# HG changeset patch # User Sylvain Thénault # Date 1299833229 -3600 # Node ID 4751d77394b17c815881e40be862112e685a40ac # Parent 4ce9e536dd66a310aae6e21aa7e3a13843c63d8d# Parent 5f8e52d722c58cf7788352a8201f69d9e5ccf847 default (3.11.X) is now stable diff -r 5f8e52d722c5 -r 4751d77394b1 devtools/__init__.py --- a/devtools/__init__.py Thu Mar 10 12:04:46 2011 +0100 +++ b/devtools/__init__.py Fri Mar 11 09:47:09 2011 +0100 @@ -85,13 +85,6 @@ read_instance_schema = False init_repository = True db_require_setup = True - options = cwconfig.merge_options( - ServerConfiguration.options + - tuple((opt, optdict) for opt, optdict in TwistedConfiguration.options - if opt in ('anonymous-user', 'anonymous-password'))) - # By default anonymous login are allow but some test need to deny of to - # change the default user. Set it to None to prevent anonymous login. - anonymous_credential = ('anon', 'anon') def __init__(self, appid='data', apphome=None, log_threshold=logging.CRITICAL+10): # must be set before calling parent __init__ @@ -106,7 +99,20 @@ # need this, usually triggered by cubicweb-ctl self.load_cwctl_plugins() - anonymous_user = TwistedConfiguration.anonymous_user.im_func + # By default anonymous login are allow but some test need to deny of to + # change the default user. Set it to None to prevent anonymous login. + anonymous_credential = ('anon', 'anon') + + def anonymous_user(self): + if not self.anonymous_credential: + return None, None + return self.anonymous_credential + + def set_anonymous_allowed(self, allowed, anonuser='anon'): + if allowed: + self.anonymous_credential = (anonuser, anonuser) + else: + self.anonymous_credential = None @property def apphome(self): @@ -115,10 +121,6 @@ def load_configuration(self): super(TestServerConfiguration, self).load_configuration() - if self.anonymous_credential: - user, password = self.anonymous_credential - self.global_set_option('anonymous-user', user) - self.global_set_option('anonymous-password', password) # no undo support in tests self.global_set_option('undo-support', '') diff -r 5f8e52d722c5 -r 4751d77394b1 devtools/cwwindmill.py --- a/devtools/cwwindmill.py Thu Mar 10 12:04:46 2011 +0100 +++ b/devtools/cwwindmill.py Fri Mar 11 09:47:09 2011 +0100 @@ -93,7 +93,7 @@ edit_test = "-i" in sys.argv # detection for pytest invocation # Windmill use case are written with no anonymous user - anonymous_logged = False + anonymous_allowed = False tags = CubicWebServerTC.tags & Tags(('windmill',)) diff -r 5f8e52d722c5 -r 4751d77394b1 devtools/httptest.py --- a/devtools/httptest.py Thu Mar 10 12:04:46 2011 +0100 +++ b/devtools/httptest.py Fri Mar 11 09:47:09 2011 +0100 @@ -89,12 +89,11 @@ """Class for running test web server. See :class:`CubicWebServerConfig`. Class attributes: - * `anonymous_logged`: flag telling if anonymous user should be logged-in - by default (True by default) XXX (syt) s/logged-in/allowed/ ? + * `anonymous_allowed`: flag telling if anonymous browsing should be allowed """ configcls = CubicWebServerConfig # anonymous is logged by default in cubicweb test cases - anonymous_logged = True + anonymous_allowed = True def start_server(self): # use a semaphore to avoid starting test while the http server isn't @@ -189,6 +188,5 @@ @classmethod def init_config(cls, config): - if not cls.anonymous_logged: - config.anonymous_credential = None + config.set_anonymous_allowed(cls.anonymous_allowed) super(CubicWebServerTC, cls).init_config(config) diff -r 5f8e52d722c5 -r 4751d77394b1 devtools/test/unittest_httptest.py --- a/devtools/test/unittest_httptest.py Thu Mar 10 12:04:46 2011 +0100 +++ b/devtools/test/unittest_httptest.py Fri Mar 11 09:47:09 2011 +0100 @@ -42,7 +42,7 @@ class TwistedCWIdentTC(CubicWebServerTC): - anonymous_logged = False + anonymous_allowed = False tags = CubicWebServerTC.tags | Tags(('auth',)) def test_response_denied(self): diff -r 5f8e52d722c5 -r 4751d77394b1 devtools/testlib.py --- a/devtools/testlib.py Thu Mar 10 12:04:46 2011 +0100 +++ b/devtools/testlib.py Fri Mar 11 09:47:09 2011 +0100 @@ -660,6 +660,10 @@ def init_authentication(self, authmode, anonuser=None): self.set_option('auth-mode', authmode) self.set_option('anonymous-user', anonuser) + if anonuser is None: + self.config.anonymous_credential = None + else: + self.config.anonymous_credential = (anonuser, anonuser) req = self.request() origsession = req.session req.session = req.cnx = None diff -r 5f8e52d722c5 -r 4751d77394b1 entities/test/unittest_wfobjs.py --- a/entities/test/unittest_wfobjs.py Thu Mar 10 12:04:46 2011 +0100 +++ b/entities/test/unittest_wfobjs.py Fri Mar 11 09:47:09 2011 +0100 @@ -127,6 +127,7 @@ # fetch the entity using the new session trs = list(cnx.user().cw_adapt_to('IWorkflowable').possible_transitions()) self.assertEqual(len(trs), 0) + cnx.close() def _test_manager_deactivate(self, user): iworkflowable = user.cw_adapt_to('IWorkflowable') @@ -211,6 +212,7 @@ with self.assertRaises(ValidationError) as cm: iworkflowable.fire_transition('activate') self.assertEqual(cm.exception.errors, {'by_transition-subject': "transition may not be fired"}) + cnx.close() def test_fire_transition_owned_by(self): self.execute('INSERT RQLExpression X: X exprtype "ERQLExpression", ' diff -r 5f8e52d722c5 -r 4751d77394b1 server/test/unittest_migractions.py --- a/server/test/unittest_migractions.py Thu Mar 10 12:04:46 2011 +0100 +++ b/server/test/unittest_migractions.py Fri Mar 11 09:47:09 2011 +0100 @@ -23,7 +23,7 @@ from datetime import date from os.path import join -from logilab.common.testlib import TestCase, unittest_main +from logilab.common.testlib import TestCase, unittest_main, Tags, tag from yams.constraints import UniqueConstraint @@ -37,10 +37,13 @@ def tearDownModule(*args): global migrschema del migrschema - del MigrationCommandsTC.origschema + if hasattr(MigrationCommandsTC, 'origschema'): + del MigrationCommandsTC.origschema class MigrationCommandsTC(CubicWebTC): + tags = CubicWebTC.tags | Tags(('server', 'migration', 'migractions')) + @classmethod def init_config(cls, config): super(MigrationCommandsTC, cls).init_config(config) @@ -343,6 +346,7 @@ self.mh.cmd_change_relation_props('Personne', 'adel', 'String', fulltextindexed=False) + @tag('longrun') def test_sync_schema_props_perms(self): cursor = self.mh.session cursor.set_pool() @@ -464,6 +468,7 @@ finally: self.mh.cmd_set_size_constraint('CWEType', 'description', None) + @tag('longrun') def test_add_remove_cube_and_deps(self): cubes = set(self.config.cubes()) schema = self.repo.schema @@ -527,6 +532,7 @@ self.commit() + @tag('longrun') def test_add_remove_cube_no_deps(self): cubes = set(self.config.cubes()) schema = self.repo.schema @@ -558,6 +564,7 @@ self.mh.cmd_remove_cube('file') self.assertEqual(str(cm.exception), "can't remove cube file, used as a dependency") + @tag('longrun') def test_introduce_base_class(self): self.mh.cmd_add_entity_type('Para') self.mh.repo.schema.rebuild_infered_relations() diff -r 5f8e52d722c5 -r 4751d77394b1 server/test/unittest_security.py --- a/server/test/unittest_security.py Thu Mar 10 12:04:46 2011 +0100 +++ b/server/test/unittest_security.py Fri Mar 11 09:47:09 2011 +0100 @@ -27,8 +27,8 @@ class BaseSecurityTC(CubicWebTC): - def setUp(self): - CubicWebTC.setUp(self) + def setup_database(self): + super(BaseSecurityTC, self).setup_database() self.create_user('iaminusersgrouponly') self.readoriggroups = self.schema['Personne'].permissions['read'] self.addoriggroups = self.schema['Personne'].permissions['add'] @@ -75,7 +75,7 @@ def tearDown(self): self.repo.system_source.__dict__.pop('syntax_tree_search', None) - BaseSecurityTC.tearDown(self) + super(SecurityRewritingTC, self).tearDown() def test_not_relation_read_security(self): cnx = self.login('iaminusersgrouponly') @@ -86,6 +86,7 @@ self.execute('Any U WHERE NOT EXISTS(A todo_by U), A is Affaire') self.assertEqual(self.query[0][1].as_string(), 'Any U WHERE NOT EXISTS(A todo_by U), A is Affaire') + cnx.close() class SecurityTC(BaseSecurityTC): @@ -104,6 +105,7 @@ cu.execute("INSERT Personne X: X nom 'bidule'") self.assertRaises(Unauthorized, cnx.commit) self.assertEqual(cu.execute('Personne X').rowcount, 1) + cnx.close() def test_insert_rql_permission(self): # test user can only add une affaire related to a societe he owns @@ -120,6 +122,7 @@ cu.execute("INSERT Societe X: X nom 'chouette'") cu.execute("SET A concerne S WHERE A sujet 'cool', S nom 'chouette'") cnx.commit() + cnx.close() def test_update_security_1(self): cnx = self.login('anon') @@ -147,6 +150,7 @@ cu.execute("INSERT Personne X: X nom 'biduuule'") cu.execute("INSERT Societe X: X nom 'looogilab'") cu.execute("SET X travaille S WHERE X nom 'biduuule', S nom 'looogilab'") + cnx.close() def test_update_rql_permission(self): self.execute("SET A concerne S WHERE A is Affaire, S is Societe") @@ -165,6 +169,7 @@ cu.execute("SET A concerne S WHERE A sujet 'pascool', S nom 'chouette'") cu.execute("SET X sujet 'habahsicestcool' WHERE X sujet 'pascool'") cnx.commit() + cnx.close() def test_delete_security(self): # FIXME: sample below fails because we don't detect "owner" can't delete @@ -177,6 +182,7 @@ cnx = self.login('iaminusersgrouponly') cu = cnx.cursor() self.assertRaises(Unauthorized, cu.execute, "DELETE CWGroup Y WHERE Y name 'staff'") + cnx.close() def test_delete_rql_permission(self): self.execute("SET A concerne S WHERE A is Affaire, S is Societe") @@ -200,6 +206,7 @@ ## self.assertRaises(Unauthorized, cu.execute, "DELETE Affaire X") cu.execute("DELETE Affaire X WHERE X sujet 'pascool'") cnx.commit() + cnx.close() def test_insert_relation_rql_permission(self): @@ -225,6 +232,7 @@ cu.execute("INSERT Societe X: X nom 'chouette'") cu.execute("SET A concerne S WHERE A is Affaire, S nom 'chouette'") cnx.commit() + cnx.close() def test_delete_relation_rql_permission(self): self.execute("SET A concerne S WHERE A is Affaire, S is Societe") @@ -249,6 +257,7 @@ cu.execute("SET A concerne S WHERE A is Affaire, S nom 'chouette'") cnx.commit() cu.execute("DELETE A concerne S WHERE S nom 'chouette'") + cnx.close() def test_user_can_change_its_upassword(self): @@ -260,6 +269,7 @@ cnx.commit() cnx.close() cnx = self.login('user', password='newpwd') + cnx.close() def test_user_cant_change_other_upassword(self): ueid = self.create_user('otheruser').eid @@ -268,6 +278,7 @@ cu.execute('SET X upassword %(passwd)s WHERE X eid %(x)s', {'x': ueid, 'passwd': 'newpwd'}) self.assertRaises(Unauthorized, cnx.commit) + cnx.close() # read security test @@ -277,6 +288,7 @@ cu = cnx.cursor() self.assertRaises(Unauthorized, cu.execute, 'Personne U where U nom "managers"') + cnx.close() def test_read_erqlexpr_base(self): eid = self.execute("INSERT Affaire X: X sujet 'cool'")[0][0] @@ -301,6 +313,7 @@ self.assertEqual(rset.rows, []) # test can't update an attribute of an entity that can't be readen self.assertRaises(Unauthorized, cu.execute, 'SET X sujet "hacked" WHERE X eid %(x)s', {'x': eid}) + cnx.close() def test_entity_created_in_transaction(self): @@ -337,6 +350,7 @@ rset = cu.execute("Any X WHERE X has_text 'cool'") self.assertEqual(sorted(eid for eid, in rset.rows), [card1, aff2]) + cnx.close() def test_read_erqlexpr_has_text2(self): self.execute("INSERT Personne X: X nom 'bidule'") @@ -349,6 +363,7 @@ self.assertEqual(len(rset.rows), 1, rset.rows) rset = cu.execute('Any N WITH N BEING (Any N WHERE N has_text "bidule")') self.assertEqual(len(rset.rows), 1, rset.rows) + cnx.close() def test_read_erqlexpr_optional_rel(self): self.execute("INSERT Personne X: X nom 'bidule'") @@ -359,6 +374,7 @@ cu = cnx.cursor() rset = cu.execute('Any N,U WHERE N has_text "bidule", N owned_by U?') self.assertEqual(len(rset.rows), 1, rset.rows) + cnx.close() def test_read_erqlexpr_aggregat(self): self.execute("INSERT Affaire X: X sujet 'cool'")[0][0] @@ -382,6 +398,7 @@ values = dict(rset) self.assertEqual(values['Affaire'], 1) self.assertEqual(values['Societe'], 2) + cnx.close() def test_attribute_security(self): @@ -429,6 +446,7 @@ cnx.commit() cu.execute("SET X para 'chouette' WHERE X eid %(x)s", {'x': note2.eid}) cnx.commit() + cnx.close() def test_attribute_read_security(self): # anon not allowed to see users'login, but they can see users @@ -446,6 +464,7 @@ self.assertEqual(x.login, None) self.failUnless(x.creation_date) cnx.rollback() + cnx.close() class BaseSchemaSecurityTC(BaseSecurityTC): """tests related to the base schema permission configuration""" @@ -472,6 +491,7 @@ cu.execute('DELETE Affaire X WHERE X ref "ARCT01"') cnx.commit() self.failIf(cu.execute('Affaire X')) + cnx.close() def test_users_and_groups_non_readable_by_guests(self): cnx = self.login('anon') @@ -498,6 +518,7 @@ # but can't modify it cu.execute('SET X login "toto" WHERE X eid %(x)s', {'x': anon.eid}) self.assertRaises(Unauthorized, cnx.commit) + cnx.close() def test_in_group_relation(self): cnx = self.login('iaminusersgrouponly') @@ -506,6 +527,7 @@ self.assertRaises(Unauthorized, cu.execute, rql) rql = u"SET U in_group G WHERE U login 'admin', G name 'users'" self.assertRaises(Unauthorized, cu.execute, rql) + cnx.close() def test_owned_by(self): self.execute("INSERT Personne X: X nom 'bidule'") @@ -514,6 +536,7 @@ cu = cnx.cursor() rql = u"SET X owned_by U WHERE U login 'iaminusersgrouponly', X is Personne" self.assertRaises(Unauthorized, cu.execute, rql) + cnx.close() def test_bookmarked_by_guests_security(self): beid1 = self.execute('INSERT Bookmark B: B path "?vid=manage", B title "manage"')[0][0] @@ -535,6 +558,7 @@ self.assertRaises(Unauthorized, cu.execute, 'SET B bookmarked_by U WHERE U eid %(x)s, B eid %(b)s', {'x': anoneid, 'b': beid1}) + cnx.close() def test_ambigous_ordered(self): @@ -542,6 +566,7 @@ cu = cnx.cursor() names = [t for t, in cu.execute('Any N ORDERBY lower(N) WHERE X name N')] self.assertEqual(names, sorted(names, key=lambda x: x.lower())) + cnx.close() def test_in_state_without_update_perm(self): """check a user change in_state without having update permission on the @@ -575,6 +600,7 @@ # restore orig perms for action, perms in affaire_perms.iteritems(): self.schema['Affaire'].set_action_permissions(action, perms) + cnx.close() def test_trinfo_security(self): aff = self.execute('INSERT Affaire X: X ref "ARCT01"').get_entity(0, 0) diff -r 5f8e52d722c5 -r 4751d77394b1 web/views/basetemplates.py --- a/web/views/basetemplates.py Thu Mar 10 12:04:46 2011 +0100 +++ b/web/views/basetemplates.py Fri Mar 11 09:47:09 2011 +0100 @@ -74,7 +74,7 @@ # FIXME Deprecated code ? msg = self._cw._('you have been logged out') w(u'

%s

\n' % msg) - if self._cw.vreg.config['anonymous-user']: + if self._cw.vreg.config.anonymous_user()[0]: indexurl = self._cw.build_url('view', vid='index', __message=msg) w(u'

%s

' % ( xml_escape(indexurl),