cubicweb: comparison test/unittest

equal deleted inserted replaced

-:9aba650eea6b
+:20807d3d7cf6
 self.vreg['etypes'].etype_class(ttype).fetch_attrs = ('modification_date',)
 self.assertEqual(tag.cw_related_rql('tags', 'subject'),
 'Any X,AA ORDERBY AA DESC '
 'WHERE E eid %(x)s, E tags X, X modification_date AA')
-def test_unrelated_rql_security_1(self):
+def test_unrelated_rql_security_1_manager(self):
 user = self.request().user
 rql = user.cw_unrelated_rql('use_email', 'EmailAddress', 'subject')[0]
 self.assertEqual(rql, 'Any O,AA,AB,AC ORDERBY AC DESC '
-'WHERE NOT S use_email O, S eid %(x)s, O is EmailAddress, O address AA, O alias AB, O modification_date AC')
+'WHERE NOT S use_email O, S eid %(x)s, '
+'O is EmailAddress, O address AA, O alias AB, O modification_date AC')
+def test_unrelated_rql_security_1_user(self):
 self.create_user('toto')
 self.login('toto')
 user = self.request().user
 rql = user.cw_unrelated_rql('use_email', 'EmailAddress', 'subject')[0]
 self.assertEqual(rql, 'Any O,AA,AB,AC ORDERBY AC DESC '
-'WHERE NOT S use_email O, S eid %(x)s, O is EmailAddress, O address AA, O alias AB, O modification_date AC')
+'WHERE NOT S use_email O, S eid %(x)s, '
+'O is EmailAddress, O address AA, O alias AB, O modification_date AC')
 user = self.execute('Any X WHERE X login "admin"').get_entity(0, 0)
-self.assertRaises(Unauthorized, user.cw_unrelated_rql, 'use_email', 'EmailAddress', 'subject')
+rql = user.cw_unrelated_rql('use_email', 'EmailAddress', 'subject')[0]
+self.assertEqual(rql, 'Any O,AA,AB,AC ORDERBY AC DESC WHERE '
+'NOT EXISTS(S use_email O), S eid %(x)s, '
+'O is EmailAddress, O address AA, O alias AB, O modification_date AC, '
+'A eid %(B)s, EXISTS(S identity A, NOT A in_group C, C name "guests", C is CWGroup)')
+def test_unrelated_rql_security_1_anon(self):
 self.login('anon')
 user = self.request().user
-self.assertRaises(Unauthorized, user.cw_unrelated_rql, 'use_email', 'EmailAddress', 'subject')
+rql = user.cw_unrelated_rql('use_email', 'EmailAddress', 'subject')[0]
+self.assertEqual(rql, 'Any O,AA,AB,AC ORDERBY AC DESC WHERE '
+'NOT EXISTS(S use_email O), S eid %(x)s, '
+'O is EmailAddress, O address AA, O alias AB, O modification_date AC, '
+'A eid %(B)s, EXISTS(S identity A, NOT A in_group C, C name "guests", C is CWGroup)')
 def test_unrelated_rql_security_2(self):
 email = self.execute('INSERT EmailAddress X: X address "hop"').get_entity(0, 0)
 rql = email.cw_unrelated_rql('use_email', 'CWUser', 'object')[0]
 self.assertEqual(rql, 'Any S,AA,AB,AC,AD ORDERBY AA ASC '
 'WHERE NOT S use_email O, O eid %(x)s, S is CWUser, S login AA, S firstname AB, S surname AC, S modification_date AD')
-#rql = email.cw_unrelated_rql('use_email', 'Person', 'object')[0]
-#self.assertEqual(rql, '')
 self.login('anon')
 email = self.execute('Any X WHERE X eid %(x)s', {'x': email.eid}).get_entity(0, 0)
 rql = email.cw_unrelated_rql('use_email', 'CWUser', 'object')[0]
 self.assertEqual(rql, 'Any S,AA,AB,AC,AD ORDERBY AA '
 'WHERE NOT EXISTS(S use_email O), O eid %(x)s, S is CWUser, S login AA, S firstname AB, S surname AC, S modification_date AD, '
 'A eid %(B)s, EXISTS(S identity A, NOT A in_group C, C name "guests", C is CWGroup)')
-#rql = email.cw_unrelated_rql('use_email', 'Person', 'object')[0]
-#self.assertEqual(rql, '')
 def test_unrelated_rql_security_nonexistant(self):
 self.login('anon')
 email = self.vreg['etypes'].etype_class('EmailAddress')(self.request())
 rql = email.cw_unrelated_rql('use_email', 'CWUser', 'object')[0]

branch	stable
changeset 7139	20807d3d7cf6
parent 6685	eeedb3575d25
child 7153	7df83a6d17c0