author | Alexandre Fayolle <alexandre.fayolle@logilab.fr> |
Mon, 23 Aug 2010 12:49:28 +0200 | |
branch | stable |
changeset 6135 | e4b37742f75a |
parent 5584 | c1823448f81d |
child 6340 | 470d8e828fda |
permissions | -rw-r--r-- |
5421
8167de96c523
proper licensing information (LGPL-2.1). Hope I get it right this time.
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents:
5038
diff
changeset
|
1 |
# copyright 2003-2010 LOGILAB S.A. (Paris, FRANCE), all rights reserved. |
8167de96c523
proper licensing information (LGPL-2.1). Hope I get it right this time.
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents:
5038
diff
changeset
|
2 |
# contact http://www.logilab.fr/ -- mailto:contact@logilab.fr |
8167de96c523
proper licensing information (LGPL-2.1). Hope I get it right this time.
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents:
5038
diff
changeset
|
3 |
# |
8167de96c523
proper licensing information (LGPL-2.1). Hope I get it right this time.
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents:
5038
diff
changeset
|
4 |
# This file is part of CubicWeb. |
8167de96c523
proper licensing information (LGPL-2.1). Hope I get it right this time.
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents:
5038
diff
changeset
|
5 |
# |
8167de96c523
proper licensing information (LGPL-2.1). Hope I get it right this time.
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents:
5038
diff
changeset
|
6 |
# CubicWeb is free software: you can redistribute it and/or modify it under the |
8167de96c523
proper licensing information (LGPL-2.1). Hope I get it right this time.
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents:
5038
diff
changeset
|
7 |
# terms of the GNU Lesser General Public License as published by the Free |
8167de96c523
proper licensing information (LGPL-2.1). Hope I get it right this time.
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents:
5038
diff
changeset
|
8 |
# Software Foundation, either version 2.1 of the License, or (at your option) |
8167de96c523
proper licensing information (LGPL-2.1). Hope I get it right this time.
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents:
5038
diff
changeset
|
9 |
# any later version. |
8167de96c523
proper licensing information (LGPL-2.1). Hope I get it right this time.
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents:
5038
diff
changeset
|
10 |
# |
5424
8ecbcbff9777
replace logilab-common by CubicWeb in disclaimer
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents:
5421
diff
changeset
|
11 |
# CubicWeb is distributed in the hope that it will be useful, but WITHOUT |
5421
8167de96c523
proper licensing information (LGPL-2.1). Hope I get it right this time.
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents:
5038
diff
changeset
|
12 |
# ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS |
8167de96c523
proper licensing information (LGPL-2.1). Hope I get it right this time.
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents:
5038
diff
changeset
|
13 |
# FOR A PARTICULAR PURPOSE. See the GNU Lesser General Public License for more |
8167de96c523
proper licensing information (LGPL-2.1). Hope I get it right this time.
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents:
5038
diff
changeset
|
14 |
# details. |
8167de96c523
proper licensing information (LGPL-2.1). Hope I get it right this time.
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents:
5038
diff
changeset
|
15 |
# |
8167de96c523
proper licensing information (LGPL-2.1). Hope I get it right this time.
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents:
5038
diff
changeset
|
16 |
# You should have received a copy of the GNU Lesser General Public License along |
8167de96c523
proper licensing information (LGPL-2.1). Hope I get it right this time.
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents:
5038
diff
changeset
|
17 |
# with CubicWeb. If not, see <http://www.gnu.org/licenses/>. |
5584
c1823448f81d
[web] disallow authenticated users to access to the login form (closes #914873)
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents:
5426
diff
changeset
|
18 |
"""unit tests for cubicweb.web.application""" |
0 | 19 |
|
20 |
import base64, Cookie |
|
21 |
import sys |
|
22 |
from urllib import unquote |
|
2661
f8df42c9da6b
[vreg api update] remove some deprecation warnings
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents:
2267
diff
changeset
|
23 |
|
f8df42c9da6b
[vreg api update] remove some deprecation warnings
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents:
2267
diff
changeset
|
24 |
from logilab.common.testlib import TestCase, unittest_main |
0 | 25 |
from logilab.common.decorators import clear_cache |
26 |
||
5584
c1823448f81d
[web] disallow authenticated users to access to the login form (closes #914873)
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents:
5426
diff
changeset
|
27 |
from cubicweb import AuthenticationError, Unauthorized |
2773
b2530e3e0afb
[testlib] #345052 and #344207: major test lib refactoring/cleanup + update usage
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents:
2661
diff
changeset
|
28 |
from cubicweb.devtools.testlib import CubicWebTC |
2661
f8df42c9da6b
[vreg api update] remove some deprecation warnings
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents:
2267
diff
changeset
|
29 |
from cubicweb.devtools.fake import FakeRequest |
5223
6abd6e3599f4
#773448: refactor session and 'no connection' handling, by introducing proper web session. We should now be able to see page even when no anon is configured, and be redirected to the login form as soon as one tries to do a query.
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents:
5174
diff
changeset
|
30 |
from cubicweb.web import LogOut, Redirect, INTERNAL_FIELD_VALUE |
0 | 31 |
from cubicweb.web.views.basecontrollers import ViewController |
32 |
||
33 |
class FakeMapping: |
|
34 |
"""emulates a mapping module""" |
|
35 |
def __init__(self): |
|
36 |
self.ENTITIES_MAP = {} |
|
37 |
self.ATTRIBUTES_MAP = {} |
|
38 |
self.RELATIONS_MAP = {} |
|
39 |
||
40 |
class MockCursor: |
|
41 |
def __init__(self): |
|
42 |
self.executed = [] |
|
5174
78438ad513ca
#759035: Automate addition of eid cachekey in RQL analysis
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents:
5038
diff
changeset
|
43 |
def execute(self, rql, args=None, build_descr=False): |
0 | 44 |
args = args or {} |
45 |
self.executed.append(rql % args) |
|
46 |
||
47 |
||
48 |
class FakeController(ViewController): |
|
49 |
||
50 |
def __init__(self, form=None): |
|
3462
3a79fecdd2b4
[magicsearch] make tests pass again: base preprocessor must have access to vreg
Adrien Di Mascio <Adrien.DiMascio@logilab.fr>
parents:
3293
diff
changeset
|
51 |
self._cw = FakeRequest() |
3a79fecdd2b4
[magicsearch] make tests pass again: base preprocessor must have access to vreg
Adrien Di Mascio <Adrien.DiMascio@logilab.fr>
parents:
3293
diff
changeset
|
52 |
self._cw.form = form or {} |
5223
6abd6e3599f4
#773448: refactor session and 'no connection' handling, by introducing proper web session. We should now be able to see page even when no anon is configured, and be redirected to the login form as soon as one tries to do a query.
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents:
5174
diff
changeset
|
53 |
self._cursor = MockCursor() |
6abd6e3599f4
#773448: refactor session and 'no connection' handling, by introducing proper web session. We should now be able to see page even when no anon is configured, and be redirected to the login form as soon as one tries to do a query.
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents:
5174
diff
changeset
|
54 |
self._cw.execute = self._cursor.execute |
0 | 55 |
|
56 |
def new_cursor(self): |
|
5223
6abd6e3599f4
#773448: refactor session and 'no connection' handling, by introducing proper web session. We should now be able to see page even when no anon is configured, and be redirected to the login form as soon as one tries to do a query.
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents:
5174
diff
changeset
|
57 |
self._cursor = MockCursor() |
6abd6e3599f4
#773448: refactor session and 'no connection' handling, by introducing proper web session. We should now be able to see page even when no anon is configured, and be redirected to the login form as soon as one tries to do a query.
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents:
5174
diff
changeset
|
58 |
self._cw.execute = self._cursor.execute |
0 | 59 |
|
60 |
def set_form(self, form): |
|
3462
3a79fecdd2b4
[magicsearch] make tests pass again: base preprocessor must have access to vreg
Adrien Di Mascio <Adrien.DiMascio@logilab.fr>
parents:
3293
diff
changeset
|
61 |
self._cw.form = form |
0 | 62 |
|
63 |
||
64 |
class RequestBaseTC(TestCase): |
|
65 |
def setUp(self): |
|
3462
3a79fecdd2b4
[magicsearch] make tests pass again: base preprocessor must have access to vreg
Adrien Di Mascio <Adrien.DiMascio@logilab.fr>
parents:
3293
diff
changeset
|
66 |
self._cw = FakeRequest() |
1802
d628defebc17
delete-trailing-whitespace + some copyright update
Adrien Di Mascio <Adrien.DiMascio@logilab.fr>
parents:
1490
diff
changeset
|
67 |
|
0 | 68 |
|
69 |
def test_list_arg(self): |
|
70 |
"""tests the list_arg() function""" |
|
3462
3a79fecdd2b4
[magicsearch] make tests pass again: base preprocessor must have access to vreg
Adrien Di Mascio <Adrien.DiMascio@logilab.fr>
parents:
3293
diff
changeset
|
71 |
list_arg = self._cw.list_form_param |
0 | 72 |
self.assertEquals(list_arg('arg3', {}), []) |
73 |
d = {'arg1' : "value1", |
|
74 |
'arg2' : ('foo', INTERNAL_FIELD_VALUE,), |
|
75 |
'arg3' : ['bar']} |
|
76 |
self.assertEquals(list_arg('arg1', d, True), ['value1']) |
|
77 |
self.assertEquals(d, {'arg2' : ('foo', INTERNAL_FIELD_VALUE), 'arg3' : ['bar'],}) |
|
78 |
self.assertEquals(list_arg('arg2', d, True), ['foo']) |
|
79 |
self.assertEquals({'arg3' : ['bar'],}, d) |
|
80 |
self.assertEquals(list_arg('arg3', d), ['bar',]) |
|
81 |
self.assertEquals({'arg3' : ['bar'],}, d) |
|
82 |
||
83 |
||
84 |
def test_from_controller(self): |
|
3462
3a79fecdd2b4
[magicsearch] make tests pass again: base preprocessor must have access to vreg
Adrien Di Mascio <Adrien.DiMascio@logilab.fr>
parents:
3293
diff
changeset
|
85 |
self._cw.vreg['controllers'] = {'view': 1, 'login': 1} |
3a79fecdd2b4
[magicsearch] make tests pass again: base preprocessor must have access to vreg
Adrien Di Mascio <Adrien.DiMascio@logilab.fr>
parents:
3293
diff
changeset
|
86 |
self.assertEquals(self._cw.from_controller(), 'view') |
0 | 87 |
req = FakeRequest(url='project?vid=list') |
3265
96c8363b8f64
test update, no more a FakeVReg, needs to hack it
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents:
2661
diff
changeset
|
88 |
req.vreg['controllers'] = {'view': 1, 'login': 1} |
0 | 89 |
# this assertion is just to make sure that relative_path can be |
90 |
# correctly computed as it is used in from_controller() |
|
91 |
self.assertEquals(req.relative_path(False), 'project') |
|
92 |
self.assertEquals(req.from_controller(), 'view') |
|
93 |
# test on a valid non-view controller |
|
94 |
req = FakeRequest(url='login?x=1&y=2') |
|
3265
96c8363b8f64
test update, no more a FakeVReg, needs to hack it
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents:
2661
diff
changeset
|
95 |
req.vreg['controllers'] = {'view': 1, 'login': 1} |
0 | 96 |
self.assertEquals(req.relative_path(False), 'login') |
97 |
self.assertEquals(req.from_controller(), 'login') |
|
98 |
||
1802
d628defebc17
delete-trailing-whitespace + some copyright update
Adrien Di Mascio <Adrien.DiMascio@logilab.fr>
parents:
1490
diff
changeset
|
99 |
|
0 | 100 |
class UtilsTC(TestCase): |
101 |
"""test suite for misc application utilities""" |
|
102 |
||
103 |
def setUp(self): |
|
104 |
self.ctrl = FakeController() |
|
1802
d628defebc17
delete-trailing-whitespace + some copyright update
Adrien Di Mascio <Adrien.DiMascio@logilab.fr>
parents:
1490
diff
changeset
|
105 |
|
0 | 106 |
#def test_which_mapping(self): |
107 |
# """tests which mapping is used (application or core)""" |
|
108 |
# init_mapping() |
|
109 |
# from cubicweb.common import mapping |
|
110 |
# self.assertEquals(mapping.MAPPING_USED, 'core') |
|
111 |
# sys.modules['mapping'] = FakeMapping() |
|
112 |
# init_mapping() |
|
113 |
# self.assertEquals(mapping.MAPPING_USED, 'application') |
|
114 |
# del sys.modules['mapping'] |
|
115 |
||
116 |
def test_execute_linkto(self): |
|
117 |
"""tests the execute_linkto() function""" |
|
118 |
self.assertEquals(self.ctrl.execute_linkto(), None) |
|
119 |
self.assertEquals(self.ctrl._cursor.executed, |
|
120 |
[]) |
|
1802
d628defebc17
delete-trailing-whitespace + some copyright update
Adrien Di Mascio <Adrien.DiMascio@logilab.fr>
parents:
1490
diff
changeset
|
121 |
|
0 | 122 |
self.ctrl.set_form({'__linkto' : 'works_for:12_13_14:object', |
123 |
'eid': 8}) |
|
124 |
self.ctrl.execute_linkto() |
|
125 |
self.assertEquals(self.ctrl._cursor.executed, |
|
126 |
['SET Y works_for X WHERE X eid 8, Y eid %s' % i |
|
127 |
for i in (12, 13, 14)]) |
|
128 |
||
129 |
self.ctrl.new_cursor() |
|
130 |
self.ctrl.set_form({'__linkto' : 'works_for:12_13_14:subject', |
|
131 |
'eid': 8}) |
|
132 |
self.ctrl.execute_linkto() |
|
133 |
self.assertEquals(self.ctrl._cursor.executed, |
|
134 |
['SET X works_for Y WHERE X eid 8, Y eid %s' % i |
|
135 |
for i in (12, 13, 14)]) |
|
1802
d628defebc17
delete-trailing-whitespace + some copyright update
Adrien Di Mascio <Adrien.DiMascio@logilab.fr>
parents:
1490
diff
changeset
|
136 |
|
0 | 137 |
|
138 |
self.ctrl.new_cursor() |
|
3462
3a79fecdd2b4
[magicsearch] make tests pass again: base preprocessor must have access to vreg
Adrien Di Mascio <Adrien.DiMascio@logilab.fr>
parents:
3293
diff
changeset
|
139 |
self.ctrl._cw.form = {'__linkto' : 'works_for:12_13_14:object'} |
0 | 140 |
self.ctrl.execute_linkto(eid=8) |
141 |
self.assertEquals(self.ctrl._cursor.executed, |
|
142 |
['SET Y works_for X WHERE X eid 8, Y eid %s' % i |
|
143 |
for i in (12, 13, 14)]) |
|
144 |
||
145 |
self.ctrl.new_cursor() |
|
146 |
self.ctrl.set_form({'__linkto' : 'works_for:12_13_14:subject'}) |
|
147 |
self.ctrl.execute_linkto(eid=8) |
|
148 |
self.assertEquals(self.ctrl._cursor.executed, |
|
149 |
['SET X works_for Y WHERE X eid 8, Y eid %s' % i |
|
150 |
for i in (12, 13, 14)]) |
|
151 |
||
152 |
||
2773
b2530e3e0afb
[testlib] #345052 and #344207: major test lib refactoring/cleanup + update usage
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents:
2661
diff
changeset
|
153 |
class ApplicationTC(CubicWebTC): |
3523
16880e7ee3fa
don't accept None to avoid error
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents:
3265
diff
changeset
|
154 |
def setUp(self): |
16880e7ee3fa
don't accept None to avoid error
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents:
3265
diff
changeset
|
155 |
super(ApplicationTC, self).setUp() |
16880e7ee3fa
don't accept None to avoid error
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents:
3265
diff
changeset
|
156 |
def raise_hdlr(*args, **kwargs): |
16880e7ee3fa
don't accept None to avoid error
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents:
3265
diff
changeset
|
157 |
raise |
16880e7ee3fa
don't accept None to avoid error
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents:
3265
diff
changeset
|
158 |
self.app.error_handler = raise_hdlr |
0 | 159 |
|
160 |
def test_cnx_user_groups_sync(self): |
|
161 |
user = self.user() |
|
162 |
self.assertEquals(user.groups, set(('managers',))) |
|
163 |
self.execute('SET X in_group G WHERE X eid %s, G name "guests"' % user.eid) |
|
164 |
user = self.user() |
|
165 |
self.assertEquals(user.groups, set(('managers',))) |
|
166 |
self.commit() |
|
167 |
user = self.user() |
|
168 |
self.assertEquals(user.groups, set(('managers', 'guests'))) |
|
169 |
# cleanup |
|
170 |
self.execute('DELETE X in_group G WHERE X eid %s, G name "guests"' % user.eid) |
|
171 |
self.commit() |
|
1802
d628defebc17
delete-trailing-whitespace + some copyright update
Adrien Di Mascio <Adrien.DiMascio@logilab.fr>
parents:
1490
diff
changeset
|
172 |
|
0 | 173 |
def test_nonregr_publish1(self): |
1398
5fe84a5f7035
rename internal entity types to have CW prefix instead of E
sylvain.thenault@logilab.fr
parents:
0
diff
changeset
|
174 |
req = self.request(u'CWEType X WHERE X final FALSE, X meta FALSE') |
0 | 175 |
self.app.publish('view', req) |
1802
d628defebc17
delete-trailing-whitespace + some copyright update
Adrien Di Mascio <Adrien.DiMascio@logilab.fr>
parents:
1490
diff
changeset
|
176 |
|
0 | 177 |
def test_nonregr_publish2(self): |
178 |
req = self.request(u'Any count(N) WHERE N todo_by U, N is Note, U eid %s' |
|
179 |
% self.user().eid) |
|
180 |
self.app.publish('view', req) |
|
1802
d628defebc17
delete-trailing-whitespace + some copyright update
Adrien Di Mascio <Adrien.DiMascio@logilab.fr>
parents:
1490
diff
changeset
|
181 |
|
0 | 182 |
def test_publish_validation_error(self): |
183 |
req = self.request() |
|
184 |
user = self.user() |
|
4172
4d4cef034eec
all web tests OK
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents:
3890
diff
changeset
|
185 |
eid = unicode(user.eid) |
0 | 186 |
req.form = { |
4172
4d4cef034eec
all web tests OK
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents:
3890
diff
changeset
|
187 |
'eid': eid, |
4d4cef034eec
all web tests OK
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents:
3890
diff
changeset
|
188 |
'__type:'+eid: 'CWUser', '_cw_edited_fields:'+eid: 'login-subject', |
4d4cef034eec
all web tests OK
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents:
3890
diff
changeset
|
189 |
'login-subject:'+eid: '', # ERROR: no login specified |
0 | 190 |
# just a sample, missing some necessary information for real life |
191 |
'__errorurl': 'view?vid=edition...' |
|
192 |
} |
|
3657
706d7bf0ae3d
factor out code reusable for authentication tests
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents:
3524
diff
changeset
|
193 |
path, params = self.expect_redirect(lambda x: self.app_publish(x, 'edit'), req) |
5223
6abd6e3599f4
#773448: refactor session and 'no connection' handling, by introducing proper web session. We should now be able to see page even when no anon is configured, and be redirected to the login form as soon as one tries to do a query.
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents:
5174
diff
changeset
|
194 |
forminfo = req.session.data['view?vid=edition...'] |
0 | 195 |
eidmap = forminfo['eidmap'] |
196 |
self.assertEquals(eidmap, {}) |
|
197 |
values = forminfo['values'] |
|
4172
4d4cef034eec
all web tests OK
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents:
3890
diff
changeset
|
198 |
self.assertEquals(values['login-subject:'+eid], '') |
4d4cef034eec
all web tests OK
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents:
3890
diff
changeset
|
199 |
self.assertEquals(values['eid'], eid) |
4276 | 200 |
error = forminfo['error'] |
201 |
self.assertEquals(error.entity, user.eid) |
|
5038
90493551b1eb
[form] fix validation error handling
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents:
5030
diff
changeset
|
202 |
self.assertEquals(error.errors['login-subject'], 'required field') |
0 | 203 |
|
204 |
||
5038
90493551b1eb
[form] fix validation error handling
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents:
5030
diff
changeset
|
205 |
def test_validation_error_dont_loose_subentity_data_ctrl(self): |
0 | 206 |
"""test creation of two linked entities |
5038
90493551b1eb
[form] fix validation error handling
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents:
5030
diff
changeset
|
207 |
|
90493551b1eb
[form] fix validation error handling
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents:
5030
diff
changeset
|
208 |
error occurs on the web controller |
1802
d628defebc17
delete-trailing-whitespace + some copyright update
Adrien Di Mascio <Adrien.DiMascio@logilab.fr>
parents:
1490
diff
changeset
|
209 |
""" |
0 | 210 |
req = self.request() |
5038
90493551b1eb
[form] fix validation error handling
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents:
5030
diff
changeset
|
211 |
# set Y before X to ensure both entities are edited, not only X |
90493551b1eb
[form] fix validation error handling
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents:
5030
diff
changeset
|
212 |
req.form = {'eid': ['Y', 'X'], '__maineid': 'X', |
90493551b1eb
[form] fix validation error handling
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents:
5030
diff
changeset
|
213 |
'__type:X': 'CWUser', '_cw_edited_fields:X': 'login-subject', |
90493551b1eb
[form] fix validation error handling
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents:
5030
diff
changeset
|
214 |
# missing required field |
90493551b1eb
[form] fix validation error handling
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents:
5030
diff
changeset
|
215 |
'login-subject:X': u'', |
90493551b1eb
[form] fix validation error handling
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents:
5030
diff
changeset
|
216 |
# but email address is set |
90493551b1eb
[form] fix validation error handling
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents:
5030
diff
changeset
|
217 |
'__type:Y': 'EmailAddress', '_cw_edited_fields:Y': 'address-subject', |
90493551b1eb
[form] fix validation error handling
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents:
5030
diff
changeset
|
218 |
'address-subject:Y': u'bougloup@logilab.fr', |
90493551b1eb
[form] fix validation error handling
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents:
5030
diff
changeset
|
219 |
'use_email-object:Y': 'X', |
90493551b1eb
[form] fix validation error handling
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents:
5030
diff
changeset
|
220 |
# necessary to get validation error handling |
90493551b1eb
[form] fix validation error handling
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents:
5030
diff
changeset
|
221 |
'__errorurl': 'view?vid=edition...', |
90493551b1eb
[form] fix validation error handling
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents:
5030
diff
changeset
|
222 |
} |
3657
706d7bf0ae3d
factor out code reusable for authentication tests
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents:
3524
diff
changeset
|
223 |
path, params = self.expect_redirect(lambda x: self.app_publish(x, 'edit'), req) |
5223
6abd6e3599f4
#773448: refactor session and 'no connection' handling, by introducing proper web session. We should now be able to see page even when no anon is configured, and be redirected to the login form as soon as one tries to do a query.
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents:
5174
diff
changeset
|
224 |
forminfo = req.session.data['view?vid=edition...'] |
4172
4d4cef034eec
all web tests OK
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents:
3890
diff
changeset
|
225 |
self.assertEquals(set(forminfo['eidmap']), set('XY')) |
5038
90493551b1eb
[form] fix validation error handling
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents:
5030
diff
changeset
|
226 |
self.assertEquals(forminfo['eidmap']['X'], None) |
90493551b1eb
[form] fix validation error handling
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents:
5030
diff
changeset
|
227 |
self.assertIsInstance(forminfo['eidmap']['Y'], int) |
90493551b1eb
[form] fix validation error handling
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents:
5030
diff
changeset
|
228 |
self.assertEquals(forminfo['error'].entity, 'X') |
90493551b1eb
[form] fix validation error handling
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents:
5030
diff
changeset
|
229 |
self.assertEquals(forminfo['error'].errors, |
90493551b1eb
[form] fix validation error handling
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents:
5030
diff
changeset
|
230 |
{'login-subject': 'required field'}) |
90493551b1eb
[form] fix validation error handling
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents:
5030
diff
changeset
|
231 |
self.assertEquals(forminfo['values'], req.form) |
90493551b1eb
[form] fix validation error handling
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents:
5030
diff
changeset
|
232 |
|
90493551b1eb
[form] fix validation error handling
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents:
5030
diff
changeset
|
233 |
|
90493551b1eb
[form] fix validation error handling
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents:
5030
diff
changeset
|
234 |
def test_validation_error_dont_loose_subentity_data_repo(self): |
90493551b1eb
[form] fix validation error handling
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents:
5030
diff
changeset
|
235 |
"""test creation of two linked entities |
90493551b1eb
[form] fix validation error handling
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents:
5030
diff
changeset
|
236 |
|
90493551b1eb
[form] fix validation error handling
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents:
5030
diff
changeset
|
237 |
error occurs on the repository |
90493551b1eb
[form] fix validation error handling
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents:
5030
diff
changeset
|
238 |
""" |
90493551b1eb
[form] fix validation error handling
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents:
5030
diff
changeset
|
239 |
req = self.request() |
90493551b1eb
[form] fix validation error handling
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents:
5030
diff
changeset
|
240 |
# set Y before X to ensure both entities are edited, not only X |
90493551b1eb
[form] fix validation error handling
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents:
5030
diff
changeset
|
241 |
req.form = {'eid': ['Y', 'X'], '__maineid': 'X', |
90493551b1eb
[form] fix validation error handling
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents:
5030
diff
changeset
|
242 |
'__type:X': 'CWUser', '_cw_edited_fields:X': 'login-subject,upassword-subject', |
90493551b1eb
[form] fix validation error handling
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents:
5030
diff
changeset
|
243 |
# already existent user |
90493551b1eb
[form] fix validation error handling
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents:
5030
diff
changeset
|
244 |
'login-subject:X': u'admin', |
90493551b1eb
[form] fix validation error handling
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents:
5030
diff
changeset
|
245 |
'upassword-subject:X': u'admin', 'upassword-subject-confirm:X': u'admin', |
90493551b1eb
[form] fix validation error handling
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents:
5030
diff
changeset
|
246 |
'__type:Y': 'EmailAddress', '_cw_edited_fields:Y': 'address-subject', |
90493551b1eb
[form] fix validation error handling
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents:
5030
diff
changeset
|
247 |
'address-subject:Y': u'bougloup@logilab.fr', |
90493551b1eb
[form] fix validation error handling
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents:
5030
diff
changeset
|
248 |
'use_email-object:Y': 'X', |
90493551b1eb
[form] fix validation error handling
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents:
5030
diff
changeset
|
249 |
# necessary to get validation error handling |
90493551b1eb
[form] fix validation error handling
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents:
5030
diff
changeset
|
250 |
'__errorurl': 'view?vid=edition...', |
90493551b1eb
[form] fix validation error handling
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents:
5030
diff
changeset
|
251 |
} |
90493551b1eb
[form] fix validation error handling
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents:
5030
diff
changeset
|
252 |
path, params = self.expect_redirect(lambda x: self.app_publish(x, 'edit'), req) |
5223
6abd6e3599f4
#773448: refactor session and 'no connection' handling, by introducing proper web session. We should now be able to see page even when no anon is configured, and be redirected to the login form as soon as one tries to do a query.
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents:
5174
diff
changeset
|
253 |
forminfo = req.session.data['view?vid=edition...'] |
5038
90493551b1eb
[form] fix validation error handling
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents:
5030
diff
changeset
|
254 |
self.assertEquals(set(forminfo['eidmap']), set('XY')) |
90493551b1eb
[form] fix validation error handling
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents:
5030
diff
changeset
|
255 |
self.assertIsInstance(forminfo['eidmap']['X'], int) |
90493551b1eb
[form] fix validation error handling
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents:
5030
diff
changeset
|
256 |
self.assertIsInstance(forminfo['eidmap']['Y'], int) |
4276 | 257 |
self.assertEquals(forminfo['error'].entity, forminfo['eidmap']['X']) |
5030
5238d9a8dfee
[form] put qualified name on validation error, should fix #784299
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents:
4276
diff
changeset
|
258 |
self.assertEquals(forminfo['error'].errors, |
5038
90493551b1eb
[form] fix validation error handling
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents:
5030
diff
changeset
|
259 |
{'login-subject': u'the value "admin" is already used, use another one'}) |
90493551b1eb
[form] fix validation error handling
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents:
5030
diff
changeset
|
260 |
self.assertEquals(forminfo['values'], req.form) |
90493551b1eb
[form] fix validation error handling
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents:
5030
diff
changeset
|
261 |
|
1802
d628defebc17
delete-trailing-whitespace + some copyright update
Adrien Di Mascio <Adrien.DiMascio@logilab.fr>
parents:
1490
diff
changeset
|
262 |
|
0 | 263 |
def _test_cleaned(self, kwargs, injected, cleaned): |
264 |
req = self.request(**kwargs) |
|
265 |
page = self.app.publish('view', req) |
|
266 |
self.failIf(injected in page, (kwargs, injected)) |
|
267 |
self.failUnless(cleaned in page, (kwargs, cleaned)) |
|
1802
d628defebc17
delete-trailing-whitespace + some copyright update
Adrien Di Mascio <Adrien.DiMascio@logilab.fr>
parents:
1490
diff
changeset
|
268 |
|
0 | 269 |
def test_nonregr_script_kiddies(self): |
270 |
"""test against current script injection""" |
|
271 |
injected = '<i>toto</i>' |
|
272 |
cleaned = 'toto' |
|
273 |
for kwargs in ({'__message': injected}, |
|
274 |
{'vid': injected}, |
|
275 |
{'vtitle': injected}, |
|
276 |
): |
|
277 |
yield self._test_cleaned, kwargs, injected, cleaned |
|
1802
d628defebc17
delete-trailing-whitespace + some copyright update
Adrien Di Mascio <Adrien.DiMascio@logilab.fr>
parents:
1490
diff
changeset
|
278 |
|
0 | 279 |
def test_site_wide_eproperties_sync(self): |
280 |
# XXX work in all-in-one configuration but not in twisted for instance |
|
281 |
# in which case we need a kindof repo -> http server notification |
|
282 |
# protocol |
|
283 |
vreg = self.app.vreg |
|
284 |
# default value |
|
285 |
self.assertEquals(vreg.property_value('ui.language'), 'en') |
|
1398
5fe84a5f7035
rename internal entity types to have CW prefix instead of E
sylvain.thenault@logilab.fr
parents:
0
diff
changeset
|
286 |
self.execute('INSERT CWProperty X: X value "fr", X pkey "ui.language"') |
0 | 287 |
self.assertEquals(vreg.property_value('ui.language'), 'en') |
288 |
self.commit() |
|
289 |
self.assertEquals(vreg.property_value('ui.language'), 'fr') |
|
290 |
self.execute('SET X value "de" WHERE X pkey "ui.language"') |
|
291 |
self.assertEquals(vreg.property_value('ui.language'), 'fr') |
|
292 |
self.commit() |
|
293 |
self.assertEquals(vreg.property_value('ui.language'), 'de') |
|
1398
5fe84a5f7035
rename internal entity types to have CW prefix instead of E
sylvain.thenault@logilab.fr
parents:
0
diff
changeset
|
294 |
self.execute('DELETE CWProperty X WHERE X pkey "ui.language"') |
0 | 295 |
self.assertEquals(vreg.property_value('ui.language'), 'de') |
296 |
self.commit() |
|
297 |
self.assertEquals(vreg.property_value('ui.language'), 'en') |
|
298 |
||
5584
c1823448f81d
[web] disallow authenticated users to access to the login form (closes #914873)
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents:
5426
diff
changeset
|
299 |
def test_login_not_available_to_authenticated(self): |
c1823448f81d
[web] disallow authenticated users to access to the login form (closes #914873)
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents:
5426
diff
changeset
|
300 |
req = self.request() |
c1823448f81d
[web] disallow authenticated users to access to the login form (closes #914873)
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents:
5426
diff
changeset
|
301 |
ex = self.assertRaises(Unauthorized, self.app_publish, req, 'login') |
c1823448f81d
[web] disallow authenticated users to access to the login form (closes #914873)
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents:
5426
diff
changeset
|
302 |
self.assertEquals(str(ex), 'log out first') |
c1823448f81d
[web] disallow authenticated users to access to the login form (closes #914873)
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents:
5426
diff
changeset
|
303 |
|
0 | 304 |
def test_fb_login_concept(self): |
305 |
"""see data/views.py""" |
|
306 |
self.set_option('auth-mode', 'cookie') |
|
307 |
self.set_option('anonymous-user', 'anon') |
|
308 |
self.login('anon') |
|
309 |
req = self.request() |
|
310 |
origcnx = req.cnx |
|
311 |
req.form['__fblogin'] = u'turlututu' |
|
3657
706d7bf0ae3d
factor out code reusable for authentication tests
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents:
3524
diff
changeset
|
312 |
page = self.app_publish(req) |
0 | 313 |
self.failIf(req.cnx is origcnx) |
314 |
self.assertEquals(req.user.login, 'turlututu') |
|
315 |
self.failUnless('turlututu' in page, page) |
|
1802
d628defebc17
delete-trailing-whitespace + some copyright update
Adrien Di Mascio <Adrien.DiMascio@logilab.fr>
parents:
1490
diff
changeset
|
316 |
|
0 | 317 |
# authentication tests #################################################### |
318 |
||
3657
706d7bf0ae3d
factor out code reusable for authentication tests
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents:
3524
diff
changeset
|
319 |
def test_http_auth_no_anon(self): |
5223
6abd6e3599f4
#773448: refactor session and 'no connection' handling, by introducing proper web session. We should now be able to see page even when no anon is configured, and be redirected to the login form as soon as one tries to do a query.
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents:
5174
diff
changeset
|
320 |
req, origsession = self.init_authentication('http') |
3657
706d7bf0ae3d
factor out code reusable for authentication tests
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents:
3524
diff
changeset
|
321 |
self.assertAuthFailure(req) |
5223
6abd6e3599f4
#773448: refactor session and 'no connection' handling, by introducing proper web session. We should now be able to see page even when no anon is configured, and be redirected to the login form as soon as one tries to do a query.
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents:
5174
diff
changeset
|
322 |
self.assertRaises(AuthenticationError, self.app_publish, req, 'login') |
0 | 323 |
self.assertEquals(req.cnx, None) |
5223
6abd6e3599f4
#773448: refactor session and 'no connection' handling, by introducing proper web session. We should now be able to see page even when no anon is configured, and be redirected to the login form as soon as one tries to do a query.
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents:
5174
diff
changeset
|
324 |
authstr = base64.encodestring('%s:%s' % (origsession.login, origsession.authinfo['password'])) |
0 | 325 |
req._headers['Authorization'] = 'basic %s' % authstr |
5223
6abd6e3599f4
#773448: refactor session and 'no connection' handling, by introducing proper web session. We should now be able to see page even when no anon is configured, and be redirected to the login form as soon as one tries to do a query.
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents:
5174
diff
changeset
|
326 |
self.assertAuthSuccess(req, origsession) |
6abd6e3599f4
#773448: refactor session and 'no connection' handling, by introducing proper web session. We should now be able to see page even when no anon is configured, and be redirected to the login form as soon as one tries to do a query.
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents:
5174
diff
changeset
|
327 |
self.assertEquals(req.session.authinfo, {'password': origsession.authinfo['password']}) |
6abd6e3599f4
#773448: refactor session and 'no connection' handling, by introducing proper web session. We should now be able to see page even when no anon is configured, and be redirected to the login form as soon as one tries to do a query.
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents:
5174
diff
changeset
|
328 |
self.assertRaises(LogOut, self.app_publish, req, 'logout') |
1802
d628defebc17
delete-trailing-whitespace + some copyright update
Adrien Di Mascio <Adrien.DiMascio@logilab.fr>
parents:
1490
diff
changeset
|
329 |
self.assertEquals(len(self.open_sessions), 0) |
0 | 330 |
|
331 |
def test_cookie_auth_no_anon(self): |
|
5223
6abd6e3599f4
#773448: refactor session and 'no connection' handling, by introducing proper web session. We should now be able to see page even when no anon is configured, and be redirected to the login form as soon as one tries to do a query.
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents:
5174
diff
changeset
|
332 |
req, origsession = self.init_authentication('cookie') |
3657
706d7bf0ae3d
factor out code reusable for authentication tests
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents:
3524
diff
changeset
|
333 |
self.assertAuthFailure(req) |
706d7bf0ae3d
factor out code reusable for authentication tests
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents:
3524
diff
changeset
|
334 |
form = self.app_publish(req, 'login') |
0 | 335 |
self.failUnless('__login' in form) |
336 |
self.failUnless('__password' in form) |
|
337 |
self.assertEquals(req.cnx, None) |
|
5223
6abd6e3599f4
#773448: refactor session and 'no connection' handling, by introducing proper web session. We should now be able to see page even when no anon is configured, and be redirected to the login form as soon as one tries to do a query.
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents:
5174
diff
changeset
|
338 |
req.form['__login'] = origsession.login |
6abd6e3599f4
#773448: refactor session and 'no connection' handling, by introducing proper web session. We should now be able to see page even when no anon is configured, and be redirected to the login form as soon as one tries to do a query.
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents:
5174
diff
changeset
|
339 |
req.form['__password'] = origsession.authinfo['password'] |
6abd6e3599f4
#773448: refactor session and 'no connection' handling, by introducing proper web session. We should now be able to see page even when no anon is configured, and be redirected to the login form as soon as one tries to do a query.
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents:
5174
diff
changeset
|
340 |
self.assertAuthSuccess(req, origsession) |
6abd6e3599f4
#773448: refactor session and 'no connection' handling, by introducing proper web session. We should now be able to see page even when no anon is configured, and be redirected to the login form as soon as one tries to do a query.
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents:
5174
diff
changeset
|
341 |
self.assertEquals(req.session.authinfo, {'password': origsession.authinfo['password']}) |
6abd6e3599f4
#773448: refactor session and 'no connection' handling, by introducing proper web session. We should now be able to see page even when no anon is configured, and be redirected to the login form as soon as one tries to do a query.
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents:
5174
diff
changeset
|
342 |
self.assertRaises(LogOut, self.app_publish, req, 'logout') |
1802
d628defebc17
delete-trailing-whitespace + some copyright update
Adrien Di Mascio <Adrien.DiMascio@logilab.fr>
parents:
1490
diff
changeset
|
343 |
self.assertEquals(len(self.open_sessions), 0) |
0 | 344 |
|
1490
6b024694d493
add allow-email-login option
Florent <florent@secondweb.fr>
parents:
1489
diff
changeset
|
345 |
def test_login_by_email(self): |
1489
08acef58ad08
add a test regarding login with a primary email
Florent <florent@secondweb.fr>
parents:
1398
diff
changeset
|
346 |
login = self.request().user.login |
08acef58ad08
add a test regarding login with a primary email
Florent <florent@secondweb.fr>
parents:
1398
diff
changeset
|
347 |
address = login + u'@localhost' |
08acef58ad08
add a test regarding login with a primary email
Florent <florent@secondweb.fr>
parents:
1398
diff
changeset
|
348 |
self.execute('INSERT EmailAddress X: X address %(address)s, U primary_email X ' |
08acef58ad08
add a test regarding login with a primary email
Florent <florent@secondweb.fr>
parents:
1398
diff
changeset
|
349 |
'WHERE U login %(login)s', {'address': address, 'login': login}) |
08acef58ad08
add a test regarding login with a primary email
Florent <florent@secondweb.fr>
parents:
1398
diff
changeset
|
350 |
self.commit() |
1490
6b024694d493
add allow-email-login option
Florent <florent@secondweb.fr>
parents:
1489
diff
changeset
|
351 |
# option allow-email-login not set |
5223
6abd6e3599f4
#773448: refactor session and 'no connection' handling, by introducing proper web session. We should now be able to see page even when no anon is configured, and be redirected to the login form as soon as one tries to do a query.
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents:
5174
diff
changeset
|
352 |
req, origsession = self.init_authentication('cookie') |
1490
6b024694d493
add allow-email-login option
Florent <florent@secondweb.fr>
parents:
1489
diff
changeset
|
353 |
req.form['__login'] = address |
5223
6abd6e3599f4
#773448: refactor session and 'no connection' handling, by introducing proper web session. We should now be able to see page even when no anon is configured, and be redirected to the login form as soon as one tries to do a query.
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents:
5174
diff
changeset
|
354 |
req.form['__password'] = origsession.authinfo['password'] |
3657
706d7bf0ae3d
factor out code reusable for authentication tests
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents:
3524
diff
changeset
|
355 |
self.assertAuthFailure(req) |
1490
6b024694d493
add allow-email-login option
Florent <florent@secondweb.fr>
parents:
1489
diff
changeset
|
356 |
# option allow-email-login set |
5223
6abd6e3599f4
#773448: refactor session and 'no connection' handling, by introducing proper web session. We should now be able to see page even when no anon is configured, and be redirected to the login form as soon as one tries to do a query.
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents:
5174
diff
changeset
|
357 |
origsession.login = address |
1490
6b024694d493
add allow-email-login option
Florent <florent@secondweb.fr>
parents:
1489
diff
changeset
|
358 |
self.set_option('allow-email-login', True) |
1489
08acef58ad08
add a test regarding login with a primary email
Florent <florent@secondweb.fr>
parents:
1398
diff
changeset
|
359 |
req.form['__login'] = address |
5223
6abd6e3599f4
#773448: refactor session and 'no connection' handling, by introducing proper web session. We should now be able to see page even when no anon is configured, and be redirected to the login form as soon as one tries to do a query.
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents:
5174
diff
changeset
|
360 |
req.form['__password'] = origsession.authinfo['password'] |
6abd6e3599f4
#773448: refactor session and 'no connection' handling, by introducing proper web session. We should now be able to see page even when no anon is configured, and be redirected to the login form as soon as one tries to do a query.
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents:
5174
diff
changeset
|
361 |
self.assertAuthSuccess(req, origsession) |
6abd6e3599f4
#773448: refactor session and 'no connection' handling, by introducing proper web session. We should now be able to see page even when no anon is configured, and be redirected to the login form as soon as one tries to do a query.
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents:
5174
diff
changeset
|
362 |
self.assertEquals(req.session.authinfo, {'password': origsession.authinfo['password']}) |
6abd6e3599f4
#773448: refactor session and 'no connection' handling, by introducing proper web session. We should now be able to see page even when no anon is configured, and be redirected to the login form as soon as one tries to do a query.
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents:
5174
diff
changeset
|
363 |
self.assertRaises(LogOut, self.app_publish, req, 'logout') |
1802
d628defebc17
delete-trailing-whitespace + some copyright update
Adrien Di Mascio <Adrien.DiMascio@logilab.fr>
parents:
1490
diff
changeset
|
364 |
self.assertEquals(len(self.open_sessions), 0) |
1489
08acef58ad08
add a test regarding login with a primary email
Florent <florent@secondweb.fr>
parents:
1398
diff
changeset
|
365 |
|
0 | 366 |
def _reset_cookie(self, req): |
367 |
# preparing the suite of the test |
|
368 |
# set session id in cookie |
|
369 |
cookie = Cookie.SimpleCookie() |
|
5223
6abd6e3599f4
#773448: refactor session and 'no connection' handling, by introducing proper web session. We should now be able to see page even when no anon is configured, and be redirected to the login form as soon as one tries to do a query.
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents:
5174
diff
changeset
|
370 |
cookie['__session'] = req.session.sessionid |
0 | 371 |
req._headers['Cookie'] = cookie['__session'].OutputString() |
372 |
clear_cache(req, 'get_authorization') |
|
5223
6abd6e3599f4
#773448: refactor session and 'no connection' handling, by introducing proper web session. We should now be able to see page even when no anon is configured, and be redirected to the login form as soon as one tries to do a query.
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents:
5174
diff
changeset
|
373 |
# reset session as if it was a new incoming request |
6abd6e3599f4
#773448: refactor session and 'no connection' handling, by introducing proper web session. We should now be able to see page even when no anon is configured, and be redirected to the login form as soon as one tries to do a query.
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents:
5174
diff
changeset
|
374 |
req.session = req.cnx = None |
1802
d628defebc17
delete-trailing-whitespace + some copyright update
Adrien Di Mascio <Adrien.DiMascio@logilab.fr>
parents:
1490
diff
changeset
|
375 |
|
3657
706d7bf0ae3d
factor out code reusable for authentication tests
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents:
3524
diff
changeset
|
376 |
def _test_auth_anon(self, req): |
706d7bf0ae3d
factor out code reusable for authentication tests
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents:
3524
diff
changeset
|
377 |
self.app.connect(req) |
5223
6abd6e3599f4
#773448: refactor session and 'no connection' handling, by introducing proper web session. We should now be able to see page even when no anon is configured, and be redirected to the login form as soon as one tries to do a query.
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents:
5174
diff
changeset
|
378 |
asession = req.session |
3657
706d7bf0ae3d
factor out code reusable for authentication tests
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents:
3524
diff
changeset
|
379 |
self.assertEquals(len(self.open_sessions), 1) |
5223
6abd6e3599f4
#773448: refactor session and 'no connection' handling, by introducing proper web session. We should now be able to see page even when no anon is configured, and be redirected to the login form as soon as one tries to do a query.
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents:
5174
diff
changeset
|
380 |
self.assertEquals(asession.login, 'anon') |
6abd6e3599f4
#773448: refactor session and 'no connection' handling, by introducing proper web session. We should now be able to see page even when no anon is configured, and be redirected to the login form as soon as one tries to do a query.
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents:
5174
diff
changeset
|
381 |
self.assertEquals(asession.authinfo['password'], 'anon') |
6abd6e3599f4
#773448: refactor session and 'no connection' handling, by introducing proper web session. We should now be able to see page even when no anon is configured, and be redirected to the login form as soon as one tries to do a query.
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents:
5174
diff
changeset
|
382 |
self.failUnless(asession.anonymous_session) |
3657
706d7bf0ae3d
factor out code reusable for authentication tests
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents:
3524
diff
changeset
|
383 |
self._reset_cookie(req) |
706d7bf0ae3d
factor out code reusable for authentication tests
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents:
3524
diff
changeset
|
384 |
|
0 | 385 |
def _test_anon_auth_fail(self, req): |
1802
d628defebc17
delete-trailing-whitespace + some copyright update
Adrien Di Mascio <Adrien.DiMascio@logilab.fr>
parents:
1490
diff
changeset
|
386 |
self.assertEquals(len(self.open_sessions), 1) |
0 | 387 |
self.app.connect(req) |
388 |
self.assertEquals(req.message, 'authentication failure') |
|
5223
6abd6e3599f4
#773448: refactor session and 'no connection' handling, by introducing proper web session. We should now be able to see page even when no anon is configured, and be redirected to the login form as soon as one tries to do a query.
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents:
5174
diff
changeset
|
389 |
self.assertEquals(req.session.anonymous_session, True) |
1802
d628defebc17
delete-trailing-whitespace + some copyright update
Adrien Di Mascio <Adrien.DiMascio@logilab.fr>
parents:
1490
diff
changeset
|
390 |
self.assertEquals(len(self.open_sessions), 1) |
0 | 391 |
self._reset_cookie(req) |
1802
d628defebc17
delete-trailing-whitespace + some copyright update
Adrien Di Mascio <Adrien.DiMascio@logilab.fr>
parents:
1490
diff
changeset
|
392 |
|
0 | 393 |
def test_http_auth_anon_allowed(self): |
5223
6abd6e3599f4
#773448: refactor session and 'no connection' handling, by introducing proper web session. We should now be able to see page even when no anon is configured, and be redirected to the login form as soon as one tries to do a query.
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents:
5174
diff
changeset
|
394 |
req, origsession = self.init_authentication('http', 'anon') |
0 | 395 |
self._test_auth_anon(req) |
396 |
authstr = base64.encodestring('toto:pouet') |
|
397 |
req._headers['Authorization'] = 'basic %s' % authstr |
|
398 |
self._test_anon_auth_fail(req) |
|
5223
6abd6e3599f4
#773448: refactor session and 'no connection' handling, by introducing proper web session. We should now be able to see page even when no anon is configured, and be redirected to the login form as soon as one tries to do a query.
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents:
5174
diff
changeset
|
399 |
authstr = base64.encodestring('%s:%s' % (origsession.login, origsession.authinfo['password'])) |
0 | 400 |
req._headers['Authorization'] = 'basic %s' % authstr |
5223
6abd6e3599f4
#773448: refactor session and 'no connection' handling, by introducing proper web session. We should now be able to see page even when no anon is configured, and be redirected to the login form as soon as one tries to do a query.
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents:
5174
diff
changeset
|
401 |
self.assertAuthSuccess(req, origsession) |
6abd6e3599f4
#773448: refactor session and 'no connection' handling, by introducing proper web session. We should now be able to see page even when no anon is configured, and be redirected to the login form as soon as one tries to do a query.
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents:
5174
diff
changeset
|
402 |
self.assertEquals(req.session.authinfo, {'password': origsession.authinfo['password']}) |
6abd6e3599f4
#773448: refactor session and 'no connection' handling, by introducing proper web session. We should now be able to see page even when no anon is configured, and be redirected to the login form as soon as one tries to do a query.
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents:
5174
diff
changeset
|
403 |
self.assertRaises(LogOut, self.app_publish, req, 'logout') |
1802
d628defebc17
delete-trailing-whitespace + some copyright update
Adrien Di Mascio <Adrien.DiMascio@logilab.fr>
parents:
1490
diff
changeset
|
404 |
self.assertEquals(len(self.open_sessions), 0) |
d628defebc17
delete-trailing-whitespace + some copyright update
Adrien Di Mascio <Adrien.DiMascio@logilab.fr>
parents:
1490
diff
changeset
|
405 |
|
0 | 406 |
def test_cookie_auth_anon_allowed(self): |
5223
6abd6e3599f4
#773448: refactor session and 'no connection' handling, by introducing proper web session. We should now be able to see page even when no anon is configured, and be redirected to the login form as soon as one tries to do a query.
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents:
5174
diff
changeset
|
407 |
req, origsession = self.init_authentication('cookie', 'anon') |
0 | 408 |
self._test_auth_anon(req) |
409 |
req.form['__login'] = 'toto' |
|
410 |
req.form['__password'] = 'pouet' |
|
411 |
self._test_anon_auth_fail(req) |
|
5223
6abd6e3599f4
#773448: refactor session and 'no connection' handling, by introducing proper web session. We should now be able to see page even when no anon is configured, and be redirected to the login form as soon as one tries to do a query.
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents:
5174
diff
changeset
|
412 |
req.form['__login'] = origsession.login |
6abd6e3599f4
#773448: refactor session and 'no connection' handling, by introducing proper web session. We should now be able to see page even when no anon is configured, and be redirected to the login form as soon as one tries to do a query.
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents:
5174
diff
changeset
|
413 |
req.form['__password'] = origsession.authinfo['password'] |
6abd6e3599f4
#773448: refactor session and 'no connection' handling, by introducing proper web session. We should now be able to see page even when no anon is configured, and be redirected to the login form as soon as one tries to do a query.
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents:
5174
diff
changeset
|
414 |
self.assertAuthSuccess(req, origsession) |
6abd6e3599f4
#773448: refactor session and 'no connection' handling, by introducing proper web session. We should now be able to see page even when no anon is configured, and be redirected to the login form as soon as one tries to do a query.
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents:
5174
diff
changeset
|
415 |
self.assertEquals(req.session.authinfo, |
6abd6e3599f4
#773448: refactor session and 'no connection' handling, by introducing proper web session. We should now be able to see page even when no anon is configured, and be redirected to the login form as soon as one tries to do a query.
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents:
5174
diff
changeset
|
416 |
{'password': origsession.authinfo['password']}) |
6abd6e3599f4
#773448: refactor session and 'no connection' handling, by introducing proper web session. We should now be able to see page even when no anon is configured, and be redirected to the login form as soon as one tries to do a query.
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents:
5174
diff
changeset
|
417 |
self.assertRaises(LogOut, self.app_publish, req, 'logout') |
1802
d628defebc17
delete-trailing-whitespace + some copyright update
Adrien Di Mascio <Adrien.DiMascio@logilab.fr>
parents:
1490
diff
changeset
|
418 |
self.assertEquals(len(self.open_sessions), 0) |
0 | 419 |
|
3523
16880e7ee3fa
don't accept None to avoid error
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents:
3265
diff
changeset
|
420 |
def test_non_regr_optional_first_var(self): |
16880e7ee3fa
don't accept None to avoid error
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents:
3265
diff
changeset
|
421 |
req = self.request() |
16880e7ee3fa
don't accept None to avoid error
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents:
3265
diff
changeset
|
422 |
# expect a rset with None in [0][0] |
16880e7ee3fa
don't accept None to avoid error
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents:
3265
diff
changeset
|
423 |
req.form['rql'] = 'rql:Any OV1, X WHERE X custom_workflow OV1?' |
3657
706d7bf0ae3d
factor out code reusable for authentication tests
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents:
3524
diff
changeset
|
424 |
self.app_publish(req) |
0 | 425 |
|
426 |
if __name__ == '__main__': |
|
427 |
unittest_main() |