# HG changeset patch # User Sylvain Thénault # Date 1299766701 -3600 # Node ID bcf96f2a4c5db60aafa7ab673a1b760ae76b72cc # Parent db7608cb32bc47e12266d6b3c302bd9821aaebd2 [test] properly close connections diff -r db7608cb32bc -r bcf96f2a4c5d entities/test/unittest_wfobjs.py --- a/entities/test/unittest_wfobjs.py Thu Mar 10 14:59:21 2011 +0100 +++ b/entities/test/unittest_wfobjs.py Thu Mar 10 15:18:21 2011 +0100 @@ -127,6 +127,7 @@ # fetch the entity using the new session trs = list(cnx.user().cw_adapt_to('IWorkflowable').possible_transitions()) self.assertEqual(len(trs), 0) + cnx.close() def _test_manager_deactivate(self, user): iworkflowable = user.cw_adapt_to('IWorkflowable') @@ -211,6 +212,7 @@ with self.assertRaises(ValidationError) as cm: iworkflowable.fire_transition('activate') self.assertEqual(cm.exception.errors, {'by_transition-subject': "transition may not be fired"}) + cnx.close() def test_fire_transition_owned_by(self): self.execute('INSERT RQLExpression X: X exprtype "ERQLExpression", ' diff -r db7608cb32bc -r bcf96f2a4c5d server/test/unittest_security.py --- a/server/test/unittest_security.py Thu Mar 10 14:59:21 2011 +0100 +++ b/server/test/unittest_security.py Thu Mar 10 15:18:21 2011 +0100 @@ -27,8 +27,8 @@ class BaseSecurityTC(CubicWebTC): - def setUp(self): - CubicWebTC.setUp(self) + def setup_database(self): + super(BaseSecurityTC, self).setup_database() self.create_user('iaminusersgrouponly') self.readoriggroups = self.schema['Personne'].permissions['read'] self.addoriggroups = self.schema['Personne'].permissions['add'] @@ -75,7 +75,7 @@ def tearDown(self): self.repo.system_source.__dict__.pop('syntax_tree_search', None) - BaseSecurityTC.tearDown(self) + super(SecurityRewritingTC, self).tearDown() def test_not_relation_read_security(self): cnx = self.login('iaminusersgrouponly') @@ -86,6 +86,7 @@ self.execute('Any U WHERE NOT EXISTS(A todo_by U), A is Affaire') self.assertEqual(self.query[0][1].as_string(), 'Any U WHERE NOT EXISTS(A todo_by U), A is Affaire') + cnx.close() class SecurityTC(BaseSecurityTC): @@ -104,6 +105,7 @@ cu.execute("INSERT Personne X: X nom 'bidule'") self.assertRaises(Unauthorized, cnx.commit) self.assertEqual(cu.execute('Personne X').rowcount, 1) + cnx.close() def test_insert_rql_permission(self): # test user can only add une affaire related to a societe he owns @@ -120,6 +122,7 @@ cu.execute("INSERT Societe X: X nom 'chouette'") cu.execute("SET A concerne S WHERE A sujet 'cool', S nom 'chouette'") cnx.commit() + cnx.close() def test_update_security_1(self): cnx = self.login('anon') @@ -147,6 +150,7 @@ cu.execute("INSERT Personne X: X nom 'biduuule'") cu.execute("INSERT Societe X: X nom 'looogilab'") cu.execute("SET X travaille S WHERE X nom 'biduuule', S nom 'looogilab'") + cnx.close() def test_update_rql_permission(self): self.execute("SET A concerne S WHERE A is Affaire, S is Societe") @@ -165,6 +169,7 @@ cu.execute("SET A concerne S WHERE A sujet 'pascool', S nom 'chouette'") cu.execute("SET X sujet 'habahsicestcool' WHERE X sujet 'pascool'") cnx.commit() + cnx.close() def test_delete_security(self): # FIXME: sample below fails because we don't detect "owner" can't delete @@ -177,6 +182,7 @@ cnx = self.login('iaminusersgrouponly') cu = cnx.cursor() self.assertRaises(Unauthorized, cu.execute, "DELETE CWGroup Y WHERE Y name 'staff'") + cnx.close() def test_delete_rql_permission(self): self.execute("SET A concerne S WHERE A is Affaire, S is Societe") @@ -200,6 +206,7 @@ ## self.assertRaises(Unauthorized, cu.execute, "DELETE Affaire X") cu.execute("DELETE Affaire X WHERE X sujet 'pascool'") cnx.commit() + cnx.close() def test_insert_relation_rql_permission(self): @@ -225,6 +232,7 @@ cu.execute("INSERT Societe X: X nom 'chouette'") cu.execute("SET A concerne S WHERE A is Affaire, S nom 'chouette'") cnx.commit() + cnx.close() def test_delete_relation_rql_permission(self): self.execute("SET A concerne S WHERE A is Affaire, S is Societe") @@ -249,6 +257,7 @@ cu.execute("SET A concerne S WHERE A is Affaire, S nom 'chouette'") cnx.commit() cu.execute("DELETE A concerne S WHERE S nom 'chouette'") + cnx.close() def test_user_can_change_its_upassword(self): @@ -260,6 +269,7 @@ cnx.commit() cnx.close() cnx = self.login('user', password='newpwd') + cnx.close() def test_user_cant_change_other_upassword(self): ueid = self.create_user('otheruser').eid @@ -268,6 +278,7 @@ cu.execute('SET X upassword %(passwd)s WHERE X eid %(x)s', {'x': ueid, 'passwd': 'newpwd'}) self.assertRaises(Unauthorized, cnx.commit) + cnx.close() # read security test @@ -277,6 +288,7 @@ cu = cnx.cursor() self.assertRaises(Unauthorized, cu.execute, 'Personne U where U nom "managers"') + cnx.close() def test_read_erqlexpr_base(self): eid = self.execute("INSERT Affaire X: X sujet 'cool'")[0][0] @@ -301,6 +313,7 @@ self.assertEqual(rset.rows, []) # test can't update an attribute of an entity that can't be readen self.assertRaises(Unauthorized, cu.execute, 'SET X sujet "hacked" WHERE X eid %(x)s', {'x': eid}) + cnx.close() def test_entity_created_in_transaction(self): @@ -337,6 +350,7 @@ rset = cu.execute("Any X WHERE X has_text 'cool'") self.assertEqual(sorted(eid for eid, in rset.rows), [card1, aff2]) + cnx.close() def test_read_erqlexpr_has_text2(self): self.execute("INSERT Personne X: X nom 'bidule'") @@ -349,6 +363,7 @@ self.assertEqual(len(rset.rows), 1, rset.rows) rset = cu.execute('Any N WITH N BEING (Any N WHERE N has_text "bidule")') self.assertEqual(len(rset.rows), 1, rset.rows) + cnx.close() def test_read_erqlexpr_optional_rel(self): self.execute("INSERT Personne X: X nom 'bidule'") @@ -359,6 +374,7 @@ cu = cnx.cursor() rset = cu.execute('Any N,U WHERE N has_text "bidule", N owned_by U?') self.assertEqual(len(rset.rows), 1, rset.rows) + cnx.close() def test_read_erqlexpr_aggregat(self): self.execute("INSERT Affaire X: X sujet 'cool'")[0][0] @@ -382,6 +398,7 @@ values = dict(rset) self.assertEqual(values['Affaire'], 1) self.assertEqual(values['Societe'], 2) + cnx.close() def test_attribute_security(self): @@ -429,6 +446,7 @@ cnx.commit() cu.execute("SET X para 'chouette' WHERE X eid %(x)s", {'x': note2.eid}) cnx.commit() + cnx.close() def test_attribute_read_security(self): # anon not allowed to see users'login, but they can see users @@ -446,6 +464,7 @@ self.assertEqual(x.login, None) self.failUnless(x.creation_date) cnx.rollback() + cnx.close() class BaseSchemaSecurityTC(BaseSecurityTC): """tests related to the base schema permission configuration""" @@ -472,6 +491,7 @@ cu.execute('DELETE Affaire X WHERE X ref "ARCT01"') cnx.commit() self.failIf(cu.execute('Affaire X')) + cnx.close() def test_users_and_groups_non_readable_by_guests(self): cnx = self.login('anon') @@ -498,6 +518,7 @@ # but can't modify it cu.execute('SET X login "toto" WHERE X eid %(x)s', {'x': anon.eid}) self.assertRaises(Unauthorized, cnx.commit) + cnx.close() def test_in_group_relation(self): cnx = self.login('iaminusersgrouponly') @@ -506,6 +527,7 @@ self.assertRaises(Unauthorized, cu.execute, rql) rql = u"SET U in_group G WHERE U login 'admin', G name 'users'" self.assertRaises(Unauthorized, cu.execute, rql) + cnx.close() def test_owned_by(self): self.execute("INSERT Personne X: X nom 'bidule'") @@ -514,6 +536,7 @@ cu = cnx.cursor() rql = u"SET X owned_by U WHERE U login 'iaminusersgrouponly', X is Personne" self.assertRaises(Unauthorized, cu.execute, rql) + cnx.close() def test_bookmarked_by_guests_security(self): beid1 = self.execute('INSERT Bookmark B: B path "?vid=manage", B title "manage"')[0][0] @@ -535,6 +558,7 @@ self.assertRaises(Unauthorized, cu.execute, 'SET B bookmarked_by U WHERE U eid %(x)s, B eid %(b)s', {'x': anoneid, 'b': beid1}) + cnx.close() def test_ambigous_ordered(self): @@ -542,6 +566,7 @@ cu = cnx.cursor() names = [t for t, in cu.execute('Any N ORDERBY lower(N) WHERE X name N')] self.assertEqual(names, sorted(names, key=lambda x: x.lower())) + cnx.close() def test_in_state_without_update_perm(self): """check a user change in_state without having update permission on the @@ -575,6 +600,7 @@ # restore orig perms for action, perms in affaire_perms.iteritems(): self.schema['Affaire'].set_action_permissions(action, perms) + cnx.close() def test_trinfo_security(self): aff = self.execute('INSERT Affaire X: X ref "ARCT01"').get_entity(0, 0)