sobjects/test/unittest_email.py
author Sylvain Thénault <sylvain.thenault@logilab.fr>
Tue, 23 Feb 2010 20:23:46 +0100
branchstable
changeset 4673 6f8b925a29f4
parent 4252 6c4f109c2b03
child 5421 8167de96c523
permissions -rw-r--r--
auto-delete relation with single cardinality using execute, not unsafe_execute, so permissions are correctly checked

"""

:organization: Logilab
:copyright: 2001-2010 LOGILAB S.A. (Paris, FRANCE), license is LGPL v2.
:contact: http://www.logilab.fr/ -- mailto:contact@logilab.fr
:license: GNU Lesser General Public License, v2.1 - http://www.gnu.org/licenses
"""

from cubicweb import Unauthorized
from cubicweb.devtools.testlib import CubicWebTC

class EmailAddressHooksTC(CubicWebTC):

    def test_use_email_set_primary_email(self):
        self.execute('INSERT EmailAddress X: X address "admin@logilab.fr", U use_email X WHERE U login "admin"')
        self.assertEquals(self.execute('Any A WHERE U primary_email X, U login "admin", X address A').rows,
                          [])
        self.commit()
        self.assertEquals(self.execute('Any A WHERE U primary_email X, U login "admin", X address A')[0][0],
                          'admin@logilab.fr')
        # having another email should'nt change anything
        self.execute('INSERT EmailAddress X: X address "a@logilab.fr", U use_email X WHERE U login "admin"')
        self.commit()
        self.assertEquals(self.execute('Any A WHERE U primary_email X, U login "admin", X address A')[0][0],
                          'admin@logilab.fr')

    def test_primary_email_set_use_email(self):
        self.execute('INSERT EmailAddress X: X address "admin@logilab.fr", U primary_email X WHERE U login "admin"')
        self.assertEquals(self.execute('Any A WHERE U use_email X, U login "admin", X address A').rows,
                          [])
        self.commit()
        self.assertEquals(self.execute('Any A WHERE U use_email X, U login "admin", X address A')[0][0],
                          'admin@logilab.fr')

    def test_cardinality_check(self):
        email1 = self.execute('INSERT EmailAddress E: E address "client@client.com", U use_email E WHERE U login "admin"')[0][0]
        self.commit()
        self.execute('SET U primary_email E WHERE U login "anon", E address "client@client.com"')
        self.commit()
        rset = self.execute('Any X WHERE X use_email E, E eid %(e)s', {'e': email1})
        self.failIf(rset.rowcount != 1, rset)

    def test_security_check(self):
        self.create_user('toto')
        email1 = self.execute('INSERT EmailAddress E: E address "client@client.com", U use_email E WHERE U login "admin"')[0][0]
        self.commit()
        cnx = self.login('toto')
        cu = cnx.cursor()
        self.assertRaises(Unauthorized,
                          cu.execute, 'SET U primary_email E WHERE E eid %(e)s, U login "toto"',
                          {'e': email1})
        cnx.close()

if __name__ == '__main__':
    from logilab.common.testlib import unittest_main
    unittest_main()