822
Commit: b930a634aee55ac839b6f6941980164d36e90694
Parents: 55a9de8
Author: Cory Johns <cjohns@slashdotmedia.com>
Authored: Thu Sep 12 20:10:19 2013 +0000
Committer: Dave Brondsema <dbrondsema@slashdotmedia.com>
Committed: Mon Sep 16 22:34:13 2013 +0000

----------------------------------------------------------------------
 Allura/allura/lib/helpers.py                    | 13 ++++++++++
 Allura/allura/lib/security.py                   | 10 +++-----
 Allura/allura/tests/test_helpers.py             | 14 ++++++++++-
 ForgeImporters/forgeimporters/base.py           |  5 ++--
 .../tests/github/functional/test_github.py      |  8 +++++++
 .../forgeimporters/tests/test_base.py           | 25 ++++++++++++++++++++
 6 files changed, 65 insertions(+), 10 deletions(-)
----------------------------------------------------------------------


http://git-wip-us.apache.org/repos/asf/incubator-allura/blob/b930a634/Allura/allura/lib/helpers.py
----------------------------------------------------------------------
diff --git a/Allura/allura/lib/helpers.py b/Allura/allura/lib/helpers.py
index 9c3d9e4..0b92968 100644
--- a/Allura/allura/lib/helpers.py
+++ b/Allura/allura/lib/helpers.py
@@ -52,6 +52,7 @@ from jinja2 import Markup
 from paste.deploy.converters import asbool, aslist
 
 from webhelpers import date, feedgenerator, html, number, misc, text
+from webob.exc import HTTPUnauthorized
 
 from allura.lib import exceptions as exc
 # Reimport to make available to templates
@@ -1012,3 +1013,15 @@ def iter_entry_points(group, *a, **kw):
 def daterange(start_date, end_date):
     for n in range(int((end_date - start_date).days)):
         yield start_date + timedelta(n)
+
+
+@contextmanager
+def login_overlay(exceptions=None):
+    try:
+        yield
+    except HTTPUnauthorized as e:
+        if exceptions:
+            for exception in exceptions:
+                if request.path.rstrip('/').endswith('/%s' % exception):
+                    raise
+        c.show_login_overlay = True

http://git-wip-us.apache.org/repos/asf/incubator-allura/blob/b930a634/Allura/allura/lib/security.py
----------------------------------------------------------------------
diff --git a/Allura/allura/lib/security.py b/Allura/allura/lib/security.py
index 4718e56..a0497ca 100644
--- a/Allura/allura/lib/security.py
+++ b/Allura/allura/lib/security.py
@@ -383,7 +383,7 @@ def all_allowed(obj, user_or_role=None, project=None):
         return set([M.ALL_PERMISSIONS])
     return perms
 
-def require(predicate, message=None, login_overlay=False):
+def require(predicate, message=None):
     '''
     Example: require(has_access(c.app, 'read'))
 
@@ -401,17 +401,13 @@ def require(predicate, message=None, login_overlay=False):
     if c.user != M.User.anonymous():
         request.environ['error_message'] = message
         raise exc.HTTPForbidden(detail=message)
-    elif login_overlay:
-        c.show_login_overlay = True
     else:
         raise exc.HTTPUnauthorized()
 
-def require_access(obj, permission, login_overlay=False, **kwargs):
+def require_access(obj, permission, **kwargs):
     if obj is not None:
         predicate = has_access(obj, permission, **kwargs)
-        return require(predicate,
-                message='%s access required' % permission.capitalize(),
-                login_overlay=login_overlay)
+        return require(predicate, message='%s access required' % permission.capitalize())
     else:
         raise exc.HTTPForbidden(detail="Could not verify permissions for this page.")
 

http://git-wip-us.apache.org/repos/asf/incubator-allura/blob/b930a634/Allura/allura/tests/test_helpers.py
----------------------------------------------------------------------
diff --git a/Allura/allura/tests/test_helpers.py b/Allura/allura/tests/test_helpers.py
index d4e5a0c..38a67c5 100644
--- a/Allura/allura/tests/test_helpers.py
+++ b/Allura/allura/tests/test_helpers.py
@@ -27,6 +27,7 @@ from nose.tools import eq_, assert_equals
 from IPython.testing.decorators import skipif, module_not_available
 from datadiff import tools as dd
 from webob import Request
+from webob.exc import HTTPUnauthorized
 from ming.orm import ThreadLocalORMSession
 
 from allura import model as M
@@ -432,4 +433,15 @@ def test_absurl_with_request():
 
 def test_daterange():
     assert_equals(list(h.daterange(datetime(2013, 1, 1), datetime(2013, 1, 4))),
-                 [datetime(2013, 1, 1), datetime(2013, 1, 2), datetime(2013, 1, 3)])
\ No newline at end of file
+                 [datetime(2013, 1, 1), datetime(2013, 1, 2), datetime(2013, 1, 3)])
+
+@patch.object(h, 'request',
+              new=Request.blank('/p/test/foobar', base_url='https://www.mysite.com/p/test/foobar'))
+def test_login_overlay():
+    with h.login_overlay():
+        raise HTTPUnauthorized()
+    with h.login_overlay(exceptions=['foo']):
+        raise HTTPUnauthorized()
+    with td.raises(HTTPUnauthorized):
+        with h.login_overlay(exceptions=['foobar']):
+            raise HTTPUnauthorized()

http://git-wip-us.apache.org/repos/asf/incubator-allura/blob/b930a634/ForgeImporters/forgeimporters/base.py
----------------------------------------------------------------------
diff --git a/ForgeImporters/forgeimporters/base.py b/ForgeImporters/forgeimporters/base.py
index 0b07c6d..8c01b62 100644
--- a/ForgeImporters/forgeimporters/base.py
+++ b/ForgeImporters/forgeimporters/base.py
@@ -26,6 +26,7 @@ from tg import expose, validate, flash, redirect, config
 from tg.decorators import with_trailing_slash
 from pylons import app_globals as g
 from pylons import tmpl_context as c
+from pylons import request
 from formencode import validators as fev, schema
 from webob import exc
 
@@ -190,7 +191,8 @@ class ProjectImporter(BaseController):
         self.neighborhood = neighborhood
 
     def _check_security(self):
-        require_access(self.neighborhood, 'register', login_overlay=True)
+        with h.login_overlay(exceptions=['process']):
+            require_access(self.neighborhood, 'register')
 
     @LazyProperty
     def tool_importers(self):
@@ -231,7 +233,6 @@ class ProjectImporter(BaseController):
         tools installed and redirect to the new project, presumably with a
         message indicating that some data will not be available immediately.
         """
-        require_access(self.neighborhood, 'register', login_overlay=False)
         try:
             c.project = self.neighborhood.register_project(kw['project_shortname'],
                     project_name=kw['project_name'])

http://git-wip-us.apache.org/repos/asf/incubator-allura/blob/b930a634/ForgeImporters/forgeimporters/tests/github/functional/test_github.py
----------------------------------------------------------------------
diff --git a/ForgeImporters/forgeimporters/tests/github/functional/test_github.py b/ForgeImporters/forgeimporters/tests/github/functional/test_github.py
index 3c05a2d..cee88c0 100644
--- a/ForgeImporters/forgeimporters/tests/github/functional/test_github.py
+++ b/ForgeImporters/forgeimporters/tests/github/functional/test_github.py
@@ -26,3 +26,11 @@ class TestGitHubImportController(TestController, TestCase):
         assert '<input id="user_name" name="user_name" value="" autofocus/>' in r
         assert '<input id="project_name" name="project_name" value="" />' in r
         assert '<input id="project_shortname" name="project_shortname" value=""/>'
in r
+
+    def test_login_overlay(self):
+        r = self.app.get('/p/import_project/github/', extra_environ=dict(username='*anonymous'))
+        self.assertIn('GitHub Project Importer', r)
+        self.assertIn('Login Required', r)
+
+        r = self.app.post('/p/import_project/github/process', extra_environ=dict(username='*anonymous'),
status=302)
+        self.assertIn('/auth/', r.location)

http://git-wip-us.apache.org/repos/asf/incubator-allura/blob/b930a634/ForgeImporters/forgeimporters/tests/test_base.py
----------------------------------------------------------------------
diff --git a/ForgeImporters/forgeimporters/tests/test_base.py b/ForgeImporters/forgeimporters/tests/test_base.py
index 4aefc35..d4b403d 100644
--- a/ForgeImporters/forgeimporters/tests/test_base.py
+++ b/ForgeImporters/forgeimporters/tests/test_base.py
@@ -21,8 +21,10 @@ from formencode import Invalid
 import mock
 from tg import expose
 from nose.tools import assert_equal, assert_raises
+from webob.exc import HTTPUnauthorized
 
 from alluratest.controller import TestController
+from allura.tests import decorators as td
 
 from .. import base
 
@@ -123,6 +125,29 @@ class TestProjectImporter(TestCase):
         self.assertEqual(flash.call_count, 1)
         redirect.assert_called_once_with('script_name/admin/overview')
 
+    @mock.patch.object(base.h, 'request')
+    @mock.patch.object(base, 'require_access')
+    @mock.patch.object(base.h, 'c')
+    def test_login_overlay(self, c, require_access, request):
+        pi = base.ProjectImporter(mock.Mock())
+        require_access.side_effect = HTTPUnauthorized
+
+        c.show_login_overlay = False
+        request.path = '/test-importer/'
+        pi._check_security()
+        self.assertEqual(c.show_login_overlay, True)
+
+        c.show_login_overlay = False
+        request.path = '/test-importer/check_names/'
+        pi._check_security()
+        self.assertEqual(c.show_login_overlay, True)
+
+        c.show_login_overlay = False
+        request.path = '/test-importer/process/'
+        with td.raises(HTTPUnauthorized):
+            pi._check_security()
+        self.assertEqual(c.show_login_overlay, False)
+
 
 
 TA1 = mock.Mock(tool_label='foo', tool_description='foo_desc')


Mime
View raw message