# HG changeset patch # User Sylvain Thénault # Date 1261506468 -3600 # Node ID 01638461d4b0bc7ce731750e1270f48b5db149bd # Parent 742e3eb16f81f9cd40a30b04eea39a08aa6361a4 test update. All cw tests OK diff -r 742e3eb16f81 -r 01638461d4b0 server/test/data/migration/postcreate.py --- a/server/test/data/migration/postcreate.py Tue Dec 22 19:27:26 2009 +0100 +++ b/server/test/data/migration/postcreate.py Tue Dec 22 19:27:48 2009 +0100 @@ -11,7 +11,7 @@ done = wf.add_state(u'done') wf.add_transition(u'redoit', done, todo) wf.add_transition(u'markasdone', todo, done) -checkpoint() +commit() wf = add_workflow(u'affaire workflow', 'Affaire') pitetre = wf.add_state(u'pitetre', initial=True) @@ -21,5 +21,5 @@ wf.add_transition(u'abort', pitetre, bennon) wf.add_transition(u'start', pitetre, encours) wf.add_transition(u'end', encours, finie) -checkpoint() +commit() diff -r 742e3eb16f81 -r 01638461d4b0 server/test/unittest_migractions.py --- a/server/test/unittest_migractions.py Tue Dec 22 19:27:26 2009 +0100 +++ b/server/test/unittest_migractions.py Tue Dec 22 19:27:48 2009 +0100 @@ -288,6 +288,8 @@ migrschema['Personne'].description = 'blabla bla' migrschema['titre'].description = 'usually a title' migrschema['titre'].rdefs[('Personne', 'String')].description = 'title for this person' + delete_concerne_rqlexpr = self._rrqlexpr_rset('delete', 'concerne') + add_concerne_rqlexpr = self._rrqlexpr_rset('add', 'concerne') self.mh.cmd_sync_schema_props_perms(commit=False) self.assertEquals(cursor.execute('Any D WHERE X name "Personne", X description D')[0][0], @@ -325,7 +327,7 @@ self.assertEquals(rexpr.expression, 'O require_permission P, P name "add_note", ' 'U in_group G, P require_group G') - self.assertEquals([rt.name for rt in rexpr.reverse_add_permission], ['ecrit_par']) + self.assertEquals([rdef.rtype.name for rdef in rexpr.reverse_add_permission], ['ecrit_par']) self.assertEquals(rexpr.reverse_read_permission, ()) self.assertEquals(rexpr.reverse_delete_permission, ()) # no more rqlexpr to delete and add travaille relation @@ -343,8 +345,10 @@ self.assertEquals(len(self._erqlexpr_rset('delete', 'Affaire')), 1) self.assertEquals(len(self._erqlexpr_rset('add', 'Affaire')), 1) # no change for rqlexpr to add and delete concerne relation - self.assertEquals(len(self._rrqlexpr_rset('delete', 'concerne')), 1) - self.assertEquals(len(self._rrqlexpr_rset('add', 'concerne')), 1) + for rdef in self.schema['concerne'].rdefs.values(): + print rdef, rdef.permissions + self.assertEquals(len(self._rrqlexpr_rset('delete', 'concerne')), len(delete_concerne_rqlexpr)) + self.assertEquals(len(self._rrqlexpr_rset('add', 'concerne')), len(add_concerne_rqlexpr)) # * migrschema involve: # * 8 deletion (2 in Affaire read + Societe + travaille + para rqlexprs) # * 1 update (Affaire update) @@ -365,7 +369,7 @@ self.assertEquals(len(rset), 1) return rset.get_entity(0, 0) def _rrqlexpr_rset(self, action, ertype): - rql = 'RQLExpression X WHERE ET is CWRType, ET %s_permission X, ET name %%(name)s' % action + rql = 'RQLExpression X WHERE RT is CWRType, RDEF %s_permission X, RT name %%(name)s, RDEF relation_type RT' % action return self.mh.session.execute(rql, {'name': ertype}) def _rrqlexpr_entity(self, action, ertype): rset = self._rrqlexpr_rset(action, ertype) diff -r 742e3eb16f81 -r 01638461d4b0 server/test/unittest_msplanner.py --- a/server/test/unittest_msplanner.py Tue Dec 22 19:27:26 2009 +0100 +++ b/server/test/unittest_msplanner.py Tue Dec 22 19:27:48 2009 +0100 @@ -74,16 +74,16 @@ #_QuerierTC.setUp(self) self.setup() # hijack Affaire security - affreadperms = list(self.schema['Affaire']._groups['read']) + affreadperms = list(self.schema['Affaire'].permissions['read']) self.prevrqlexpr_affaire = affreadperms[-1] # add access to type attribute so S can't be invariant affreadperms[-1] = ERQLExpression('X concerne S?, S owned_by U, S type "X"') - self.schema['Affaire']._groups['read'] = tuple(affreadperms) + self.schema['Affaire'].permissions['read'] = tuple(affreadperms) # hijack CWUser security - userreadperms = list(self.schema['CWUser']._groups['read']) + userreadperms = list(self.schema['CWUser'].permissions['read']) self.prevrqlexpr_user = userreadperms[-1] userreadperms[-1] = ERQLExpression('X owned_by U') - self.schema['CWUser']._groups['read'] = tuple(userreadperms) + self.schema['CWUser'].permissions['read'] = tuple(userreadperms) self.add_source(FakeUserROSource, 'ldap') self.add_source(FakeCardSource, 'cards') @@ -91,19 +91,24 @@ super(BaseMSPlannerTC, self).tearDown() # restore hijacked security self.restore_orig_affaire_security() - self.restore_orig_euser_security() + self.restore_orig_cwuser_security() def restore_orig_affaire_security(self): - affreadperms = list(self.schema['Affaire']._groups['read']) + affreadperms = list(self.schema['Affaire'].permissions['read']) affreadperms[-1] = self.prevrqlexpr_affaire - self.schema['Affaire']._groups['read'] = tuple(affreadperms) - clear_cache(self.schema['Affaire'], 'ERSchema_get_rqlexprs') + self.schema['Affaire'].permissions['read'] = tuple(affreadperms) + clear_cache(self.schema['Affaire'], 'get_rqlexprs') + #clear_cache(self.schema['Affaire'], 'get_groups') - def restore_orig_euser_security(self): - userreadperms = list(self.schema['CWUser']._groups['read']) + def restore_orig_cwuser_security(self): + if hasattr(self, '_orig_cwuser_security_restored'): + return + self._orig_cwuser_security_restored = True + userreadperms = list(self.schema['CWUser'].permissions['read']) userreadperms[-1] = self.prevrqlexpr_user - self.schema['CWUser']._groups['read'] = tuple(userreadperms) - clear_cache(self.schema['CWUser'], 'ERSchema_get_rqlexprs') + self.schema['CWUser'].permissions['read'] = tuple(userreadperms) + clear_cache(self.schema['CWUser'], 'get_rqlexprs') + #clear_cache(self.schema['CWUser'], 'get_groups') class PartPlanInformationTC(BaseMSPlannerTC): @@ -989,9 +994,10 @@ ]) def test_security_3sources_identity(self): - self.restore_orig_euser_security() + self.restore_orig_cwuser_security() # use a guest user self.session = self._user_session()[1] + print self.session self._test('Any X, XT WHERE X is Card, X owned_by U, X title XT, U login "syt"', [('FetchStep', [('Any X,XT WHERE X title XT, X is Card', [{'X': 'Card', 'XT': 'String'}])], @@ -1003,7 +1009,7 @@ ]) def test_security_3sources_identity_optional_var(self): - self.restore_orig_euser_security() + self.restore_orig_cwuser_security() # use a guest user self.session = self._user_session()[1] self._test('Any X,XT,U WHERE X is Card, X owned_by U?, X title XT, U login L', diff -r 742e3eb16f81 -r 01638461d4b0 server/test/unittest_repository.py --- a/server/test/unittest_repository.py Tue Dec 22 19:27:26 2009 +0100 +++ b/server/test/unittest_repository.py Tue Dec 22 19:27:48 2009 +0100 @@ -60,7 +60,7 @@ def test_schema_has_owner(self): repo = self.repo - cnxid = repo.connect(self.admlogin, self.admpassword) + cnxid = repo.connect(self.admlogin, password=self.admpassword) self.failIf(repo.execute(cnxid, 'CWEType X WHERE NOT X owned_by U')) self.failIf(repo.execute(cnxid, 'CWRType X WHERE NOT X owned_by U')) self.failIf(repo.execute(cnxid, 'CWAttribute X WHERE NOT X owned_by U')) @@ -69,17 +69,21 @@ self.failIf(repo.execute(cnxid, 'CWConstraintType X WHERE NOT X owned_by U')) def test_connect(self): - self.assert_(self.repo.connect(self.admlogin, self.admpassword)) + self.assert_(self.repo.connect(self.admlogin, password=self.admpassword)) self.assertRaises(AuthenticationError, - self.repo.connect, self.admlogin, 'nimportnawak') + self.repo.connect, self.admlogin, password='nimportnawak') + self.assertRaises(AuthenticationError, + self.repo.connect, self.admlogin, password=None) self.assertRaises(AuthenticationError, - self.repo.connect, self.admlogin, None) + self.repo.connect, None, password=None) self.assertRaises(AuthenticationError, - self.repo.connect, None, None) + self.repo.connect, self.admlogin) + self.assertRaises(AuthenticationError, + self.repo.connect, None) def test_execute(self): repo = self.repo - cnxid = repo.connect(self.admlogin, self.admpassword) + cnxid = repo.connect(self.admlogin, password=self.admpassword) repo.execute(cnxid, 'Any X') repo.execute(cnxid, 'Any X where X is Personne') repo.execute(cnxid, 'Any X where X is Personne, X nom ~= "to"') @@ -88,15 +92,15 @@ def test_login_upassword_accent(self): repo = self.repo - cnxid = repo.connect(self.admlogin, self.admpassword) + cnxid = repo.connect(self.admlogin, password=self.admpassword) repo.execute(cnxid, 'INSERT CWUser X: X login %(login)s, X upassword %(passwd)s, X in_group G WHERE G name "users"', {'login': u"barnabé", 'passwd': u"héhéhé".encode('UTF8')}) repo.commit(cnxid) repo.close(cnxid) - self.assert_(repo.connect(u"barnabé", u"héhéhé".encode('UTF8'))) + self.assert_(repo.connect(u"barnabé", password=u"héhéhé".encode('UTF8'))) def test_invalid_entity_rollback(self): - cnxid = self.repo.connect(self.admlogin, self.admpassword) + cnxid = self.repo.connect(self.admlogin, password=self.admpassword) # no group self.repo.execute(cnxid, 'INSERT CWUser X: X login %(login)s, X upassword %(passwd)s', @@ -106,7 +110,7 @@ def test_close(self): repo = self.repo - cnxid = repo.connect(self.admlogin, self.admpassword) + cnxid = repo.connect(self.admlogin, password=self.admpassword) self.assert_(cnxid) repo.close(cnxid) self.assertRaises(BadConnectionId, repo.execute, cnxid, 'Any X') @@ -117,9 +121,9 @@ def test_shared_data(self): repo = self.repo - cnxid = repo.connect(self.admlogin, self.admpassword) + cnxid = repo.connect(self.admlogin, password=self.admpassword) repo.set_shared_data(cnxid, 'data', 4) - cnxid2 = repo.connect(self.admlogin, self.admpassword) + cnxid2 = repo.connect(self.admlogin, password=self.admpassword) self.assertEquals(repo.get_shared_data(cnxid, 'data'), 4) self.assertEquals(repo.get_shared_data(cnxid2, 'data'), None) repo.set_shared_data(cnxid2, 'data', 5) @@ -137,14 +141,14 @@ def test_check_session(self): repo = self.repo - cnxid = repo.connect(self.admlogin, self.admpassword) + cnxid = repo.connect(self.admlogin, password=self.admpassword) self.assertEquals(repo.check_session(cnxid), None) repo.close(cnxid) self.assertRaises(BadConnectionId, repo.check_session, cnxid) def test_transaction_base(self): repo = self.repo - cnxid = repo.connect(self.admlogin, self.admpassword) + cnxid = repo.connect(self.admlogin, password=self.admpassword) # check db state result = repo.execute(cnxid, 'Personne X') self.assertEquals(result.rowcount, 0) @@ -163,7 +167,7 @@ def test_transaction_base2(self): repo = self.repo - cnxid = repo.connect(self.admlogin, self.admpassword) + cnxid = repo.connect(self.admlogin, password=self.admpassword) # rollback relation insertion repo.execute(cnxid, "SET U in_group G WHERE U login 'admin', G name 'guests'") result = repo.execute(cnxid, "Any U WHERE U in_group G, U login 'admin', G name 'guests'") @@ -174,7 +178,7 @@ def test_transaction_base3(self): repo = self.repo - cnxid = repo.connect(self.admlogin, self.admpassword) + cnxid = repo.connect(self.admlogin, password=self.admpassword) # rollback state change which trigger TrInfo insertion user = repo._get_session(cnxid).user user.fire_transition('deactivate') @@ -189,7 +193,7 @@ def test_close_wait_processing_request(self): repo = self.repo - cnxid = repo.connect(self.admlogin, self.admpassword) + cnxid = repo.connect(self.admlogin, password=self.admpassword) repo.execute(cnxid, 'INSERT CWUser X: X login "toto", X upassword "tutu", X in_group G WHERE G name "users"') repo.commit(cnxid) # close has to be in the thread due to sqlite limitations @@ -210,8 +214,11 @@ self.assertListEquals([r.type for r in schema.eschema('CWAttribute').ordered_relations() if not r.type in ('eid', 'is', 'is_instance_of', 'identity', 'creation_date', 'modification_date', 'cwuri', - 'owned_by', 'created_by')], - ['relation_type', 'from_entity', 'to_entity', 'in_basket', 'constrained_by', + 'owned_by', 'created_by', + 'add_permission', 'delete_permission', 'read_permission')], + ['relation_type', + 'from_entity', 'to_entity', + 'in_basket', 'constrained_by', 'cardinality', 'ordernum', 'indexed', 'fulltextindexed', 'internationalizable', 'defaultval', 'description', 'description_format']) @@ -219,7 +226,7 @@ self.assertEquals(schema.eschema('CWEType').main_attribute(), 'name') self.assertEquals(schema.eschema('State').main_attribute(), 'name') - constraints = schema.rschema('name').rproperty('CWEType', 'String', 'constraints') + constraints = schema.rschema('name').rdef('CWEType', 'String').constraints self.assertEquals(len(constraints), 2) for cstr in constraints[:]: if isinstance(cstr, UniqueConstraint): @@ -231,7 +238,7 @@ self.assertEquals(sizeconstraint.min, None) self.assertEquals(sizeconstraint.max, 64) - constraints = schema.rschema('relation_type').rproperty('CWAttribute', 'CWRType', 'constraints') + constraints = schema.rschema('relation_type').rdef('CWAttribute', 'CWRType').constraints self.assertEquals(len(constraints), 1) cstr = constraints[0] self.assert_(isinstance(cstr, RQLConstraint)) @@ -258,7 +265,7 @@ repository.pyro_unregister(self.repo.config) def _pyro_client(self, done): - cnx = connect(self.repo.config.appid, u'admin', 'gingkow') + cnx = connect(self.repo.config.appid, u'admin', password='gingkow') try: # check we can get the schema schema = cnx.get_schema() @@ -273,7 +280,7 @@ def test_internal_api(self): repo = self.repo - cnxid = repo.connect(self.admlogin, self.admpassword) + cnxid = repo.connect(self.admlogin, password=self.admpassword) session = repo._get_session(cnxid, setpool=True) self.assertEquals(repo.type_and_source_from_eid(1, session), ('CWGroup', 'system', None)) @@ -291,7 +298,7 @@ def test_session_api(self): repo = self.repo - cnxid = repo.connect(self.admlogin, self.admpassword) + cnxid = repo.connect(self.admlogin, password=self.admpassword) self.assertEquals(repo.user_info(cnxid), (5, 'admin', set([u'managers']), {})) self.assertEquals(repo.describe(cnxid, 1), (u'CWGroup', u'system', None)) repo.close(cnxid) @@ -300,7 +307,7 @@ def test_shared_data_api(self): repo = self.repo - cnxid = repo.connect(self.admlogin, self.admpassword) + cnxid = repo.connect(self.admlogin, password=self.admpassword) self.assertEquals(repo.get_shared_data(cnxid, 'data'), None) repo.set_shared_data(cnxid, 'data', 4) self.assertEquals(repo.get_shared_data(cnxid, 'data'), 4) @@ -326,14 +333,14 @@ # print 'test time: %.3f (time) %.3f (cpu)' % ((time() - t), clock() - c) def test_delete_if_singlecard1(self): - note = self.add_entity('Affaire') - p1 = self.add_entity('Personne', nom=u'toto') + note = self.request().create_entity('Affaire') + p1 = self.request().create_entity('Personne', nom=u'toto') self.execute('SET A todo_by P WHERE A eid %(x)s, P eid %(p)s', {'x': note.eid, 'p': p1.eid}) rset = self.execute('Any P WHERE A todo_by P, A eid %(x)s', {'x': note.eid}) self.assertEquals(len(rset), 1) - p2 = self.add_entity('Personne', nom=u'tutu') + p2 = self.request().create_entity('Personne', nom=u'tutu') self.execute('SET A todo_by P WHERE A eid %(x)s, P eid %(p)s', {'x': note.eid, 'p': p2.eid}) rset = self.execute('Any P WHERE A todo_by P, A eid %(x)s', @@ -419,7 +426,7 @@ def test_composite_entity(self): assert self.schema.rschema('use_email').fulltext_container == 'subject' - eid = self.add_entity('EmailAddress', address=u'toto@logilab.fr').eid + eid = self.request().create_entity('EmailAddress', address=u'toto@logilab.fr').eid self.commit() rset = self.execute('Any X WHERE X has_text %(t)s', {'t': 'toto'}) self.assertEquals(rset.rows, [[eid]]) @@ -431,7 +438,7 @@ self.commit() rset = self.execute('Any X WHERE X has_text %(t)s', {'t': 'toto'}) self.assertEquals(rset.rows, []) - eid = self.add_entity('EmailAddress', address=u'tutu@logilab.fr').eid + eid = self.request().create_entity('EmailAddress', address=u'tutu@logilab.fr').eid self.execute('SET X use_email Y WHERE X login "admin", Y eid %(y)s', {'y': eid}) self.commit() rset = self.execute('Any X WHERE X has_text %(t)s', {'t': 'tutu'}) diff -r 742e3eb16f81 -r 01638461d4b0 server/test/unittest_rql2sql.py --- a/server/test/unittest_rql2sql.py Tue Dec 22 19:27:26 2009 +0100 +++ b/server/test/unittest_rql2sql.py Tue Dec 22 19:27:48 2009 +0100 @@ -359,10 +359,6 @@ ('DISTINCT Any X,Y WHERE X name "CWGroup", Y eid IN(1, 2, 3), EXISTS(X read_permission Y)', '''SELECT DISTINCT _X.cw_eid, rel_read_permission0.eid_to FROM cw_CWEType AS _X, read_permission_relation AS rel_read_permission0 -WHERE _X.cw_name=CWGroup AND rel_read_permission0.eid_to IN(1, 2, 3) AND EXISTS(SELECT 1 WHERE rel_read_permission0.eid_from=_X.cw_eid) -UNION -SELECT DISTINCT _X.cw_eid, rel_read_permission0.eid_to -FROM cw_CWRType AS _X, read_permission_relation AS rel_read_permission0 WHERE _X.cw_name=CWGroup AND rel_read_permission0.eid_to IN(1, 2, 3) AND EXISTS(SELECT 1 WHERE rel_read_permission0.eid_from=_X.cw_eid)'''), # no distinct, Y can't be invariant @@ -373,14 +369,6 @@ UNION ALL SELECT _X.cw_eid, _Y.cw_eid FROM cw_CWEType AS _X, cw_RQLExpression AS _Y -WHERE _X.cw_name=CWGroup AND _Y.cw_eid IN(1, 2, 3) AND EXISTS(SELECT 1 FROM read_permission_relation AS rel_read_permission0 WHERE rel_read_permission0.eid_from=_X.cw_eid AND rel_read_permission0.eid_to=_Y.cw_eid) -UNION ALL -SELECT _X.cw_eid, _Y.cw_eid -FROM cw_CWGroup AS _Y, cw_CWRType AS _X -WHERE _X.cw_name=CWGroup AND _Y.cw_eid IN(1, 2, 3) AND EXISTS(SELECT 1 FROM read_permission_relation AS rel_read_permission0 WHERE rel_read_permission0.eid_from=_X.cw_eid AND rel_read_permission0.eid_to=_Y.cw_eid) -UNION ALL -SELECT _X.cw_eid, _Y.cw_eid -FROM cw_CWRType AS _X, cw_RQLExpression AS _Y WHERE _X.cw_name=CWGroup AND _Y.cw_eid IN(1, 2, 3) AND EXISTS(SELECT 1 FROM read_permission_relation AS rel_read_permission0 WHERE rel_read_permission0.eid_from=_X.cw_eid AND rel_read_permission0.eid_to=_Y.cw_eid)'''), # DISTINCT but NEGED exists, can't be invariant @@ -391,14 +379,6 @@ UNION SELECT DISTINCT _X.cw_eid, _Y.cw_eid FROM cw_CWEType AS _X, cw_RQLExpression AS _Y -WHERE _X.cw_name=CWGroup AND _Y.cw_eid IN(1, 2, 3) AND NOT EXISTS(SELECT 1 FROM read_permission_relation AS rel_read_permission0 WHERE rel_read_permission0.eid_from=_X.cw_eid AND rel_read_permission0.eid_to=_Y.cw_eid) -UNION -SELECT DISTINCT _X.cw_eid, _Y.cw_eid -FROM cw_CWGroup AS _Y, cw_CWRType AS _X -WHERE _X.cw_name=CWGroup AND _Y.cw_eid IN(1, 2, 3) AND NOT EXISTS(SELECT 1 FROM read_permission_relation AS rel_read_permission0 WHERE rel_read_permission0.eid_from=_X.cw_eid AND rel_read_permission0.eid_to=_Y.cw_eid) -UNION -SELECT DISTINCT _X.cw_eid, _Y.cw_eid -FROM cw_CWRType AS _X, cw_RQLExpression AS _Y WHERE _X.cw_name=CWGroup AND _Y.cw_eid IN(1, 2, 3) AND NOT EXISTS(SELECT 1 FROM read_permission_relation AS rel_read_permission0 WHERE rel_read_permission0.eid_from=_X.cw_eid AND rel_read_permission0.eid_to=_Y.cw_eid)'''), # should generate the same query as above @@ -409,14 +389,6 @@ UNION SELECT DISTINCT _X.cw_eid, _Y.cw_eid FROM cw_CWEType AS _X, cw_RQLExpression AS _Y -WHERE _X.cw_name=CWGroup AND _Y.cw_eid IN(1, 2, 3) AND NOT EXISTS(SELECT 1 FROM read_permission_relation AS rel_read_permission0 WHERE rel_read_permission0.eid_from=_X.cw_eid AND rel_read_permission0.eid_to=_Y.cw_eid) -UNION -SELECT DISTINCT _X.cw_eid, _Y.cw_eid -FROM cw_CWGroup AS _Y, cw_CWRType AS _X -WHERE _X.cw_name=CWGroup AND _Y.cw_eid IN(1, 2, 3) AND NOT EXISTS(SELECT 1 FROM read_permission_relation AS rel_read_permission0 WHERE rel_read_permission0.eid_from=_X.cw_eid AND rel_read_permission0.eid_to=_Y.cw_eid) -UNION -SELECT DISTINCT _X.cw_eid, _Y.cw_eid -FROM cw_CWRType AS _X, cw_RQLExpression AS _Y WHERE _X.cw_name=CWGroup AND _Y.cw_eid IN(1, 2, 3) AND NOT EXISTS(SELECT 1 FROM read_permission_relation AS rel_read_permission0 WHERE rel_read_permission0.eid_from=_X.cw_eid AND rel_read_permission0.eid_to=_Y.cw_eid)'''), # neged relation, can't be inveriant @@ -427,14 +399,6 @@ UNION ALL SELECT _X.cw_eid, _Y.cw_eid FROM cw_CWEType AS _X, cw_RQLExpression AS _Y -WHERE _X.cw_name=CWGroup AND _Y.cw_eid IN(1, 2, 3) AND NOT EXISTS(SELECT 1 FROM read_permission_relation AS rel_read_permission0 WHERE rel_read_permission0.eid_from=_X.cw_eid AND rel_read_permission0.eid_to=_Y.cw_eid) -UNION ALL -SELECT _X.cw_eid, _Y.cw_eid -FROM cw_CWGroup AS _Y, cw_CWRType AS _X -WHERE _X.cw_name=CWGroup AND _Y.cw_eid IN(1, 2, 3) AND NOT EXISTS(SELECT 1 FROM read_permission_relation AS rel_read_permission0 WHERE rel_read_permission0.eid_from=_X.cw_eid AND rel_read_permission0.eid_to=_Y.cw_eid) -UNION ALL -SELECT _X.cw_eid, _Y.cw_eid -FROM cw_CWRType AS _X, cw_RQLExpression AS _Y WHERE _X.cw_name=CWGroup AND _Y.cw_eid IN(1, 2, 3) AND NOT EXISTS(SELECT 1 FROM read_permission_relation AS rel_read_permission0 WHERE rel_read_permission0.eid_from=_X.cw_eid AND rel_read_permission0.eid_to=_Y.cw_eid)'''), ('Any MAX(X)+MIN(X), N GROUPBY N WHERE X name N, X is IN (Basket, Folder, Tag);', diff -r 742e3eb16f81 -r 01638461d4b0 server/test/unittest_rqlannotation.py --- a/server/test/unittest_rqlannotation.py Tue Dec 22 19:27:26 2009 +0100 +++ b/server/test/unittest_rqlannotation.py Tue Dec 22 19:27:48 2009 +0100 @@ -268,11 +268,11 @@ def test_or_exists_1(self): # query generated by security rewriting rqlst = self._prepare('DISTINCT Any A,S WHERE A is Affaire, S nom "chouette", S is IN(Division, Societe, SubDivision),' - '(EXISTS(A owned_by %(D)s)) ' - 'OR ((((EXISTS(E concerne C?, C owned_by %(D)s, A identity E, C is Note, E is Affaire)) ' - 'OR (EXISTS(I concerne H?, H owned_by %(D)s, H is Societe, A identity I, I is Affaire))) ' - 'OR (EXISTS(J concerne G?, G owned_by %(D)s, G is SubDivision, A identity J, J is Affaire))) ' - 'OR (EXISTS(K concerne F?, F owned_by %(D)s, F is Division, A identity K, K is Affaire)))') + '(EXISTS(A owned_by D)) ' + 'OR ((((EXISTS(E concerne C?, C owned_by D, A identity E, C is Note, E is Affaire)) ' + 'OR (EXISTS(I concerne H?, H owned_by D, H is Societe, A identity I, I is Affaire))) ' + 'OR (EXISTS(J concerne G?, G owned_by D, G is SubDivision, A identity J, J is Affaire))) ' + 'OR (EXISTS(K concerne F?, F owned_by D, F is Division, A identity K, K is Affaire)))') self.assertEquals(rqlst.defined_vars['A']._q_invariant, False) self.assertEquals(rqlst.defined_vars['S']._q_invariant, False) @@ -285,11 +285,11 @@ def test_or_exists_3(self): rqlst = self._prepare('Any COUNT(S),CS GROUPBY CS ORDERBY 1 DESC LIMIT 10 ' 'WHERE C is Societe, S concerne C, C nom CS, ' - '(EXISTS(S owned_by 1)) OR (EXISTS(S documented_by N, N title "published"))') + '(EXISTS(S owned_by D)) OR (EXISTS(S documented_by N, N title "published"))') self.assertEquals(rqlst.defined_vars['S']._q_invariant, True) rqlst = self._prepare('Any COUNT(S),CS GROUPBY CS ORDERBY 1 DESC LIMIT 10 ' 'WHERE S is Affaire, C is Societe, S concerne C, C nom CS, ' - '(EXISTS(S owned_by 1)) OR (EXISTS(S documented_by N, N title "published"))') + '(EXISTS(S owned_by D)) OR (EXISTS(S documented_by N, N title "published"))') self.assertEquals(rqlst.defined_vars['S']._q_invariant, True) def test_nonregr_ambiguity(self): diff -r 742e3eb16f81 -r 01638461d4b0 server/test/unittest_schemaserial.py --- a/server/test/unittest_schemaserial.py Tue Dec 22 19:27:26 2009 +0100 +++ b/server/test/unittest_schemaserial.py Tue Dec 22 19:27:48 2009 +0100 @@ -16,6 +16,7 @@ schema = loader.load(config) from cubicweb.server.schemaserial import * +from cubicweb.server.schemaserial import _erperms2rql as erperms2rql class Schema2RQLTC(TestCase): @@ -53,15 +54,15 @@ ('INSERT CWRelation X: X cardinality %(cardinality)s,X composite %(composite)s,X description %(description)s,X ordernum %(ordernum)s,X relation_type ER,X from_entity SE,X to_entity OE WHERE SE name %(se)s,ER name %(rt)s,OE name %(oe)s', {'rt': 'relation_type', 'description': u'', 'composite': u'object', 'oe': 'CWRType', + 'ordernum': 1, 'cardinality': u'1*', 'se': 'CWAttribute'}), + ('INSERT CWConstraint X: X value %(value)s, X cstrtype CT, EDEF constrained_by X WHERE CT name %(ctname)s, EDEF relation_type ER, EDEF from_entity SE, EDEF to_entity OE, ER name %(rt)s, SE name %(se)s, OE name %(oe)s, EDEF is CWRelation', + {'rt': 'relation_type', 'oe': 'CWRType', 'ctname': u'RQLConstraint', 'se': 'CWAttribute', 'value': u';O;O final TRUE\n'}), + + ('INSERT CWRelation X: X cardinality %(cardinality)s,X composite %(composite)s,X description %(description)s,X ordernum %(ordernum)s,X relation_type ER,X from_entity SE,X to_entity OE WHERE SE name %(se)s,ER name %(rt)s,OE name %(oe)s', + {'rt': 'relation_type', 'description': u'', 'composite': u'object', 'oe': 'CWRType', 'ordernum': 1, 'cardinality': u'1*', 'se': 'CWRelation'}), ('INSERT CWConstraint X: X value %(value)s, X cstrtype CT, EDEF constrained_by X WHERE CT name %(ctname)s, EDEF relation_type ER, EDEF from_entity SE, EDEF to_entity OE, ER name %(rt)s, SE name %(se)s, OE name %(oe)s, EDEF is CWRelation', {'rt': 'relation_type', 'oe': 'CWRType', 'ctname': u'RQLConstraint', 'se': 'CWRelation', 'value': u';O;O final FALSE\n'}), - - ('INSERT CWRelation X: X cardinality %(cardinality)s,X composite %(composite)s,X description %(description)s,X ordernum %(ordernum)s,X relation_type ER,X from_entity SE,X to_entity OE WHERE SE name %(se)s,ER name %(rt)s,OE name %(oe)s', - {'rt': 'relation_type', 'description': u'', 'composite': u'object', 'oe': 'CWRType', - 'ordernum': 1, 'cardinality': u'1*', 'se': 'CWAttribute'}), - ('INSERT CWConstraint X: X value %(value)s, X cstrtype CT, EDEF constrained_by X WHERE CT name %(ctname)s, EDEF relation_type ER, EDEF from_entity SE, EDEF to_entity OE, ER name %(rt)s, SE name %(se)s, OE name %(oe)s, EDEF is CWRelation', - {'rt': 'relation_type', 'oe': 'CWRType', 'ctname': u'RQLConstraint', 'se': 'CWAttribute', 'value': u';O;O final TRUE\n'}), ]) def test_rschema2rql2(self): @@ -70,14 +71,19 @@ ('INSERT CWRType X: X description %(description)s,X final %(final)s,X fulltext_container %(fulltext_container)s,X inlined %(inlined)s,X name %(name)s,X symetric %(symetric)s', {'description': u'core relation giving to a group the permission to add an entity or relation type', 'symetric': False, 'name': u'add_permission', 'final': False, 'fulltext_container': None, 'inlined': False}), ('INSERT CWRelation X: X cardinality %(cardinality)s,X composite %(composite)s,X description %(description)s,X ordernum %(ordernum)s,X relation_type ER,X from_entity SE,X to_entity OE WHERE SE name %(se)s,ER name %(rt)s,OE name %(oe)s', + {'rt': 'add_permission', 'description': u'groups allowed to add entities/relations of this type', 'composite': None, 'oe': 'CWGroup', 'ordernum': 3, 'cardinality': u'**', 'se': 'CWAttribute'}), + ('INSERT CWRelation X: X cardinality %(cardinality)s,X composite %(composite)s,X description %(description)s,X ordernum %(ordernum)s,X relation_type ER,X from_entity SE,X to_entity OE WHERE SE name %(se)s,ER name %(rt)s,OE name %(oe)s', + {'rt': 'add_permission', 'description': u'rql expression allowing to add entities/relations of this type', 'composite': 'subject', 'oe': 'RQLExpression', 'ordernum': 5, 'cardinality': u'*?', 'se': 'CWAttribute'}), + + ('INSERT CWRelation X: X cardinality %(cardinality)s,X composite %(composite)s,X description %(description)s,X ordernum %(ordernum)s,X relation_type ER,X from_entity SE,X to_entity OE WHERE SE name %(se)s,ER name %(rt)s,OE name %(oe)s', {'rt': 'add_permission', 'description': u'groups allowed to add entities/relations of this type', 'composite': None, 'oe': 'CWGroup', 'ordernum': 3, 'cardinality': u'**', 'se': 'CWEType'}), ('INSERT CWRelation X: X cardinality %(cardinality)s,X composite %(composite)s,X description %(description)s,X ordernum %(ordernum)s,X relation_type ER,X from_entity SE,X to_entity OE WHERE SE name %(se)s,ER name %(rt)s,OE name %(oe)s', - {'rt': 'add_permission', 'description': u'groups allowed to add entities/relations of this type', 'composite': None, 'oe': 'CWGroup', 'ordernum': 3, 'cardinality': u'**', 'se': 'CWRType'}), + {'rt': 'add_permission', 'description': u'rql expression allowing to add entities/relations of this type', 'composite': 'subject', 'oe': 'RQLExpression', 'ordernum': 5, 'cardinality': u'*?', 'se': 'CWEType'}), ('INSERT CWRelation X: X cardinality %(cardinality)s,X composite %(composite)s,X description %(description)s,X ordernum %(ordernum)s,X relation_type ER,X from_entity SE,X to_entity OE WHERE SE name %(se)s,ER name %(rt)s,OE name %(oe)s', - {'rt': 'add_permission', 'description': u'rql expression allowing to add entities/relations of this type', 'composite': 'subject', 'oe': 'RQLExpression', 'ordernum': 5, 'cardinality': u'*?', 'se': 'CWEType'}), + {'rt': 'add_permission', 'description': u'groups allowed to add entities/relations of this type', 'composite': None, 'oe': 'CWGroup', 'ordernum': 3, 'cardinality': u'**', 'se': 'CWRelation'}), ('INSERT CWRelation X: X cardinality %(cardinality)s,X composite %(composite)s,X description %(description)s,X ordernum %(ordernum)s,X relation_type ER,X from_entity SE,X to_entity OE WHERE SE name %(se)s,ER name %(rt)s,OE name %(oe)s', - {'rt': 'add_permission', 'description': u'rql expression allowing to add entities/relations of this type', 'composite': 'subject', 'oe': 'RQLExpression', 'ordernum': 5, 'cardinality': u'*?', 'se': 'CWRType'}), + {'rt': 'add_permission', 'description': u'rql expression allowing to add entities/relations of this type', 'composite': 'subject', 'oe': 'RQLExpression', 'ordernum': 5, 'cardinality': u'*?', 'se': 'CWRelation'}), ]) def test_rschema2rql3(self): @@ -87,18 +93,18 @@ {'description': u'', 'symetric': False, 'name': u'cardinality', 'final': True, 'fulltext_container': None, 'inlined': False}), ('INSERT CWAttribute X: X cardinality %(cardinality)s,X defaultval %(defaultval)s,X description %(description)s,X fulltextindexed %(fulltextindexed)s,X indexed %(indexed)s,X internationalizable %(internationalizable)s,X ordernum %(ordernum)s,X relation_type ER,X from_entity SE,X to_entity OE WHERE SE name %(se)s,ER name %(rt)s,OE name %(oe)s', + {'rt': 'cardinality', 'description': u'subject/object cardinality', 'internationalizable': True, 'fulltextindexed': False, 'ordernum': 5, 'defaultval': None, 'indexed': False, 'cardinality': u'?1', 'oe': 'String', 'se': 'CWAttribute'}), + ('INSERT CWConstraint X: X value %(value)s, X cstrtype CT, EDEF constrained_by X WHERE CT name %(ctname)s, EDEF relation_type ER, EDEF from_entity SE, EDEF to_entity OE, ER name %(rt)s, SE name %(se)s, OE name %(oe)s, EDEF is CWAttribute', + {'rt': 'cardinality', 'oe': 'String', 'ctname': u'SizeConstraint', 'se': 'CWAttribute', 'value': u'max=2'}), + ('INSERT CWConstraint X: X value %(value)s, X cstrtype CT, EDEF constrained_by X WHERE CT name %(ctname)s, EDEF relation_type ER, EDEF from_entity SE, EDEF to_entity OE, ER name %(rt)s, SE name %(se)s, OE name %(oe)s, EDEF is CWAttribute', + {'rt': 'cardinality', 'oe': 'String', 'ctname': u'StaticVocabularyConstraint', 'se': 'CWAttribute', 'value': u"u'?1', u'11'"}), + + ('INSERT CWAttribute X: X cardinality %(cardinality)s,X defaultval %(defaultval)s,X description %(description)s,X fulltextindexed %(fulltextindexed)s,X indexed %(indexed)s,X internationalizable %(internationalizable)s,X ordernum %(ordernum)s,X relation_type ER,X from_entity SE,X to_entity OE WHERE SE name %(se)s,ER name %(rt)s,OE name %(oe)s', {'rt': 'cardinality', 'description': u'subject/object cardinality', 'internationalizable': True, 'fulltextindexed': False, 'ordernum': 5, 'defaultval': None, 'indexed': False, 'cardinality': u'?1', 'oe': 'String', 'se': 'CWRelation'}), ('INSERT CWConstraint X: X value %(value)s, X cstrtype CT, EDEF constrained_by X WHERE CT name %(ctname)s, EDEF relation_type ER, EDEF from_entity SE, EDEF to_entity OE, ER name %(rt)s, SE name %(se)s, OE name %(oe)s, EDEF is CWAttribute', {'rt': 'cardinality', 'oe': 'String', 'ctname': u'SizeConstraint', 'se': 'CWRelation', 'value': u'max=2'}), ('INSERT CWConstraint X: X value %(value)s, X cstrtype CT, EDEF constrained_by X WHERE CT name %(ctname)s, EDEF relation_type ER, EDEF from_entity SE, EDEF to_entity OE, ER name %(rt)s, SE name %(se)s, OE name %(oe)s, EDEF is CWAttribute', {'rt': 'cardinality', 'oe': 'String', 'ctname': u'StaticVocabularyConstraint', 'se': 'CWRelation', 'value': u"u'?*', u'1*', u'+*', u'**', u'?+', u'1+', u'++', u'*+', u'?1', u'11', u'+1', u'*1', u'??', u'1?', u'+?', u'*?'"}), - - ('INSERT CWAttribute X: X cardinality %(cardinality)s,X defaultval %(defaultval)s,X description %(description)s,X fulltextindexed %(fulltextindexed)s,X indexed %(indexed)s,X internationalizable %(internationalizable)s,X ordernum %(ordernum)s,X relation_type ER,X from_entity SE,X to_entity OE WHERE SE name %(se)s,ER name %(rt)s,OE name %(oe)s', - {'rt': 'cardinality', 'description': u'subject/object cardinality', 'internationalizable': True, 'fulltextindexed': False, 'ordernum': 5, 'defaultval': None, 'indexed': False, 'cardinality': u'?1', 'oe': 'String', 'se': 'CWAttribute'}), - ('INSERT CWConstraint X: X value %(value)s, X cstrtype CT, EDEF constrained_by X WHERE CT name %(ctname)s, EDEF relation_type ER, EDEF from_entity SE, EDEF to_entity OE, ER name %(rt)s, SE name %(se)s, OE name %(oe)s, EDEF is CWAttribute', - {'rt': 'cardinality', 'oe': 'String', 'ctname': u'SizeConstraint', 'se': 'CWAttribute', 'value': u'max=2'}), - ('INSERT CWConstraint X: X value %(value)s, X cstrtype CT, EDEF constrained_by X WHERE CT name %(ctname)s, EDEF relation_type ER, EDEF from_entity SE, EDEF to_entity OE, ER name %(rt)s, SE name %(se)s, OE name %(oe)s, EDEF is CWAttribute', - {'rt': 'cardinality', 'oe': 'String', 'ctname': u'StaticVocabularyConstraint', 'se': 'CWAttribute', 'value': u"u'?1', u'11'"}), ]) @@ -142,36 +148,34 @@ } def test_eperms2rql1(self): - self.assertListEquals([rql for rql, kwargs in erperms2rql(schema.eschema('CWEType'), self.GROUP_MAPPING)], - ['SET X read_permission Y WHERE X is CWEType, X name %(name)s, Y eid %(g)s', - 'SET X read_permission Y WHERE X is CWEType, X name %(name)s, Y eid %(g)s', - 'SET X read_permission Y WHERE X is CWEType, X name %(name)s, Y eid %(g)s', - 'SET X add_permission Y WHERE X is CWEType, X name %(name)s, Y eid %(g)s', - 'SET X update_permission Y WHERE X is CWEType, X name %(name)s, Y eid %(g)s', - 'SET X update_permission Y WHERE X is CWEType, X name %(name)s, Y eid %(g)s', - 'SET X delete_permission Y WHERE X is CWEType, X name %(name)s, Y eid %(g)s', + self.assertListEquals([(rql, kwargs) for rql, kwargs in erperms2rql(schema.eschema('CWEType'), self.GROUP_MAPPING)], + [('SET X read_permission Y WHERE Y eid %(g)s, ', {'g': 0}), + ('SET X read_permission Y WHERE Y eid %(g)s, ', {'g': 1}), + ('SET X read_permission Y WHERE Y eid %(g)s, ', {'g': 2}), + ('SET X add_permission Y WHERE Y eid %(g)s, ', {'g': 0}), + ('SET X update_permission Y WHERE Y eid %(g)s, ', {'g': 0}), + ('SET X update_permission Y WHERE Y eid %(g)s, ', {'g': 3}), + ('SET X delete_permission Y WHERE Y eid %(g)s, ', {'g': 0}), ]) def test_rperms2rql2(self): - self.assertListEquals([rql for rql, kwargs in erperms2rql(schema.rschema('read_permission'), self.GROUP_MAPPING)], - ['SET X read_permission Y WHERE X is CWRType, X name %(name)s, Y eid %(g)s', - 'SET X read_permission Y WHERE X is CWRType, X name %(name)s, Y eid %(g)s', - 'SET X read_permission Y WHERE X is CWRType, X name %(name)s, Y eid %(g)s', - 'SET X add_permission Y WHERE X is CWRType, X name %(name)s, Y eid %(g)s', - 'SET X delete_permission Y WHERE X is CWRType, X name %(name)s, Y eid %(g)s', + self.assertListEquals([(rql, kwargs) for rql, kwargs in erperms2rql(schema.rschema('read_permission').rdef('CWEType', 'CWGroup'), self.GROUP_MAPPING)], + [('SET X read_permission Y WHERE Y eid %(g)s, ', {'g': 0}), + ('SET X read_permission Y WHERE Y eid %(g)s, ', {'g': 1}), + ('SET X read_permission Y WHERE Y eid %(g)s, ', {'g': 2}), + ('SET X add_permission Y WHERE Y eid %(g)s, ', {'g': 0}), + ('SET X delete_permission Y WHERE Y eid %(g)s, ', {'g': 0}), ]) def test_rperms2rql3(self): - self.assertListEquals([rql for rql, kwargs in erperms2rql(schema.rschema('name'), self.GROUP_MAPPING)], - ['SET X read_permission Y WHERE X is CWRType, X name %(name)s, Y eid %(g)s', - 'SET X read_permission Y WHERE X is CWRType, X name %(name)s, Y eid %(g)s', - 'SET X read_permission Y WHERE X is CWRType, X name %(name)s, Y eid %(g)s', - 'SET X add_permission Y WHERE X is CWRType, X name %(name)s, Y eid %(g)s', - 'SET X add_permission Y WHERE X is CWRType, X name %(name)s, Y eid %(g)s', - 'SET X add_permission Y WHERE X is CWRType, X name %(name)s, Y eid %(g)s', - 'SET X delete_permission Y WHERE X is CWRType, X name %(name)s, Y eid %(g)s', - 'SET X delete_permission Y WHERE X is CWRType, X name %(name)s, Y eid %(g)s', - 'SET X delete_permission Y WHERE X is CWRType, X name %(name)s, Y eid %(g)s', + self.assertListEquals([(rql, kwargs) for rql, kwargs in erperms2rql(schema.rschema('name').rdef('CWEType', 'String'), self.GROUP_MAPPING)], + [('SET X read_permission Y WHERE Y eid %(g)s, ', {'g': 0}), + ('SET X read_permission Y WHERE Y eid %(g)s, ', {'g': 1}), + ('SET X read_permission Y WHERE Y eid %(g)s, ', {'g': 2}), + ('SET X add_permission Y WHERE Y eid %(g)s, ', {'g': 0}), + ('SET X add_permission Y WHERE Y eid %(g)s, ', {'g': 1}), + ('SET X delete_permission Y WHERE Y eid %(g)s, ', {'g': 0}), + ('SET X delete_permission Y WHERE Y eid %(g)s, ', {'g': 1}), ]) #def test_perms2rql(self): diff -r 742e3eb16f81 -r 01638461d4b0 server/test/unittest_security.py --- a/server/test/unittest_security.py Tue Dec 22 19:27:26 2009 +0100 +++ b/server/test/unittest_security.py Tue Dec 22 19:27:48 2009 +0100 @@ -217,7 +217,7 @@ {'x': ueid, 'passwd': 'newpwd'}, 'x') cnx.commit() cnx.close() - cnx = self.login('user', 'newpwd') + cnx = self.login('user', password='newpwd') def test_user_cant_change_other_upassword(self): ueid = self.create_user('otheruser').eid