205 torestore.append(cm) |
205 torestore.append(cm) |
206 try: |
206 try: |
207 # testing basic fetch_attrs attribute |
207 # testing basic fetch_attrs attribute |
208 self.assertEqual(Personne.fetch_rql(user), |
208 self.assertEqual(Personne.fetch_rql(user), |
209 'Any X,AA,AB,AC ORDERBY AA ' |
209 'Any X,AA,AB,AC ORDERBY AA ' |
210 'WHERE X is Personne, X nom AA, X prenom AB, X modification_date AC') |
210 'WHERE X is_instance_of Personne, X nom AA, X prenom AB, X modification_date AC') |
211 # testing unknown attributes |
211 # testing unknown attributes |
212 Personne.fetch_attrs = ('bloug', 'beep') |
212 Personne.fetch_attrs = ('bloug', 'beep') |
213 self.assertEqual(Personne.fetch_rql(user), 'Any X WHERE X is Personne') |
213 self.assertEqual(Personne.fetch_rql(user), 'Any X WHERE X is_instance_of Personne') |
214 # testing one non final relation |
214 # testing one non final relation |
215 Personne.fetch_attrs = ('nom', 'prenom', 'travaille') |
215 Personne.fetch_attrs = ('nom', 'prenom', 'travaille') |
216 self.assertEqual(Personne.fetch_rql(user), |
216 self.assertEqual(Personne.fetch_rql(user), |
217 'Any X,AA,AB,AC,AD ORDERBY AA ' |
217 'Any X,AA,AB,AC,AD ORDERBY AA ' |
218 'WHERE X is Personne, X nom AA, X prenom AB, X travaille AC?, AC nom AD') |
218 'WHERE X is_instance_of Personne, X nom AA, X prenom AB, X travaille AC?, AC nom AD') |
219 # testing two non final relations |
219 # testing two non final relations |
220 Personne.fetch_attrs = ('nom', 'prenom', 'travaille', 'evaluee') |
220 Personne.fetch_attrs = ('nom', 'prenom', 'travaille', 'evaluee') |
221 self.assertEqual(Personne.fetch_rql(user), |
221 self.assertEqual(Personne.fetch_rql(user), |
222 'Any X,AA,AB,AC,AD,AE ORDERBY AA ' |
222 'Any X,AA,AB,AC,AD,AE ORDERBY AA ' |
223 'WHERE X is Personne, X nom AA, X prenom AB, X travaille AC?, AC nom AD, ' |
223 'WHERE X is_instance_of Personne, X nom AA, X prenom AB, X travaille AC?, AC nom AD, ' |
224 'X evaluee AE?') |
224 'X evaluee AE?') |
225 # testing one non final relation with recursion |
225 # testing one non final relation with recursion |
226 Personne.fetch_attrs = ('nom', 'prenom', 'travaille') |
226 Personne.fetch_attrs = ('nom', 'prenom', 'travaille') |
227 Societe.fetch_attrs = ('nom', 'evaluee') |
227 Societe.fetch_attrs = ('nom', 'evaluee') |
228 self.assertEqual(Personne.fetch_rql(user), |
228 self.assertEqual(Personne.fetch_rql(user), |
229 'Any X,AA,AB,AC,AD,AE,AF ORDERBY AA,AF DESC ' |
229 'Any X,AA,AB,AC,AD,AE,AF ORDERBY AA,AF DESC ' |
230 'WHERE X is Personne, X nom AA, X prenom AB, X travaille AC?, AC nom AD, ' |
230 'WHERE X is_instance_of Personne, X nom AA, X prenom AB, X travaille AC?, AC nom AD, ' |
231 'AC evaluee AE?, AE modification_date AF' |
231 'AC evaluee AE?, AE modification_date AF' |
232 ) |
232 ) |
233 # testing symmetric relation |
233 # testing symmetric relation |
234 Personne.fetch_attrs = ('nom', 'connait') |
234 Personne.fetch_attrs = ('nom', 'connait') |
235 self.assertEqual(Personne.fetch_rql(user), 'Any X,AA,AB ORDERBY AA ' |
235 self.assertEqual(Personne.fetch_rql(user), 'Any X,AA,AB ORDERBY AA ' |
236 'WHERE X is Personne, X nom AA, X connait AB?') |
236 'WHERE X is_instance_of Personne, X nom AA, X connait AB?') |
237 # testing optional relation |
237 # testing optional relation |
238 peschema.subjrels['travaille'].rdef(peschema, seschema).cardinality = '?*' |
238 peschema.subjrels['travaille'].rdef(peschema, seschema).cardinality = '?*' |
239 Personne.fetch_attrs = ('nom', 'prenom', 'travaille') |
239 Personne.fetch_attrs = ('nom', 'prenom', 'travaille') |
240 Societe.fetch_attrs = ('nom',) |
240 Societe.fetch_attrs = ('nom',) |
241 self.assertEqual(Personne.fetch_rql(user), |
241 self.assertEqual(Personne.fetch_rql(user), |
242 'Any X,AA,AB,AC,AD ORDERBY AA WHERE X is Personne, X nom AA, X prenom AB, X travaille AC?, AC nom AD') |
242 'Any X,AA,AB,AC,AD ORDERBY AA WHERE X is_instance_of Personne, X nom AA, X prenom AB, X travaille AC?, AC nom AD') |
243 # testing relation with cardinality > 1 |
243 # testing relation with cardinality > 1 |
244 peschema.subjrels['travaille'].rdef(peschema, seschema).cardinality = '**' |
244 peschema.subjrels['travaille'].rdef(peschema, seschema).cardinality = '**' |
245 self.assertEqual(Personne.fetch_rql(user), |
245 self.assertEqual(Personne.fetch_rql(user), |
246 'Any X,AA,AB ORDERBY AA WHERE X is Personne, X nom AA, X prenom AB') |
246 'Any X,AA,AB ORDERBY AA WHERE X is_instance_of Personne, X nom AA, X prenom AB') |
247 # XXX test unauthorized attribute |
247 # XXX test unauthorized attribute |
248 finally: |
248 finally: |
249 # fetch_attrs restored by generic tearDown |
249 # fetch_attrs restored by generic tearDown |
250 for cm in torestore: |
250 for cm in torestore: |
251 cm.__exit__(None, None, None) |
251 cm.__exit__(None, None, None) |
305 def test_unrelated_rql_security_1_manager(self): |
305 def test_unrelated_rql_security_1_manager(self): |
306 user = self.request().user |
306 user = self.request().user |
307 rql = user.cw_unrelated_rql('use_email', 'EmailAddress', 'subject')[0] |
307 rql = user.cw_unrelated_rql('use_email', 'EmailAddress', 'subject')[0] |
308 self.assertEqual(rql, 'Any O,AA,AB,AC ORDERBY AC DESC ' |
308 self.assertEqual(rql, 'Any O,AA,AB,AC ORDERBY AC DESC ' |
309 'WHERE NOT A use_email O, S eid %(x)s, ' |
309 'WHERE NOT A use_email O, S eid %(x)s, ' |
310 'O is EmailAddress, O address AA, O alias AB, O modification_date AC') |
310 'O is_instance_of EmailAddress, O address AA, O alias AB, O modification_date AC') |
311 |
311 |
312 def test_unrelated_rql_security_1_user(self): |
312 def test_unrelated_rql_security_1_user(self): |
313 req = self.request() |
313 req = self.request() |
314 self.create_user(req, 'toto') |
314 self.create_user(req, 'toto') |
315 self.login('toto') |
315 self.login('toto') |
316 user = req.user |
316 user = req.user |
317 rql = user.cw_unrelated_rql('use_email', 'EmailAddress', 'subject')[0] |
317 rql = user.cw_unrelated_rql('use_email', 'EmailAddress', 'subject')[0] |
318 self.assertEqual(rql, 'Any O,AA,AB,AC ORDERBY AC DESC ' |
318 self.assertEqual(rql, 'Any O,AA,AB,AC ORDERBY AC DESC ' |
319 'WHERE NOT A use_email O, S eid %(x)s, ' |
319 'WHERE NOT A use_email O, S eid %(x)s, ' |
320 'O is EmailAddress, O address AA, O alias AB, O modification_date AC') |
320 'O is_instance_of EmailAddress, O address AA, O alias AB, O modification_date AC') |
321 user = self.execute('Any X WHERE X login "admin"').get_entity(0, 0) |
321 user = self.execute('Any X WHERE X login "admin"').get_entity(0, 0) |
322 rql = user.cw_unrelated_rql('use_email', 'EmailAddress', 'subject')[0] |
322 rql = user.cw_unrelated_rql('use_email', 'EmailAddress', 'subject')[0] |
323 self.assertEqual(rql, 'Any O,AA,AB,AC ORDERBY AC DESC ' |
323 self.assertEqual(rql, 'Any O,AA,AB,AC ORDERBY AC DESC ' |
324 'WHERE NOT A use_email O, S eid %(x)s, ' |
324 'WHERE NOT A use_email O, S eid %(x)s, ' |
325 'O is EmailAddress, O address AA, O alias AB, O modification_date AC, AD eid %(AE)s, ' |
325 'O is EmailAddress, O address AA, O alias AB, O modification_date AC, AD eid %(AE)s, ' |
336 |
336 |
337 def test_unrelated_rql_security_2(self): |
337 def test_unrelated_rql_security_2(self): |
338 email = self.execute('INSERT EmailAddress X: X address "hop"').get_entity(0, 0) |
338 email = self.execute('INSERT EmailAddress X: X address "hop"').get_entity(0, 0) |
339 rql = email.cw_unrelated_rql('use_email', 'CWUser', 'object')[0] |
339 rql = email.cw_unrelated_rql('use_email', 'CWUser', 'object')[0] |
340 self.assertEqual(rql, 'Any S,AA,AB,AC,AD ORDERBY AA ' |
340 self.assertEqual(rql, 'Any S,AA,AB,AC,AD ORDERBY AA ' |
341 'WHERE NOT S use_email O, O eid %(x)s, S is CWUser, ' |
341 'WHERE NOT S use_email O, O eid %(x)s, S is_instance_of CWUser, ' |
342 'S login AA, S firstname AB, S surname AC, S modification_date AD') |
342 'S login AA, S firstname AB, S surname AC, S modification_date AD') |
343 self.login('anon') |
343 self.login('anon') |
344 rperms = self.schema['EmailAddress'].permissions['read'] |
344 rperms = self.schema['EmailAddress'].permissions['read'] |
345 clear_cache(self.schema['EmailAddress'], 'get_groups') |
345 clear_cache(self.schema['EmailAddress'], 'get_groups') |
346 clear_cache(self.schema['EmailAddress'], 'get_rqlexprs') |
346 clear_cache(self.schema['EmailAddress'], 'get_rqlexprs') |
390 perm_rrqle = RRQLExpression('U has_update_permission S') |
390 perm_rrqle = RRQLExpression('U has_update_permission S') |
391 with self.temporary_permissions((rdef, {'add': (perm_rrqle,)})): |
391 with self.temporary_permissions((rdef, {'add': (perm_rrqle,)})): |
392 person = self.vreg['etypes'].etype_class('Personne')(self.request()) |
392 person = self.vreg['etypes'].etype_class('Personne')(self.request()) |
393 rql = person.cw_unrelated_rql('connait', 'Personne', 'subject')[0] |
393 rql = person.cw_unrelated_rql('connait', 'Personne', 'subject')[0] |
394 self.assertEqual(rql, 'Any O,AA,AB,AC ORDERBY AC DESC WHERE ' |
394 self.assertEqual(rql, 'Any O,AA,AB,AC ORDERBY AC DESC WHERE ' |
395 'O is Personne, O nom AA, O prenom AB, ' |
395 'O is_instance_of Personne, O nom AA, O prenom AB, ' |
396 'O modification_date AC') |
396 'O modification_date AC') |
397 |
397 |
398 def test_unrelated_rql_constraints_edition_subject(self): |
398 def test_unrelated_rql_constraints_edition_subject(self): |
399 person = self.request().create_entity('Personne', nom=u'sylvain') |
399 person = self.request().create_entity('Personne', nom=u'sylvain') |
400 rql = person.cw_unrelated_rql('connait', 'Personne', 'subject')[0] |
400 rql = person.cw_unrelated_rql('connait', 'Personne', 'subject')[0] |
459 person = req.create_entity('Personne', nom=u'florent') |
459 person = req.create_entity('Personne', nom=u'florent') |
460 lt_infos = {('actionnaire', 'object'): [person.eid]} |
460 lt_infos = {('actionnaire', 'object'): [person.eid]} |
461 rql, args = soc.cw_unrelated_rql('dirige', 'Personne', 'object', |
461 rql, args = soc.cw_unrelated_rql('dirige', 'Personne', 'object', |
462 lt_infos=lt_infos) |
462 lt_infos=lt_infos) |
463 self.assertEqual(u'Any S ORDERBY S WHERE NOT S dirige A, ' |
463 self.assertEqual(u'Any S ORDERBY S WHERE NOT S dirige A, ' |
464 u'S is Personne, EXISTS(S eid %(S)s), ' |
464 u'S is_instance_of Personne, EXISTS(S eid %(S)s), ' |
465 u'A is Societe', rql) |
465 u'A is Societe', rql) |
466 self.assertEqual({'S': person.eid}, args) |
466 self.assertEqual({'S': person.eid}, args) |
467 |
467 |
468 def test_unrelated_rql_s_linkto_s_no_info(self): |
468 def test_unrelated_rql_s_linkto_s_no_info(self): |
469 req = self.request() |
469 req = self.request() |
470 person = self.vreg['etypes'].etype_class('Personne')(req) |
470 person = self.vreg['etypes'].etype_class('Personne')(req) |
471 self.vreg['etypes'].etype_class('Personne').fetch_attrs = () |
471 self.vreg['etypes'].etype_class('Personne').fetch_attrs = () |
472 soc = req.create_entity('Societe', nom=u'logilab') |
472 soc = req.create_entity('Societe', nom=u'logilab') |
473 rql, args = person.cw_unrelated_rql('associe', 'Personne', 'subject') |
473 rql, args = person.cw_unrelated_rql('associe', 'Personne', 'subject') |
474 self.assertEqual(u'Any O ORDERBY O WHERE O is Personne', rql) |
474 self.assertEqual(u'Any O ORDERBY O WHERE O is_instance_of Personne', rql) |
475 self.assertEqual({}, args) |
475 self.assertEqual({}, args) |
476 |
476 |
477 def test_unrelated_rql_s_linkto_s_unused_info(self): |
477 def test_unrelated_rql_s_linkto_s_unused_info(self): |
478 req = self.request() |
478 req = self.request() |
479 person = self.vreg['etypes'].etype_class('Personne')(req) |
479 person = self.vreg['etypes'].etype_class('Personne')(req) |
480 self.vreg['etypes'].etype_class('Personne').fetch_attrs = () |
480 self.vreg['etypes'].etype_class('Personne').fetch_attrs = () |
481 other_p = req.create_entity('Personne', nom=u'titi') |
481 other_p = req.create_entity('Personne', nom=u'titi') |
482 lt_infos = {('dirige', 'subject'): [other_p.eid]} |
482 lt_infos = {('dirige', 'subject'): [other_p.eid]} |
483 rql, args = person.cw_unrelated_rql('associe', 'Personne', 'subject', |
483 rql, args = person.cw_unrelated_rql('associe', 'Personne', 'subject', |
484 lt_infos=lt_infos) |
484 lt_infos=lt_infos) |
485 self.assertEqual(u'Any O ORDERBY O WHERE O is Personne', rql) |
485 self.assertEqual(u'Any O ORDERBY O WHERE O is_instance_of Personne', rql) |
486 |
486 |
487 def test_unrelated_base(self): |
487 def test_unrelated_base(self): |
488 req = self.request() |
488 req = self.request() |
489 p = req.create_entity('Personne', nom=u'di mascio', prenom=u'adrien') |
489 p = req.create_entity('Personne', nom=u'di mascio', prenom=u'adrien') |
490 e = req.create_entity('Tag', name=u'x') |
490 e = req.create_entity('Tag', name=u'x') |