allura
Revision | d9592c8261e1d8f12e3f81bb057127423d2137fb (tree) |
---|---|
Time | 2010-05-22 00:20:00 |
Author | Rick Copeland <rcopeland@geek...> |
Commiter | Rick Copeland |
[#424] - Modify permissions testing code to match what SOG has in FUSE, add tests
@@ -112,33 +112,39 @@ class UserProfileController(object): | ||
112 | 112 | @expose('json') |
113 | 113 | def permissions(self, repo_path=None, **kw): |
114 | 114 | """Expects repo_path to be a filesystem path like |
115 | - '/git/p/mygreatproject/reponame.git', or | |
116 | - '/svn/adobe/someproject/subproject/reponame/'. | |
117 | - | |
118 | - Explicitly: (1) The path starts with a containing directory, | |
119 | - e.g., /git, which is not relevant. (2) The final component of | |
120 | - the path is the repo name, and may include a trailing slash. | |
121 | - Less a '.git' suffix, the repo name _is_ the mount point. | |
122 | - (3) Everything between the containing directory and the repo is | |
123 | - an exact match for a project URL. Multiple components | |
124 | - signify sub-projects. | |
125 | - | |
126 | - Note that project and user _names_ are built with slashes, but | |
127 | - the supplied repo_path will use the os file separator character. | |
128 | - We know we'll get a user from our query because we're at that | |
129 | - user's profile page. | |
115 | + <tool>/<project>.<neighborhood>/reponame[.git] | |
116 | + unless the <neighborhood> is 'p', in which case it is | |
117 | + <tool>/<project>/reponame[.git] | |
130 | 118 | |
131 | 119 | Returns JSON describing this user's permissions on that repo. |
132 | 120 | """ |
133 | 121 | |
122 | + disallow = dict(allow_read=False, allow_write=False, allow_create=False) | |
123 | + # Find the user | |
134 | 124 | username = c.project.shortname.split('/')[1] |
135 | 125 | user = User.by_username(username) |
126 | + | |
136 | 127 | parts = [p for p in repo_path.split(os.path.sep) if p] |
128 | + # strip the tool name | |
129 | + parts = parts[1:] | |
130 | + if '.' in parts[0]: | |
131 | + project, neighborhood = parts[0].split('.') | |
132 | + else: | |
133 | + project, neighborhood = parts[0], 'p' | |
134 | + parts = [ neighborhood, project ] + parts[1:] | |
137 | 135 | project_path = '/' + '/'.join(parts) |
138 | 136 | project, rest = h.find_project(project_path) |
137 | + if project is None: | |
138 | + log.info("Can't find project at %s from repo_path %s", | |
139 | + project_path, repo_path) | |
140 | + return disallow | |
139 | 141 | mount_point = os.path.splitext(rest[0])[0] |
140 | 142 | c.project = project |
141 | 143 | c.app = project.app_instance(mount_point) |
144 | + if c.app is None: | |
145 | + log.info("Can't find repo at %s on repo_path %s", | |
146 | + mount_point, repo_path) | |
147 | + return disallow | |
142 | 148 | return dict(allow_read=has_artifact_access('read')(user=user), |
143 | 149 | allow_write=has_artifact_access('write')(user=user), |
144 | 150 | allow_create=has_artifact_access('create')(user=user)) |
@@ -4,7 +4,6 @@ from formencode.variabledecode import variable_encode | ||
4 | 4 | from ming.orm.ormsession import ThreadLocalORMSession |
5 | 5 | |
6 | 6 | from pyforge.tests import TestController |
7 | -from pyforge import model as M | |
8 | 7 | |
9 | 8 | class TestUserProfile(TestController): |
10 | 9 |
@@ -22,3 +21,54 @@ class TestUserProfile(TestController): | ||
22 | 21 | assert 'Email Addresses' in response |
23 | 22 | response = self.app.get('/u/test_user/profile/') |
24 | 23 | assert 'Email Addresses' not in response |
24 | + | |
25 | +class TestUserPermissions(TestController): | |
26 | + allow = dict(allow_read=True, allow_write=True, allow_create=True) | |
27 | + read = dict(allow_read=True, allow_write=False, allow_create=False) | |
28 | + disallow = dict(allow_read=False, allow_write=False, allow_create=False) | |
29 | + | |
30 | + def test_unknown_project(self): | |
31 | + r = self._check_repo('/git/foo/bar') | |
32 | + assert r == self.disallow, r | |
33 | + | |
34 | + def test_unknown_app(self): | |
35 | + r = self._check_repo('/git/test/bar') | |
36 | + assert r == self.disallow, r | |
37 | + | |
38 | + def test_repo_write(self): | |
39 | + r = self._check_repo('/git/test/src.git') | |
40 | + assert r == self.allow, r | |
41 | + r = self._check_repo('/git/test/src') | |
42 | + assert r == self.allow, r | |
43 | + | |
44 | + def test_subdir(self): | |
45 | + r = self._check_repo('/git/test/src.git/foo') | |
46 | + assert r == self.allow, r | |
47 | + r = self._check_repo('/git/test/src/foo') | |
48 | + assert r == self.allow, r | |
49 | + | |
50 | + def test_neighborhood(self): | |
51 | + r = self._check_repo('/git/test.p/src.git') | |
52 | + assert r == self.allow, r | |
53 | + | |
54 | + def test_repo_read(self): | |
55 | + r = self._check_repo( | |
56 | + '/git/test.p/src.git', | |
57 | + username='test_user') | |
58 | + assert r == self.read, r | |
59 | + | |
60 | + def test_unknown_user(self): | |
61 | + r = self._check_repo( | |
62 | + '/git/test.p/src.git', | |
63 | + username='test_usera', | |
64 | + status=404) | |
65 | + | |
66 | + def _check_repo(self, path, username='test_admin', **kw): | |
67 | + r = self.app.get( | |
68 | + '/u/%s/profile/permissions' % username, | |
69 | + params=dict(repo_path=path), **kw) | |
70 | + try: | |
71 | + return r.json | |
72 | + except: | |
73 | + return r | |
74 | + |