hooks/test/unittest_security.py
author Sylvain Thénault <sylvain.thenault@logilab.fr>
Wed, 03 Feb 2016 14:23:17 +0100
changeset 11091 29aebc1edd29
parent 10388 90fcddcce166
permissions -rw-r--r--
[repository] drop usage of no more necessary eschema_eid function since the previous cset, we are guaranteed that repository's entity schema will have their eid attribute properly set, so we don't have anymore to check everytime if some entity schema's .eid attributes is set or not (and retrieve it if not). Related to #10450092
Ignore whitespace changes - Everywhere: Within whitespace: At end of lines:
10388
90fcddcce166 when some inlined relation is set using cw_edited, its security shouldn't be checked.
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents:
diff changeset
     1
# copyright 2015 LOGILAB S.A. (Paris, FRANCE), all rights reserved.
90fcddcce166 when some inlined relation is set using cw_edited, its security shouldn't be checked.
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents:
diff changeset
     2
# contact http://www.logilab.fr/ -- mailto:contact@logilab.fr
90fcddcce166 when some inlined relation is set using cw_edited, its security shouldn't be checked.
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents:
diff changeset
     3
#
90fcddcce166 when some inlined relation is set using cw_edited, its security shouldn't be checked.
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents:
diff changeset
     4
# This file is part of CubicWeb.
90fcddcce166 when some inlined relation is set using cw_edited, its security shouldn't be checked.
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents:
diff changeset
     5
#
90fcddcce166 when some inlined relation is set using cw_edited, its security shouldn't be checked.
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents:
diff changeset
     6
# CubicWeb is free software: you can redistribute it and/or modify it under the
90fcddcce166 when some inlined relation is set using cw_edited, its security shouldn't be checked.
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents:
diff changeset
     7
# terms of the GNU Lesser General Public License as published by the Free
90fcddcce166 when some inlined relation is set using cw_edited, its security shouldn't be checked.
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents:
diff changeset
     8
# Software Foundation, either version 2.1 of the License, or (at your option)
90fcddcce166 when some inlined relation is set using cw_edited, its security shouldn't be checked.
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents:
diff changeset
     9
# any later version.
90fcddcce166 when some inlined relation is set using cw_edited, its security shouldn't be checked.
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents:
diff changeset
    10
#
90fcddcce166 when some inlined relation is set using cw_edited, its security shouldn't be checked.
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents:
diff changeset
    11
# CubicWeb is distributed in the hope that it will be useful, but WITHOUT
90fcddcce166 when some inlined relation is set using cw_edited, its security shouldn't be checked.
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents:
diff changeset
    12
# ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS
90fcddcce166 when some inlined relation is set using cw_edited, its security shouldn't be checked.
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents:
diff changeset
    13
# FOR A PARTICULAR PURPOSE.  See the GNU Lesser General Public License for more
90fcddcce166 when some inlined relation is set using cw_edited, its security shouldn't be checked.
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents:
diff changeset
    14
# details.
90fcddcce166 when some inlined relation is set using cw_edited, its security shouldn't be checked.
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents:
diff changeset
    15
#
90fcddcce166 when some inlined relation is set using cw_edited, its security shouldn't be checked.
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents:
diff changeset
    16
# You should have received a copy of the GNU Lesser General Public License along
90fcddcce166 when some inlined relation is set using cw_edited, its security shouldn't be checked.
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents:
diff changeset
    17
# with CubicWeb.  If not, see <http://www.gnu.org/licenses/>.
90fcddcce166 when some inlined relation is set using cw_edited, its security shouldn't be checked.
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents:
diff changeset
    18
90fcddcce166 when some inlined relation is set using cw_edited, its security shouldn't be checked.
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents:
diff changeset
    19
from cubicweb.devtools.testlib import CubicWebTC
90fcddcce166 when some inlined relation is set using cw_edited, its security shouldn't be checked.
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents:
diff changeset
    20
from cubicweb.server import hook
90fcddcce166 when some inlined relation is set using cw_edited, its security shouldn't be checked.
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents:
diff changeset
    21
from cubicweb.predicates import is_instance
90fcddcce166 when some inlined relation is set using cw_edited, its security shouldn't be checked.
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents:
diff changeset
    22
90fcddcce166 when some inlined relation is set using cw_edited, its security shouldn't be checked.
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents:
diff changeset
    23
90fcddcce166 when some inlined relation is set using cw_edited, its security shouldn't be checked.
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents:
diff changeset
    24
class SecurityHooksTC(CubicWebTC):
90fcddcce166 when some inlined relation is set using cw_edited, its security shouldn't be checked.
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents:
diff changeset
    25
    def setup_database(self):
90fcddcce166 when some inlined relation is set using cw_edited, its security shouldn't be checked.
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents:
diff changeset
    26
        with self.admin_access.repo_cnx() as cnx:
90fcddcce166 when some inlined relation is set using cw_edited, its security shouldn't be checked.
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents:
diff changeset
    27
            self.add_eid = cnx.create_entity('EmailAddress',
90fcddcce166 when some inlined relation is set using cw_edited, its security shouldn't be checked.
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents:
diff changeset
    28
                                             address=u'hop@perdu.com',
90fcddcce166 when some inlined relation is set using cw_edited, its security shouldn't be checked.
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents:
diff changeset
    29
                                             reverse_use_email=cnx.user.eid).eid
90fcddcce166 when some inlined relation is set using cw_edited, its security shouldn't be checked.
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents:
diff changeset
    30
            cnx.commit()
90fcddcce166 when some inlined relation is set using cw_edited, its security shouldn't be checked.
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents:
diff changeset
    31
90fcddcce166 when some inlined relation is set using cw_edited, its security shouldn't be checked.
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents:
diff changeset
    32
    def test_inlined_cw_edited_relation(self):
90fcddcce166 when some inlined relation is set using cw_edited, its security shouldn't be checked.
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents:
diff changeset
    33
        """modification of cw_edited to add an inlined relation shouldn't trigger a security error.
90fcddcce166 when some inlined relation is set using cw_edited, its security shouldn't be checked.
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents:
diff changeset
    34
90fcddcce166 when some inlined relation is set using cw_edited, its security shouldn't be checked.
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents:
diff changeset
    35
        Test for https://www.cubicweb.org/ticket/5477315
90fcddcce166 when some inlined relation is set using cw_edited, its security shouldn't be checked.
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents:
diff changeset
    36
        """
90fcddcce166 when some inlined relation is set using cw_edited, its security shouldn't be checked.
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents:
diff changeset
    37
        sender = self.repo.schema['Email'].rdef('sender')
90fcddcce166 when some inlined relation is set using cw_edited, its security shouldn't be checked.
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents:
diff changeset
    38
        with self.temporary_permissions((sender, {'add': ()})):
90fcddcce166 when some inlined relation is set using cw_edited, its security shouldn't be checked.
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents:
diff changeset
    39
90fcddcce166 when some inlined relation is set using cw_edited, its security shouldn't be checked.
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents:
diff changeset
    40
            class MyHook(hook.Hook):
90fcddcce166 when some inlined relation is set using cw_edited, its security shouldn't be checked.
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents:
diff changeset
    41
                __regid__ = 'test.pouet'
90fcddcce166 when some inlined relation is set using cw_edited, its security shouldn't be checked.
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents:
diff changeset
    42
                __select__ = hook.Hook.__select__ & is_instance('Email')
90fcddcce166 when some inlined relation is set using cw_edited, its security shouldn't be checked.
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents:
diff changeset
    43
                events = ('before_add_entity',)
90fcddcce166 when some inlined relation is set using cw_edited, its security shouldn't be checked.
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents:
diff changeset
    44
90fcddcce166 when some inlined relation is set using cw_edited, its security shouldn't be checked.
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents:
diff changeset
    45
                def __call__(self):
90fcddcce166 when some inlined relation is set using cw_edited, its security shouldn't be checked.
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents:
diff changeset
    46
                    self.entity.cw_edited['sender'] = self._cw.user.primary_email[0].eid
90fcddcce166 when some inlined relation is set using cw_edited, its security shouldn't be checked.
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents:
diff changeset
    47
90fcddcce166 when some inlined relation is set using cw_edited, its security shouldn't be checked.
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents:
diff changeset
    48
            with self.temporary_appobjects(MyHook):
90fcddcce166 when some inlined relation is set using cw_edited, its security shouldn't be checked.
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents:
diff changeset
    49
                with self.admin_access.repo_cnx() as cnx:
90fcddcce166 when some inlined relation is set using cw_edited, its security shouldn't be checked.
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents:
diff changeset
    50
                    email = cnx.create_entity('Email', messageid=u'1234')
90fcddcce166 when some inlined relation is set using cw_edited, its security shouldn't be checked.
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents:
diff changeset
    51
                    cnx.commit()
90fcddcce166 when some inlined relation is set using cw_edited, its security shouldn't be checked.
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents:
diff changeset
    52
                    self.assertEqual(email.sender[0].eid, self.add_eid)
90fcddcce166 when some inlined relation is set using cw_edited, its security shouldn't be checked.
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents:
diff changeset
    53
90fcddcce166 when some inlined relation is set using cw_edited, its security shouldn't be checked.
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents:
diff changeset
    54
if __name__ == '__main__':
90fcddcce166 when some inlined relation is set using cw_edited, its security shouldn't be checked.
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents:
diff changeset
    55
    from logilab.common.testlib import unittest_main
90fcddcce166 when some inlined relation is set using cw_edited, its security shouldn't be checked.
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents:
diff changeset
    56
    unittest_main()