cubicweb: test/unittest_req.py@1d824df4f2bd

Fix (de)serialization of ComputedRelation read permissions For normal relation types, permissions don't need to be stored since they're just default values for the relation definitions. However, computed relations are serialized (as CWComputedRType), while their relation definitions are added at schema finalization time, and are only in memory. So add the 'read_permission' relation to CWComputedRType, and the appropriate hooks to save and restore those permissions. To avoid having to touch yams, we drop the 'add' and 'delete' permissions from the default computed relation permissions; this should probably be backported there. The actual permissions (set on the relation definitions) are hardcoded in finalize_computed_relations anyway. In deserialize_schema, the CWComputedRType handling needs to be delayed a little bit, until after we've called deserialize_ertype_permissions. The rql2sql test is adjusted because CWComputedRType has a 'name' attribute and the 'read_permission' relation, which generates ambiguity vs CWEType. We add an explicit CubicWebRelationSchema.check_permission_definitions, since we need to check both that computed and non-computed rtypes are defined properly. Based on report and initial patch from Christophe de Vienne (thanks!). Closes #5706307


# copyright 2003-2014 LOGILAB S.A. (Paris, FRANCE), all rights reserved.
# contact http://www.logilab.fr/ -- mailto:contact@logilab.fr
#
# This file is part of CubicWeb.
#
# CubicWeb is free software: you can redistribute it and/or modify it under the
# terms of the GNU Lesser General Public License as published by the Free
# Software Foundation, either version 2.1 of the License, or (at your option)
# any later version.
#
# CubicWeb is distributed in the hope that it will be useful, but WITHOUT
# ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS
# FOR A PARTICULAR PURPOSE.  See the GNU Lesser General Public License for more
# details.
#
# You should have received a copy of the GNU Lesser General Public License along
# with CubicWeb.  If not, see <http://www.gnu.org/licenses/>.

from logilab.common.testlib import TestCase, unittest_main
from cubicweb import ObjectNotFound
from cubicweb.req import RequestSessionBase, FindEntityError
from cubicweb.devtools.testlib import CubicWebTC
from cubicweb import Unauthorized

class RequestTC(TestCase):
    def test_rebuild_url(self):
        rebuild_url = RequestSessionBase(None).rebuild_url
        self.assertEqual(rebuild_url('http://logilab.fr?__message=pouet', __message='hop'),
                          'http://logilab.fr?__message=hop')
        self.assertEqual(rebuild_url('http://logilab.fr', __message='hop'),
                          'http://logilab.fr?__message=hop')
        self.assertEqual(rebuild_url('http://logilab.fr?vid=index', __message='hop'),
                          'http://logilab.fr?__message=hop&vid=index')

    def test_build_url(self):
        req = RequestSessionBase(None)
        req.from_controller = lambda : 'view'
        req.relative_path = lambda includeparams=True: None
        req.base_url = lambda secure=None: 'http://testing.fr/cubicweb/'
        self.assertEqual(req.build_url(), u'http://testing.fr/cubicweb/view')
        self.assertEqual(req.build_url(None), u'http://testing.fr/cubicweb/view')
        self.assertEqual(req.build_url('one'), u'http://testing.fr/cubicweb/one')
        self.assertEqual(req.build_url(param='ok'), u'http://testing.fr/cubicweb/view?param=ok')
        self.assertRaises(AssertionError, req.build_url, 'one', 'two not allowed')
        self.assertRaises(AssertionError, req.build_url, 'view', test=None)

    def test_ensure_no_rql(self):
        req = RequestSessionBase(None)
        self.assertEqual(req.ensure_ro_rql('Any X WHERE X is CWUser'), None)
        self.assertEqual(req.ensure_ro_rql('  Any X WHERE X is CWUser  '), None)
        self.assertRaises(Unauthorized, req.ensure_ro_rql, 'SET X login "toto" WHERE X is CWUser')
        self.assertRaises(Unauthorized, req.ensure_ro_rql, '   SET X login "toto" WHERE X is CWUser   ')


class RequestCWTC(CubicWebTC):

    def test_base_url(self):
        base_url = self.config['base-url']
        with self.admin_access.repo_cnx() as session:
            self.assertEqual(session.base_url(), base_url)
            assert 'https-url' not in self.config
            self.assertEqual(session.base_url(secure=True), base_url)
            secure_base_url = base_url.replace('http', 'https')
            self.config.global_set_option('https-url', secure_base_url)
            self.assertEqual(session.base_url(secure=True), secure_base_url)

    def test_view_catch_ex(self):
        with self.admin_access.web_request() as req:
            rset = req.execute('CWUser X WHERE X login "hop"')
            self.assertEqual(req.view('oneline', rset, 'null'), '')
            self.assertRaises(ObjectNotFound, req.view, 'onelinee', rset, 'null')

    def test_find_one_entity(self):
        with self.admin_access.web_request() as req:
            req.create_entity(
                'CWUser', login=u'cdevienne', upassword=u'cdevienne',
                surname=u'de Vienne', firstname=u'Christophe',
                in_group=req.find('CWGroup', name=u'users').one())

            req.create_entity(
                'CWUser', login=u'adim', upassword='adim', surname=u'di mascio',
                firstname=u'adrien',
                in_group=req.find('CWGroup', name=u'users').one())

            u = req.find_one_entity('CWUser', login=u'cdevienne')
            self.assertEqual(u.firstname, u"Christophe")

            with self.assertRaises(FindEntityError):
                req.find_one_entity('CWUser', login=u'patanok')

            with self.assertRaises(FindEntityError):
                req.find_one_entity('CWUser')

    def test_find_entities(self):
        with self.admin_access.web_request() as req:
            req.create_entity(
                'CWUser', login=u'cdevienne', upassword=u'cdevienne',
                surname=u'de Vienne', firstname=u'Christophe',
                in_group=req.find('CWGroup', name=u'users').one())

            req.create_entity(
                'CWUser', login=u'adim', upassword='adim', surname=u'di mascio',
                firstname=u'adrien',
                in_group=req.find('CWGroup', name=u'users').one())

            l = list(req.find_entities('CWUser', login=u'cdevienne'))
            self.assertEqual(1, len(l))
            self.assertEqual(l[0].firstname, u"Christophe")

            l = list(req.find_entities('CWUser', login=u'patanok'))
            self.assertEqual(0, len(l))

            l = list(req.find_entities('CWUser'))
            self.assertEqual(4, len(l))

    def test_find(self):
        with self.admin_access.web_request() as req:
            req.create_entity(
                'CWUser', login=u'cdevienne', upassword=u'cdevienne',
                surname=u'de Vienne', firstname=u'Christophe',
                in_group=req.find('CWGroup', name=u'users').one())

            req.create_entity(
                'CWUser', login=u'adim', upassword='adim', surname=u'di mascio',
                firstname=u'adrien',
                in_group=req.find('CWGroup', name=u'users').one())

            u = req.find('CWUser', login=u'cdevienne').one()
            self.assertEqual(u.firstname, u"Christophe")

            users = list(req.find('CWUser').entities())
            self.assertEqual(len(users), 4)

            groups = list(
                req.find('CWGroup', reverse_in_group=u).entities())
            self.assertEqual(len(groups), 1)
            self.assertEqual(groups[0].name, u'users')

            users = req.find('CWUser', in_group=groups[0]).entities()
            users = list(users)
            self.assertEqual(len(users), 2)

            with self.assertRaises(AssertionError):
                req.find('CWUser', chapeau=u"melon")

            with self.assertRaises(AssertionError):
                req.find('CWUser', reverse_buddy=users[0])

            with self.assertRaises(NotImplementedError):
                req.find('CWUser', in_group=[1, 2])

if __name__ == '__main__':
    unittest_main()

author	Julien Cristau <julien.cristau@logilab.fr>
	Tue, 28 Jul 2015 09:25:26 +0200
changeset 10553	1d824df4f2bd
parent 9654	f788e5e7e6ea
permissions	-rw-r--r--