# HG changeset patch # User Sylvain Thénault # Date 1253111943 -7200 # Node ID 905e269ff85353cdeaeecffff4ff5da28f166d0e # Parent c0e10da6f1cfd08433f1bfbb5104fd5d81e50904 email hooks tests diff -r c0e10da6f1cf -r 905e269ff853 sobjects/test/unittest_email.py --- a/sobjects/test/unittest_email.py Wed Sep 16 16:37:49 2009 +0200 +++ b/sobjects/test/unittest_email.py Wed Sep 16 16:39:03 2009 +0200 @@ -5,6 +5,7 @@ :contact: http://www.logilab.fr/ -- mailto:contact@logilab.fr :license: GNU Lesser General Public License, v2.1 - http://www.gnu.org/licenses """ +from cubicweb import Unauthorized from cubicweb.devtools.apptest import EnvBasedTC class EmailAddressHooksTC(EnvBasedTC): @@ -30,6 +31,24 @@ self.assertEquals(self.execute('Any A WHERE U use_email X, U login "admin", X address A')[0][0], 'admin@logilab.fr') + def test_cardinality_check(self): + email1 = self.execute('INSERT EmailAddress E: E address "client@client.com", U use_email E WHERE U login "admin"')[0][0] + self.commit() + self.execute('SET U primary_email E WHERE U login "anon", E address "client@client.com"') + self.commit() + rset = self.execute('Any X WHERE X use_email E, E eid %(e)s', {'e': email1}) + self.failIf(rset.rowcount != 1, rset) + + def test_security_check(self): + self.create_user('toto') + email1 = self.execute('INSERT EmailAddress E: E address "client@client.com", U use_email E WHERE U login "admin"')[0][0] + self.commit() + cnx = self.login('toto') + cu = cnx.cursor() + cu.execute('SET U primary_email E WHERE E eid %(e)s, U login "toto"', + {'e': email1}) + self.assertRaises(Unauthorized, cnx.commit) + if __name__ == '__main__': from logilab.common.testlib import unittest_main