cubicweb: cubicweb/hooks/test/unittest_security.py@0c973204033a (annotated)

10388 90fcddcce166 when some inlined relation is set using cw_edited, its security shouldn't be checked. Sylvain Thénault <sylvain.thenault@logilab.fr> parents: diff changeset	1	# copyright 2015 LOGILAB S.A. (Paris, FRANCE), all rights reserved.
90fcddcce166 when some inlined relation is set using cw_edited, its security shouldn't be checked. Sylvain Thénault <sylvain.thenault@logilab.fr> parents: diff changeset	2	# contact http://www.logilab.fr/ -- mailto:contact@logilab.fr
90fcddcce166 when some inlined relation is set using cw_edited, its security shouldn't be checked. Sylvain Thénault <sylvain.thenault@logilab.fr> parents: diff changeset	3	#
90fcddcce166 when some inlined relation is set using cw_edited, its security shouldn't be checked. Sylvain Thénault <sylvain.thenault@logilab.fr> parents: diff changeset	4	# This file is part of CubicWeb.
90fcddcce166 when some inlined relation is set using cw_edited, its security shouldn't be checked. Sylvain Thénault <sylvain.thenault@logilab.fr> parents: diff changeset	5	#
90fcddcce166 when some inlined relation is set using cw_edited, its security shouldn't be checked. Sylvain Thénault <sylvain.thenault@logilab.fr> parents: diff changeset	6	# CubicWeb is free software: you can redistribute it and/or modify it under the
90fcddcce166 when some inlined relation is set using cw_edited, its security shouldn't be checked. Sylvain Thénault <sylvain.thenault@logilab.fr> parents: diff changeset	7	# terms of the GNU Lesser General Public License as published by the Free
90fcddcce166 when some inlined relation is set using cw_edited, its security shouldn't be checked. Sylvain Thénault <sylvain.thenault@logilab.fr> parents: diff changeset	8	# Software Foundation, either version 2.1 of the License, or (at your option)
90fcddcce166 when some inlined relation is set using cw_edited, its security shouldn't be checked. Sylvain Thénault <sylvain.thenault@logilab.fr> parents: diff changeset	9	# any later version.
90fcddcce166 when some inlined relation is set using cw_edited, its security shouldn't be checked. Sylvain Thénault <sylvain.thenault@logilab.fr> parents: diff changeset	10	#
90fcddcce166 when some inlined relation is set using cw_edited, its security shouldn't be checked. Sylvain Thénault <sylvain.thenault@logilab.fr> parents: diff changeset	11	# CubicWeb is distributed in the hope that it will be useful, but WITHOUT
90fcddcce166 when some inlined relation is set using cw_edited, its security shouldn't be checked. Sylvain Thénault <sylvain.thenault@logilab.fr> parents: diff changeset	12	# ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS
90fcddcce166 when some inlined relation is set using cw_edited, its security shouldn't be checked. Sylvain Thénault <sylvain.thenault@logilab.fr> parents: diff changeset	13	# FOR A PARTICULAR PURPOSE. See the GNU Lesser General Public License for more
90fcddcce166 when some inlined relation is set using cw_edited, its security shouldn't be checked. Sylvain Thénault <sylvain.thenault@logilab.fr> parents: diff changeset	14	# details.
90fcddcce166 when some inlined relation is set using cw_edited, its security shouldn't be checked. Sylvain Thénault <sylvain.thenault@logilab.fr> parents: diff changeset	15	#
90fcddcce166 when some inlined relation is set using cw_edited, its security shouldn't be checked. Sylvain Thénault <sylvain.thenault@logilab.fr> parents: diff changeset	16	# You should have received a copy of the GNU Lesser General Public License along
90fcddcce166 when some inlined relation is set using cw_edited, its security shouldn't be checked. Sylvain Thénault <sylvain.thenault@logilab.fr> parents: diff changeset	17	# with CubicWeb. If not, see <http://www.gnu.org/licenses/>.
90fcddcce166 when some inlined relation is set using cw_edited, its security shouldn't be checked. Sylvain Thénault <sylvain.thenault@logilab.fr> parents: diff changeset	18
90fcddcce166 when some inlined relation is set using cw_edited, its security shouldn't be checked. Sylvain Thénault <sylvain.thenault@logilab.fr> parents: diff changeset	19	from cubicweb.devtools.testlib import CubicWebTC
90fcddcce166 when some inlined relation is set using cw_edited, its security shouldn't be checked. Sylvain Thénault <sylvain.thenault@logilab.fr> parents: diff changeset	20	from cubicweb.server import hook
90fcddcce166 when some inlined relation is set using cw_edited, its security shouldn't be checked. Sylvain Thénault <sylvain.thenault@logilab.fr> parents: diff changeset	21	from cubicweb.predicates import is_instance
90fcddcce166 when some inlined relation is set using cw_edited, its security shouldn't be checked. Sylvain Thénault <sylvain.thenault@logilab.fr> parents: diff changeset	22
90fcddcce166 when some inlined relation is set using cw_edited, its security shouldn't be checked. Sylvain Thénault <sylvain.thenault@logilab.fr> parents: diff changeset	23
90fcddcce166 when some inlined relation is set using cw_edited, its security shouldn't be checked. Sylvain Thénault <sylvain.thenault@logilab.fr> parents: diff changeset	24	class SecurityHooksTC(CubicWebTC):
90fcddcce166 when some inlined relation is set using cw_edited, its security shouldn't be checked. Sylvain Thénault <sylvain.thenault@logilab.fr> parents: diff changeset	25	def setup_database(self):
90fcddcce166 when some inlined relation is set using cw_edited, its security shouldn't be checked. Sylvain Thénault <sylvain.thenault@logilab.fr> parents: diff changeset	26	with self.admin_access.repo_cnx() as cnx:
90fcddcce166 when some inlined relation is set using cw_edited, its security shouldn't be checked. Sylvain Thénault <sylvain.thenault@logilab.fr> parents: diff changeset	27	self.add_eid = cnx.create_entity('EmailAddress',
90fcddcce166 when some inlined relation is set using cw_edited, its security shouldn't be checked. Sylvain Thénault <sylvain.thenault@logilab.fr> parents: diff changeset	28	address=u'hop@perdu.com',
90fcddcce166 when some inlined relation is set using cw_edited, its security shouldn't be checked. Sylvain Thénault <sylvain.thenault@logilab.fr> parents: diff changeset	29	reverse_use_email=cnx.user.eid).eid
90fcddcce166 when some inlined relation is set using cw_edited, its security shouldn't be checked. Sylvain Thénault <sylvain.thenault@logilab.fr> parents: diff changeset	30	cnx.commit()
90fcddcce166 when some inlined relation is set using cw_edited, its security shouldn't be checked. Sylvain Thénault <sylvain.thenault@logilab.fr> parents: diff changeset	31
90fcddcce166 when some inlined relation is set using cw_edited, its security shouldn't be checked. Sylvain Thénault <sylvain.thenault@logilab.fr> parents: diff changeset	32	def test_inlined_cw_edited_relation(self):
90fcddcce166 when some inlined relation is set using cw_edited, its security shouldn't be checked. Sylvain Thénault <sylvain.thenault@logilab.fr> parents: diff changeset	33	"""modification of cw_edited to add an inlined relation shouldn't trigger a security error.
90fcddcce166 when some inlined relation is set using cw_edited, its security shouldn't be checked. Sylvain Thénault <sylvain.thenault@logilab.fr> parents: diff changeset	34
90fcddcce166 when some inlined relation is set using cw_edited, its security shouldn't be checked. Sylvain Thénault <sylvain.thenault@logilab.fr> parents: diff changeset	35	Test for https://www.cubicweb.org/ticket/5477315
90fcddcce166 when some inlined relation is set using cw_edited, its security shouldn't be checked. Sylvain Thénault <sylvain.thenault@logilab.fr> parents: diff changeset	36	"""
90fcddcce166 when some inlined relation is set using cw_edited, its security shouldn't be checked. Sylvain Thénault <sylvain.thenault@logilab.fr> parents: diff changeset	37	sender = self.repo.schema['Email'].rdef('sender')
90fcddcce166 when some inlined relation is set using cw_edited, its security shouldn't be checked. Sylvain Thénault <sylvain.thenault@logilab.fr> parents: diff changeset	38	with self.temporary_permissions((sender, {'add': ()})):
90fcddcce166 when some inlined relation is set using cw_edited, its security shouldn't be checked. Sylvain Thénault <sylvain.thenault@logilab.fr> parents: diff changeset	39
90fcddcce166 when some inlined relation is set using cw_edited, its security shouldn't be checked. Sylvain Thénault <sylvain.thenault@logilab.fr> parents: diff changeset	40	class MyHook(hook.Hook):
90fcddcce166 when some inlined relation is set using cw_edited, its security shouldn't be checked. Sylvain Thénault <sylvain.thenault@logilab.fr> parents: diff changeset	41	__regid__ = 'test.pouet'
90fcddcce166 when some inlined relation is set using cw_edited, its security shouldn't be checked. Sylvain Thénault <sylvain.thenault@logilab.fr> parents: diff changeset	42	__select__ = hook.Hook.__select__ & is_instance('Email')
90fcddcce166 when some inlined relation is set using cw_edited, its security shouldn't be checked. Sylvain Thénault <sylvain.thenault@logilab.fr> parents: diff changeset	43	events = ('before_add_entity',)
90fcddcce166 when some inlined relation is set using cw_edited, its security shouldn't be checked. Sylvain Thénault <sylvain.thenault@logilab.fr> parents: diff changeset	44
90fcddcce166 when some inlined relation is set using cw_edited, its security shouldn't be checked. Sylvain Thénault <sylvain.thenault@logilab.fr> parents: diff changeset	45	def __call__(self):
90fcddcce166 when some inlined relation is set using cw_edited, its security shouldn't be checked. Sylvain Thénault <sylvain.thenault@logilab.fr> parents: diff changeset	46	self.entity.cw_edited['sender'] = self._cw.user.primary_email[0].eid
90fcddcce166 when some inlined relation is set using cw_edited, its security shouldn't be checked. Sylvain Thénault <sylvain.thenault@logilab.fr> parents: diff changeset	47
90fcddcce166 when some inlined relation is set using cw_edited, its security shouldn't be checked. Sylvain Thénault <sylvain.thenault@logilab.fr> parents: diff changeset	48	with self.temporary_appobjects(MyHook):
90fcddcce166 when some inlined relation is set using cw_edited, its security shouldn't be checked. Sylvain Thénault <sylvain.thenault@logilab.fr> parents: diff changeset	49	with self.admin_access.repo_cnx() as cnx:
90fcddcce166 when some inlined relation is set using cw_edited, its security shouldn't be checked. Sylvain Thénault <sylvain.thenault@logilab.fr> parents: diff changeset	50	email = cnx.create_entity('Email', messageid=u'1234')
90fcddcce166 when some inlined relation is set using cw_edited, its security shouldn't be checked. Sylvain Thénault <sylvain.thenault@logilab.fr> parents: diff changeset	51	cnx.commit()
90fcddcce166 when some inlined relation is set using cw_edited, its security shouldn't be checked. Sylvain Thénault <sylvain.thenault@logilab.fr> parents: diff changeset	52	self.assertEqual(email.sender[0].eid, self.add_eid)
90fcddcce166 when some inlined relation is set using cw_edited, its security shouldn't be checked. Sylvain Thénault <sylvain.thenault@logilab.fr> parents: diff changeset	53
11911 37726f66ff82 [tox] Drop "exclude" option from flake8 config and adjust flake8-ok-files.txt accordingly Denis Laxalde <denis.laxalde@logilab.fr> parents: 11057 diff changeset	54
10388 90fcddcce166 when some inlined relation is set using cw_edited, its security shouldn't be checked. Sylvain Thénault <sylvain.thenault@logilab.fr> parents: diff changeset	55	if __name__ == '__main__':
90fcddcce166 when some inlined relation is set using cw_edited, its security shouldn't be checked. Sylvain Thénault <sylvain.thenault@logilab.fr> parents: diff changeset	56	from logilab.common.testlib import unittest_main
90fcddcce166 when some inlined relation is set using cw_edited, its security shouldn't be checked. Sylvain Thénault <sylvain.thenault@logilab.fr> parents: diff changeset	57	unittest_main()

author	Philippe Pepiot <ph@itsalwaysdns.eu>
	Tue, 31 Mar 2020 19:15:03 +0200
changeset 12957	0c973204033a
parent 11911	37726f66ff82
permissions	-rw-r--r--