2014-09-23 15:19:31 +00:00
# coding=utf-8
2014-01-31 21:19:29 +00:00
import unittest
2015-09-16 19:34:20 +00:00
import datetime
2015-12-18 19:18:52 +00:00
import logging
2016-11-30 21:54:04 +00:00
import time
2015-12-18 19:18:52 +00:00
import re
2014-02-06 19:40:36 +00:00
import json as py_json
2014-01-31 21:19:29 +00:00
2016-08-31 17:51:53 +00:00
from contextlib import contextmanager
2016-04-05 19:27:45 +00:00
from calendar import timegm
2016-02-11 09:04:37 +00:00
from StringIO import StringIO
2014-03-25 19:17:02 +00:00
from urllib import urlencode
from urlparse import urlparse , urlunparse , parse_qs
2015-12-18 19:18:52 +00:00
from playhouse . test_utils import assert_query_count , _QueryLogHandler
2016-02-24 21:01:27 +00:00
from httmock import urlmatch , HTTMock
2016-04-05 19:27:45 +00:00
from cryptography . hazmat . primitives import serialization
from cryptography . hazmat . backends import default_backend
2016-05-23 19:08:51 +00:00
from mockldap import MockLdap
2015-05-08 01:11:15 +00:00
2014-03-18 23:34:26 +00:00
from endpoints . api import api_bp , api
2015-04-29 21:30:24 +00:00
from endpoints . building import PreparedBuild
2014-02-26 20:19:07 +00:00
from endpoints . webhooks import webhooks
2016-08-09 21:58:33 +00:00
from app import app , config_provider , all_queues , dockerfile_build_queue , notification_queue
2015-09-11 21:40:32 +00:00
from buildtrigger . basehandler import BuildTriggerHandler
2014-01-31 21:19:29 +00:00
from initdb import setup_database_for_testing , finished_database_for_testing
2015-07-15 21:25:41 +00:00
from data import database , model
2016-08-10 19:08:06 +00:00
from data . database import RepositoryActionCount , Repository as RepositoryTable
2016-06-07 22:12:11 +00:00
from test . helpers import assert_action_logged
2014-01-31 21:19:29 +00:00
2016-08-22 18:42:35 +00:00
from endpoints . api . team import ( TeamMember , TeamMemberList , TeamMemberInvite , OrganizationTeam ,
TeamPermissions )
2015-04-19 19:43:16 +00:00
from endpoints . api . tag import RepositoryTagImages , RepositoryTag , RevertTag , ListRepositoryTags
2016-03-07 15:07:41 +00:00
from endpoints . api . search import EntitySearch , ConductSearch
2014-03-18 23:34:26 +00:00
from endpoints . api . image import RepositoryImage , RepositoryImageList
2016-01-12 20:57:03 +00:00
from endpoints . api . build import RepositoryBuildStatus , RepositoryBuildList , RepositoryBuildResource
2014-08-25 21:19:23 +00:00
from endpoints . api . robot import ( UserRobotList , OrgRobot , OrgRobotList , UserRobot ,
RegenerateUserRobot , RegenerateOrgRobot )
2014-03-18 23:34:26 +00:00
from endpoints . api . trigger import ( BuildTriggerActivate , BuildTriggerSources , BuildTriggerSubdirs ,
TriggerBuildList , ActivateBuildTrigger , BuildTrigger ,
2014-09-30 20:29:32 +00:00
BuildTriggerList , BuildTriggerAnalyze , BuildTriggerFieldValues )
2014-07-28 18:58:12 +00:00
from endpoints . api . repoemail import RepositoryAuthorizedEmail
2016-10-04 07:57:32 +00:00
from endpoints . api . repositorynotification import ( RepositoryNotification ,
RepositoryNotificationList ,
TestRepositoryNotification )
2014-03-25 00:57:02 +00:00
from endpoints . api . user import ( PrivateRepositories , ConvertToOrganization , Signout , Signin , User ,
2014-07-28 22:23:46 +00:00
UserAuthorizationList , UserAuthorization , UserNotification ,
2015-02-20 20:11:41 +00:00
UserNotificationList , StarredRepositoryList , StarredRepository )
2014-03-25 00:57:02 +00:00
2014-03-18 23:34:26 +00:00
from endpoints . api . repotoken import RepositoryToken , RepositoryTokenList
from endpoints . api . prototype import PermissionPrototype , PermissionPrototypeList
2015-08-05 21:36:17 +00:00
from endpoints . api . logs import UserLogs , OrgLogs , OrgAggregateLogs , UserAggregateLogs
2014-03-18 23:34:26 +00:00
from endpoints . api . billing import ( UserCard , UserPlan , ListPlans , OrganizationCard ,
OrganizationPlan )
from endpoints . api . discovery import DiscoveryResource
2016-04-11 20:20:11 +00:00
from endpoints . api . error import Error
2014-03-18 23:34:26 +00:00
from endpoints . api . organization import ( OrganizationList , OrganizationMember ,
2015-06-29 18:38:01 +00:00
OrgPrivateRepositories , OrganizationMemberList ,
2014-03-20 19:46:13 +00:00
Organization , ApplicationInformation ,
OrganizationApplications , OrganizationApplicationResource ,
2016-02-16 16:52:57 +00:00
OrganizationApplicationResetClientSecret , Organization )
2016-06-30 21:31:35 +00:00
from endpoints . api . repository import ( RepositoryList , RepositoryVisibility , Repository ,
REPOS_PER_PAGE )
2014-03-18 23:34:26 +00:00
from endpoints . api . permission import ( RepositoryUserPermission , RepositoryTeamPermission ,
RepositoryTeamPermissionList , RepositoryUserPermissionList )
2016-04-05 19:27:45 +00:00
from endpoints . api . superuser import ( SuperUserLogs , SuperUserList , SuperUserManagement ,
SuperUserServiceKeyManagement , SuperUserServiceKey ,
2016-10-17 19:43:03 +00:00
SuperUserServiceKeyApproval , SuperUserTakeOwnership , )
from endpoints . api . globalmessages import ( GlobalUserMessage , GlobalUserMessages , )
2016-02-24 21:01:27 +00:00
from endpoints . api . secscan import RepositoryImageSecurity
2016-02-11 09:04:37 +00:00
from endpoints . api . suconfig import ( SuperUserRegistryStatus , SuperUserConfig , SuperUserConfigFile ,
SuperUserCreateInitialSuperUser )
2016-07-18 22:20:00 +00:00
from endpoints . api . manifest import RepositoryManifestLabels , ManageRepositoryManifestLabel
2014-03-18 23:34:26 +00:00
2014-03-19 22:21:58 +00:00
try :
app . register_blueprint ( api_bp , url_prefix = ' /api ' )
except ValueError :
# This blueprint was already registered
pass
2014-02-26 20:19:07 +00:00
app . register_blueprint ( webhooks , url_prefix = ' /webhooks ' )
2014-01-31 21:19:29 +00:00
2015-05-08 02:25:23 +00:00
# The number of queries we run for guests on API calls.
BASE_QUERY_COUNT = 0
# The number of queries we run for logged in users on API calls.
2016-03-16 20:08:53 +00:00
BASE_LOGGEDIN_QUERY_COUNT = BASE_QUERY_COUNT + 1
2015-05-08 02:25:23 +00:00
# The number of queries we run for logged in users on API calls that check
# access permissions.
2016-03-16 20:08:53 +00:00
BASE_PERM_ACCESS_QUERY_COUNT = BASE_LOGGEDIN_QUERY_COUNT + 2
2015-05-08 02:25:23 +00:00
2014-01-31 21:19:29 +00:00
NO_ACCESS_USER = ' freshuser '
READ_ACCESS_USER = ' reader '
ADMIN_ACCESS_USER = ' devtable '
2014-02-03 23:18:33 +00:00
PUBLIC_USER = ' public '
2014-07-08 22:19:13 +00:00
ADMIN_ACCESS_EMAIL = ' jschorr@devtable.com '
2014-02-03 23:18:33 +00:00
ORG_REPO = ' orgrepo '
2014-01-31 21:19:29 +00:00
ORGANIZATION = ' buynlarge '
2014-01-31 22:54:01 +00:00
NEW_USER_DETAILS = {
' username ' : ' bobby ' ,
' password ' : ' password ' ,
' email ' : ' bobby@tables.com ' ,
}
2014-03-20 19:46:13 +00:00
FAKE_APPLICATION_CLIENT_ID = ' deadbeef '
2014-02-06 19:40:36 +00:00
2014-03-25 19:17:02 +00:00
CSRF_TOKEN_KEY = ' _csrf_token '
CSRF_TOKEN = ' 123csrfforme '
2014-02-06 19:40:36 +00:00
2014-01-31 21:19:29 +00:00
class ApiTestCase ( unittest . TestCase ) :
2014-05-20 22:26:29 +00:00
maxDiff = None
2014-03-25 19:17:02 +00:00
@staticmethod
def _add_csrf ( without_csrf ) :
parts = urlparse ( without_csrf )
query = parse_qs ( parts [ 4 ] )
query [ CSRF_TOKEN_KEY ] = CSRF_TOKEN
return urlunparse ( list ( parts [ 0 : 4 ] ) + [ urlencode ( query ) ] + list ( parts [ 5 : ] ) )
2016-12-09 04:46:31 +00:00
def url_for ( self , resource_name , params = None , skip_csrf = False ) :
params = params or { }
2014-03-25 19:17:02 +00:00
url = api . url_for ( resource_name , * * params )
2016-12-09 04:46:31 +00:00
if not skip_csrf :
url = ApiTestCase . _add_csrf ( url )
2014-03-25 19:17:02 +00:00
return url
2014-11-24 21:07:38 +00:00
2014-01-31 21:19:29 +00:00
def setUp ( self ) :
setup_database_for_testing ( self )
self . app = app . test_client ( )
self . ctx = app . test_request_context ( )
self . ctx . __enter__ ( )
2014-03-25 19:17:02 +00:00
self . setCsrfToken ( CSRF_TOKEN )
2014-01-31 21:19:29 +00:00
def tearDown ( self ) :
finished_database_for_testing ( self )
2016-02-11 09:04:37 +00:00
config_provider . clear ( )
2014-01-31 21:19:29 +00:00
self . ctx . __exit__ ( True , None , None )
2014-03-25 19:17:02 +00:00
def setCsrfToken ( self , token ) :
with self . app . session_transaction ( ) as sess :
sess [ CSRF_TOKEN_KEY ] = token
2016-09-08 22:43:50 +00:00
@contextmanager
def toggleFeature ( self , name , enabled ) :
import features
previous_value = getattr ( features , name )
setattr ( features , name , enabled )
yield
setattr ( features , name , previous_value )
2014-03-19 00:32:37 +00:00
def getJsonResponse ( self , resource_name , params = { } , expected_code = 200 ) :
2014-03-18 23:34:26 +00:00
rv = self . app . get ( api . url_for ( resource_name , * * params ) )
2014-03-19 00:32:37 +00:00
self . assertEquals ( expected_code , rv . status_code )
2014-01-31 22:54:01 +00:00
data = rv . data
2014-02-06 19:40:36 +00:00
parsed = py_json . loads ( data )
2014-01-31 22:54:01 +00:00
return parsed
2016-05-09 09:16:01 +00:00
def postResponse ( self , resource_name , params = { } , data = { } , file = None , headers = None ,
expected_code = 200 ) :
2016-02-11 09:04:37 +00:00
data = py_json . dumps ( data )
2016-05-09 09:16:01 +00:00
headers = headers or { }
headers . update ( { " Content-Type " : " application/json " } )
2016-02-11 09:04:37 +00:00
if file is not None :
data = { ' file ' : file }
headers = None
rv = self . app . post ( self . url_for ( resource_name , params ) , data = data , headers = headers )
2014-01-31 22:54:01 +00:00
self . assertEquals ( rv . status_code , expected_code )
return rv . data
2014-03-18 23:34:26 +00:00
def getResponse ( self , resource_name , params = { } , expected_code = 200 ) :
rv = self . app . get ( api . url_for ( resource_name , * * params ) )
2014-01-31 22:54:01 +00:00
self . assertEquals ( rv . status_code , expected_code )
return rv . data
2014-03-26 23:42:29 +00:00
def putResponse ( self , resource_name , params = { } , data = { } , expected_code = 200 ) :
rv = self . app . put ( self . url_for ( resource_name , params ) ,
2014-02-28 05:12:09 +00:00
data = py_json . dumps ( data ) ,
headers = { " Content-Type " : " application/json " } )
self . assertEquals ( rv . status_code , expected_code )
return rv . data
2014-03-18 23:34:26 +00:00
def deleteResponse ( self , resource_name , params = { } , expected_code = 204 ) :
2014-03-25 19:17:02 +00:00
rv = self . app . delete ( self . url_for ( resource_name , params ) )
2014-09-08 21:20:01 +00:00
if rv . status_code != expected_code :
print ' Mismatch data for resource DELETE %s : %s ' % ( resource_name , rv . data )
2014-01-31 23:54:31 +00:00
self . assertEquals ( rv . status_code , expected_code )
return rv . data
2016-12-14 21:24:06 +00:00
def deleteEmptyResponse ( self , resource_name , params = { } , expected_code = 204 ) :
rv = self . app . delete ( self . url_for ( resource_name , params ) )
self . assertEquals ( rv . status_code , expected_code )
self . assertEquals ( rv . data , ' ' ) # ensure response body empty
return
2014-03-18 23:34:26 +00:00
def postJsonResponse ( self , resource_name , params = { } , data = { } ,
2014-02-06 19:40:36 +00:00
expected_code = 200 ) :
2014-03-25 19:17:02 +00:00
rv = self . app . post ( self . url_for ( resource_name , params ) ,
2014-02-06 19:40:36 +00:00
data = py_json . dumps ( data ) ,
headers = { " Content-Type " : " application/json " } )
2014-01-31 22:54:01 +00:00
if rv . status_code != expected_code :
2014-03-18 23:34:26 +00:00
print ' Mismatch data for resource POST %s : %s ' % ( resource_name , rv . data )
2014-01-31 22:54:01 +00:00
self . assertEquals ( rv . status_code , expected_code )
2014-01-31 21:19:29 +00:00
data = rv . data
2014-02-06 19:40:36 +00:00
parsed = py_json . loads ( data )
2014-01-31 21:19:29 +00:00
return parsed
2014-03-18 23:34:26 +00:00
def putJsonResponse ( self , resource_name , params = { } , data = { } ,
2016-12-09 04:46:31 +00:00
expected_code = 200 , skip_csrf = False ) :
rv = self . app . put ( self . url_for ( resource_name , params , skip_csrf ) ,
2014-03-18 23:34:26 +00:00
data = py_json . dumps ( data ) ,
2014-02-06 19:40:36 +00:00
headers = { " Content-Type " : " application/json " } )
2014-01-31 21:19:29 +00:00
2014-01-31 22:54:01 +00:00
if rv . status_code != expected_code :
2014-03-18 23:34:26 +00:00
print ' Mismatch data for resource PUT %s : %s ' % ( resource_name , rv . data )
2014-01-31 22:54:01 +00:00
self . assertEquals ( rv . status_code , expected_code )
data = rv . data
2014-02-06 19:40:36 +00:00
parsed = py_json . loads ( data )
2014-01-31 22:54:01 +00:00
return parsed
2015-07-16 12:00:51 +00:00
def assertNotInTeam ( self , data , membername ) :
for memberData in data [ ' members ' ] :
if memberData [ ' name ' ] == membername :
2016-11-28 23:39:28 +00:00
self . fail ( membername + ' found in team: ' + data [ ' name ' ] )
2015-07-16 12:00:51 +00:00
2014-09-11 19:45:41 +00:00
def assertInTeam ( self , data , membername ) :
2015-07-15 21:25:41 +00:00
for member_data in data [ ' members ' ] :
if member_data [ ' name ' ] == membername :
2014-09-11 19:45:41 +00:00
return
2016-11-28 23:39:28 +00:00
self . fail ( membername + ' not found in team: ' + data [ ' name ' ] )
2014-09-11 19:45:41 +00:00
2014-01-31 22:54:01 +00:00
def login ( self , username , password = ' password ' ) :
2014-03-18 23:34:26 +00:00
return self . postJsonResponse ( Signin , data = dict ( username = username , password = password ) )
2014-02-06 19:40:36 +00:00
2014-01-31 22:54:01 +00:00
2014-03-25 19:17:02 +00:00
class TestCSRFFailure ( ApiTestCase ) :
def test_csrf_failure ( self ) :
self . login ( READ_ACCESS_USER )
# Make sure a simple post call succeeds.
2016-12-09 04:46:31 +00:00
self . putJsonResponse ( User , data = dict ( password = ' newpasswordiscool ' ) )
2014-03-25 19:17:02 +00:00
# Change the session's CSRF token.
self . setCsrfToken ( ' someinvalidtoken ' )
2014-11-24 21:07:38 +00:00
2014-03-25 19:17:02 +00:00
# Verify that the call now fails.
2016-12-09 04:46:31 +00:00
self . putJsonResponse ( User , data = dict ( password = ' newpasswordiscool ' ) , expected_code = 403 )
def test_csrf_failure_empty_token ( self ) :
self . login ( READ_ACCESS_USER )
# Change the session's CSRF token to be empty.
self . setCsrfToken ( ' ' )
# Verify that the call now fails.
self . putJsonResponse ( User , data = dict ( password = ' newpasswordiscool ' ) , expected_code = 403 )
def test_csrf_failure_missing_token ( self ) :
self . login ( READ_ACCESS_USER )
# Make sure a simple post call without a token at all fails.
self . putJsonResponse ( User , data = dict ( password = ' newpasswordiscool ' ) , skip_csrf = True ,
expected_code = 403 )
# Change the session's CSRF token to be empty.
self . setCsrfToken ( ' ' )
# Verify that the call still fails.
self . putJsonResponse ( User , data = dict ( password = ' newpasswordiscool ' ) , skip_csrf = True ,
2014-03-25 19:17:02 +00:00
expected_code = 403 )
2014-02-06 19:40:36 +00:00
2014-01-31 22:54:01 +00:00
2014-01-31 21:19:29 +00:00
class TestDiscovery ( ApiTestCase ) :
def test_discovery ( self ) :
2014-03-18 23:34:26 +00:00
json = self . getJsonResponse ( DiscoveryResource )
2015-06-29 18:38:21 +00:00
assert ' paths ' in json
2014-01-31 21:19:29 +00:00
2014-02-06 19:40:36 +00:00
2016-04-11 20:20:11 +00:00
class TestErrorDescription ( ApiTestCase ) :
2016-06-02 15:59:16 +00:00
def test_get_error ( self ) :
json = self . getJsonResponse ( Error , params = dict ( error_type = ' not_found ' ) )
assert json [ ' title ' ] == ' not_found '
assert ' type ' in json
assert ' description ' in json
2016-04-11 18:51:58 +00:00
2014-01-31 21:19:29 +00:00
class TestPlans ( ApiTestCase ) :
def test_plans ( self ) :
2014-03-18 23:34:26 +00:00
json = self . getJsonResponse ( ListPlans )
2014-01-31 21:19:29 +00:00
found = set ( [ ] )
for method_info in json [ ' plans ' ] :
found . add ( method_info [ ' stripeId ' ] )
assert ' free ' in found
2014-02-06 19:40:36 +00:00
2014-01-31 21:19:29 +00:00
class TestLoggedInUser ( ApiTestCase ) :
def test_guest ( self ) :
2014-03-19 00:32:37 +00:00
self . getJsonResponse ( User , expected_code = 401 )
2014-01-31 21:19:29 +00:00
def test_user ( self ) :
self . login ( READ_ACCESS_USER )
2014-03-18 23:34:26 +00:00
json = self . getJsonResponse ( User )
2014-01-31 21:19:29 +00:00
assert json [ ' anonymous ' ] == False
assert json [ ' username ' ] == READ_ACCESS_USER
2015-02-24 22:50:54 +00:00
2015-02-20 20:11:41 +00:00
class TestUserStarredRepositoryList ( ApiTestCase ) :
def test_get_stars_guest ( self ) :
self . getJsonResponse ( StarredRepositoryList , expected_code = 401 )
def test_get_stars_user ( self ) :
self . login ( READ_ACCESS_USER )
2015-05-08 02:25:23 +00:00
# Queries: Base + the list query
2016-03-16 20:08:53 +00:00
with assert_query_count ( BASE_LOGGEDIN_QUERY_COUNT + 1 ) :
2015-05-08 02:25:23 +00:00
self . getJsonResponse ( StarredRepositoryList , expected_code = 200 )
2015-02-20 20:11:41 +00:00
def test_star_repo_guest ( self ) :
self . postJsonResponse ( StarredRepositoryList ,
data = {
' namespace ' : ' public ' ,
' repository ' : ' publicrepo ' ,
} ,
expected_code = 401 )
2016-04-11 20:34:40 +00:00
def test_star_and_unstar_repo_user ( self ) :
2015-02-20 20:11:41 +00:00
self . login ( READ_ACCESS_USER )
2015-05-08 02:25:23 +00:00
# Queries: Base + the list query
2016-03-16 20:08:53 +00:00
with assert_query_count ( BASE_LOGGEDIN_QUERY_COUNT + 1 ) :
2015-05-08 02:25:23 +00:00
json = self . getJsonResponse ( StarredRepositoryList )
assert json [ ' repositories ' ] == [ ]
2015-02-20 20:11:41 +00:00
json = self . postJsonResponse ( StarredRepositoryList ,
data = {
' namespace ' : ' public ' ,
' repository ' : ' publicrepo ' ,
} ,
expected_code = 201 )
assert json [ ' namespace ' ] == ' public '
assert json [ ' repository ' ] == ' publicrepo '
2016-12-14 21:24:06 +00:00
self . deleteEmptyResponse ( StarredRepository , params = dict ( repository = ' public/publicrepo ' ) ,
2015-02-24 22:50:54 +00:00
expected_code = 204 )
2015-02-20 20:11:41 +00:00
2015-02-24 22:50:54 +00:00
json = self . getJsonResponse ( StarredRepositoryList )
assert json [ ' repositories ' ] == [ ]
2015-02-20 20:11:41 +00:00
2014-02-06 19:40:36 +00:00
2014-07-28 22:23:46 +00:00
class TestUserNotification ( ApiTestCase ) :
def test_get ( self ) :
self . login ( ADMIN_ACCESS_USER )
json = self . getJsonResponse ( UserNotificationList )
# Make sure each notification can be retrieved.
for notification in json [ ' notifications ' ] :
njson = self . getJsonResponse ( UserNotification , params = dict ( uuid = notification [ ' id ' ] ) )
self . assertEquals ( notification [ ' id ' ] , njson [ ' id ' ] )
# Update a notification.
assert json [ ' notifications ' ]
assert not json [ ' notifications ' ] [ 0 ] [ ' dismissed ' ]
2014-11-24 21:07:38 +00:00
2016-03-30 18:46:31 +00:00
notification = json [ ' notifications ' ] [ 0 ]
2014-07-28 22:23:46 +00:00
pjson = self . putJsonResponse ( UserNotification , params = dict ( uuid = notification [ ' id ' ] ) ,
data = dict ( dismissed = True ) )
2014-11-24 21:07:38 +00:00
2014-07-28 22:23:46 +00:00
self . assertEquals ( True , pjson [ ' dismissed ' ] )
2016-03-30 18:46:31 +00:00
def test_org_notifications ( self ) :
# Create a notification on the organization.
org = model . user . get_user_or_org ( ORGANIZATION )
model . notification . create_notification ( ' test_notification ' , org , { ' org ' : ' notification ' } )
# Ensure it is visible to the org admin.
self . login ( ADMIN_ACCESS_USER )
json = self . getJsonResponse ( UserNotificationList )
notification = json [ ' notifications ' ] [ 0 ]
self . assertEquals ( notification [ ' kind ' ] , ' test_notification ' )
self . assertEquals ( notification [ ' metadata ' ] , { ' org ' : ' notification ' } )
# Ensure it is not visible to an org member.
self . login ( READ_ACCESS_USER )
json = self . getJsonResponse ( UserNotificationList )
self . assertEquals ( 0 , len ( json [ ' notifications ' ] ) )
2014-07-28 22:23:46 +00:00
2014-03-06 23:36:52 +00:00
class TestGetUserPrivateAllowed ( ApiTestCase ) :
2014-01-31 21:19:29 +00:00
def test_nonallowed ( self ) :
self . login ( READ_ACCESS_USER )
2014-03-18 23:34:26 +00:00
json = self . getJsonResponse ( PrivateRepositories )
2014-01-31 21:19:29 +00:00
assert json [ ' privateCount ' ] == 0
2014-03-06 23:36:52 +00:00
assert not json [ ' privateAllowed ' ]
2014-01-31 21:19:29 +00:00
2016-04-11 20:20:11 +00:00
def test_allowed ( self ) :
2014-01-31 21:19:29 +00:00
self . login ( ADMIN_ACCESS_USER )
2015-09-15 18:33:35 +00:00
# Change the subscription of the namespace.
self . putJsonResponse ( UserPlan , data = dict ( plan = ' personal-30 ' ) )
2014-03-18 23:34:26 +00:00
json = self . getJsonResponse ( PrivateRepositories )
2014-07-15 19:13:58 +00:00
assert json [ ' privateCount ' ] > = 6
2015-09-15 18:33:35 +00:00
assert not json [ ' privateAllowed ' ]
# Change the subscription of the namespace.
self . putJsonResponse ( UserPlan , data = dict ( plan = ' bus-large-30 ' ) )
json = self . getJsonResponse ( PrivateRepositories )
2014-03-06 23:36:52 +00:00
assert json [ ' privateAllowed ' ]
2014-01-31 21:19:29 +00:00
2014-02-06 19:40:36 +00:00
2014-01-31 22:54:01 +00:00
class TestConvertToOrganization ( ApiTestCase ) :
def test_sameadminuser ( self ) :
self . login ( READ_ACCESS_USER )
2014-03-18 23:34:26 +00:00
json = self . postJsonResponse ( ConvertToOrganization ,
2014-02-06 19:40:36 +00:00
data = { ' adminUser ' : READ_ACCESS_USER ,
2014-03-19 00:32:37 +00:00
' adminPassword ' : ' password ' ,
' plan ' : ' free ' } ,
2014-01-31 22:54:01 +00:00
expected_code = 400 )
2016-04-11 18:51:58 +00:00
self . assertEqual ( ' The admin user is not valid ' , json [ ' detail ' ] )
2014-01-31 22:54:01 +00:00
2015-04-30 00:30:37 +00:00
def test_sameadminuser_by_email ( self ) :
self . login ( READ_ACCESS_USER )
json = self . postJsonResponse ( ConvertToOrganization ,
data = { ' adminUser ' : ' no1@thanks.com ' ,
' adminPassword ' : ' password ' ,
' plan ' : ' free ' } ,
2014-01-31 22:54:01 +00:00
expected_code = 400 )
2016-04-11 18:51:58 +00:00
self . assertEqual ( ' The admin user is not valid ' , json [ ' detail ' ] )
2014-01-31 22:54:01 +00:00
def test_invalidadminuser ( self ) :
self . login ( READ_ACCESS_USER )
2014-03-18 23:34:26 +00:00
json = self . postJsonResponse ( ConvertToOrganization ,
2014-02-06 19:40:36 +00:00
data = { ' adminUser ' : ' unknownuser ' ,
2014-03-19 00:32:37 +00:00
' adminPassword ' : ' password ' ,
' plan ' : ' free ' } ,
2014-01-31 22:54:01 +00:00
expected_code = 400 )
2014-02-06 19:40:36 +00:00
self . assertEqual ( ' The admin user credentials are not valid ' ,
2016-04-11 18:51:58 +00:00
json [ ' detail ' ] )
2014-01-31 22:54:01 +00:00
def test_invalidadminpassword ( self ) :
self . login ( READ_ACCESS_USER )
2014-03-18 23:34:26 +00:00
json = self . postJsonResponse ( ConvertToOrganization ,
2014-02-06 19:40:36 +00:00
data = { ' adminUser ' : ADMIN_ACCESS_USER ,
2014-03-19 00:32:37 +00:00
' adminPassword ' : ' invalidpass ' ,
' plan ' : ' free ' } ,
2014-01-31 22:54:01 +00:00
expected_code = 400 )
2014-02-06 19:40:36 +00:00
self . assertEqual ( ' The admin user credentials are not valid ' ,
2016-04-11 18:51:58 +00:00
json [ ' detail ' ] )
2014-01-31 22:54:01 +00:00
def test_convert ( self ) :
self . login ( READ_ACCESS_USER )
2016-04-14 21:39:45 +00:00
# Add at least one permission for the read-user.
read_user = model . user . get_user ( READ_ACCESS_USER )
simple_repo = model . repository . get_repository ( ADMIN_ACCESS_USER , ' simple ' )
read_role = database . Role . get ( name = ' read ' )
database . RepositoryPermission . create ( user = read_user , repository = simple_repo , role = read_role )
# Convert the read user into an organization.
2014-03-18 23:34:26 +00:00
json = self . postJsonResponse ( ConvertToOrganization ,
2014-01-31 22:54:01 +00:00
data = { ' adminUser ' : ADMIN_ACCESS_USER ,
' adminPassword ' : ' password ' ,
' plan ' : ' free ' } )
self . assertEqual ( True , json [ ' success ' ] )
# Verify the organization exists.
2015-07-15 21:25:41 +00:00
organization = model . organization . get_organization ( READ_ACCESS_USER )
2014-01-31 22:54:01 +00:00
assert organization is not None
2014-11-24 21:07:38 +00:00
2014-01-31 23:54:31 +00:00
# Verify the admin user is the org's admin.
self . login ( ADMIN_ACCESS_USER )
2014-03-18 23:34:26 +00:00
json = self . getJsonResponse ( Organization ,
2014-02-06 19:40:36 +00:00
params = dict ( orgname = READ_ACCESS_USER ) )
2014-01-31 23:54:31 +00:00
self . assertEquals ( READ_ACCESS_USER , json [ ' name ' ] )
self . assertEquals ( True , json [ ' is_admin ' ] )
2014-01-31 22:54:01 +00:00
2016-04-14 21:39:45 +00:00
# Verify the now-org has no permissions.
2016-06-02 15:59:16 +00:00
count = ( database
. RepositoryPermission
. select ( )
. where ( database . RepositoryPermission . user == organization )
. count ( ) )
2016-04-14 21:39:45 +00:00
self . assertEquals ( 0 , count )
2014-01-31 22:54:01 +00:00
2014-07-08 22:19:13 +00:00
def test_convert_via_email ( self ) :
self . login ( READ_ACCESS_USER )
json = self . postJsonResponse ( ConvertToOrganization ,
data = { ' adminUser ' : ADMIN_ACCESS_EMAIL ,
' adminPassword ' : ' password ' ,
' plan ' : ' free ' } )
self . assertEqual ( True , json [ ' success ' ] )
# Verify the organization exists.
2015-07-15 21:25:41 +00:00
organization = model . organization . get_organization ( READ_ACCESS_USER )
2014-07-08 22:19:13 +00:00
assert organization is not None
2014-11-24 21:07:38 +00:00
2014-07-08 22:19:13 +00:00
# Verify the admin user is the org's admin.
self . login ( ADMIN_ACCESS_USER )
json = self . getJsonResponse ( Organization ,
params = dict ( orgname = READ_ACCESS_USER ) )
self . assertEquals ( READ_ACCESS_USER , json [ ' name ' ] )
self . assertEquals ( True , json [ ' is_admin ' ] )
2014-01-31 22:54:01 +00:00
class TestChangeUserDetails ( ApiTestCase ) :
def test_changepassword ( self ) :
self . login ( READ_ACCESS_USER )
2014-03-18 23:34:26 +00:00
self . putJsonResponse ( User ,
2014-02-06 19:40:36 +00:00
data = dict ( password = ' newpasswordiscool ' ) )
2014-01-31 22:54:01 +00:00
self . login ( READ_ACCESS_USER , password = ' newpasswordiscool ' )
2014-09-03 19:41:25 +00:00
2014-09-18 21:36:26 +00:00
def test_changepassword_unicode ( self ) :
self . login ( READ_ACCESS_USER )
self . putJsonResponse ( User ,
2014-09-22 22:49:52 +00:00
data = dict ( password = u ' someunicode北京市pass ' ) )
self . login ( READ_ACCESS_USER , password = u ' someunicode北京市pass ' )
2014-09-18 21:36:26 +00:00
2014-09-03 19:41:25 +00:00
def test_changeeemail ( self ) :
self . login ( READ_ACCESS_USER )
self . putJsonResponse ( User ,
2014-09-04 18:24:20 +00:00
data = dict ( email = ' test+foo@devtable.com ' ) )
2014-09-03 19:41:25 +00:00
2014-01-31 22:54:01 +00:00
def test_changeinvoiceemail ( self ) :
self . login ( READ_ACCESS_USER )
2014-03-18 23:34:26 +00:00
json = self . putJsonResponse ( User ,
2014-02-06 19:40:36 +00:00
data = dict ( invoice_email = True ) )
2014-01-31 22:54:01 +00:00
self . assertEquals ( True , json [ ' invoice_email ' ] )
2014-03-18 23:34:26 +00:00
json = self . putJsonResponse ( User ,
2014-02-06 19:40:36 +00:00
data = dict ( invoice_email = False ) )
2014-01-31 22:54:01 +00:00
self . assertEquals ( False , json [ ' invoice_email ' ] )
2016-09-08 22:43:50 +00:00
def test_changeusername_temp ( self ) :
self . login ( READ_ACCESS_USER )
user = model . user . get_user ( READ_ACCESS_USER )
model . user . create_user_prompt ( user , ' confirm_username ' )
self . assertTrue ( model . user . has_user_prompt ( user , ' confirm_username ' ) )
# Add a robot under the user's namespace.
model . user . create_robot ( ' somebot ' , user )
# Rename the user.
json = self . putJsonResponse ( User , data = dict ( username = ' someotherusername ' ) )
# Ensure the username was changed.
self . assertEquals ( ' someotherusername ' , json [ ' username ' ] )
self . assertFalse ( model . user . has_user_prompt ( user , ' confirm_username ' ) )
# Ensure the robot was changed.
self . assertIsNone ( model . user . get_user ( READ_ACCESS_USER + ' +somebot ' ) )
self . assertIsNotNone ( model . user . get_user ( ' someotherusername+somebot ' ) )
def test_changeusername_temp_samename ( self ) :
self . login ( READ_ACCESS_USER )
user = model . user . get_user ( READ_ACCESS_USER )
model . user . create_user_prompt ( user , ' confirm_username ' )
self . assertTrue ( model . user . has_user_prompt ( user , ' confirm_username ' ) )
json = self . putJsonResponse ( User , data = dict ( username = READ_ACCESS_USER ) )
# Ensure the username was not changed but they are no longer temporarily named.
self . assertEquals ( READ_ACCESS_USER , json [ ' username ' ] )
self . assertFalse ( model . user . has_user_prompt ( user , ' confirm_username ' ) )
def test_changeusername_notallowed ( self ) :
with self . toggleFeature ( ' USER_RENAME ' , False ) :
self . login ( ADMIN_ACCESS_USER )
user = model . user . get_user ( ADMIN_ACCESS_USER )
self . assertFalse ( model . user . has_user_prompt ( user , ' confirm_username ' ) )
json = self . putJsonResponse ( User , data = dict ( username = ' someotherusername ' ) )
self . assertEquals ( ADMIN_ACCESS_USER , json [ ' username ' ] )
self . assertTrue ( ' prompts ' in json )
self . assertIsNone ( model . user . get_user ( ' someotherusername ' ) )
self . assertIsNotNone ( model . user . get_user ( ADMIN_ACCESS_USER ) )
def test_changeusername_allowed ( self ) :
with self . toggleFeature ( ' USER_RENAME ' , True ) :
self . login ( ADMIN_ACCESS_USER )
user = model . user . get_user ( ADMIN_ACCESS_USER )
self . assertFalse ( model . user . has_user_prompt ( user , ' confirm_username ' ) )
json = self . putJsonResponse ( User , data = dict ( username = ' someotherusername ' ) )
self . assertEquals ( ' someotherusername ' , json [ ' username ' ] )
self . assertTrue ( ' prompts ' in json )
self . assertIsNotNone ( model . user . get_user ( ' someotherusername ' ) )
self . assertIsNone ( model . user . get_user ( ADMIN_ACCESS_USER ) )
def test_changeusername_already_used ( self ) :
self . login ( READ_ACCESS_USER )
user = model . user . get_user ( READ_ACCESS_USER )
model . user . create_user_prompt ( user , ' confirm_username ' )
self . assertTrue ( model . user . has_user_prompt ( user , ' confirm_username ' ) )
# Try to change to a used username.
self . putJsonResponse ( User , data = dict ( username = ADMIN_ACCESS_USER ) , expected_code = 400 )
# Change to a new username.
self . putJsonResponse ( User , data = dict ( username = ' unusedusername ' ) )
2014-01-31 22:54:01 +00:00
class TestCreateNewUser ( ApiTestCase ) :
def test_existingusername ( self ) :
2014-03-18 23:34:26 +00:00
json = self . postJsonResponse ( User ,
2014-01-31 22:54:01 +00:00
data = dict ( username = READ_ACCESS_USER ,
password = ' password ' ,
email = ' test@example.com ' ) ,
expected_code = 400 )
2016-04-11 18:51:58 +00:00
self . assertEquals ( ' The username already exists ' , json [ ' detail ' ] )
2014-04-08 00:37:02 +00:00
def test_trycreatetooshort ( self ) :
json = self . postJsonResponse ( User ,
data = dict ( username = ' a ' ,
password = ' password ' ,
email = ' test@example.com ' ) ,
expected_code = 400 )
2015-07-15 21:25:41 +00:00
self . assertEquals ( ' Invalid username a: Username must be between 4 and 30 characters in length ' ,
2016-04-11 18:51:58 +00:00
json [ ' detail ' ] )
2014-04-08 00:37:02 +00:00
def test_trycreateregexmismatch ( self ) :
json = self . postJsonResponse ( User ,
data = dict ( username = ' auserName ' ,
password = ' password ' ,
email = ' test@example.com ' ) ,
expected_code = 400 )
2016-09-20 19:21:26 +00:00
self . assertEquals ( ' Invalid username auserName: Username must match expression ^([a-z0-9]+(?:[._-][a-z0-9]+)*)$ ' ,
2016-04-11 18:51:58 +00:00
json [ ' detail ' ] )
2014-11-24 21:07:38 +00:00
2014-01-31 22:54:01 +00:00
def test_createuser ( self ) :
2015-07-15 21:25:41 +00:00
data = self . postJsonResponse ( User , data = NEW_USER_DETAILS , expected_code = 200 )
2014-09-23 15:33:52 +00:00
self . assertEquals ( True , data [ ' awaiting_verification ' ] )
2014-01-31 22:54:01 +00:00
2014-09-11 19:45:41 +00:00
def test_createuser_withteaminvite ( self ) :
2015-07-15 21:25:41 +00:00
inviter = model . user . get_user ( ADMIN_ACCESS_USER )
team = model . team . get_organization_team ( ORGANIZATION , ' owners ' )
2015-07-16 12:00:51 +00:00
invite = model . team . add_or_invite_to_team ( inviter , team , None , NEW_USER_DETAILS [ ' email ' ] )
2014-11-24 21:07:38 +00:00
2014-09-11 19:45:41 +00:00
details = {
2014-10-03 19:05:34 +00:00
' invite_code ' : invite . invite_token
2014-09-11 19:45:41 +00:00
}
2015-07-15 21:25:41 +00:00
details . update ( NEW_USER_DETAILS )
2014-09-11 19:45:41 +00:00
2014-09-23 15:33:52 +00:00
data = self . postJsonResponse ( User , data = details , expected_code = 200 )
2014-09-11 19:45:41 +00:00
2015-07-16 12:00:51 +00:00
# Make sure the user is verified since the email address of the user matches
# that of the team invite.
self . assertFalse ( ' awaiting_verification ' in data )
# Make sure the user was not (yet) added to the team.
self . login ( ADMIN_ACCESS_USER )
json = self . getJsonResponse ( TeamMemberList ,
params = dict ( orgname = ORGANIZATION ,
teamname = ' owners ' ) )
self . assertNotInTeam ( json , NEW_USER_DETAILS [ ' username ' ] )
def test_createuser_withteaminvite_differentemails ( self ) :
inviter = model . user . get_user ( ADMIN_ACCESS_USER )
team = model . team . get_organization_team ( ORGANIZATION , ' owners ' )
invite = model . team . add_or_invite_to_team ( inviter , team , None , ' differentemail@example.com ' )
details = {
' invite_code ' : invite . invite_token
}
details . update ( NEW_USER_DETAILS )
data = self . postJsonResponse ( User , data = details , expected_code = 200 )
# Make sure the user is *not* verified since the email address of the user
# does not match that of the team invite.
self . assertTrue ( data [ ' awaiting_verification ' ] )
# Make sure the user was not (yet) added to the team.
2014-09-11 19:45:41 +00:00
self . login ( ADMIN_ACCESS_USER )
json = self . getJsonResponse ( TeamMemberList ,
params = dict ( orgname = ORGANIZATION ,
teamname = ' owners ' ) )
2015-07-16 12:00:51 +00:00
self . assertNotInTeam ( json , NEW_USER_DETAILS [ ' username ' ] )
2016-11-28 23:39:28 +00:00
def test_createuser_withmultipleteaminvites ( self ) :
inviter = model . user . get_user ( ADMIN_ACCESS_USER )
owners_team = model . team . get_organization_team ( ORGANIZATION , ' owners ' )
readers_team = model . team . get_organization_team ( ORGANIZATION , ' readers ' )
other_owners_team = model . team . get_organization_team ( ' library ' , ' owners ' )
owners_invite = model . team . add_or_invite_to_team ( inviter , owners_team , None ,
NEW_USER_DETAILS [ ' email ' ] )
readers_invite = model . team . add_or_invite_to_team ( inviter , readers_team , None ,
NEW_USER_DETAILS [ ' email ' ] )
other_owners_invite = model . team . add_or_invite_to_team ( inviter , other_owners_team , None ,
NEW_USER_DETAILS [ ' email ' ] )
# Create the user and ensure they have a verified email address.
details = {
' invite_code ' : owners_invite . invite_token
}
details . update ( NEW_USER_DETAILS )
data = self . postJsonResponse ( User , data = details , expected_code = 200 )
# Make sure the user is verified since the email address of the user matches
# that of the team invite.
self . assertFalse ( ' awaiting_verification ' in data )
# Make sure the user was not (yet) added to the teams.
self . login ( ADMIN_ACCESS_USER )
json = self . getJsonResponse ( TeamMemberList ,
params = dict ( orgname = ORGANIZATION ,
teamname = ' owners ' ) )
self . assertNotInTeam ( json , NEW_USER_DETAILS [ ' username ' ] )
json = self . getJsonResponse ( TeamMemberList ,
params = dict ( orgname = ORGANIZATION ,
teamname = ' readers ' ) )
self . assertNotInTeam ( json , NEW_USER_DETAILS [ ' username ' ] )
json = self . getJsonResponse ( TeamMemberList ,
params = dict ( orgname = ' library ' ,
teamname = ' owners ' ) )
self . assertNotInTeam ( json , NEW_USER_DETAILS [ ' username ' ] )
# Accept the first invitation.
self . login ( NEW_USER_DETAILS [ ' username ' ] )
self . putJsonResponse ( TeamMemberInvite , params = dict ( code = owners_invite . invite_token ) )
# Make sure both codes are now invalid.
self . putResponse ( TeamMemberInvite , params = dict ( code = owners_invite . invite_token ) ,
expected_code = 400 )
self . putResponse ( TeamMemberInvite , params = dict ( code = readers_invite . invite_token ) ,
expected_code = 400 )
# Make sure the user is now in the two invited teams under the organization, but not
# in the other org's team.
self . login ( ADMIN_ACCESS_USER )
json = self . getJsonResponse ( TeamMemberList ,
params = dict ( orgname = ORGANIZATION ,
teamname = ' owners ' ) )
self . assertInTeam ( json , NEW_USER_DETAILS [ ' username ' ] )
json = self . getJsonResponse ( TeamMemberList ,
params = dict ( orgname = ORGANIZATION ,
teamname = ' readers ' ) )
self . assertInTeam ( json , NEW_USER_DETAILS [ ' username ' ] )
json = self . getJsonResponse ( TeamMemberList ,
params = dict ( orgname = ' library ' ,
teamname = ' owners ' ) )
self . assertNotInTeam ( json , NEW_USER_DETAILS [ ' username ' ] )
# Accept the second invitation.
self . login ( NEW_USER_DETAILS [ ' username ' ] )
self . putJsonResponse ( TeamMemberInvite , params = dict ( code = other_owners_invite . invite_token ) )
# Make sure the user was added to the other organization.
self . login ( ADMIN_ACCESS_USER )
json = self . getJsonResponse ( TeamMemberList ,
params = dict ( orgname = ' library ' ,
teamname = ' owners ' ) )
self . assertInTeam ( json , NEW_USER_DETAILS [ ' username ' ] )
# Make sure the invitation codes are now invalid.
self . putResponse ( TeamMemberInvite , params = dict ( code = other_owners_invite . invite_token ) ,
expected_code = 400 )
2014-09-11 19:45:41 +00:00
2016-08-09 21:58:33 +00:00
class TestDeleteNamespace ( ApiTestCase ) :
def test_deletenamespaces ( self ) :
self . login ( ADMIN_ACCESS_USER )
# Try to first delete the user. Since they are the sole admin of two orgs, it should fail.
with check_transitive_deletes ( ) :
self . deleteResponse ( User , expected_code = 400 )
# Delete the two orgs, checking in between.
with check_transitive_deletes ( ) :
2016-12-14 21:24:06 +00:00
self . deleteEmptyResponse ( Organization , params = dict ( orgname = ORGANIZATION ) , expected_code = 204 )
2016-08-09 21:58:33 +00:00
self . deleteResponse ( User , expected_code = 400 ) # Should still fail.
2016-12-14 21:24:06 +00:00
self . deleteEmptyResponse ( Organization , params = dict ( orgname = ' library ' ) , expected_code = 204 )
2016-08-09 21:58:33 +00:00
# Add some queue items for the user.
notification_queue . put ( [ ADMIN_ACCESS_USER , ' somerepo ' , ' somename ' ] , ' {} ' )
dockerfile_build_queue . put ( [ ADMIN_ACCESS_USER , ' anotherrepo ' ] , ' {} ' )
# Now delete the user.
with check_transitive_deletes ( ) :
2016-12-14 21:24:06 +00:00
self . deleteEmptyResponse ( User , expected_code = 204 )
2016-08-09 21:58:33 +00:00
# Ensure the queue items are gone.
self . assertIsNone ( notification_queue . get ( ) )
self . assertIsNone ( dockerfile_build_queue . get ( ) )
2016-10-21 21:55:22 +00:00
def test_delete_federateduser ( self ) :
self . login ( PUBLIC_USER )
# Add some federated logins.
user = model . user . get_user ( PUBLIC_USER )
model . user . attach_federated_login ( user , ' github ' , ' something ' , { } )
with check_transitive_deletes ( ) :
2016-12-14 21:24:06 +00:00
self . deleteEmptyResponse ( User , expected_code = 204 )
2016-10-21 21:55:22 +00:00
2016-11-08 23:27:12 +00:00
def test_delete_prompted_user ( self ) :
self . login ( ' randomuser ' )
with check_transitive_deletes ( ) :
2016-12-14 21:24:06 +00:00
self . deleteEmptyResponse ( User , expected_code = 204 )
2016-11-08 23:27:12 +00:00
2014-01-31 22:54:01 +00:00
2015-05-07 22:13:45 +00:00
class TestSignin ( ApiTestCase ) :
def test_signin_unicode ( self ) :
self . postResponse ( Signin , data = dict ( username = u ' \xe5 \x8c \x97 \xe4 \xba \xac \xe5 \xb8 \x82 ' ,
password = ' password ' ) , expected_code = 403 )
2015-07-16 12:00:51 +00:00
def test_signin_invitecode ( self ) :
# Create a new user (unverified)
data = self . postJsonResponse ( User , data = NEW_USER_DETAILS , expected_code = 200 )
self . assertTrue ( data [ ' awaiting_verification ' ] )
# Try to sign in without an invite code.
data = self . postJsonResponse ( Signin , data = NEW_USER_DETAILS , expected_code = 403 )
self . assertTrue ( data [ ' needsEmailVerification ' ] )
# Try to sign in with an invalid invite code.
details = {
' invite_code ' : ' someinvalidcode '
}
details . update ( NEW_USER_DETAILS )
data = self . postJsonResponse ( Signin , data = details , expected_code = 403 )
self . assertTrue ( data [ ' needsEmailVerification ' ] )
# Sign in with an invite code and ensure the user becomes verified.
inviter = model . user . get_user ( ADMIN_ACCESS_USER )
team = model . team . get_organization_team ( ORGANIZATION , ' owners ' )
invite = model . team . add_or_invite_to_team ( inviter , team , None , NEW_USER_DETAILS [ ' email ' ] )
details = {
' invite_code ' : invite . invite_token
}
details . update ( NEW_USER_DETAILS )
data = self . postJsonResponse ( Signin , data = details , expected_code = 200 )
self . assertFalse ( ' needsEmailVerification ' in data )
2015-05-07 22:13:45 +00:00
2014-01-31 22:54:01 +00:00
class TestSignout ( ApiTestCase ) :
def test_signout ( self ) :
self . login ( READ_ACCESS_USER )
2014-11-24 21:07:38 +00:00
2014-03-18 23:34:26 +00:00
json = self . getJsonResponse ( User )
2014-01-31 22:54:01 +00:00
assert json [ ' username ' ] == READ_ACCESS_USER
2014-03-18 23:34:26 +00:00
self . postResponse ( Signout )
2014-01-31 22:54:01 +00:00
2014-03-19 00:32:37 +00:00
# Make sure we're now signed out.
self . getJsonResponse ( User , expected_code = 401 )
2014-01-31 22:54:01 +00:00
2015-04-07 18:05:12 +00:00
class TestConductSearch ( ApiTestCase ) :
def test_noaccess ( self ) :
self . login ( NO_ACCESS_USER )
json = self . getJsonResponse ( ConductSearch ,
params = dict ( query = ' read ' ) )
2015-04-09 16:57:20 +00:00
self . assertEquals ( 0 , len ( json [ ' results ' ] ) )
2015-04-07 18:05:12 +00:00
json = self . getJsonResponse ( ConductSearch ,
params = dict ( query = ' owners ' ) )
self . assertEquals ( 0 , len ( json [ ' results ' ] ) )
def test_nouser ( self ) :
json = self . getJsonResponse ( ConductSearch ,
params = dict ( query = ' read ' ) )
2015-04-09 16:57:20 +00:00
self . assertEquals ( 0 , len ( json [ ' results ' ] ) )
2015-04-07 18:05:12 +00:00
json = self . getJsonResponse ( ConductSearch ,
params = dict ( query = ' public ' ) )
self . assertEquals ( 2 , len ( json [ ' results ' ] ) )
self . assertEquals ( json [ ' results ' ] [ 0 ] [ ' kind ' ] , ' user ' )
self . assertEquals ( json [ ' results ' ] [ 0 ] [ ' name ' ] , ' public ' )
self . assertEquals ( json [ ' results ' ] [ 1 ] [ ' kind ' ] , ' repository ' )
self . assertEquals ( json [ ' results ' ] [ 1 ] [ ' name ' ] , ' publicrepo ' )
json = self . getJsonResponse ( ConductSearch ,
params = dict ( query = ' owners ' ) )
self . assertEquals ( 0 , len ( json [ ' results ' ] ) )
def test_orgmember ( self ) :
self . login ( READ_ACCESS_USER )
json = self . getJsonResponse ( ConductSearch ,
params = dict ( query = ' owners ' ) )
self . assertEquals ( 0 , len ( json [ ' results ' ] ) )
json = self . getJsonResponse ( ConductSearch ,
params = dict ( query = ' readers ' ) )
self . assertEquals ( 1 , len ( json [ ' results ' ] ) )
self . assertEquals ( json [ ' results ' ] [ 0 ] [ ' kind ' ] , ' team ' )
self . assertEquals ( json [ ' results ' ] [ 0 ] [ ' name ' ] , ' readers ' )
def test_orgadmin ( self ) :
self . login ( ADMIN_ACCESS_USER )
json = self . getJsonResponse ( ConductSearch ,
params = dict ( query = ' owners ' ) )
2016-01-21 20:40:51 +00:00
self . assertEquals ( 2 , len ( json [ ' results ' ] ) )
2015-04-07 18:05:12 +00:00
self . assertEquals ( json [ ' results ' ] [ 0 ] [ ' kind ' ] , ' team ' )
self . assertEquals ( json [ ' results ' ] [ 0 ] [ ' name ' ] , ' owners ' )
json = self . getJsonResponse ( ConductSearch ,
params = dict ( query = ' readers ' ) )
self . assertEquals ( 1 , len ( json [ ' results ' ] ) )
self . assertEquals ( json [ ' results ' ] [ 0 ] [ ' kind ' ] , ' team ' )
self . assertEquals ( json [ ' results ' ] [ 0 ] [ ' name ' ] , ' readers ' )
2016-03-16 20:08:53 +00:00
def test_explicit_permission ( self ) :
self . login ( ' reader ' )
json = self . getJsonResponse ( ConductSearch ,
params = dict ( query = ' shared ' ) )
self . assertEquals ( 1 , len ( json [ ' results ' ] ) )
self . assertEquals ( json [ ' results ' ] [ 0 ] [ ' kind ' ] , ' repository ' )
self . assertEquals ( json [ ' results ' ] [ 0 ] [ ' name ' ] , ' shared ' )
2015-04-07 18:05:12 +00:00
2016-03-07 15:07:41 +00:00
class TestGetMatchingEntities ( ApiTestCase ) :
2016-11-02 20:22:35 +00:00
def test_simple_lookup ( self ) :
self . login ( ADMIN_ACCESS_USER )
json = self . getJsonResponse ( EntitySearch ,
params = dict ( prefix = ADMIN_ACCESS_USER , namespace = ORGANIZATION ,
includeTeams = ' true ' ) )
self . assertEquals ( 1 , len ( json [ ' results ' ] ) )
def test_simple_lookup_noorg ( self ) :
self . login ( ADMIN_ACCESS_USER )
json = self . getJsonResponse ( EntitySearch ,
params = dict ( prefix = ADMIN_ACCESS_USER ) )
self . assertEquals ( 1 , len ( json [ ' results ' ] ) )
2016-10-04 09:35:04 +00:00
def test_unicode_search ( self ) :
self . login ( ADMIN_ACCESS_USER )
json = self . getJsonResponse ( EntitySearch ,
params = dict ( prefix = ' 北京市 ' , namespace = ORGANIZATION ,
includeTeams = ' true ' ) )
self . assertEquals ( 0 , len ( json [ ' results ' ] ) )
2016-03-07 15:07:41 +00:00
def test_notinorg ( self ) :
self . login ( NO_ACCESS_USER )
json = self . getJsonResponse ( EntitySearch ,
params = dict ( prefix = ' o ' , namespace = ORGANIZATION ,
includeTeams = ' true ' ) )
names = set ( [ r [ ' name ' ] for r in json [ ' results ' ] ] )
assert ' outsideorg ' in names
assert not ' owners ' in names
def test_inorg ( self ) :
self . login ( ADMIN_ACCESS_USER )
json = self . getJsonResponse ( EntitySearch ,
params = dict ( prefix = ' o ' , namespace = ORGANIZATION ,
includeTeams = ' true ' ) )
names = set ( [ r [ ' name ' ] for r in json [ ' results ' ] ] )
assert ' outsideorg ' in names
assert ' owners ' in names
def test_inorg_withorgs ( self ) :
self . login ( ADMIN_ACCESS_USER )
json = self . getJsonResponse ( EntitySearch ,
params = dict ( prefix = ORGANIZATION [ 0 ] , namespace = ORGANIZATION ,
includeOrgs = ' true ' ) )
names = set ( [ r [ ' name ' ] for r in json [ ' results ' ] ] )
assert ORGANIZATION in names
2014-01-31 22:54:01 +00:00
class TestCreateOrganization ( ApiTestCase ) :
def test_existinguser ( self ) :
self . login ( ADMIN_ACCESS_USER )
2014-11-24 21:07:38 +00:00
2014-03-18 23:34:26 +00:00
json = self . postJsonResponse ( OrganizationList ,
2014-03-19 00:32:37 +00:00
data = dict ( name = ADMIN_ACCESS_USER , email = ' testorg@example.com ' ) ,
2014-01-31 22:54:01 +00:00
expected_code = 400 )
2014-02-06 19:40:36 +00:00
self . assertEquals ( ' A user or organization with this name already exists ' ,
2016-04-11 18:51:58 +00:00
json [ ' detail ' ] )
2014-01-31 22:54:01 +00:00
def test_existingorg ( self ) :
self . login ( ADMIN_ACCESS_USER )
2014-11-24 21:07:38 +00:00
2014-03-18 23:34:26 +00:00
json = self . postJsonResponse ( OrganizationList ,
2014-03-19 00:32:37 +00:00
data = dict ( name = ORGANIZATION , email = ' testorg@example.com ' ) ,
2014-01-31 22:54:01 +00:00
expected_code = 400 )
2014-11-24 21:07:38 +00:00
2014-02-06 19:40:36 +00:00
self . assertEquals ( ' A user or organization with this name already exists ' ,
2016-04-11 18:51:58 +00:00
json [ ' detail ' ] )
2014-01-31 22:54:01 +00:00
def test_createorg ( self ) :
self . login ( ADMIN_ACCESS_USER )
2014-11-24 21:07:38 +00:00
2014-03-18 23:34:26 +00:00
data = self . postResponse ( OrganizationList ,
2014-02-06 19:40:36 +00:00
data = dict ( name = ' neworg ' ,
2014-03-19 00:32:37 +00:00
email = ' testorg@example.com ' ) ,
2014-01-31 22:54:01 +00:00
expected_code = 201 )
2014-03-19 00:32:37 +00:00
self . assertEquals ( ' " Created " ' , data )
2014-11-24 21:07:38 +00:00
2014-01-31 22:54:01 +00:00
# Ensure the org was created.
2015-07-15 21:25:41 +00:00
organization = model . organization . get_organization ( ' neworg ' )
2014-01-31 22:54:01 +00:00
assert organization is not None
2014-11-24 21:07:38 +00:00
2014-01-31 23:54:31 +00:00
# Verify the admin user is the org's admin.
2014-03-18 23:34:26 +00:00
json = self . getJsonResponse ( Organization ,
2014-02-06 19:40:36 +00:00
params = dict ( orgname = ' neworg ' ) )
2014-01-31 23:54:31 +00:00
self . assertEquals ( ' neworg ' , json [ ' name ' ] )
self . assertEquals ( True , json [ ' is_admin ' ] )
2014-01-31 22:54:01 +00:00
2016-05-09 09:16:01 +00:00
def test_createorg_viaoauth ( self ) :
# Attempt with no auth.
self . postResponse ( OrganizationList ,
data = dict ( name = ' neworg ' ,
email = ' testorg@example.com ' ) ,
expected_code = 401 )
# Attempt with auth with invalid scope.
dt_user = model . user . get_user ( ADMIN_ACCESS_USER )
token = model . oauth . create_access_token_for_testing ( dt_user , ' deadbeef ' , ' repo:read ' ,
access_token = ' foo ' )
self . postResponse ( OrganizationList ,
data = dict ( name = ' neworg ' ,
email = ' testorg@example.com ' ) ,
headers = dict ( Authorization = ' Bearer ' + token . access_token ) ,
expected_code = 403 )
# Create OAuth token with user:admin scope.
token = model . oauth . create_access_token_for_testing ( dt_user , ' deadbeef ' , ' user:admin ' ,
access_token = ' bar ' )
data = self . postResponse ( OrganizationList ,
data = dict ( name = ' neworg ' ,
email = ' testorg@example.com ' ) ,
headers = dict ( Authorization = ' Bearer ' + token . access_token ) ,
expected_code = 201 )
self . assertEquals ( ' " Created " ' , data )
2014-01-31 22:54:01 +00:00
class TestGetOrganization ( ApiTestCase ) :
def test_unknownorg ( self ) :
self . login ( ADMIN_ACCESS_USER )
2015-07-15 21:25:41 +00:00
self . getResponse ( Organization , params = dict ( orgname = ' notvalid ' ) , expected_code = 404 )
2014-01-31 22:54:01 +00:00
def test_cannotaccess ( self ) :
self . login ( NO_ACCESS_USER )
2015-07-15 21:25:41 +00:00
self . getResponse ( Organization , params = dict ( orgname = ORGANIZATION ) , expected_code = 200 )
2014-01-31 22:54:01 +00:00
def test_getorganization ( self ) :
self . login ( READ_ACCESS_USER )
2014-03-18 23:34:26 +00:00
json = self . getJsonResponse ( Organization ,
2014-02-06 19:40:36 +00:00
params = dict ( orgname = ORGANIZATION ) )
2014-01-31 22:54:01 +00:00
self . assertEquals ( ORGANIZATION , json [ ' name ' ] )
self . assertEquals ( False , json [ ' is_admin ' ] )
def test_getorganization_asadmin ( self ) :
self . login ( ADMIN_ACCESS_USER )
2014-03-18 23:34:26 +00:00
json = self . getJsonResponse ( Organization ,
2014-02-06 19:40:36 +00:00
params = dict ( orgname = ORGANIZATION ) )
2014-01-31 22:54:01 +00:00
self . assertEquals ( ORGANIZATION , json [ ' name ' ] )
self . assertEquals ( True , json [ ' is_admin ' ] )
2014-01-31 23:54:31 +00:00
2014-01-31 22:54:01 +00:00
class TestChangeOrganizationDetails ( ApiTestCase ) :
def test_changeinvoiceemail ( self ) :
self . login ( ADMIN_ACCESS_USER )
2014-03-18 23:34:26 +00:00
json = self . putJsonResponse ( Organization ,
2014-01-31 22:54:01 +00:00
params = dict ( orgname = ORGANIZATION ) ,
data = dict ( invoice_email = True ) )
self . assertEquals ( True , json [ ' invoice_email ' ] )
2014-03-18 23:34:26 +00:00
json = self . putJsonResponse ( Organization ,
2014-01-31 22:54:01 +00:00
params = dict ( orgname = ORGANIZATION ) ,
data = dict ( invoice_email = False ) )
self . assertEquals ( False , json [ ' invoice_email ' ] )
def test_changemail ( self ) :
self . login ( ADMIN_ACCESS_USER )
2014-03-18 23:34:26 +00:00
json = self . putJsonResponse ( Organization ,
2014-01-31 22:54:01 +00:00
params = dict ( orgname = ORGANIZATION ) ,
data = dict ( email = ' newemail@example.com ' ) )
self . assertEquals ( ' newemail@example.com ' , json [ ' email ' ] )
2014-01-31 23:54:31 +00:00
class TestGetOrganizationPrototypes ( ApiTestCase ) :
def test_getprototypes ( self ) :
self . login ( ADMIN_ACCESS_USER )
2014-03-18 23:34:26 +00:00
json = self . getJsonResponse ( PermissionPrototypeList ,
2014-01-31 23:54:31 +00:00
params = dict ( orgname = ORGANIZATION ) )
assert len ( json [ ' prototypes ' ] ) > 0
class TestCreateOrganizationPrototypes ( ApiTestCase ) :
def test_invaliduser ( self ) :
self . login ( ADMIN_ACCESS_USER )
2014-03-18 23:34:26 +00:00
json = self . postJsonResponse ( PermissionPrototypeList ,
2014-01-31 23:54:31 +00:00
params = dict ( orgname = ORGANIZATION ) ,
data = dict ( activating_user = { ' name ' : ' unknownuser ' } ,
role = ' read ' ,
delegate = { ' kind ' : ' team ' , ' name ' : ' owners ' } ) ,
expected_code = 400 )
2016-04-11 18:51:58 +00:00
self . assertEquals ( ' Unknown activating user ' , json [ ' detail ' ] )
2014-01-31 23:54:31 +00:00
def test_missingdelegate ( self ) :
self . login ( ADMIN_ACCESS_USER )
2014-03-19 00:32:37 +00:00
self . postJsonResponse ( PermissionPrototypeList ,
params = dict ( orgname = ORGANIZATION ) ,
data = dict ( role = ' read ' ) ,
expected_code = 400 )
2014-01-31 23:54:31 +00:00
def test_createprototype ( self ) :
self . login ( ADMIN_ACCESS_USER )
2014-03-18 23:34:26 +00:00
json = self . postJsonResponse ( PermissionPrototypeList ,
2014-01-31 23:54:31 +00:00
params = dict ( orgname = ORGANIZATION ) ,
2014-02-06 19:40:36 +00:00
data = dict ( role = ' read ' ,
delegate = { ' kind ' : ' team ' ,
' name ' : ' readers ' } ) )
2014-01-31 23:54:31 +00:00
self . assertEquals ( ' read ' , json [ ' role ' ] )
pid = json [ ' id ' ]
# Verify the prototype exists.
2014-03-18 23:34:26 +00:00
json = self . getJsonResponse ( PermissionPrototypeList ,
2014-01-31 23:54:31 +00:00
params = dict ( orgname = ORGANIZATION ) )
ids = set ( [ p [ ' id ' ] for p in json [ ' prototypes ' ] ] )
assert pid in ids
class TestDeleteOrganizationPrototypes ( ApiTestCase ) :
def test_deleteprototype ( self ) :
self . login ( ADMIN_ACCESS_USER )
# Get the existing prototypes
2014-03-18 23:34:26 +00:00
json = self . getJsonResponse ( PermissionPrototypeList ,
2014-01-31 23:54:31 +00:00
params = dict ( orgname = ORGANIZATION ) )
ids = [ p [ ' id ' ] for p in json [ ' prototypes ' ] ]
pid = ids [ 0 ]
# Delete a prototype.
2016-12-14 21:24:06 +00:00
self . deleteEmptyResponse ( PermissionPrototype ,
params = dict ( orgname = ORGANIZATION , prototypeid = pid ) )
2014-01-31 23:54:31 +00:00
# Verify the prototype no longer exists.
2014-03-18 23:34:26 +00:00
json = self . getJsonResponse ( PermissionPrototypeList ,
2014-01-31 23:54:31 +00:00
params = dict ( orgname = ORGANIZATION ) )
newids = [ p [ ' id ' ] for p in json [ ' prototypes ' ] ]
assert not pid in newids
class TestUpdateOrganizationPrototypes ( ApiTestCase ) :
def test_updateprototype ( self ) :
self . login ( ADMIN_ACCESS_USER )
# Get the existing prototypes
2014-03-18 23:34:26 +00:00
json = self . getJsonResponse ( PermissionPrototypeList ,
2014-01-31 23:54:31 +00:00
params = dict ( orgname = ORGANIZATION ) )
ids = [ p [ ' id ' ] for p in json [ ' prototypes ' ] ]
pid = ids [ 0 ]
# Update a prototype.
2014-03-18 23:34:26 +00:00
json = self . putJsonResponse ( PermissionPrototype ,
2015-07-15 21:25:41 +00:00
params = dict ( orgname = ORGANIZATION , prototypeid = pid ) ,
data = dict ( role = ' admin ' ) )
2014-01-31 23:54:31 +00:00
self . assertEquals ( ' admin ' , json [ ' role ' ] )
2015-07-02 14:04:12 +00:00
class TestGetOrganizationMembers ( ApiTestCase ) :
2014-01-31 23:54:31 +00:00
def test_getmembers ( self ) :
self . login ( ADMIN_ACCESS_USER )
2015-06-29 18:38:01 +00:00
json = self . getJsonResponse ( OrganizationMemberList ,
2014-01-31 23:54:31 +00:00
params = dict ( orgname = ORGANIZATION ) )
2015-07-02 14:04:12 +00:00
membernames = [ member [ ' name ' ] for member in json [ ' members ' ] ]
assert ADMIN_ACCESS_USER in membernames
assert READ_ACCESS_USER in membernames
assert not NO_ACCESS_USER in membernames
2014-01-31 23:54:31 +00:00
2015-08-31 20:27:32 +00:00
for member in json [ ' members ' ] :
membername = member [ ' name ' ]
response = self . getJsonResponse ( OrganizationMember ,
params = dict ( orgname = ORGANIZATION , membername = membername ) )
self . assertEquals ( member , response )
2015-07-02 14:04:12 +00:00
class TestRemoveOrganizationMember ( ApiTestCase ) :
def test_try_remove_only_admin ( self ) :
2014-01-31 23:54:31 +00:00
self . login ( ADMIN_ACCESS_USER )
2015-07-02 14:04:12 +00:00
self . deleteResponse ( OrganizationMember ,
params = dict ( orgname = ORGANIZATION , membername = ADMIN_ACCESS_USER ) ,
expected_code = 400 )
def test_remove_member ( self ) :
self . login ( ADMIN_ACCESS_USER )
json = self . getJsonResponse ( OrganizationMemberList ,
params = dict ( orgname = ORGANIZATION ) )
membernames = [ member [ ' name ' ] for member in json [ ' members ' ] ]
assert ADMIN_ACCESS_USER in membernames
assert READ_ACCESS_USER in membernames
2016-12-14 21:24:06 +00:00
self . deleteEmptyResponse ( OrganizationMember ,
2015-07-02 14:04:12 +00:00
params = dict ( orgname = ORGANIZATION , membername = READ_ACCESS_USER ) )
json = self . getJsonResponse ( OrganizationMemberList ,
params = dict ( orgname = ORGANIZATION ) )
membernames = [ member [ ' name ' ] for member in json [ ' members ' ] ]
assert ADMIN_ACCESS_USER in membernames
assert not READ_ACCESS_USER in membernames
def test_remove_member_repo_permission ( self ) :
self . login ( ADMIN_ACCESS_USER )
# Add read user as a direct permission on the admin user's repo.
2015-07-15 21:25:41 +00:00
model . permission . set_user_repo_permission ( READ_ACCESS_USER , ADMIN_ACCESS_USER , ' simple ' , ' read ' )
2015-07-02 14:04:12 +00:00
# Verify the user has a permission on the admin user's repo.
2015-07-15 21:25:41 +00:00
admin_perms = [ p . user . username
for p in model . user . get_all_repo_users ( ADMIN_ACCESS_USER , ' simple ' ) ]
2015-07-02 14:04:12 +00:00
assert READ_ACCESS_USER in admin_perms
# Add read user as a direct permission on the org repo.
2015-07-15 21:25:41 +00:00
model . permission . set_user_repo_permission ( READ_ACCESS_USER , ORGANIZATION , ORG_REPO , ' read ' )
2015-07-02 14:04:12 +00:00
# Verify the user has a permission on the org repo.
2015-07-15 21:25:41 +00:00
org_perms = [ p . user . username for p in model . user . get_all_repo_users ( ORGANIZATION , ORG_REPO ) ]
2015-07-02 14:04:12 +00:00
assert READ_ACCESS_USER in org_perms
# Remove the user from the org.
2016-12-14 21:24:06 +00:00
self . deleteEmptyResponse ( OrganizationMember ,
2015-07-02 14:04:12 +00:00
params = dict ( orgname = ORGANIZATION , membername = READ_ACCESS_USER ) )
2014-11-24 21:07:38 +00:00
2015-07-02 14:04:12 +00:00
# Verify that the user's permission on the org repo is gone, but it is still
# present on the other repo.
2015-07-15 21:25:41 +00:00
org_perms = [ p . user . username for p in model . user . get_all_repo_users ( ORGANIZATION , ORG_REPO ) ]
2015-07-02 14:04:12 +00:00
assert not READ_ACCESS_USER in org_perms
2014-11-24 21:07:38 +00:00
2015-07-15 21:25:41 +00:00
admin_perms = [ p . user . username
for p in model . user . get_all_repo_users ( ADMIN_ACCESS_USER , ' simple ' ) ]
2015-07-02 14:04:12 +00:00
assert READ_ACCESS_USER in admin_perms
2014-01-31 23:54:31 +00:00
class TestGetOrganizationPrivateAllowed ( ApiTestCase ) :
def test_existingorg ( self ) :
self . login ( ADMIN_ACCESS_USER )
2014-03-18 23:34:26 +00:00
json = self . getJsonResponse ( OrgPrivateRepositories ,
2014-01-31 23:54:31 +00:00
params = dict ( orgname = ORGANIZATION ) )
self . assertEquals ( True , json [ ' privateAllowed ' ] )
assert not ' reposAllowed ' in json
def test_neworg ( self ) :
self . login ( ADMIN_ACCESS_USER )
2014-03-18 23:34:26 +00:00
data = self . postResponse ( OrganizationList ,
2014-02-06 19:40:36 +00:00
data = dict ( name = ' neworg ' ,
email = ' test@example.com ' ) ,
2014-01-31 23:54:31 +00:00
expected_code = 201 )
2014-03-18 23:34:26 +00:00
json = self . getJsonResponse ( OrgPrivateRepositories ,
2014-01-31 23:54:31 +00:00
params = dict ( orgname = ' neworg ' ) )
self . assertEquals ( False , json [ ' privateAllowed ' ] )
class TestUpdateOrganizationTeam ( ApiTestCase ) :
def test_updateexisting ( self ) :
self . login ( ADMIN_ACCESS_USER )
2014-03-19 00:32:37 +00:00
data = self . putJsonResponse ( OrganizationTeam ,
params = dict ( orgname = ORGANIZATION ,
teamname = ' readers ' ) ,
data = dict ( description = ' My cool team ' ,
role = ' creator ' ) )
2014-01-31 23:54:31 +00:00
self . assertEquals ( ' My cool team ' , data [ ' description ' ] )
self . assertEquals ( ' creator ' , data [ ' role ' ] )
def test_attemptchangeroleonowners ( self ) :
self . login ( ADMIN_ACCESS_USER )
2014-03-19 00:32:37 +00:00
self . putJsonResponse ( OrganizationTeam ,
params = dict ( orgname = ORGANIZATION , teamname = ' owners ' ) ,
2015-02-20 20:11:41 +00:00
data = dict ( role = ' creator ' ) ,
2014-03-19 00:32:37 +00:00
expected_code = 400 )
2014-01-31 23:54:31 +00:00
def test_createnewteam ( self ) :
self . login ( ADMIN_ACCESS_USER )
2014-03-18 23:34:26 +00:00
data = self . putJsonResponse ( OrganizationTeam ,
2014-02-06 19:40:36 +00:00
params = dict ( orgname = ORGANIZATION ,
teamname = ' newteam ' ) ,
data = dict ( description = ' My cool team ' ,
2014-03-19 00:32:37 +00:00
role = ' member ' ) )
2014-01-31 23:54:31 +00:00
self . assertEquals ( ' My cool team ' , data [ ' description ' ] )
self . assertEquals ( ' member ' , data [ ' role ' ] )
# Verify the team was created.
2014-03-18 23:34:26 +00:00
json = self . getJsonResponse ( Organization ,
2014-02-06 19:40:36 +00:00
params = dict ( orgname = ORGANIZATION ) )
2014-01-31 23:54:31 +00:00
assert ' newteam ' in json [ ' teams ' ]
class TestDeleteOrganizationTeam ( ApiTestCase ) :
def test_deleteteam ( self ) :
self . login ( ADMIN_ACCESS_USER )
2016-12-14 21:24:06 +00:00
self . deleteEmptyResponse ( OrganizationTeam ,
params = dict ( orgname = ORGANIZATION , teamname = ' readers ' ) )
2014-01-31 23:54:31 +00:00
# Make sure the team was deleted
2014-03-18 23:34:26 +00:00
json = self . getJsonResponse ( Organization ,
2014-02-06 19:40:36 +00:00
params = dict ( orgname = ORGANIZATION ) )
2014-01-31 23:54:31 +00:00
assert not ' readers ' in json [ ' teams ' ]
def test_attemptdeleteowners ( self ) :
self . login ( ADMIN_ACCESS_USER )
2016-07-11 19:47:05 +00:00
resp = self . deleteResponse ( OrganizationTeam ,
params = dict ( orgname = ORGANIZATION , teamname = ' owners ' ) ,
expected_code = 400 )
data = py_json . loads ( resp )
msg = ( " Deleting team ' owners ' would remove admin ability for user " +
" ' devtable ' in organization ' buynlarge ' " )
self . assertEquals ( msg , data [ ' message ' ] )
2014-01-31 23:54:31 +00:00
2016-08-22 18:42:35 +00:00
class TestTeamPermissions ( ApiTestCase ) :
def test_team_permissions ( self ) :
self . login ( ADMIN_ACCESS_USER )
resp = self . getJsonResponse ( TeamPermissions ,
params = dict ( orgname = ORGANIZATION , teamname = ' readers ' ) )
self . assertEquals ( 1 , len ( resp [ ' permissions ' ] ) )
2014-01-31 23:54:31 +00:00
class TestGetOrganizationTeamMembers ( ApiTestCase ) :
def test_invalidteam ( self ) :
self . login ( ADMIN_ACCESS_USER )
2014-03-18 23:34:26 +00:00
self . getResponse ( TeamMemberList ,
2014-01-31 23:54:31 +00:00
params = dict ( orgname = ORGANIZATION , teamname = ' notvalid ' ) ,
expected_code = 404 )
def test_getmembers ( self ) :
self . login ( ADMIN_ACCESS_USER )
2014-03-18 23:34:26 +00:00
json = self . getJsonResponse ( TeamMemberList ,
2014-02-06 19:40:36 +00:00
params = dict ( orgname = ORGANIZATION ,
teamname = ' readers ' ) )
2014-01-31 23:54:31 +00:00
2014-08-18 21:24:00 +00:00
self . assertEquals ( READ_ACCESS_USER , json [ ' members ' ] [ 1 ] [ ' name ' ] )
2014-01-31 23:54:31 +00:00
class TestUpdateOrganizationTeamMember ( ApiTestCase ) :
2014-08-18 21:24:00 +00:00
def test_addmember_alreadyteammember ( self ) :
self . login ( ADMIN_ACCESS_USER )
membername = READ_ACCESS_USER
self . putResponse ( TeamMember ,
params = dict ( orgname = ORGANIZATION , teamname = ' readers ' ,
membername = membername ) ,
expected_code = 400 )
2014-11-24 21:07:38 +00:00
2014-08-18 21:24:00 +00:00
def test_addmember_orgmember ( self ) :
2014-01-31 23:54:31 +00:00
self . login ( ADMIN_ACCESS_USER )
2014-08-18 21:24:00 +00:00
membername = READ_ACCESS_USER
self . putJsonResponse ( TeamMember ,
params = dict ( orgname = ORGANIZATION , teamname = ' owners ' ,
membername = membername ) )
2014-11-24 21:07:38 +00:00
2014-08-18 21:24:00 +00:00
# Verify the user was added to the team.
json = self . getJsonResponse ( TeamMemberList ,
params = dict ( orgname = ORGANIZATION ,
teamname = ' owners ' ) )
self . assertInTeam ( json , membername )
def test_addmember_robot ( self ) :
self . login ( ADMIN_ACCESS_USER )
membername = ORGANIZATION + ' +coolrobot '
2014-03-19 00:32:37 +00:00
self . putJsonResponse ( TeamMember ,
params = dict ( orgname = ORGANIZATION , teamname = ' readers ' ,
2014-08-18 21:24:00 +00:00
membername = membername ) )
2014-11-24 21:07:38 +00:00
2014-01-31 23:54:31 +00:00
# Verify the user was added to the team.
2014-03-18 23:34:26 +00:00
json = self . getJsonResponse ( TeamMemberList ,
2014-02-06 19:40:36 +00:00
params = dict ( orgname = ORGANIZATION ,
teamname = ' readers ' ) )
2014-01-31 23:54:31 +00:00
2014-08-18 21:24:00 +00:00
self . assertInTeam ( json , membername )
def test_addmember_invalidrobot ( self ) :
self . login ( ADMIN_ACCESS_USER )
membername = ' freshuser+anotherrobot '
self . putResponse ( TeamMember ,
params = dict ( orgname = ORGANIZATION , teamname = ' readers ' ,
membername = membername ) ,
expected_code = 400 )
2014-11-24 21:07:38 +00:00
2014-08-18 21:24:00 +00:00
def test_addmember_nonorgmember ( self ) :
self . login ( ADMIN_ACCESS_USER )
membername = NO_ACCESS_USER
response = self . putJsonResponse ( TeamMember ,
params = dict ( orgname = ORGANIZATION , teamname = ' owners ' ,
membername = membername ) )
2014-11-24 21:07:38 +00:00
2014-08-18 21:24:00 +00:00
self . assertEquals ( True , response [ ' invited ' ] )
# Make sure the user is not (yet) part of the team.
json = self . getJsonResponse ( TeamMemberList ,
params = dict ( orgname = ORGANIZATION ,
teamname = ' readers ' ) )
for member in json [ ' members ' ] :
self . assertNotEqual ( membername , member [ ' name ' ] )
class TestAcceptTeamMemberInvite ( ApiTestCase ) :
def test_accept ( self ) :
self . login ( ADMIN_ACCESS_USER )
# Create the invite.
membername = NO_ACCESS_USER
response = self . putJsonResponse ( TeamMember ,
params = dict ( orgname = ORGANIZATION , teamname = ' owners ' ,
membername = membername ) )
2014-11-24 21:07:38 +00:00
2014-08-18 21:24:00 +00:00
self . assertEquals ( True , response [ ' invited ' ] )
# Login as the user.
self . login ( membername )
# Accept the invite.
2015-07-15 21:25:41 +00:00
user = model . user . get_user ( membername )
invites = list ( model . team . lookup_team_invites ( user ) )
2014-08-18 21:24:00 +00:00
self . assertEquals ( 1 , len ( invites ) )
2015-07-15 21:25:41 +00:00
self . putJsonResponse ( TeamMemberInvite , params = dict ( code = invites [ 0 ] . invite_token ) )
2014-08-18 21:24:00 +00:00
# Verify the user is now on the team.
json = self . getJsonResponse ( TeamMemberList ,
params = dict ( orgname = ORGANIZATION ,
teamname = ' owners ' ) )
self . assertInTeam ( json , membername )
2014-11-24 21:07:38 +00:00
2014-08-18 21:24:00 +00:00
# Verify the accept now fails.
self . putResponse ( TeamMemberInvite ,
params = dict ( code = invites [ 0 ] . invite_token ) ,
2014-09-12 18:29:01 +00:00
expected_code = 400 )
2014-08-18 21:24:00 +00:00
class TestDeclineTeamMemberInvite ( ApiTestCase ) :
def test_decline_wronguser ( self ) :
self . login ( ADMIN_ACCESS_USER )
# Create the invite.
membername = NO_ACCESS_USER
response = self . putJsonResponse ( TeamMember ,
params = dict ( orgname = ORGANIZATION , teamname = ' owners ' ,
membername = membername ) )
2014-11-24 21:07:38 +00:00
2014-08-18 21:24:00 +00:00
self . assertEquals ( True , response [ ' invited ' ] )
# Try to decline the invite.
2015-07-15 21:25:41 +00:00
user = model . user . get_user ( membername )
invites = list ( model . team . lookup_team_invites ( user ) )
2014-08-18 21:24:00 +00:00
self . assertEquals ( 1 , len ( invites ) )
self . deleteResponse ( TeamMemberInvite ,
params = dict ( code = invites [ 0 ] . invite_token ) ,
2014-09-12 18:29:01 +00:00
expected_code = 400 )
2014-08-18 21:24:00 +00:00
def test_decline ( self ) :
self . login ( ADMIN_ACCESS_USER )
# Create the invite.
membername = NO_ACCESS_USER
response = self . putJsonResponse ( TeamMember ,
params = dict ( orgname = ORGANIZATION , teamname = ' owners ' ,
membername = membername ) )
2014-11-24 21:07:38 +00:00
2014-08-18 21:24:00 +00:00
self . assertEquals ( True , response [ ' invited ' ] )
# Login as the user.
self . login ( membername )
# Decline the invite.
2015-07-15 21:25:41 +00:00
user = model . user . get_user ( membername )
invites = list ( model . team . lookup_team_invites ( user ) )
2014-08-18 21:24:00 +00:00
self . assertEquals ( 1 , len ( invites ) )
2016-12-14 21:24:06 +00:00
self . deleteEmptyResponse ( TeamMemberInvite ,
params = dict ( code = invites [ 0 ] . invite_token ) )
2014-08-18 21:24:00 +00:00
# Make sure the invite was deleted.
self . deleteResponse ( TeamMemberInvite ,
params = dict ( code = invites [ 0 ] . invite_token ) ,
2014-09-12 18:29:01 +00:00
expected_code = 400 )
2014-01-31 23:54:31 +00:00
class TestDeleteOrganizationTeamMember ( ApiTestCase ) :
2014-09-08 21:20:01 +00:00
def test_deletememberinvite ( self ) :
self . login ( ADMIN_ACCESS_USER )
2016-01-12 20:57:03 +00:00
# Verify the initial member count
json = self . getJsonResponse ( TeamMemberList ,
params = dict ( orgname = ORGANIZATION ,
teamname = ' readers ' ,
includePending = True ) )
self . assertEquals ( len ( json [ ' members ' ] ) , 3 )
2014-09-08 21:20:01 +00:00
membername = NO_ACCESS_USER
response = self . putJsonResponse ( TeamMember ,
params = dict ( orgname = ORGANIZATION , teamname = ' readers ' ,
membername = membername ) )
2014-11-24 21:07:38 +00:00
2014-09-08 21:20:01 +00:00
self . assertEquals ( True , response [ ' invited ' ] )
# Verify the invite was added.
json = self . getJsonResponse ( TeamMemberList ,
params = dict ( orgname = ORGANIZATION ,
teamname = ' readers ' ,
includePending = True ) )
2016-01-12 20:57:03 +00:00
self . assertEquals ( len ( json [ ' members ' ] ) , 4 )
2014-09-08 21:20:01 +00:00
# Delete the invite.
2016-12-14 21:24:06 +00:00
self . deleteEmptyResponse ( TeamMember ,
params = dict ( orgname = ORGANIZATION , teamname = ' readers ' ,
membername = membername ) )
2014-11-24 21:07:38 +00:00
2014-09-08 21:20:01 +00:00
# Verify the user was removed from the team.
json = self . getJsonResponse ( TeamMemberList ,
params = dict ( orgname = ORGANIZATION ,
teamname = ' readers ' ,
includePending = True ) )
2016-01-12 20:57:03 +00:00
self . assertEquals ( len ( json [ ' members ' ] ) , 3 )
2014-09-08 21:20:01 +00:00
2014-01-31 23:54:31 +00:00
def test_deletemember ( self ) :
self . login ( ADMIN_ACCESS_USER )
2016-12-14 21:24:06 +00:00
self . deleteEmptyResponse ( TeamMember ,
2014-02-06 19:40:36 +00:00
params = dict ( orgname = ORGANIZATION , teamname = ' readers ' ,
membername = READ_ACCESS_USER ) )
2014-11-24 21:07:38 +00:00
2014-01-31 23:54:31 +00:00
# Verify the user was removed from the team.
2014-03-18 23:34:26 +00:00
json = self . getJsonResponse ( TeamMemberList ,
2014-02-06 19:40:36 +00:00
params = dict ( orgname = ORGANIZATION ,
teamname = ' readers ' ) )
2014-01-31 23:54:31 +00:00
2016-01-12 20:57:03 +00:00
self . assertEquals ( len ( json [ ' members ' ] ) , 1 )
2014-01-31 23:54:31 +00:00
2014-02-01 00:45:44 +00:00
class TestCreateRepo ( ApiTestCase ) :
2015-09-24 15:42:56 +00:00
def test_invalidreponame ( self ) :
self . login ( ADMIN_ACCESS_USER )
json = self . postJsonResponse ( RepositoryList ,
data = dict ( repository = ' some/repo ' ,
visibility = ' public ' ,
description = ' ' ) ,
expected_code = 400 )
2016-04-11 18:51:58 +00:00
self . assertEquals ( ' Invalid repository name ' , json [ ' detail ' ] )
2015-09-24 15:42:56 +00:00
2014-02-01 00:45:44 +00:00
def test_duplicaterepo ( self ) :
self . login ( ADMIN_ACCESS_USER )
2014-03-18 23:34:26 +00:00
json = self . postJsonResponse ( RepositoryList ,
2014-02-06 19:40:36 +00:00
data = dict ( repository = ' simple ' ,
2014-03-19 00:32:37 +00:00
visibility = ' public ' ,
description = ' ' ) ,
2014-02-01 00:45:44 +00:00
expected_code = 400 )
2016-04-11 18:51:58 +00:00
self . assertEquals ( ' Repository already exists ' , json [ ' detail ' ] )
2014-02-01 00:45:44 +00:00
def test_createrepo ( self ) :
self . login ( ADMIN_ACCESS_USER )
2014-03-18 23:34:26 +00:00
json = self . postJsonResponse ( RepositoryList ,
2014-02-06 19:40:36 +00:00
data = dict ( repository = ' newrepo ' ,
visibility = ' public ' ,
2014-03-19 00:32:37 +00:00
description = ' ' ) ,
expected_code = 201 )
2014-02-01 00:45:44 +00:00
self . assertEquals ( ADMIN_ACCESS_USER , json [ ' namespace ' ] )
self . assertEquals ( ' newrepo ' , json [ ' name ' ] )
def test_createrepo_underorg ( self ) :
self . login ( ADMIN_ACCESS_USER )
2014-03-18 23:34:26 +00:00
json = self . postJsonResponse ( RepositoryList ,
2014-11-24 21:07:38 +00:00
data = dict ( namespace = ORGANIZATION ,
2014-02-01 00:45:44 +00:00
repository = ' newrepo ' ,
visibility = ' private ' ,
2014-03-19 00:32:37 +00:00
description = ' ' ) ,
expected_code = 201 )
2014-02-01 00:45:44 +00:00
self . assertEquals ( ORGANIZATION , json [ ' namespace ' ] )
self . assertEquals ( ' newrepo ' , json [ ' name ' ] )
class TestListRepos ( ApiTestCase ) :
2014-02-19 00:15:14 +00:00
def test_listrepos_asguest ( self ) :
2015-05-08 02:25:23 +00:00
# Queries: Base + the list query
2016-08-15 20:11:45 +00:00
with assert_query_count ( BASE_QUERY_COUNT + 1 ) :
json = self . getJsonResponse ( RepositoryList , params = dict ( public = True ) )
self . assertEquals ( len ( json [ ' repositories ' ] ) , 1 )
2014-02-01 00:45:44 +00:00
2016-08-15 20:11:45 +00:00
def assertPublicRepos ( self , has_extras = False ) :
2016-06-30 21:31:35 +00:00
public_user = model . user . get_user ( ' public ' )
2016-08-10 19:08:06 +00:00
# Delete all existing repos under the namespace.
for repo in list ( RepositoryTable . select ( ) . where ( RepositoryTable . namespace_user == public_user ) ) :
model . repository . purge_repository ( public_user . username , repo . name )
# Add public repos until we have enough for a few pages.
required = set ( )
2016-08-15 20:11:45 +00:00
for i in range ( 0 , REPOS_PER_PAGE * 3 ) :
2016-08-10 19:08:06 +00:00
name = ' publicrepo %s ' % i
model . repository . create_repository ( ' public ' , name , public_user ,
visibility = ' public ' )
required . add ( name )
# Request results until we no longer have any.
next_page = None
while True :
json = self . getJsonResponse ( RepositoryList , params = dict ( public = True , next_page = next_page ) )
for repo in json [ ' repositories ' ] :
name = repo [ ' name ' ]
2016-08-15 20:11:45 +00:00
if name in required :
required . remove ( name )
else :
self . assertTrue ( has_extras , " Could not find name %s in repos created " % name )
2016-08-10 19:08:06 +00:00
if ' next_page ' in json :
self . assertEquals ( len ( json [ ' repositories ' ] ) , REPOS_PER_PAGE )
else :
break
next_page = json [ ' next_page ' ]
2016-08-15 20:11:45 +00:00
def test_listrepos_asguest_withpages ( self ) :
self . assertPublicRepos ( )
2016-06-30 21:31:35 +00:00
2016-08-15 20:11:45 +00:00
def test_listrepos_asorgmember_withpages ( self ) :
2014-02-01 00:45:44 +00:00
self . login ( READ_ACCESS_USER )
2016-08-15 20:11:45 +00:00
self . assertPublicRepos ( has_extras = True )
2014-02-01 00:45:44 +00:00
2014-02-19 00:15:14 +00:00
def test_listrepos_filter ( self ) :
2014-02-01 00:45:44 +00:00
self . login ( READ_ACCESS_USER )
2014-03-18 23:34:26 +00:00
json = self . getJsonResponse ( RepositoryList ,
2014-02-06 19:40:36 +00:00
params = dict ( namespace = ORGANIZATION ,
public = False ) )
2014-02-01 00:45:44 +00:00
2016-06-30 21:31:35 +00:00
self . assertGreater ( len ( json [ ' repositories ' ] ) , 0 )
2015-07-21 21:20:24 +00:00
2014-02-01 00:45:44 +00:00
for repo in json [ ' repositories ' ] :
self . assertEquals ( ORGANIZATION , repo [ ' namespace ' ] )
2015-07-21 21:20:24 +00:00
def test_listrepos_allparams ( self ) :
2016-07-06 20:15:54 +00:00
# Add a repository action count entry for one of the org repos.
repo = model . repository . get_repository ( ORGANIZATION , ORG_REPO )
RepositoryActionCount . create ( repository = repo , count = 10 , date = datetime . datetime . utcnow ( ) )
2015-07-21 21:20:24 +00:00
self . login ( ADMIN_ACCESS_USER )
2014-02-01 00:45:44 +00:00
2016-03-16 20:08:53 +00:00
# Queries: Base + the list query + the popularity and last modified queries + full perms load
with assert_query_count ( BASE_LOGGEDIN_QUERY_COUNT + 4 ) :
2015-07-21 21:20:24 +00:00
json = self . getJsonResponse ( RepositoryList ,
params = dict ( namespace = ORGANIZATION ,
public = False ,
last_modified = True ,
popularity = True ) )
2014-02-01 00:45:44 +00:00
2016-06-30 21:31:35 +00:00
self . assertGreater ( len ( json [ ' repositories ' ] ) , 0 )
2015-06-09 21:58:57 +00:00
2016-07-06 20:15:54 +00:00
for repository in json [ ' repositories ' ] :
self . assertEquals ( ORGANIZATION , repository [ ' namespace ' ] )
if repository [ ' name ' ] == ORG_REPO :
self . assertGreater ( repository [ ' popularity ' ] , 0 )
2015-07-21 21:20:24 +00:00
2015-07-28 19:47:04 +00:00
def test_listrepos_starred_nouser ( self ) :
2016-02-01 11:06:13 +00:00
self . getResponse ( RepositoryList ,
params = dict ( last_modified = True ,
popularity = True ,
starred = True ) ,
expected_code = 400 )
2015-07-28 19:47:04 +00:00
2015-07-21 21:20:24 +00:00
def test_listrepos_starred ( self ) :
2015-07-15 22:25:19 +00:00
self . login ( ADMIN_ACCESS_USER )
2015-07-21 21:20:24 +00:00
2015-07-15 22:25:19 +00:00
json = self . getJsonResponse ( RepositoryList ,
2015-07-21 21:20:24 +00:00
params = dict ( last_modified = True ,
popularity = True ,
starred = True ) )
self . assertTrue ( len ( json [ ' repositories ' ] ) > 0 )
2015-07-15 22:25:19 +00:00
for repo in json [ ' repositories ' ] :
2015-07-21 21:20:24 +00:00
self . assertTrue ( repo [ ' is_starred ' ] )
2015-07-20 18:17:26 +00:00
def test_listrepos_asguest_allparams ( self ) :
json = self . getJsonResponse ( RepositoryList ,
params = dict ( namespace = ORGANIZATION ,
public = False ,
last_modified = True ) )
for repo in json [ ' repositories ' ] :
self . assertEquals ( ORGANIZATION , repo [ ' namespace ' ] )
2015-07-15 22:25:19 +00:00
2016-08-31 17:51:53 +00:00
def assertRepositoryVisible ( self , namespace , name ) :
json = self . getJsonResponse ( RepositoryList ,
params = dict ( namespace = namespace ,
public = False ) )
self . assertEquals ( 1 , len ( json [ ' repositories ' ] ) )
self . assertEquals ( name , json [ ' repositories ' ] [ 0 ] [ ' name ' ] )
def assertRepositoryNotVisible ( self , namespace , name ) :
2016-08-31 18:07:05 +00:00
json = self . getJsonResponse ( RepositoryList , params = dict ( namespace = namespace , public = False ) )
for repo in json [ ' repositories ' ] :
self . assertNotEquals ( name , repo [ ' name ' ] )
json = self . getJsonResponse ( RepositoryList , params = dict ( starred = True ) )
2016-08-31 17:51:53 +00:00
for repo in json [ ' repositories ' ] :
self . assertNotEquals ( name , repo [ ' name ' ] )
2016-08-31 18:07:05 +00:00
def test_listrepos_starred_filtered ( self ) :
admin_user = model . user . get_user ( ADMIN_ACCESS_USER )
reader_user = model . user . get_user ( READ_ACCESS_USER )
# Create a new organization.
new_org = model . organization . create_organization ( ' neworg ' , ' neworg@devtable.com ' , admin_user )
admin_team = model . team . create_team ( ' admin ' , new_org , ' admin ' )
# Add a repository to the organization.
repo = model . repository . create_repository ( ' neworg ' , ' somerepo ' , admin_user )
with self . add_to_team_temporarily ( reader_user , admin_team ) :
# Star the repository for the user.
model . repository . star_repository ( reader_user , repo )
# Verify that the user cannot see the repo, since they are no longer allowed to do so.
self . login ( READ_ACCESS_USER )
self . assertRepositoryNotVisible ( ' neworg ' , ' somerepo ' )
2016-08-31 17:51:53 +00:00
@contextmanager
def add_to_team_temporarily ( self , user , team ) :
model . team . add_user_to_team ( user , team )
yield
model . team . remove_user_from_team ( team . organization . username , team . name , user . username ,
ADMIN_ACCESS_USER )
def test_listrepos_org_filtered ( self ) :
admin_user = model . user . get_user ( ADMIN_ACCESS_USER )
reader_user = model . user . get_user ( READ_ACCESS_USER )
# Create a new organization.
new_org = model . organization . create_organization ( ' neworg ' , ' neworg@devtable.com ' , admin_user )
admin_team = model . team . create_team ( ' admin ' , new_org , ' admin ' )
creator_team = model . team . create_team ( ' creators ' , new_org , ' creator ' )
member_team = model . team . create_team ( ' members ' , new_org , ' member ' )
# Add a repository to the organization.
model . repository . create_repository ( ' neworg ' , ' somerepo ' , admin_user )
# Verify that the admin user can view it.
self . login ( ADMIN_ACCESS_USER )
self . assertRepositoryVisible ( ' neworg ' , ' somerepo ' )
# Add reader to a creator team under the org and verify they *cannot* see the repository.
with self . add_to_team_temporarily ( reader_user , creator_team ) :
self . login ( READ_ACCESS_USER )
self . assertRepositoryNotVisible ( ' neworg ' , ' somerepo ' )
# Add reader to a member team under the org and verify they *cannot* see the repository.
with self . add_to_team_temporarily ( reader_user , member_team ) :
self . login ( READ_ACCESS_USER )
self . assertRepositoryNotVisible ( ' neworg ' , ' somerepo ' )
# Add reader to an admin team under the org and verify they *can* see the repository.
with self . add_to_team_temporarily ( reader_user , admin_team ) :
self . login ( READ_ACCESS_USER )
self . assertRepositoryVisible ( ' neworg ' , ' somerepo ' )
# Verify that the public user cannot see the repository.
self . login ( PUBLIC_USER )
self . assertRepositoryNotVisible ( ' neworg ' , ' somerepo ' )
2014-02-01 00:45:44 +00:00
2015-05-19 21:52:44 +00:00
class TestViewPublicRepository ( ApiTestCase ) :
def test_normalview ( self ) :
2016-06-03 19:00:01 +00:00
resp = self . getJsonResponse ( Repository , params = dict ( repository = ' public/publicrepo ' ) )
self . assertFalse ( ' stats ' in resp )
def test_normalview_withstats ( self ) :
resp = self . getJsonResponse ( Repository , params = dict ( repository = ' public/publicrepo ' , includeStats = True ) )
self . assertTrue ( ' stats ' in resp )
2015-05-19 21:52:44 +00:00
def test_anon_access_disabled ( self ) :
import features
features . ANONYMOUS_ACCESS = False
try :
self . getResponse ( Repository , params = dict ( repository = ' public/publicrepo ' ) , expected_code = 401 )
finally :
features . ANONYMOUS_ACCESS = True
2014-02-01 00:45:44 +00:00
class TestUpdateRepo ( ApiTestCase ) :
2014-02-06 19:40:36 +00:00
SIMPLE_REPO = ADMIN_ACCESS_USER + ' /simple '
def test_updatedescription ( self ) :
2014-02-01 00:45:44 +00:00
self . login ( ADMIN_ACCESS_USER )
2014-03-18 23:34:26 +00:00
self . putJsonResponse ( Repository ,
2014-02-06 19:40:36 +00:00
params = dict ( repository = self . SIMPLE_REPO ) ,
2014-02-01 00:45:44 +00:00
data = dict ( description = ' Some cool repo ' ) )
# Verify the repo description was updated.
2014-03-18 23:34:26 +00:00
json = self . getJsonResponse ( Repository ,
2014-02-06 19:40:36 +00:00
params = dict ( repository = self . SIMPLE_REPO ) )
2014-02-01 00:45:44 +00:00
self . assertEquals ( ' Some cool repo ' , json [ ' description ' ] )
class TestChangeRepoVisibility ( ApiTestCase ) :
2014-02-06 19:40:36 +00:00
SIMPLE_REPO = ADMIN_ACCESS_USER + ' /simple '
2015-09-15 18:33:35 +00:00
def test_trychangevisibility ( self ) :
self . login ( ADMIN_ACCESS_USER )
# Make public.
self . postJsonResponse ( RepositoryVisibility ,
params = dict ( repository = self . SIMPLE_REPO ) ,
data = dict ( visibility = ' public ' ) )
# Verify the visibility.
json = self . getJsonResponse ( Repository ,
params = dict ( repository = self . SIMPLE_REPO ) )
self . assertEquals ( True , json [ ' is_public ' ] )
# Change the subscription of the namespace.
self . putJsonResponse ( UserPlan , data = dict ( plan = ' personal-30 ' ) )
# Try to make private.
self . postJsonResponse ( RepositoryVisibility ,
params = dict ( repository = self . SIMPLE_REPO ) ,
data = dict ( visibility = ' private ' ) ,
expected_code = 402 )
# Verify the visibility.
json = self . getJsonResponse ( Repository ,
params = dict ( repository = self . SIMPLE_REPO ) )
self . assertEquals ( True , json [ ' is_public ' ] )
2014-02-06 19:40:36 +00:00
def test_changevisibility ( self ) :
2014-02-01 00:45:44 +00:00
self . login ( ADMIN_ACCESS_USER )
# Make public.
2014-03-18 23:34:26 +00:00
self . postJsonResponse ( RepositoryVisibility ,
2014-02-06 19:40:36 +00:00
params = dict ( repository = self . SIMPLE_REPO ) ,
2014-02-01 00:45:44 +00:00
data = dict ( visibility = ' public ' ) )
# Verify the visibility.
2014-03-18 23:34:26 +00:00
json = self . getJsonResponse ( Repository ,
2014-02-06 19:40:36 +00:00
params = dict ( repository = self . SIMPLE_REPO ) )
2014-02-01 00:45:44 +00:00
self . assertEquals ( True , json [ ' is_public ' ] )
# Make private.
2014-03-18 23:34:26 +00:00
self . postJsonResponse ( RepositoryVisibility ,
2014-02-06 19:40:36 +00:00
params = dict ( repository = self . SIMPLE_REPO ) ,
2014-02-01 00:45:44 +00:00
data = dict ( visibility = ' private ' ) )
# Verify the visibility.
2014-03-18 23:34:26 +00:00
json = self . getJsonResponse ( Repository ,
2014-02-06 19:40:36 +00:00
params = dict ( repository = self . SIMPLE_REPO ) )
2014-02-01 00:45:44 +00:00
self . assertEquals ( False , json [ ' is_public ' ] )
2015-12-18 19:18:52 +00:00
class log_queries ( object ) :
def __init__ ( self , query_filter = None ) :
self . filter = query_filter
def get_queries ( self ) :
queries = [ q . msg [ 0 ] for q in self . _handler . queries ]
if self . filter :
queries = [ q for q in queries if re . match ( self . filter , q ) ]
return queries
def __enter__ ( self ) :
logger = logging . getLogger ( ' peewee ' )
self . _handler = _QueryLogHandler ( )
logger . setLevel ( logging . DEBUG )
logger . addHandler ( self . _handler )
return self
def __exit__ ( self , exc_type , exc_val , exc_tb ) :
logger = logging . getLogger ( ' peewee ' )
logger . removeHandler ( self . _handler )
class check_transitive_deletes ( log_queries ) :
2016-08-05 20:39:01 +00:00
def __init__ ( self ) :
2015-12-18 19:18:52 +00:00
super ( check_transitive_deletes , self ) . __init__ ( query_filter = r ' ^DELETE.+IN \ (SELECT.+$ ' )
def __exit__ ( self , exc_type , exc_val , exc_tb ) :
super ( check_transitive_deletes , self ) . __exit__ ( exc_type , exc_val , exc_tb )
queries = self . get_queries ( )
2016-08-05 20:39:01 +00:00
if queries :
raise Exception ( ' Detected transitive deletion in queries: %s ' % queries )
2015-12-18 19:18:52 +00:00
2014-02-01 00:45:44 +00:00
class TestDeleteRepository ( ApiTestCase ) :
2014-02-06 19:40:36 +00:00
SIMPLE_REPO = ADMIN_ACCESS_USER + ' /simple '
2014-11-11 04:05:20 +00:00
COMPLEX_REPO = ADMIN_ACCESS_USER + ' /complex '
2014-02-06 19:40:36 +00:00
def test_deleterepo ( self ) :
2014-02-01 00:45:44 +00:00
self . login ( ADMIN_ACCESS_USER )
2015-09-16 19:34:20 +00:00
# Verify the repo exists.
self . getResponse ( Repository ,
params = dict ( repository = self . SIMPLE_REPO ) )
2016-08-09 21:58:33 +00:00
# Add a build queue item for the repo.
dockerfile_build_queue . put ( [ ADMIN_ACCESS_USER , ' simple ' ] , ' {} ' )
# Delete the repository.
2016-12-14 21:24:06 +00:00
self . deleteEmptyResponse ( Repository , params = dict ( repository = self . SIMPLE_REPO ) )
2014-02-01 00:45:44 +00:00
2016-08-09 21:58:33 +00:00
# Ensure the queue item is gone.
self . assertIsNone ( dockerfile_build_queue . get ( ) )
2014-02-01 00:45:44 +00:00
# Verify the repo was deleted.
2014-03-18 23:34:26 +00:00
self . getResponse ( Repository ,
2014-02-06 19:40:36 +00:00
params = dict ( repository = self . SIMPLE_REPO ) ,
2014-02-01 00:45:44 +00:00
expected_code = 404 )
2016-08-09 21:58:33 +00:00
def test_verify_queue_removal ( self ) :
self . login ( ADMIN_ACCESS_USER )
# Verify the repo exists.
self . getResponse ( Repository ,
params = dict ( repository = self . SIMPLE_REPO ) )
# Add a build queue item for the repo and another repo.
2016-11-30 21:54:04 +00:00
dockerfile_build_queue . put ( [ ADMIN_ACCESS_USER , ' simple ' ] , ' {} ' , available_after = - 1 )
dockerfile_build_queue . put ( [ ADMIN_ACCESS_USER , ' anotherrepo ' ] , ' {} ' , available_after = - 1 )
2016-08-09 21:58:33 +00:00
# Delete the repository.
2016-12-14 21:24:06 +00:00
self . deleteEmptyResponse ( Repository , params = dict ( repository = self . SIMPLE_REPO ) )
2016-08-09 21:58:33 +00:00
# Ensure the other queue item is still present.
self . assertIsNotNone ( dockerfile_build_queue . get ( ) )
2014-11-11 04:05:20 +00:00
def test_deleterepo2 ( self ) :
self . login ( ADMIN_ACCESS_USER )
2015-09-16 19:34:20 +00:00
# Verify the repo exists.
self . getResponse ( Repository ,
params = dict ( repository = self . COMPLEX_REPO ) )
2016-12-14 21:24:06 +00:00
self . deleteEmptyResponse ( Repository , params = dict ( repository = self . COMPLEX_REPO ) )
2014-11-11 04:05:20 +00:00
# Verify the repo was deleted.
self . getResponse ( Repository ,
params = dict ( repository = self . COMPLEX_REPO ) ,
expected_code = 404 )
def test_populate_and_delete_repo ( self ) :
self . login ( ADMIN_ACCESS_USER )
2015-09-16 19:34:20 +00:00
# Verify the repo exists.
self . getResponse ( Repository ,
params = dict ( repository = self . COMPLEX_REPO ) )
# Make sure the repository has some images and tags.
2015-07-15 21:25:41 +00:00
self . assertTrue ( len ( list ( model . image . get_repository_images ( ADMIN_ACCESS_USER , ' complex ' ) ) ) > 0 )
self . assertTrue ( len ( list ( model . tag . list_repository_tags ( ADMIN_ACCESS_USER , ' complex ' ) ) ) > 0 )
2014-11-11 04:05:20 +00:00
# Add some data for the repository, in addition to is already existing images and tags.
2015-07-15 21:25:41 +00:00
repository = model . repository . get_repository ( ADMIN_ACCESS_USER , ' complex ' )
2014-11-11 04:05:20 +00:00
# Create some access tokens.
2015-07-15 21:25:41 +00:00
access_token = model . token . create_access_token ( repository , ' read ' )
model . token . create_access_token ( repository , ' write ' )
2014-11-11 04:05:20 +00:00
2015-07-15 21:25:41 +00:00
delegate_token = model . token . create_delegate_token ( ADMIN_ACCESS_USER , ' complex ' , ' sometoken ' ,
' read ' )
model . token . create_delegate_token ( ADMIN_ACCESS_USER , ' complex ' , ' sometoken ' , ' write ' )
2014-11-11 04:05:20 +00:00
# Create some repository builds.
2015-07-15 21:25:41 +00:00
model . build . create_repository_build ( repository , access_token , { } , ' someid ' , ' foobar ' )
model . build . create_repository_build ( repository , delegate_token , { } , ' someid2 ' , ' foobar2 ' )
2014-11-11 04:05:20 +00:00
# Create some notifications.
2015-10-26 19:13:58 +00:00
model . notification . create_repo_notification ( repository , ' repo_push ' , ' hipchat ' , { } , { } )
model . notification . create_repo_notification ( repository , ' build_queued ' , ' slack ' , { } , { } )
2014-11-11 04:05:20 +00:00
# Create some logs.
2015-07-15 21:25:41 +00:00
model . log . log_action ( ' push_repo ' , ADMIN_ACCESS_USER , repository = repository )
model . log . log_action ( ' push_repo ' , ADMIN_ACCESS_USER , repository = repository )
2014-11-11 04:05:20 +00:00
# Create some build triggers.
2015-07-15 21:25:41 +00:00
user = model . user . get_user ( ADMIN_ACCESS_USER )
model . build . create_build_trigger ( repository , ' github ' , ' sometoken ' , user )
model . build . create_build_trigger ( repository , ' github ' , ' anothertoken ' , user )
2014-11-11 04:05:20 +00:00
# Create some email authorizations.
2015-07-15 21:25:41 +00:00
model . repository . create_email_authorization_for_repo ( ADMIN_ACCESS_USER , ' complex ' , ' a@b.com ' )
model . repository . create_email_authorization_for_repo ( ADMIN_ACCESS_USER , ' complex ' , ' b@c.com ' )
2014-11-11 04:05:20 +00:00
2015-09-16 19:34:20 +00:00
# Create some repository action count entries.
RepositoryActionCount . create ( repository = repository , date = datetime . datetime . now ( ) , count = 1 )
RepositoryActionCount . create ( repository = repository ,
2015-11-24 17:44:07 +00:00
date = datetime . datetime . now ( ) - datetime . timedelta ( days = 2 ) , count = 2 )
2015-09-16 19:34:20 +00:00
RepositoryActionCount . create ( repository = repository ,
2015-11-24 17:44:07 +00:00
date = datetime . datetime . now ( ) - datetime . timedelta ( days = 5 ) , count = 6 )
2015-09-16 19:34:20 +00:00
2016-07-18 22:20:00 +00:00
# Create some labels.
2016-08-26 20:07:49 +00:00
pre_delete_label_count = database . Label . select ( ) . count ( )
2016-07-18 22:20:00 +00:00
tag_manifest = model . tag . load_tag_manifest ( ADMIN_ACCESS_USER , ' complex ' , ' prod ' )
model . label . create_manifest_label ( tag_manifest , ' foo ' , ' bar ' , ' manifest ' )
model . label . create_manifest_label ( tag_manifest , ' foo ' , ' baz ' , ' manifest ' )
model . label . create_manifest_label ( tag_manifest , ' something ' , ' {} ' , ' api ' ,
media_type_name = ' application/json ' )
model . label . create_manifest_label ( tag_manifest , ' something ' , ' { " some " : " json " } ' , ' manifest ' )
2014-11-11 04:05:20 +00:00
# Delete the repository.
2016-08-05 20:39:01 +00:00
with check_transitive_deletes ( ) :
2016-12-14 21:24:06 +00:00
self . deleteEmptyResponse ( Repository , params = dict ( repository = self . COMPLEX_REPO ) )
2014-11-11 04:05:20 +00:00
# Verify the repo was deleted.
self . getResponse ( Repository ,
params = dict ( repository = self . COMPLEX_REPO ) ,
expected_code = 404 )
2014-11-24 21:07:38 +00:00
2016-08-26 20:07:49 +00:00
# Verify the labels are gone.
post_delete_label_count = database . Label . select ( ) . count ( )
self . assertEquals ( post_delete_label_count , pre_delete_label_count )
2014-02-06 19:40:36 +00:00
2014-02-03 23:18:33 +00:00
class TestGetRepository ( ApiTestCase ) :
2014-02-06 19:40:36 +00:00
PUBLIC_REPO = PUBLIC_USER + ' /publicrepo '
2014-03-11 17:38:44 +00:00
def test_getrepo_badnames ( self ) :
self . login ( ADMIN_ACCESS_USER )
2014-03-11 18:42:53 +00:00
bad_names = [ ' logs ' , ' build ' , ' tokens ' , ' foo.bar ' , ' foo-bar ' , ' foo_bar ' ]
2014-03-11 17:38:44 +00:00
# For each bad name, create the repo.
for bad_name in bad_names :
2014-03-19 19:39:44 +00:00
json = self . postJsonResponse ( RepositoryList , expected_code = 201 ,
data = dict ( repository = bad_name , visibility = ' public ' ,
2014-03-11 17:38:44 +00:00
description = ' ' ) )
# Make sure we can retrieve its information.
2014-03-19 19:39:44 +00:00
json = self . getJsonResponse ( Repository ,
params = dict ( repository = ADMIN_ACCESS_USER + ' / ' + bad_name ) )
2014-03-11 17:38:44 +00:00
self . assertEquals ( ADMIN_ACCESS_USER , json [ ' namespace ' ] )
self . assertEquals ( bad_name , json [ ' name ' ] )
self . assertEquals ( True , json [ ' is_public ' ] )
2014-11-24 21:07:38 +00:00
2014-03-11 17:38:44 +00:00
2014-02-03 23:18:33 +00:00
def test_getrepo_public_asguest ( self ) :
2014-03-18 23:34:26 +00:00
json = self . getJsonResponse ( Repository ,
2014-02-06 19:40:36 +00:00
params = dict ( repository = self . PUBLIC_REPO ) )
2014-11-24 21:07:38 +00:00
2014-02-03 23:18:33 +00:00
self . assertEquals ( PUBLIC_USER , json [ ' namespace ' ] )
self . assertEquals ( ' publicrepo ' , json [ ' name ' ] )
self . assertEquals ( True , json [ ' is_public ' ] )
self . assertEquals ( False , json [ ' is_organization ' ] )
self . assertEquals ( False , json [ ' can_write ' ] )
self . assertEquals ( False , json [ ' can_admin ' ] )
assert ' latest ' in json [ ' tags ' ]
def test_getrepo_public_asowner ( self ) :
self . login ( PUBLIC_USER )
2014-03-18 23:34:26 +00:00
json = self . getJsonResponse ( Repository ,
2014-02-06 19:40:36 +00:00
params = dict ( repository = self . PUBLIC_REPO ) )
2014-11-24 21:07:38 +00:00
2014-02-03 23:18:33 +00:00
self . assertEquals ( False , json [ ' is_organization ' ] )
self . assertEquals ( True , json [ ' can_write ' ] )
self . assertEquals ( True , json [ ' can_admin ' ] )
def test_getrepo_building ( self ) :
self . login ( ADMIN_ACCESS_USER )
2014-03-18 23:34:26 +00:00
json = self . getJsonResponse ( Repository ,
2014-02-03 23:18:33 +00:00
params = dict ( repository = ADMIN_ACCESS_USER + ' /building ' ) )
2014-11-24 21:07:38 +00:00
2014-02-03 23:18:33 +00:00
self . assertEquals ( True , json [ ' can_write ' ] )
self . assertEquals ( True , json [ ' can_admin ' ] )
self . assertEquals ( False , json [ ' is_organization ' ] )
def test_getrepo_org_asnonmember ( self ) :
2014-03-18 23:34:26 +00:00
self . getResponse ( Repository ,
2014-02-03 23:18:33 +00:00
params = dict ( repository = ORGANIZATION + ' / ' + ORG_REPO ) ,
2014-03-19 17:57:36 +00:00
expected_code = 401 )
2014-02-03 23:18:33 +00:00
def test_getrepo_org_asreader ( self ) :
self . login ( READ_ACCESS_USER )
2014-03-18 23:34:26 +00:00
json = self . getJsonResponse ( Repository ,
2014-02-03 23:18:33 +00:00
params = dict ( repository = ORGANIZATION + ' / ' + ORG_REPO ) )
2014-11-24 21:07:38 +00:00
2014-02-03 23:18:33 +00:00
self . assertEquals ( ORGANIZATION , json [ ' namespace ' ] )
self . assertEquals ( ORG_REPO , json [ ' name ' ] )
self . assertEquals ( False , json [ ' can_write ' ] )
self . assertEquals ( False , json [ ' can_admin ' ] )
self . assertEquals ( True , json [ ' is_organization ' ] )
def test_getrepo_org_asadmin ( self ) :
self . login ( ADMIN_ACCESS_USER )
2014-03-18 23:34:26 +00:00
json = self . getJsonResponse ( Repository ,
2014-02-03 23:18:33 +00:00
params = dict ( repository = ORGANIZATION + ' / ' + ORG_REPO ) )
2014-11-24 21:07:38 +00:00
2014-02-03 23:18:33 +00:00
self . assertEquals ( True , json [ ' can_write ' ] )
self . assertEquals ( True , json [ ' can_admin ' ] )
self . assertEquals ( True , json [ ' is_organization ' ] )
2015-02-13 20:54:01 +00:00
class TestRepositoryBuildResource ( ApiTestCase ) :
2016-06-02 15:59:16 +00:00
def test_repo_build_invalid_url ( self ) :
self . login ( ADMIN_ACCESS_USER )
self . postJsonResponse ( RepositoryBuildList ,
params = dict ( repository = ADMIN_ACCESS_USER + ' /simple ' ) ,
data = dict ( archive_url = ' hppt://quay.io ' ) ,
expected_code = 400 )
2015-02-13 20:54:01 +00:00
def test_cancel_invalidbuild ( self ) :
self . login ( ADMIN_ACCESS_USER )
self . deleteResponse ( RepositoryBuildResource ,
params = dict ( repository = ADMIN_ACCESS_USER + ' /simple ' , build_uuid = ' invalid ' ) ,
expected_code = 404 )
def test_cancel_waitingbuild ( self ) :
self . login ( ADMIN_ACCESS_USER )
# Request a (fake) build.
json = self . postJsonResponse ( RepositoryBuildList ,
params = dict ( repository = ADMIN_ACCESS_USER + ' /simple ' ) ,
data = dict ( file_id = ' foobarbaz ' ) ,
expected_code = 201 )
uuid = json [ ' id ' ]
# Check for the build.
json = self . getJsonResponse ( RepositoryBuildList ,
params = dict ( repository = ADMIN_ACCESS_USER + ' /simple ' ) )
self . assertEquals ( 1 , len ( json [ ' builds ' ] ) )
self . assertEquals ( uuid , json [ ' builds ' ] [ 0 ] [ ' id ' ] )
2015-02-23 18:38:01 +00:00
# Find the build's queue item.
build_ref = database . RepositoryBuild . get ( uuid = uuid )
queue_item = database . QueueItem . get ( id = build_ref . queue_id )
self . assertTrue ( queue_item . available )
self . assertTrue ( queue_item . retries_remaining > 0 )
2015-02-13 20:54:01 +00:00
# Cancel the build.
self . deleteResponse ( RepositoryBuildResource ,
params = dict ( repository = ADMIN_ACCESS_USER + ' /simple ' , build_uuid = uuid ) ,
expected_code = 201 )
# Check for the build.
json = self . getJsonResponse ( RepositoryBuildList ,
params = dict ( repository = ADMIN_ACCESS_USER + ' /simple ' ) )
2016-11-16 18:51:07 +00:00
self . assertEquals ( 1 , len ( json [ ' builds ' ] ) )
self . assertEquals ( ' cancelled ' , json [ ' builds ' ] [ 0 ] [ ' phase ' ] )
2015-02-13 20:54:01 +00:00
2015-02-23 18:38:01 +00:00
# Check for the build's queue item.
try :
database . QueueItem . get ( id = build_ref . queue_id )
self . fail ( ' QueueItem still exists for build ' )
except database . QueueItem . DoesNotExist :
pass
2015-02-13 20:54:01 +00:00
def test_attemptcancel_scheduledbuild ( self ) :
self . login ( ADMIN_ACCESS_USER )
# Request a (fake) build.
json = self . postJsonResponse ( RepositoryBuildList ,
params = dict ( repository = ADMIN_ACCESS_USER + ' /simple ' ) ,
data = dict ( file_id = ' foobarbaz ' ) ,
expected_code = 201 )
uuid = json [ ' id ' ]
# Check for the build.
json = self . getJsonResponse ( RepositoryBuildList ,
params = dict ( repository = ADMIN_ACCESS_USER + ' /simple ' ) )
self . assertEquals ( 1 , len ( json [ ' builds ' ] ) )
self . assertEquals ( uuid , json [ ' builds ' ] [ 0 ] [ ' id ' ] )
# Set queue item to be picked up.
2015-02-23 18:47:21 +00:00
build_ref = database . RepositoryBuild . get ( uuid = uuid )
qi = database . QueueItem . get ( id = build_ref . queue_id )
2015-02-13 20:54:01 +00:00
qi . available = False
qi . save ( )
# Try to cancel the build.
self . deleteResponse ( RepositoryBuildResource ,
params = dict ( repository = ADMIN_ACCESS_USER + ' /simple ' , build_uuid = uuid ) ,
2016-12-02 20:07:03 +00:00
expected_code = 201 )
2015-02-13 20:54:01 +00:00
def test_attemptcancel_workingbuild ( self ) :
self . login ( ADMIN_ACCESS_USER )
# Request a (fake) build.
json = self . postJsonResponse ( RepositoryBuildList ,
params = dict ( repository = ADMIN_ACCESS_USER + ' /simple ' ) ,
data = dict ( file_id = ' foobarbaz ' ) ,
expected_code = 201 )
uuid = json [ ' id ' ]
# Check for the build.
json = self . getJsonResponse ( RepositoryBuildList ,
params = dict ( repository = ADMIN_ACCESS_USER + ' /simple ' ) )
self . assertEquals ( 1 , len ( json [ ' builds ' ] ) )
self . assertEquals ( uuid , json [ ' builds ' ] [ 0 ] [ ' id ' ] )
# Set the build to a different phase.
rb = database . RepositoryBuild . get ( uuid = uuid )
rb . phase = database . BUILD_PHASE . BUILDING
rb . save ( )
# Try to cancel the build.
self . deleteResponse ( RepositoryBuildResource ,
params = dict ( repository = ADMIN_ACCESS_USER + ' /simple ' , build_uuid = uuid ) ,
expected_code = 400 )
2014-02-26 20:19:07 +00:00
class TestRepoBuilds ( ApiTestCase ) :
2014-02-03 23:18:33 +00:00
def test_getrepo_nobuilds ( self ) :
self . login ( ADMIN_ACCESS_USER )
2016-03-16 20:08:53 +00:00
# Queries: Permission + the list query
with assert_query_count ( 2 ) :
2015-05-08 01:11:15 +00:00
json = self . getJsonResponse ( RepositoryBuildList ,
params = dict ( repository = ADMIN_ACCESS_USER + ' /simple ' ) )
2014-11-24 21:07:38 +00:00
2014-02-03 23:18:33 +00:00
assert len ( json [ ' builds ' ] ) == 0
def test_getrepobuilds ( self ) :
self . login ( ADMIN_ACCESS_USER )
2016-03-16 20:08:53 +00:00
# Queries: Permission + the list query
with assert_query_count ( 2 ) :
2015-05-08 01:11:15 +00:00
json = self . getJsonResponse ( RepositoryBuildList ,
params = dict ( repository = ADMIN_ACCESS_USER + ' /building ' ) )
2014-11-24 21:07:38 +00:00
2014-02-03 23:18:33 +00:00
assert len ( json [ ' builds ' ] ) > 0
2014-05-20 22:53:00 +00:00
build = json [ ' builds ' ] [ - 1 ]
2014-02-03 23:18:33 +00:00
assert ' id ' in build
assert ' status ' in build
2014-02-26 20:19:07 +00:00
# Check the status endpoint.
2014-03-18 23:34:26 +00:00
status_json = self . getJsonResponse ( RepositoryBuildStatus ,
2015-07-15 21:25:41 +00:00
params = dict ( repository = ADMIN_ACCESS_USER + ' /building ' ,
build_uuid = build [ ' id ' ] ) )
2014-02-03 23:18:33 +00:00
2014-11-13 17:51:37 +00:00
self . assertEquals ( status_json [ ' id ' ] , build [ ' id ' ] )
self . assertEquals ( status_json [ ' resource_key ' ] , build [ ' resource_key ' ] )
self . assertEquals ( status_json [ ' trigger ' ] , build [ ' trigger ' ] )
2014-02-26 20:19:07 +00:00
2015-08-14 21:22:19 +00:00
2014-02-25 23:22:02 +00:00
class TestRequestRepoBuild ( ApiTestCase ) :
2015-08-14 21:22:19 +00:00
def test_requestbuild_noidurl ( self ) :
self . login ( ADMIN_ACCESS_USER )
# Request a (fake) build without a file ID or URL.
self . postResponse ( RepositoryBuildList ,
params = dict ( repository = ADMIN_ACCESS_USER + ' /simple ' ) ,
data = dict ( ) ,
expected_code = 400 )
def test_requestbuild_invalidurls ( self ) :
self . login ( ADMIN_ACCESS_USER )
# Request a (fake) build with and invalid URL.
self . postResponse ( RepositoryBuildList ,
params = dict ( repository = ADMIN_ACCESS_USER + ' /simple ' ) ,
data = dict ( archive_url = ' foobarbaz ' ) ,
expected_code = 400 )
self . postResponse ( RepositoryBuildList ,
params = dict ( repository = ADMIN_ACCESS_USER + ' /simple ' ) ,
data = dict ( archive_url = ' file://foobarbaz ' ) ,
expected_code = 400 )
def test_requestrepobuild_withurl ( self ) :
self . login ( ADMIN_ACCESS_USER )
# Ensure we are not yet building.
json = self . getJsonResponse ( RepositoryBuildList ,
params = dict ( repository = ADMIN_ACCESS_USER + ' /simple ' ) )
assert len ( json [ ' builds ' ] ) == 0
# Request a (fake) build.
self . postResponse ( RepositoryBuildList ,
params = dict ( repository = ADMIN_ACCESS_USER + ' /simple ' ) ,
data = dict ( archive_url = ' http://quay.io/robots.txt ' ) ,
expected_code = 201 )
# Check for the build.
json = self . getJsonResponse ( RepositoryBuildList ,
params = dict ( repository = ADMIN_ACCESS_USER + ' /simple ' ) )
assert len ( json [ ' builds ' ] ) > 0
self . assertEquals ( ' http://quay.io/robots.txt ' , json [ ' builds ' ] [ 0 ] [ ' archive_url ' ] )
def test_requestrepobuild_withfile ( self ) :
2014-02-03 23:18:33 +00:00
self . login ( ADMIN_ACCESS_USER )
2014-04-02 01:49:06 +00:00
# Ensure we are not yet building.
2014-03-18 23:34:26 +00:00
json = self . getJsonResponse ( RepositoryBuildList ,
2014-02-03 23:18:33 +00:00
params = dict ( repository = ADMIN_ACCESS_USER + ' /simple ' ) )
2014-11-24 21:07:38 +00:00
2014-02-03 23:18:33 +00:00
assert len ( json [ ' builds ' ] ) == 0
# Request a (fake) build.
2014-03-18 23:34:26 +00:00
self . postResponse ( RepositoryBuildList ,
2014-02-03 23:18:33 +00:00
params = dict ( repository = ADMIN_ACCESS_USER + ' /simple ' ) ,
2014-02-25 23:22:02 +00:00
data = dict ( file_id = ' foobarbaz ' ) ,
2014-02-03 23:18:33 +00:00
expected_code = 201 )
# Check for the build.
2014-03-18 23:34:26 +00:00
json = self . getJsonResponse ( RepositoryBuildList ,
2015-08-14 21:22:19 +00:00
params = dict ( repository = ADMIN_ACCESS_USER + ' /simple ' ) )
2014-11-24 21:07:38 +00:00
2014-02-03 23:18:33 +00:00
assert len ( json [ ' builds ' ] ) > 0
2014-11-24 21:07:38 +00:00
2014-04-02 01:49:06 +00:00
def test_requestrepobuild_with_robot ( self ) :
2014-03-27 22:33:13 +00:00
self . login ( ADMIN_ACCESS_USER )
2014-04-02 01:49:06 +00:00
# Ensure we are not yet building.
2014-03-27 22:33:13 +00:00
json = self . getJsonResponse ( RepositoryBuildList ,
params = dict ( repository = ADMIN_ACCESS_USER + ' /simple ' ) )
2014-11-24 21:07:38 +00:00
2014-03-27 22:33:13 +00:00
assert len ( json [ ' builds ' ] ) == 0
# Request a (fake) build.
2014-04-02 01:49:06 +00:00
pull_robot = ADMIN_ACCESS_USER + ' +dtrobot '
2014-03-27 22:33:13 +00:00
self . postResponse ( RepositoryBuildList ,
params = dict ( repository = ADMIN_ACCESS_USER + ' /simple ' ) ,
2014-04-02 01:49:06 +00:00
data = dict ( file_id = ' foobarbaz ' , pull_robot = pull_robot ) ,
2014-03-27 22:33:13 +00:00
expected_code = 201 )
# Check for the build.
json = self . getJsonResponse ( RepositoryBuildList ,
params = dict ( repository = ADMIN_ACCESS_USER + ' /building ' ) )
2014-11-24 21:07:38 +00:00
2014-03-27 22:33:13 +00:00
assert len ( json [ ' builds ' ] ) > 0
2014-04-02 01:49:06 +00:00
def test_requestrepobuild_with_invalid_robot ( self ) :
self . login ( ADMIN_ACCESS_USER )
# Request a (fake) build.
pull_robot = ADMIN_ACCESS_USER + ' +invalidrobot '
self . postResponse ( RepositoryBuildList ,
params = dict ( repository = ADMIN_ACCESS_USER + ' /simple ' ) ,
data = dict ( file_id = ' foobarbaz ' , pull_robot = pull_robot ) ,
expected_code = 404 )
def test_requestrepobuild_with_unauthorized_robot ( self ) :
self . login ( ADMIN_ACCESS_USER )
# Request a (fake) build.
pull_robot = ' freshuser+anotherrobot '
self . postResponse ( RepositoryBuildList ,
params = dict ( repository = ADMIN_ACCESS_USER + ' /simple ' ) ,
data = dict ( file_id = ' foobarbaz ' , pull_robot = pull_robot ) ,
expected_code = 403 )
2014-03-27 22:33:13 +00:00
2014-07-28 18:58:12 +00:00
class TestRepositoryEmail ( ApiTestCase ) :
def test_emailnotauthorized ( self ) :
self . login ( ADMIN_ACCESS_USER )
2014-11-24 21:07:38 +00:00
2014-07-28 18:58:12 +00:00
# Verify the e-mail address is not authorized.
2015-07-15 21:25:41 +00:00
self . getResponse ( RepositoryAuthorizedEmail ,
params = dict ( repository = ADMIN_ACCESS_USER + ' /simple ' ,
email = ' test@example.com ' ) ,
expected_code = 404 )
2014-07-28 18:58:12 +00:00
def test_emailnotauthorized_butsent ( self ) :
self . login ( ADMIN_ACCESS_USER )
2014-11-24 21:07:38 +00:00
2014-07-28 18:58:12 +00:00
# Verify the e-mail address is not authorized.
json = self . getJsonResponse ( RepositoryAuthorizedEmail ,
2015-07-15 21:25:41 +00:00
params = dict ( repository = ADMIN_ACCESS_USER + ' /simple ' ,
email = ' jschorr+other@devtable.com ' ) )
2014-07-28 18:58:12 +00:00
self . assertEquals ( False , json [ ' confirmed ' ] )
self . assertEquals ( ADMIN_ACCESS_USER , json [ ' namespace ' ] )
self . assertEquals ( ' simple ' , json [ ' repository ' ] )
2014-11-24 21:07:38 +00:00
2014-07-28 18:58:12 +00:00
def test_emailauthorized ( self ) :
self . login ( ADMIN_ACCESS_USER )
2014-11-24 21:07:38 +00:00
2014-07-28 18:58:12 +00:00
# Verify the e-mail address is authorized.
json = self . getJsonResponse ( RepositoryAuthorizedEmail ,
2015-07-15 21:25:41 +00:00
params = dict ( repository = ADMIN_ACCESS_USER + ' /simple ' ,
email = ' jschorr@devtable.com ' ) )
2014-07-28 18:58:12 +00:00
self . assertEquals ( True , json [ ' confirmed ' ] )
self . assertEquals ( ADMIN_ACCESS_USER , json [ ' namespace ' ] )
self . assertEquals ( ' simple ' , json [ ' repository ' ] )
def test_send_email_authorization ( self ) :
self . login ( ADMIN_ACCESS_USER )
2014-11-24 21:07:38 +00:00
2014-07-28 18:58:12 +00:00
# Send the email.
json = self . postJsonResponse ( RepositoryAuthorizedEmail ,
2015-07-15 21:25:41 +00:00
params = dict ( repository = ADMIN_ACCESS_USER + ' /simple ' ,
email = ' jschorr+foo@devtable.com ' ) )
2014-07-28 18:58:12 +00:00
self . assertEquals ( False , json [ ' confirmed ' ] )
self . assertEquals ( ADMIN_ACCESS_USER , json [ ' namespace ' ] )
self . assertEquals ( ' simple ' , json [ ' repository ' ] )
2014-02-03 23:18:33 +00:00
2014-07-18 02:51:58 +00:00
class TestRepositoryNotifications ( ApiTestCase ) :
2016-10-04 07:57:32 +00:00
def test_testnotification ( self ) :
self . login ( ADMIN_ACCESS_USER )
# Add a notification.
json = self . postJsonResponse ( RepositoryNotificationList ,
params = dict ( repository = ADMIN_ACCESS_USER + ' /simple ' ) ,
data = dict ( config = { ' url ' : ' http://example.com ' } , event = ' repo_push ' ,
method = ' webhook ' , eventConfig = { } ) ,
expected_code = 201 )
uuid = json [ ' uuid ' ]
self . assertIsNone ( notification_queue . get ( ) )
# Issue a test notification.
self . postJsonResponse ( TestRepositoryNotification ,
params = dict ( repository = ADMIN_ACCESS_USER + ' /simple ' , uuid = uuid ) )
# Ensure the item is in the queue.
2016-11-30 21:54:04 +00:00
time . sleep ( 1 ) # Makes sure the queue get works on MySQL with its second-level precision.
2016-10-04 07:57:32 +00:00
found = notification_queue . get ( )
self . assertIsNotNone ( found )
self . assertTrue ( ' notification_uuid ' in found [ ' body ' ] )
2014-02-03 23:18:33 +00:00
def test_webhooks ( self ) :
self . login ( ADMIN_ACCESS_USER )
2014-07-18 02:51:58 +00:00
# Add a notification.
json = self . postJsonResponse ( RepositoryNotificationList ,
2014-02-03 23:18:33 +00:00
params = dict ( repository = ADMIN_ACCESS_USER + ' /simple ' ) ,
2015-07-15 21:25:41 +00:00
data = dict ( config = { ' url ' : ' http://example.com ' } , event = ' repo_push ' ,
2015-10-26 19:13:58 +00:00
method = ' webhook ' , eventConfig = { } ) ,
2014-03-19 00:32:37 +00:00
expected_code = 201 )
2014-02-03 23:18:33 +00:00
2014-07-18 02:51:58 +00:00
self . assertEquals ( ' repo_push ' , json [ ' event ' ] )
self . assertEquals ( ' webhook ' , json [ ' method ' ] )
self . assertEquals ( ' http://example.com ' , json [ ' config ' ] [ ' url ' ] )
2015-08-17 20:30:15 +00:00
self . assertIsNone ( json [ ' title ' ] )
2014-07-18 02:51:58 +00:00
wid = json [ ' uuid ' ]
2014-02-03 23:18:33 +00:00
2014-07-18 02:51:58 +00:00
# Get the notification.
json = self . getJsonResponse ( RepositoryNotification ,
params = dict ( repository = ADMIN_ACCESS_USER + ' /simple ' , uuid = wid ) )
2014-02-03 23:18:33 +00:00
2014-07-18 02:51:58 +00:00
self . assertEquals ( wid , json [ ' uuid ' ] )
self . assertEquals ( ' repo_push ' , json [ ' event ' ] )
self . assertEquals ( ' webhook ' , json [ ' method ' ] )
2015-08-17 20:30:15 +00:00
self . assertIsNone ( json [ ' title ' ] )
2014-02-03 23:18:33 +00:00
2014-07-18 02:51:58 +00:00
# Verify the notification is listed.
json = self . getJsonResponse ( RepositoryNotificationList ,
2014-02-03 23:18:33 +00:00
params = dict ( repository = ADMIN_ACCESS_USER + ' /simple ' ) )
2014-07-18 02:51:58 +00:00
ids = [ w [ ' uuid ' ] for w in json [ ' notifications ' ] ]
2014-02-03 23:18:33 +00:00
assert wid in ids
2014-07-18 02:51:58 +00:00
# Delete the notification.
2016-12-14 21:24:06 +00:00
self . deleteEmptyResponse ( RepositoryNotification ,
2014-07-18 02:51:58 +00:00
params = dict ( repository = ADMIN_ACCESS_USER + ' /simple ' , uuid = wid ) ,
2014-02-03 23:18:33 +00:00
expected_code = 204 )
2014-07-18 02:51:58 +00:00
# Verify the notification is gone.
self . getResponse ( RepositoryNotification ,
params = dict ( repository = ADMIN_ACCESS_USER + ' /simple ' , uuid = wid ) ,
2014-02-03 23:18:33 +00:00
expected_code = 404 )
2015-08-17 20:30:15 +00:00
# Add another notification.
json = self . postJsonResponse ( RepositoryNotificationList ,
params = dict ( repository = ADMIN_ACCESS_USER + ' /simple ' ) ,
data = dict ( config = { ' url ' : ' http://example.com ' } , event = ' repo_push ' ,
2015-10-26 19:13:58 +00:00
method = ' webhook ' , title = ' Some Notification ' ,
eventConfig = { } ) ,
2015-08-17 20:30:15 +00:00
expected_code = 201 )
self . assertEquals ( ' repo_push ' , json [ ' event ' ] )
self . assertEquals ( ' webhook ' , json [ ' method ' ] )
self . assertEquals ( ' http://example.com ' , json [ ' config ' ] [ ' url ' ] )
self . assertEquals ( ' Some Notification ' , json [ ' title ' ] )
wid = json [ ' uuid ' ]
# Get the notification.
json = self . getJsonResponse ( RepositoryNotification ,
params = dict ( repository = ADMIN_ACCESS_USER + ' /simple ' , uuid = wid ) )
self . assertEquals ( wid , json [ ' uuid ' ] )
self . assertEquals ( ' repo_push ' , json [ ' event ' ] )
self . assertEquals ( ' webhook ' , json [ ' method ' ] )
self . assertEquals ( ' Some Notification ' , json [ ' title ' ] )
2014-02-03 23:18:33 +00:00
class TestListAndGetImage ( ApiTestCase ) :
def test_listandgetimages ( self ) :
self . login ( ADMIN_ACCESS_USER )
2014-03-18 23:34:26 +00:00
json = self . getJsonResponse ( RepositoryImageList ,
2014-02-03 23:18:33 +00:00
params = dict ( repository = ADMIN_ACCESS_USER + ' /simple ' ) )
assert len ( json [ ' images ' ] ) > 0
2014-09-18 21:16:10 +00:00
2014-02-03 23:18:33 +00:00
for image in json [ ' images ' ] :
assert ' id ' in image
assert ' tags ' in image
assert ' created ' in image
assert ' comment ' in image
assert ' command ' in image
assert ' ancestors ' in image
assert ' size ' in image
2014-03-18 23:34:26 +00:00
ijson = self . getJsonResponse ( RepositoryImage ,
2014-02-03 23:18:33 +00:00
params = dict ( repository = ADMIN_ACCESS_USER + ' /simple ' ,
image_id = image [ ' id ' ] ) )
self . assertEquals ( image [ ' id ' ] , ijson [ ' id ' ] )
2014-02-06 19:40:36 +00:00
2014-02-03 23:18:33 +00:00
class TestGetImageChanges ( ApiTestCase ) :
def test_getimagechanges ( self ) :
self . login ( ADMIN_ACCESS_USER )
# Find an image to check.
2014-03-18 23:34:26 +00:00
json = self . getJsonResponse ( RepositoryImageList ,
2014-02-03 23:18:33 +00:00
params = dict ( repository = ADMIN_ACCESS_USER + ' /simple ' ) )
image_id = json [ ' images ' ] [ 0 ] [ ' id ' ]
# Lookup the image's changes.
# TODO: Fix me once we can get fake changes into the test data
2014-03-18 23:34:26 +00:00
#self.getJsonResponse(RepositoryImageChanges,
2014-02-03 23:18:33 +00:00
# params=dict(repository=ADMIN_ACCESS_USER + '/simple',
# image_id=image_id))
2015-04-19 19:43:16 +00:00
class TestRevertTag ( ApiTestCase ) :
def test_reverttag_invalidtag ( self ) :
self . login ( ADMIN_ACCESS_USER )
self . postResponse ( RevertTag ,
params = dict ( repository = ADMIN_ACCESS_USER + ' /history ' , tag = ' invalidtag ' ) ,
data = dict ( image = ' invalid_image ' ) ,
expected_code = 404 )
def test_reverttag_invalidimage ( self ) :
self . login ( ADMIN_ACCESS_USER )
self . postResponse ( RevertTag ,
params = dict ( repository = ADMIN_ACCESS_USER + ' /history ' , tag = ' latest ' ) ,
data = dict ( image = ' invalid_image ' ) ,
expected_code = 400 )
def test_reverttag ( self ) :
self . login ( ADMIN_ACCESS_USER )
json = self . getJsonResponse ( ListRepositoryTags ,
2015-07-15 21:25:41 +00:00
params = dict ( repository = ADMIN_ACCESS_USER + ' /history ' ,
tag = ' latest ' ) )
2015-04-19 19:43:16 +00:00
self . assertEquals ( 2 , len ( json [ ' tags ' ] ) )
self . assertFalse ( ' end_ts ' in json [ ' tags ' ] [ 0 ] )
previous_image_id = json [ ' tags ' ] [ 1 ] [ ' docker_image_id ' ]
2015-07-15 21:25:41 +00:00
self . postJsonResponse ( RevertTag , params = dict ( repository = ADMIN_ACCESS_USER + ' /history ' ,
tag = ' latest ' ) ,
data = dict ( image = previous_image_id ) )
2015-04-19 19:43:16 +00:00
json = self . getJsonResponse ( ListRepositoryTags ,
2015-07-15 21:25:41 +00:00
params = dict ( repository = ADMIN_ACCESS_USER + ' /history ' ,
tag = ' latest ' ) )
2015-04-19 19:43:16 +00:00
self . assertEquals ( 3 , len ( json [ ' tags ' ] ) )
self . assertFalse ( ' end_ts ' in json [ ' tags ' ] [ 0 ] )
self . assertEquals ( previous_image_id , json [ ' tags ' ] [ 0 ] [ ' docker_image_id ' ] )
2015-09-09 19:29:50 +00:00
2014-02-03 23:18:33 +00:00
class TestListAndDeleteTag ( ApiTestCase ) :
2016-08-11 22:21:01 +00:00
def test_invalid_tags ( self ) :
self . login ( ADMIN_ACCESS_USER )
# List the images for staging.
json = self . getJsonResponse ( RepositoryTagImages ,
params = dict ( repository = ADMIN_ACCESS_USER + ' /complex ' ,
tag = ' staging ' ) )
staging_images = json [ ' images ' ]
# Try to add some invalid tags.
self . putResponse ( RepositoryTag ,
params = dict ( repository = ADMIN_ACCESS_USER + ' /complex ' , tag = ' -fail ' ) ,
data = dict ( image = staging_images [ 0 ] [ ' id ' ] ) ,
expected_code = 400 )
self . putResponse ( RepositoryTag ,
params = dict ( repository = ADMIN_ACCESS_USER + ' /complex ' , tag = ' 北京 ' ) ,
data = dict ( image = staging_images [ 0 ] [ ' id ' ] ) ,
expected_code = 400 )
2014-02-28 05:12:09 +00:00
def test_listdeletecreateandmovetag ( self ) :
2014-02-03 23:18:33 +00:00
self . login ( ADMIN_ACCESS_USER )
# List the images for prod.
2014-03-18 23:34:26 +00:00
json = self . getJsonResponse ( RepositoryTagImages ,
2014-02-03 23:18:33 +00:00
params = dict ( repository = ADMIN_ACCESS_USER + ' /complex ' , tag = ' prod ' ) )
prod_images = json [ ' images ' ]
assert len ( prod_images ) > 0
# List the images for staging.
2014-03-18 23:34:26 +00:00
json = self . getJsonResponse ( RepositoryTagImages ,
2015-07-15 21:25:41 +00:00
params = dict ( repository = ADMIN_ACCESS_USER + ' /complex ' ,
tag = ' staging ' ) )
2014-02-03 23:18:33 +00:00
staging_images = json [ ' images ' ]
assert len ( prod_images ) == len ( staging_images ) + 1
# Delete prod.
2016-12-14 21:24:06 +00:00
self . deleteEmptyResponse ( RepositoryTag ,
2014-02-03 23:18:33 +00:00
params = dict ( repository = ADMIN_ACCESS_USER + ' /complex ' , tag = ' prod ' ) ,
expected_code = 204 )
# Make sure the tag is gone.
2014-03-18 23:34:26 +00:00
self . getResponse ( RepositoryTagImages ,
2014-02-03 23:18:33 +00:00
params = dict ( repository = ADMIN_ACCESS_USER + ' /complex ' , tag = ' prod ' ) ,
expected_code = 404 )
# Make the sure the staging images are still there.
2014-03-18 23:34:26 +00:00
json = self . getJsonResponse ( RepositoryTagImages ,
2015-07-15 21:25:41 +00:00
params = dict ( repository = ADMIN_ACCESS_USER + ' /complex ' ,
tag = ' staging ' ) )
2014-02-03 23:18:33 +00:00
self . assertEquals ( staging_images , json [ ' images ' ] )
2015-10-05 20:36:33 +00:00
# Require a valid tag name.
self . putResponse ( RepositoryTag ,
params = dict ( repository = ADMIN_ACCESS_USER + ' /complex ' , tag = ' -fail ' ) ,
data = dict ( image = staging_images [ 0 ] [ ' id ' ] ) ,
expected_code = 400 )
2014-02-28 05:12:09 +00:00
# Add a new tag to the staging image.
2014-03-26 23:42:29 +00:00
self . putResponse ( RepositoryTag ,
2014-02-28 05:12:09 +00:00
params = dict ( repository = ADMIN_ACCESS_USER + ' /complex ' , tag = ' sometag ' ) ,
data = dict ( image = staging_images [ 0 ] [ ' id ' ] ) ,
expected_code = 201 )
# Make sure the tag is present.
2014-03-26 23:42:29 +00:00
json = self . getJsonResponse ( RepositoryTagImages ,
2015-07-15 21:25:41 +00:00
params = dict ( repository = ADMIN_ACCESS_USER + ' /complex ' ,
tag = ' sometag ' ) )
2014-02-28 05:12:09 +00:00
sometag_images = json [ ' images ' ]
self . assertEquals ( sometag_images , staging_images )
# Move the tag.
2014-03-26 23:42:29 +00:00
self . putResponse ( RepositoryTag ,
2014-02-28 05:12:09 +00:00
params = dict ( repository = ADMIN_ACCESS_USER + ' /complex ' , tag = ' sometag ' ) ,
data = dict ( image = staging_images [ - 1 ] [ ' id ' ] ) ,
expected_code = 201 )
# Make sure the tag has moved.
2014-03-26 23:42:29 +00:00
json = self . getJsonResponse ( RepositoryTagImages ,
2015-07-15 21:25:41 +00:00
params = dict ( repository = ADMIN_ACCESS_USER + ' /complex ' ,
tag = ' sometag ' ) )
2014-02-28 05:12:09 +00:00
sometag_new_images = json [ ' images ' ]
self . assertEquals ( 1 , len ( sometag_new_images ) )
self . assertEquals ( staging_images [ - 1 ] , sometag_new_images [ 0 ] )
2014-02-03 23:18:33 +00:00
def test_deletesubtag ( self ) :
self . login ( ADMIN_ACCESS_USER )
# List the images for prod.
2014-03-18 23:34:26 +00:00
json = self . getJsonResponse ( RepositoryTagImages ,
2014-02-03 23:18:33 +00:00
params = dict ( repository = ADMIN_ACCESS_USER + ' /complex ' , tag = ' prod ' ) )
prod_images = json [ ' images ' ]
assert len ( prod_images ) > 0
# Delete staging.
2016-12-14 21:24:06 +00:00
self . deleteEmptyResponse ( RepositoryTag ,
2014-02-03 23:18:33 +00:00
params = dict ( repository = ADMIN_ACCESS_USER + ' /complex ' , tag = ' staging ' ) ,
expected_code = 204 )
# Make sure the prod images are still around.
2014-03-18 23:34:26 +00:00
json = self . getJsonResponse ( RepositoryTagImages ,
2014-02-03 23:18:33 +00:00
params = dict ( repository = ADMIN_ACCESS_USER + ' /complex ' , tag = ' prod ' ) )
self . assertEquals ( prod_images , json [ ' images ' ] )
2015-09-09 19:29:50 +00:00
def test_listtagpagination ( self ) :
self . login ( ADMIN_ACCESS_USER )
2016-03-25 21:47:37 +00:00
latest_image = model . tag . get_tag_image ( ADMIN_ACCESS_USER , " complex " , " prod " )
2016-08-02 18:17:33 +00:00
# Create 10 tags in an empty repo.
user = model . user . get_user_or_org ( ADMIN_ACCESS_USER )
repo = model . repository . create_repository ( ADMIN_ACCESS_USER , " empty " , user )
image = model . image . find_create_or_link_image ( latest_image . docker_image_id , repo ,
ADMIN_ACCESS_USER , { } , [ ' local_us ' ] )
remaining_tags = set ( )
for i in xrange ( 1 , 11 ) :
tag_name = " tag " + str ( i )
remaining_tags . add ( tag_name )
model . tag . create_or_update_tag ( ADMIN_ACCESS_USER , " empty " , tag_name ,
image . docker_image_id )
# Make sure we can iterate over all of them.
json = self . getJsonResponse ( ListRepositoryTags ,
params = dict ( repository = ADMIN_ACCESS_USER + ' /empty ' , page = 1 ,
limit = 5 ) )
self . assertEquals ( 1 , json [ ' page ' ] )
self . assertEquals ( 5 , len ( json [ ' tags ' ] ) )
self . assertTrue ( json [ ' has_additional ' ] )
names = { tag [ ' name ' ] for tag in json [ ' tags ' ] }
remaining_tags = remaining_tags - names
self . assertEquals ( 5 , len ( remaining_tags ) )
2015-09-09 19:29:50 +00:00
json = self . getJsonResponse ( ListRepositoryTags ,
2016-08-02 18:17:33 +00:00
params = dict ( repository = ADMIN_ACCESS_USER + ' /empty ' , page = 2 ,
limit = 5 ) )
self . assertEquals ( 2 , json [ ' page ' ] )
self . assertEquals ( 5 , len ( json [ ' tags ' ] ) )
self . assertFalse ( json [ ' has_additional ' ] )
names = { tag [ ' name ' ] for tag in json [ ' tags ' ] }
remaining_tags = remaining_tags - names
self . assertEquals ( 0 , len ( remaining_tags ) )
json = self . getJsonResponse ( ListRepositoryTags ,
params = dict ( repository = ADMIN_ACCESS_USER + ' /empty ' , page = 3 ,
limit = 5 ) )
self . assertEquals ( 3 , json [ ' page ' ] )
self . assertEquals ( 0 , len ( json [ ' tags ' ] ) )
self . assertFalse ( json [ ' has_additional ' ] )
2015-09-09 19:29:50 +00:00
2014-02-03 23:18:33 +00:00
class TestRepoPermissions ( ApiTestCase ) :
2014-11-20 16:33:42 +00:00
def listUserPermissions ( self , namespace = ADMIN_ACCESS_USER , repo = ' simple ' ) :
2014-03-18 23:34:26 +00:00
return self . getJsonResponse ( RepositoryUserPermissionList ,
2014-11-20 16:33:42 +00:00
params = dict ( repository = namespace + ' / ' + repo ) ) [ ' permissions ' ]
2014-02-03 23:18:33 +00:00
def listTeamPermissions ( self ) :
2015-07-15 21:25:41 +00:00
response = self . getJsonResponse ( RepositoryTeamPermissionList ,
params = dict ( repository = ORGANIZATION + ' / ' + ORG_REPO ) )
return response [ ' permissions ' ]
2014-02-03 23:18:33 +00:00
2014-11-20 16:33:42 +00:00
def test_userpermissions_underorg ( self ) :
self . login ( ADMIN_ACCESS_USER )
permissions = self . listUserPermissions ( namespace = ORGANIZATION , repo = ORG_REPO )
self . assertEquals ( 1 , len ( permissions ) )
assert ' outsideorg ' in permissions
self . assertEquals ( ' read ' , permissions [ ' outsideorg ' ] [ ' role ' ] )
self . assertEquals ( False , permissions [ ' outsideorg ' ] [ ' is_org_member ' ] )
# Add another user.
self . putJsonResponse ( RepositoryUserPermission ,
2015-07-15 21:25:41 +00:00
params = dict ( repository = ORGANIZATION + ' / ' + ORG_REPO ,
username = ADMIN_ACCESS_USER ) ,
2014-11-20 16:33:42 +00:00
data = dict ( role = ' admin ' ) )
# Verify the user is present.
permissions = self . listUserPermissions ( namespace = ORGANIZATION , repo = ORG_REPO )
self . assertEquals ( 2 , len ( permissions ) )
assert ADMIN_ACCESS_USER in permissions
self . assertEquals ( ' admin ' , permissions [ ADMIN_ACCESS_USER ] [ ' role ' ] )
self . assertEquals ( True , permissions [ ADMIN_ACCESS_USER ] [ ' is_org_member ' ] )
2014-02-03 23:18:33 +00:00
def test_userpermissions ( self ) :
self . login ( ADMIN_ACCESS_USER )
# The repo should start with just the admin as a user perm.
permissions = self . listUserPermissions ( )
self . assertEquals ( 1 , len ( permissions ) )
assert ADMIN_ACCESS_USER in permissions
self . assertEquals ( ' admin ' , permissions [ ADMIN_ACCESS_USER ] [ ' role ' ] )
2014-11-20 16:33:42 +00:00
self . assertFalse ( ' is_org_member ' in permissions [ ADMIN_ACCESS_USER ] )
2014-02-03 23:18:33 +00:00
# Add another user.
2014-03-18 23:34:26 +00:00
self . putJsonResponse ( RepositoryUserPermission ,
2015-07-15 21:25:41 +00:00
params = dict ( repository = ADMIN_ACCESS_USER + ' /simple ' ,
username = NO_ACCESS_USER ) ,
2014-02-03 23:18:33 +00:00
data = dict ( role = ' read ' ) )
# Verify the user is present.
permissions = self . listUserPermissions ( )
self . assertEquals ( 2 , len ( permissions ) )
assert NO_ACCESS_USER in permissions
self . assertEquals ( ' read ' , permissions [ NO_ACCESS_USER ] [ ' role ' ] )
2014-11-20 16:33:42 +00:00
self . assertFalse ( ' is_org_member ' in permissions [ NO_ACCESS_USER ] )
2014-02-03 23:18:33 +00:00
2014-03-18 23:34:26 +00:00
json = self . getJsonResponse ( RepositoryUserPermission ,
2015-07-15 21:25:41 +00:00
params = dict ( repository = ADMIN_ACCESS_USER + ' /simple ' ,
username = NO_ACCESS_USER ) )
2014-02-03 23:18:33 +00:00
self . assertEquals ( ' read ' , json [ ' role ' ] )
# Change the user's permissions.
2014-03-18 23:34:26 +00:00
self . putJsonResponse ( RepositoryUserPermission ,
2015-07-15 21:25:41 +00:00
params = dict ( repository = ADMIN_ACCESS_USER + ' /simple ' ,
username = NO_ACCESS_USER ) ,
2014-02-03 23:18:33 +00:00
data = dict ( role = ' admin ' ) )
# Verify.
permissions = self . listUserPermissions ( )
self . assertEquals ( 2 , len ( permissions ) )
assert NO_ACCESS_USER in permissions
self . assertEquals ( ' admin ' , permissions [ NO_ACCESS_USER ] [ ' role ' ] )
# Delete the user's permission.
2016-12-14 21:24:06 +00:00
self . deleteEmptyResponse ( RepositoryUserPermission ,
2015-07-15 21:25:41 +00:00
params = dict ( repository = ADMIN_ACCESS_USER + ' /simple ' ,
username = NO_ACCESS_USER ) )
2014-02-03 23:18:33 +00:00
# Verify.
permissions = self . listUserPermissions ( )
self . assertEquals ( 1 , len ( permissions ) )
assert not NO_ACCESS_USER in permissions
def test_teampermissions ( self ) :
self . login ( ADMIN_ACCESS_USER )
# The repo should start with just the readers as a team perm.
permissions = self . listTeamPermissions ( )
self . assertEquals ( 1 , len ( permissions ) )
assert ' readers ' in permissions
self . assertEquals ( ' read ' , permissions [ ' readers ' ] [ ' role ' ] )
# Add another team.
2014-03-18 23:34:26 +00:00
self . putJsonResponse ( RepositoryTeamPermission ,
2014-02-03 23:18:33 +00:00
params = dict ( repository = ORGANIZATION + ' / ' + ORG_REPO , teamname = ' owners ' ) ,
data = dict ( role = ' write ' ) )
# Verify the team is present.
permissions = self . listTeamPermissions ( )
self . assertEquals ( 2 , len ( permissions ) )
assert ' owners ' in permissions
self . assertEquals ( ' write ' , permissions [ ' owners ' ] [ ' role ' ] )
2014-03-18 23:34:26 +00:00
json = self . getJsonResponse ( RepositoryTeamPermission ,
2015-07-15 21:25:41 +00:00
params = dict ( repository = ORGANIZATION + ' / ' + ORG_REPO ,
teamname = ' owners ' ) )
2014-02-03 23:18:33 +00:00
self . assertEquals ( ' write ' , json [ ' role ' ] )
# Change the team's permissions.
2014-03-18 23:34:26 +00:00
self . putJsonResponse ( RepositoryTeamPermission ,
2014-02-03 23:18:33 +00:00
params = dict ( repository = ORGANIZATION + ' / ' + ORG_REPO , teamname = ' owners ' ) ,
data = dict ( role = ' admin ' ) )
# Verify.
permissions = self . listTeamPermissions ( )
self . assertEquals ( 2 , len ( permissions ) )
assert ' owners ' in permissions
self . assertEquals ( ' admin ' , permissions [ ' owners ' ] [ ' role ' ] )
# Delete the team's permission.
2016-12-14 21:24:06 +00:00
self . deleteEmptyResponse ( RepositoryTeamPermission ,
2014-02-03 23:18:33 +00:00
params = dict ( repository = ORGANIZATION + ' / ' + ORG_REPO , teamname = ' owners ' ) )
# Verify.
permissions = self . listTeamPermissions ( )
self . assertEquals ( 1 , len ( permissions ) )
assert not ' owners ' in permissions
2014-02-06 19:40:36 +00:00
2014-02-03 23:18:33 +00:00
class TestApiTokens ( ApiTestCase ) :
def listTokens ( self ) :
2014-03-18 23:34:26 +00:00
return self . getJsonResponse ( RepositoryTokenList ,
2014-02-03 23:18:33 +00:00
params = dict ( repository = ADMIN_ACCESS_USER + ' /simple ' ) ) [ ' tokens ' ]
def test_tokens ( self ) :
self . login ( ADMIN_ACCESS_USER )
# Create a new token.
2014-03-18 23:34:26 +00:00
json = self . postJsonResponse ( RepositoryTokenList ,
2014-02-03 23:18:33 +00:00
params = dict ( repository = ADMIN_ACCESS_USER + ' /simple ' ) ,
data = dict ( role = ' read ' , friendlyName = ' mytoken ' ) ,
expected_code = 201 )
self . assertEquals ( ' mytoken ' , json [ ' friendlyName ' ] )
self . assertEquals ( ' read ' , json [ ' role ' ] )
token_code = json [ ' code ' ]
# Verify.
tokens = self . listTokens ( )
assert token_code in tokens
self . assertEquals ( ' mytoken ' , tokens [ token_code ] [ ' friendlyName ' ] )
2014-03-18 23:34:26 +00:00
json = self . getJsonResponse ( RepositoryToken ,
2015-07-15 21:25:41 +00:00
params = dict ( repository = ADMIN_ACCESS_USER + ' /simple ' ,
code = token_code ) )
2014-02-03 23:18:33 +00:00
self . assertEquals ( tokens [ token_code ] , json )
# Change the token's permission.
2014-03-18 23:34:26 +00:00
self . putJsonResponse ( RepositoryToken ,
2014-02-03 23:18:33 +00:00
params = dict ( repository = ADMIN_ACCESS_USER + ' /simple ' , code = token_code ) ,
data = dict ( role = ' write ' ) )
# Verify.
2014-03-18 23:34:26 +00:00
json = self . getJsonResponse ( RepositoryToken ,
2015-07-15 21:25:41 +00:00
params = dict ( repository = ADMIN_ACCESS_USER + ' /simple ' ,
code = token_code ) )
2014-02-03 23:18:33 +00:00
self . assertEquals ( ' write ' , json [ ' role ' ] )
# Delete the token.
2016-12-14 21:24:06 +00:00
self . deleteEmptyResponse ( RepositoryToken ,
params = dict ( repository = ADMIN_ACCESS_USER + ' /simple ' ,
code = token_code ) )
2014-02-03 23:18:33 +00:00
# Verify.
2014-03-18 23:34:26 +00:00
self . getResponse ( RepositoryToken ,
2014-02-03 23:18:33 +00:00
params = dict ( repository = ADMIN_ACCESS_USER + ' /simple ' , code = token_code ) ,
expected_code = 404 )
class TestUserCard ( ApiTestCase ) :
def test_getusercard ( self ) :
self . login ( ADMIN_ACCESS_USER )
2014-03-18 23:34:26 +00:00
json = self . getJsonResponse ( UserCard )
2014-02-03 23:18:33 +00:00
self . assertEquals ( ' 4242 ' , json [ ' card ' ] [ ' last4 ' ] )
self . assertEquals ( ' Visa ' , json [ ' card ' ] [ ' type ' ] )
def test_setusercard_error ( self ) :
self . login ( ADMIN_ACCESS_USER )
2014-11-24 21:07:38 +00:00
json = self . postJsonResponse ( UserCard ,
2014-02-03 23:18:33 +00:00
data = dict ( token = ' sometoken ' ) ,
expected_code = 402 )
assert ' carderror ' in json
class TestOrgCard ( ApiTestCase ) :
def test_getorgcard ( self ) :
self . login ( ADMIN_ACCESS_USER )
2014-03-18 23:34:26 +00:00
json = self . getJsonResponse ( OrganizationCard ,
2014-02-03 23:18:33 +00:00
params = dict ( orgname = ORGANIZATION ) )
self . assertEquals ( ' 4242 ' , json [ ' card ' ] [ ' last4 ' ] )
self . assertEquals ( ' Visa ' , json [ ' card ' ] [ ' type ' ] )
class TestUserSubscription ( ApiTestCase ) :
def getSubscription ( self ) :
2014-03-18 23:34:26 +00:00
return self . getJsonResponse ( UserPlan )
2014-02-03 23:18:33 +00:00
def test_updateplan ( self ) :
self . login ( ADMIN_ACCESS_USER )
# Change the plan.
2014-03-18 23:34:26 +00:00
self . putJsonResponse ( UserPlan ,
2014-02-03 23:18:33 +00:00
data = dict ( plan = ' free ' ) )
# Verify
sub = self . getSubscription ( )
self . assertEquals ( ' free ' , sub [ ' plan ' ] )
# Change the plan.
2014-03-18 23:34:26 +00:00
self . putJsonResponse ( UserPlan ,
2015-08-11 18:09:02 +00:00
data = dict ( plan = ' bus-large-30 ' ) )
2014-02-03 23:18:33 +00:00
# Verify
sub = self . getSubscription ( )
2015-08-11 18:09:02 +00:00
self . assertEquals ( ' bus-large-30 ' , sub [ ' plan ' ] )
2014-02-03 23:18:33 +00:00
class TestOrgSubscription ( ApiTestCase ) :
def getSubscription ( self ) :
2014-03-18 23:34:26 +00:00
return self . getJsonResponse ( OrganizationPlan , params = dict ( orgname = ORGANIZATION ) )
2014-02-03 23:18:33 +00:00
def test_updateplan ( self ) :
self . login ( ADMIN_ACCESS_USER )
# Change the plan.
2014-03-18 23:34:26 +00:00
self . putJsonResponse ( OrganizationPlan ,
2014-02-03 23:18:33 +00:00
params = dict ( orgname = ORGANIZATION ) ,
data = dict ( plan = ' free ' ) )
# Verify
sub = self . getSubscription ( )
self . assertEquals ( ' free ' , sub [ ' plan ' ] )
# Change the plan.
2014-03-18 23:34:26 +00:00
self . putJsonResponse ( OrganizationPlan ,
2014-02-03 23:18:33 +00:00
params = dict ( orgname = ORGANIZATION ) ,
2015-08-11 18:09:02 +00:00
data = dict ( plan = ' bus-large-30 ' ) )
2014-02-03 23:18:33 +00:00
# Verify
sub = self . getSubscription ( )
2015-08-11 18:09:02 +00:00
self . assertEquals ( ' bus-large-30 ' , sub [ ' plan ' ] )
2014-02-03 23:18:33 +00:00
class TestUserRobots ( ApiTestCase ) :
def getRobotNames ( self ) :
2014-11-24 21:07:38 +00:00
return [ r [ ' name ' ] for r in self . getJsonResponse ( UserRobotList ) [ ' robots ' ] ]
2014-02-03 23:18:33 +00:00
2015-05-08 20:43:07 +00:00
def test_robot_list ( self ) :
self . login ( NO_ACCESS_USER )
# Create some robots.
self . putJsonResponse ( UserRobot ,
params = dict ( robot_shortname = ' bender ' ) ,
expected_code = 201 )
self . putJsonResponse ( UserRobot ,
params = dict ( robot_shortname = ' goldy ' ) ,
expected_code = 201 )
self . putJsonResponse ( UserRobot ,
params = dict ( robot_shortname = ' coolbot ' ) ,
expected_code = 201 )
2016-03-16 20:08:53 +00:00
# Queries: Base + the lookup query
with assert_query_count ( BASE_LOGGEDIN_QUERY_COUNT + 1 ) :
2015-05-08 20:43:07 +00:00
self . getJsonResponse ( UserRobotList )
2016-03-16 20:08:53 +00:00
# Queries: Base + the lookup query
with assert_query_count ( BASE_LOGGEDIN_QUERY_COUNT + 1 ) :
2015-05-08 20:43:07 +00:00
self . getJsonResponse ( UserRobotList , params = dict ( permissions = True ) )
2014-02-03 23:18:33 +00:00
def test_robots ( self ) :
self . login ( NO_ACCESS_USER )
# Create a robot.
2014-03-18 23:34:26 +00:00
json = self . putJsonResponse ( UserRobot ,
2014-02-03 23:18:33 +00:00
params = dict ( robot_shortname = ' bender ' ) ,
expected_code = 201 )
self . assertEquals ( NO_ACCESS_USER + ' +bender ' , json [ ' name ' ] )
# Verify.
robots = self . getRobotNames ( )
assert NO_ACCESS_USER + ' +bender ' in robots
# Delete the robot.
2016-12-14 21:24:06 +00:00
self . deleteEmptyResponse ( UserRobot ,
2014-02-03 23:18:33 +00:00
params = dict ( robot_shortname = ' bender ' ) )
# Verify.
robots = self . getRobotNames ( )
assert not NO_ACCESS_USER + ' +bender ' in robots
2014-08-25 21:19:23 +00:00
def test_regenerate ( self ) :
self . login ( NO_ACCESS_USER )
# Create a robot.
json = self . putJsonResponse ( UserRobot ,
params = dict ( robot_shortname = ' bender ' ) ,
expected_code = 201 )
token = json [ ' token ' ]
# Regenerate the robot.
2015-07-15 21:25:41 +00:00
json = self . postJsonResponse ( RegenerateUserRobot , params = dict ( robot_shortname = ' bender ' ) ,
expected_code = 200 )
2014-08-25 21:19:23 +00:00
# Verify the token changed.
self . assertNotEquals ( token , json [ ' token ' ] )
json2 = self . getJsonResponse ( UserRobot ,
params = dict ( robot_shortname = ' bender ' ) ,
expected_code = 200 )
self . assertEquals ( json [ ' token ' ] , json2 [ ' token ' ] )
2014-02-03 23:18:33 +00:00
class TestOrgRobots ( ApiTestCase ) :
def getRobotNames ( self ) :
2014-03-18 23:34:26 +00:00
return [ r [ ' name ' ] for r in self . getJsonResponse ( OrgRobotList ,
2014-02-03 23:18:33 +00:00
params = dict ( orgname = ORGANIZATION ) ) [ ' robots ' ] ]
2015-09-08 14:10:00 +00:00
def test_create_robot_with_underscores ( self ) :
self . login ( ADMIN_ACCESS_USER )
# Create the robot.
self . putJsonResponse ( OrgRobot ,
params = dict ( orgname = ORGANIZATION , robot_shortname = ' mr_bender ' ) ,
expected_code = 201 )
# Add the robot to a team.
membername = ORGANIZATION + ' +mr_bender '
self . putJsonResponse ( TeamMember ,
params = dict ( orgname = ORGANIZATION , teamname = ' readers ' ,
membername = membername ) )
# Retrieve the robot's details.
self . getJsonResponse ( OrgRobot ,
params = dict ( orgname = ORGANIZATION , robot_shortname = ' mr_bender ' ) ,
expected_code = 200 )
2014-11-07 17:05:21 +00:00
def test_delete_robot_after_use ( self ) :
self . login ( ADMIN_ACCESS_USER )
# Create the robot.
self . putJsonResponse ( OrgRobot ,
2015-07-15 21:25:41 +00:00
params = dict ( orgname = ORGANIZATION , robot_shortname = ' bender ' ) ,
expected_code = 201 )
2014-11-07 17:05:21 +00:00
# Add the robot to a team.
membername = ORGANIZATION + ' +bender '
self . putJsonResponse ( TeamMember ,
params = dict ( orgname = ORGANIZATION , teamname = ' readers ' ,
membername = membername ) )
# Add a repository permission.
self . putJsonResponse ( RepositoryUserPermission ,
params = dict ( repository = ORGANIZATION + ' / ' + ORG_REPO , username = membername ) ,
data = dict ( role = ' read ' ) )
# Add a permission prototype with the robot as the activating user.
2015-07-15 21:25:41 +00:00
self . postJsonResponse ( PermissionPrototypeList , params = dict ( orgname = ORGANIZATION ) ,
data = dict ( role = ' read ' ,
activating_user = { ' name ' : membername } ,
delegate = { ' kind ' : ' user ' ,
' name ' : membername } ) )
2014-11-07 17:05:21 +00:00
# Add a permission prototype with the robot as the delegating user.
2015-07-15 21:25:41 +00:00
self . postJsonResponse ( PermissionPrototypeList , params = dict ( orgname = ORGANIZATION ) ,
data = dict ( role = ' read ' ,
delegate = { ' kind ' : ' user ' ,
' name ' : membername } ) )
2014-11-07 17:05:21 +00:00
# Add a build trigger with the robot as the pull robot.
database . BuildTriggerService . create ( name = ' fakeservice ' )
# Add a new fake trigger.
2015-07-15 21:25:41 +00:00
repo = model . repository . get_repository ( ORGANIZATION , ORG_REPO )
user = model . user . get_user ( ADMIN_ACCESS_USER )
pull_robot = model . user . get_user ( membername )
trigger = model . build . create_build_trigger ( repo , ' fakeservice ' , ' sometoken ' , user ,
pull_robot = pull_robot )
2015-06-30 19:35:28 +00:00
# Add a fake build of the fake build trigger.
2015-07-15 21:25:41 +00:00
token = model . token . create_access_token ( repo , ' write ' , kind = ' build-worker ' ,
friendly_name = ' Repository Build Token ' )
2015-06-30 19:35:28 +00:00
2015-07-15 21:25:41 +00:00
build = model . build . create_repository_build ( repo , token , { } , ' fake-dockerfile ' , ' fake-name ' ,
trigger , pull_robot_name = membername )
2014-11-07 17:05:21 +00:00
2015-01-14 17:56:06 +00:00
# Add some log entries for the robot.
2015-07-15 21:25:41 +00:00
model . log . log_action ( ' pull_repo ' , ORGANIZATION , performer = pull_robot , repository = repo )
2015-01-14 17:56:06 +00:00
2014-11-07 17:05:21 +00:00
# Delete the robot and verify it works.
2016-12-14 21:24:06 +00:00
self . deleteEmptyResponse ( OrgRobot ,
2014-11-07 17:05:21 +00:00
params = dict ( orgname = ORGANIZATION , robot_shortname = ' bender ' ) )
2015-06-30 19:35:28 +00:00
# Verify the build is still present.
2015-07-15 21:25:41 +00:00
self . assertIsNotNone ( model . build . get_repository_build ( build . uuid ) )
2015-06-30 19:35:28 +00:00
2014-11-07 17:05:21 +00:00
# All the above records should now be deleted, along with the robot. We verify a few of the
# critical ones below.
# Check the team.
2015-07-15 21:25:41 +00:00
team = model . team . get_organization_team ( ORGANIZATION , ' readers ' )
members = [ member . username
for member in model . organization . get_organization_team_members ( team . id ) ]
2014-11-24 21:07:38 +00:00
self . assertFalse ( membername in members )
2014-11-07 17:05:21 +00:00
# Check the robot itself.
2015-07-15 21:25:41 +00:00
self . assertIsNone ( model . user . get_user ( membername ) )
2014-11-07 17:05:21 +00:00
2014-02-03 23:18:33 +00:00
def test_robots ( self ) :
self . login ( ADMIN_ACCESS_USER )
# Create a robot.
2014-03-18 23:34:26 +00:00
json = self . putJsonResponse ( OrgRobot ,
2014-02-03 23:18:33 +00:00
params = dict ( orgname = ORGANIZATION , robot_shortname = ' bender ' ) ,
expected_code = 201 )
self . assertEquals ( ORGANIZATION + ' +bender ' , json [ ' name ' ] )
# Verify.
robots = self . getRobotNames ( )
assert ORGANIZATION + ' +bender ' in robots
# Delete the robot.
2016-12-14 21:24:06 +00:00
self . deleteEmptyResponse ( OrgRobot ,
2014-02-03 23:18:33 +00:00
params = dict ( orgname = ORGANIZATION , robot_shortname = ' bender ' ) )
# Verify.
robots = self . getRobotNames ( )
assert not ORGANIZATION + ' +bender ' in robots
2014-08-25 21:19:23 +00:00
def test_regenerate ( self ) :
self . login ( ADMIN_ACCESS_USER )
# Create a robot.
json = self . putJsonResponse ( OrgRobot ,
params = dict ( orgname = ORGANIZATION , robot_shortname = ' bender ' ) ,
expected_code = 201 )
token = json [ ' token ' ]
# Regenerate the robot.
json = self . postJsonResponse ( RegenerateOrgRobot ,
2015-07-15 21:25:41 +00:00
params = dict ( orgname = ORGANIZATION , robot_shortname = ' bender ' ) ,
expected_code = 200 )
2014-08-25 21:19:23 +00:00
# Verify the token changed.
self . assertNotEquals ( token , json [ ' token ' ] )
json2 = self . getJsonResponse ( OrgRobot ,
params = dict ( orgname = ORGANIZATION , robot_shortname = ' bender ' ) ,
expected_code = 200 )
self . assertEquals ( json [ ' token ' ] , json2 [ ' token ' ] )
2014-02-03 23:18:33 +00:00
class TestLogs ( ApiTestCase ) :
def test_user_logs ( self ) :
self . login ( ADMIN_ACCESS_USER )
2014-03-18 23:34:26 +00:00
json = self . getJsonResponse ( UserLogs )
2014-02-03 23:18:33 +00:00
assert ' logs ' in json
assert ' start_time ' in json
assert ' end_time ' in json
def test_org_logs ( self ) :
self . login ( ADMIN_ACCESS_USER )
2014-03-18 23:34:26 +00:00
json = self . getJsonResponse ( OrgLogs , params = dict ( orgname = ORGANIZATION ) )
2014-02-03 23:18:33 +00:00
assert ' logs ' in json
assert ' start_time ' in json
assert ' end_time ' in json
2015-08-05 21:36:17 +00:00
def test_user_aggregate_logs ( self ) :
self . login ( ADMIN_ACCESS_USER )
json = self . getJsonResponse ( UserAggregateLogs )
assert ' aggregated ' in json
def test_org_logs ( self ) :
self . login ( ADMIN_ACCESS_USER )
json = self . getJsonResponse ( OrgAggregateLogs , params = dict ( orgname = ORGANIZATION ) )
assert ' aggregated ' in json
2014-02-03 23:18:33 +00:00
def test_performer ( self ) :
self . login ( ADMIN_ACCESS_USER )
2014-03-18 23:34:26 +00:00
json = self . getJsonResponse ( OrgLogs , params = dict ( orgname = ORGANIZATION ) )
2014-02-03 23:18:33 +00:00
all_logs = json [ ' logs ' ]
2014-03-18 23:34:26 +00:00
json = self . getJsonResponse ( OrgLogs ,
2014-02-03 23:18:33 +00:00
params = dict ( performer = READ_ACCESS_USER , orgname = ORGANIZATION ) )
assert len ( json [ ' logs ' ] ) < len ( all_logs )
for log in json [ ' logs ' ] :
self . assertEquals ( READ_ACCESS_USER , log [ ' performer ' ] [ ' name ' ] )
2014-02-01 00:45:44 +00:00
2014-02-26 20:19:07 +00:00
2014-03-20 19:46:13 +00:00
class TestApplicationInformation ( ApiTestCase ) :
def test_get_info ( self ) :
2015-07-15 21:25:41 +00:00
json = self . getJsonResponse ( ApplicationInformation ,
params = dict ( client_id = FAKE_APPLICATION_CLIENT_ID ) )
2014-03-20 19:46:13 +00:00
assert ' name ' in json
assert ' uri ' in json
assert ' organization ' in json
def test_get_invalid_info ( self ) :
self . getJsonResponse ( ApplicationInformation , params = dict ( client_id = ' invalid-code ' ) ,
expected_code = 404 )
class TestOrganizationApplications ( ApiTestCase ) :
def test_list_create_applications ( self ) :
self . login ( ADMIN_ACCESS_USER )
json = self . getJsonResponse ( OrganizationApplications , params = dict ( orgname = ORGANIZATION ) )
self . assertEquals ( 2 , len ( json [ ' applications ' ] ) )
2014-11-13 17:51:37 +00:00
found = False
for application in json [ ' applications ' ] :
if application [ ' client_id ' ] == FAKE_APPLICATION_CLIENT_ID :
found = True
break
self . assertTrue ( found )
2014-03-20 19:46:13 +00:00
# Add a new application.
json = self . postJsonResponse ( OrganizationApplications , params = dict ( orgname = ORGANIZATION ) ,
data = dict ( name = " Some cool app " , description = " foo " ) )
self . assertEquals ( " Some cool app " , json [ ' name ' ] )
self . assertEquals ( " foo " , json [ ' description ' ] )
# Retrieve the apps list again
list_json = self . getJsonResponse ( OrganizationApplications , params = dict ( orgname = ORGANIZATION ) )
self . assertEquals ( 3 , len ( list_json [ ' applications ' ] ) )
class TestOrganizationApplicationResource ( ApiTestCase ) :
def test_get_edit_delete_application ( self ) :
self . login ( ADMIN_ACCESS_USER )
# Retrieve the application.
json = self . getJsonResponse ( OrganizationApplicationResource ,
2015-07-15 21:25:41 +00:00
params = dict ( orgname = ORGANIZATION ,
client_id = FAKE_APPLICATION_CLIENT_ID ) )
2014-03-20 19:46:13 +00:00
self . assertEquals ( FAKE_APPLICATION_CLIENT_ID , json [ ' client_id ' ] )
# Edit the application.
edit_json = self . putJsonResponse ( OrganizationApplicationResource ,
2015-07-15 21:25:41 +00:00
params = dict ( orgname = ORGANIZATION ,
client_id = FAKE_APPLICATION_CLIENT_ID ) ,
data = dict ( name = " Some App " , description = " foo " ,
application_uri = " bar " , redirect_uri = " baz " ,
avatar_email = " meh " ) )
2014-03-20 19:46:13 +00:00
self . assertEquals ( FAKE_APPLICATION_CLIENT_ID , edit_json [ ' client_id ' ] )
self . assertEquals ( " Some App " , edit_json [ ' name ' ] )
self . assertEquals ( " foo " , edit_json [ ' description ' ] )
self . assertEquals ( " bar " , edit_json [ ' application_uri ' ] )
self . assertEquals ( " baz " , edit_json [ ' redirect_uri ' ] )
2014-11-25 00:25:13 +00:00
self . assertEquals ( " meh " , edit_json [ ' avatar_email ' ] )
2014-03-20 19:46:13 +00:00
# Retrieve the application again.
json = self . getJsonResponse ( OrganizationApplicationResource ,
2015-07-15 21:25:41 +00:00
params = dict ( orgname = ORGANIZATION ,
client_id = FAKE_APPLICATION_CLIENT_ID ) )
2014-11-24 21:07:38 +00:00
2014-03-20 19:46:13 +00:00
self . assertEquals ( json , edit_json )
# Delete the application.
2016-12-14 21:24:06 +00:00
self . deleteEmptyResponse ( OrganizationApplicationResource ,
2014-03-20 19:46:13 +00:00
params = dict ( orgname = ORGANIZATION , client_id = FAKE_APPLICATION_CLIENT_ID ) )
# Make sure the application is gone.
self . getJsonResponse ( OrganizationApplicationResource ,
2015-07-15 21:25:41 +00:00
params = dict ( orgname = ORGANIZATION , client_id = FAKE_APPLICATION_CLIENT_ID ) ,
expected_code = 404 )
2014-03-20 19:46:13 +00:00
2016-02-16 16:52:57 +00:00
class TestOrganization ( ApiTestCase ) :
def test_change_send_billing_invoice ( self ) :
self . login ( ADMIN_ACCESS_USER )
self . putJsonResponse ( Organization , params = dict ( orgname = ORGANIZATION ) ,
data = dict ( invoice_email = False , invoice_email_address = None ) )
2014-03-20 19:46:13 +00:00
class TestOrganizationApplicationResetClientSecret ( ApiTestCase ) :
def test_reset_client_secret ( self ) :
self . login ( ADMIN_ACCESS_USER )
# Retrieve the application.
json = self . getJsonResponse ( OrganizationApplicationResource ,
2015-07-15 21:25:41 +00:00
params = dict ( orgname = ORGANIZATION ,
client_id = FAKE_APPLICATION_CLIENT_ID ) )
2014-03-20 19:46:13 +00:00
self . assertEquals ( FAKE_APPLICATION_CLIENT_ID , json [ ' client_id ' ] )
# Reset the client secret.
reset_json = self . postJsonResponse ( OrganizationApplicationResetClientSecret ,
2015-07-15 21:25:41 +00:00
params = dict ( orgname = ORGANIZATION ,
client_id = FAKE_APPLICATION_CLIENT_ID ) )
2014-03-20 19:46:13 +00:00
self . assertEquals ( FAKE_APPLICATION_CLIENT_ID , reset_json [ ' client_id ' ] )
self . assertNotEquals ( reset_json [ ' client_secret ' ] , json [ ' client_secret ' ] )
# Verify it was changed in the DB.
json = self . getJsonResponse ( OrganizationApplicationResource ,
2015-07-15 21:25:41 +00:00
params = dict ( orgname = ORGANIZATION ,
client_id = FAKE_APPLICATION_CLIENT_ID ) )
2014-03-20 19:46:13 +00:00
self . assertEquals ( reset_json [ ' client_secret ' ] , json [ ' client_secret ' ] )
2014-11-24 21:07:38 +00:00
2014-03-20 19:46:13 +00:00
2015-04-29 21:30:24 +00:00
class FakeBuildTrigger ( BuildTriggerHandler ) :
2014-02-26 20:19:07 +00:00
@classmethod
def service_name ( cls ) :
return ' fakeservice '
2015-04-29 21:30:24 +00:00
def list_build_sources ( self ) :
return [ { ' first ' : ' source ' } , { ' second ' : self . auth_token } ]
def list_build_subdirs ( self ) :
return [ self . auth_token , ' foo ' , ' bar ' , self . config [ ' somevalue ' ] ]
def handle_trigger_request ( self , request ) :
prepared = PreparedBuild ( self . trigger )
prepared . build_name = ' build-name '
prepared . tags = [ ' bar ' ]
prepared . dockerfile_id = ' foo '
prepared . subdirectory = ' subdir '
prepared . metadata = { ' foo ' : ' bar ' }
prepared . is_manual = False
return prepared
def is_active ( self ) :
return ' active ' in self . config and self . config [ ' active ' ]
def activate ( self , standard_webhook_url ) :
self . config [ ' active ' ] = True
return self . config , { }
def deactivate ( self ) :
self . config [ ' active ' ] = False
return self . config
def manual_start ( self , run_parameters = None ) :
prepared = PreparedBuild ( self . trigger )
prepared . build_name = ' build-name '
prepared . tags = [ ' bar ' ]
prepared . dockerfile_id = ' foo '
prepared . subdirectory = ' subdir '
prepared . metadata = { ' foo ' : ' bar ' }
prepared . is_manual = True
return prepared
2015-05-03 17:38:11 +00:00
def get_repository_url ( self ) :
return ' http://foo/ ' + self . config [ ' build_source ' ]
2014-04-03 03:33:58 +00:00
2015-04-29 21:30:24 +00:00
def load_dockerfile_contents ( self ) :
if not ' dockerfile ' in self . config :
2014-04-03 03:33:58 +00:00
return None
2015-04-29 21:30:24 +00:00
return self . config [ ' dockerfile ' ]
2014-04-03 03:33:58 +00:00
2015-08-21 19:07:26 +00:00
def list_field_values ( self , field_name , limit = None ) :
2014-09-30 20:29:32 +00:00
if field_name == ' test_field ' :
return [ 1 , 2 , 3 ]
return None
2014-02-26 20:19:07 +00:00
class TestBuildTriggers ( ApiTestCase ) :
def test_list_build_triggers ( self ) :
self . login ( ADMIN_ACCESS_USER )
# Check a repo with no known triggers.
2015-07-15 21:25:41 +00:00
json = self . getJsonResponse ( BuildTriggerList ,
params = dict ( repository = ADMIN_ACCESS_USER + ' /simple ' ) )
2014-02-26 20:19:07 +00:00
self . assertEquals ( 0 , len ( json [ ' triggers ' ] ) )
# Check a repo with one known trigger.
2015-07-15 21:25:41 +00:00
json = self . getJsonResponse ( BuildTriggerList ,
params = dict ( repository = ADMIN_ACCESS_USER + ' /building ' ) )
2014-02-26 20:19:07 +00:00
self . assertEquals ( 1 , len ( json [ ' triggers ' ] ) )
trigger = json [ ' triggers ' ] [ 0 ]
assert ' id ' in trigger
assert ' is_active ' in trigger
assert ' config ' in trigger
assert ' service ' in trigger
# Verify the get trigger method.
2015-07-15 21:25:41 +00:00
trigger_json = self . getJsonResponse ( BuildTrigger ,
params = dict ( repository = ADMIN_ACCESS_USER + ' /building ' ,
trigger_uuid = trigger [ ' id ' ] ) )
2014-02-26 20:19:07 +00:00
self . assertEquals ( trigger , trigger_json )
# Check the recent builds for the trigger.
2015-07-15 21:25:41 +00:00
builds_json = self . getJsonResponse ( TriggerBuildList ,
params = dict ( repository = ADMIN_ACCESS_USER + ' /building ' ,
trigger_uuid = trigger [ ' id ' ] ) )
2014-02-26 20:19:07 +00:00
assert ' builds ' in builds_json
def test_delete_build_trigger ( self ) :
self . login ( ADMIN_ACCESS_USER )
2015-07-15 21:25:41 +00:00
json = self . getJsonResponse ( BuildTriggerList ,
params = dict ( repository = ADMIN_ACCESS_USER + ' /building ' ) )
2014-02-26 20:19:07 +00:00
self . assertEquals ( 1 , len ( json [ ' triggers ' ] ) )
trigger = json [ ' triggers ' ] [ 0 ]
# Delete the trigger.
2016-12-14 21:24:06 +00:00
self . deleteEmptyResponse ( BuildTrigger ,
params = dict ( repository = ADMIN_ACCESS_USER + ' /building ' ,
2015-07-15 21:25:41 +00:00
trigger_uuid = trigger [ ' id ' ] ) )
2014-02-26 20:19:07 +00:00
# Verify it was deleted.
2015-07-15 21:25:41 +00:00
json = self . getJsonResponse ( BuildTriggerList ,
params = dict ( repository = ADMIN_ACCESS_USER + ' /building ' ) )
2014-02-26 20:19:07 +00:00
self . assertEquals ( 0 , len ( json [ ' triggers ' ] ) )
2014-04-03 03:33:58 +00:00
def test_analyze_fake_trigger ( self ) :
self . login ( ADMIN_ACCESS_USER )
database . BuildTriggerService . create ( name = ' fakeservice ' )
# Add a new fake trigger.
2015-07-15 21:25:41 +00:00
repo = model . repository . get_repository ( ADMIN_ACCESS_USER , ' simple ' )
user = model . user . get_user ( ADMIN_ACCESS_USER )
trigger = model . build . create_build_trigger ( repo , ' fakeservice ' , ' sometoken ' , user )
2014-04-03 03:33:58 +00:00
# Analyze the trigger's dockerfile: First, no dockerfile.
trigger_config = { }
analyze_json = self . postJsonResponse ( BuildTriggerAnalyze ,
2015-07-15 21:25:41 +00:00
params = dict ( repository = ADMIN_ACCESS_USER + ' /simple ' ,
trigger_uuid = trigger . uuid ) ,
2014-04-03 03:33:58 +00:00
data = { ' config ' : trigger_config } )
self . assertEquals ( ' error ' , analyze_json [ ' status ' ] )
self . assertEquals ( ' Could not read the Dockerfile for the trigger ' , analyze_json [ ' message ' ] )
# Analyze the trigger's dockerfile: Second, missing FROM in dockerfile.
trigger_config = { ' dockerfile ' : ' MAINTAINER me ' }
analyze_json = self . postJsonResponse ( BuildTriggerAnalyze ,
2015-07-15 21:25:41 +00:00
params = dict ( repository = ADMIN_ACCESS_USER + ' /simple ' ,
trigger_uuid = trigger . uuid ) ,
2014-04-03 03:33:58 +00:00
data = { ' config ' : trigger_config } )
self . assertEquals ( ' warning ' , analyze_json [ ' status ' ] )
self . assertEquals ( ' No FROM line found in the Dockerfile ' , analyze_json [ ' message ' ] )
2014-11-24 21:07:38 +00:00
2014-04-03 03:33:58 +00:00
# Analyze the trigger's dockerfile: Third, dockerfile with public repo.
trigger_config = { ' dockerfile ' : ' FROM somerepo ' }
analyze_json = self . postJsonResponse ( BuildTriggerAnalyze ,
2015-07-15 21:25:41 +00:00
params = dict ( repository = ADMIN_ACCESS_USER + ' /simple ' ,
trigger_uuid = trigger . uuid ) ,
2014-04-03 03:33:58 +00:00
data = { ' config ' : trigger_config } )
self . assertEquals ( ' publicbase ' , analyze_json [ ' status ' ] )
# Analyze the trigger's dockerfile: Fourth, dockerfile with private repo with an invalid path.
trigger_config = { ' dockerfile ' : ' FROM localhost:5000/somepath ' }
analyze_json = self . postJsonResponse ( BuildTriggerAnalyze ,
2015-07-15 21:25:41 +00:00
params = dict ( repository = ADMIN_ACCESS_USER + ' /simple ' ,
trigger_uuid = trigger . uuid ) ,
2014-04-03 03:33:58 +00:00
data = { ' config ' : trigger_config } )
self . assertEquals ( ' warning ' , analyze_json [ ' status ' ] )
2015-07-15 21:25:41 +00:00
self . assertEquals ( ' " localhost:5000/somepath " is not a valid Quay repository path ' ,
analyze_json [ ' message ' ] )
2014-04-03 03:33:58 +00:00
# Analyze the trigger's dockerfile: Fifth, dockerfile with private repo that does not exist.
trigger_config = { ' dockerfile ' : ' FROM localhost:5000/nothere/randomrepo ' }
analyze_json = self . postJsonResponse ( BuildTriggerAnalyze ,
2015-07-15 21:25:41 +00:00
params = dict ( repository = ADMIN_ACCESS_USER + ' /simple ' ,
trigger_uuid = trigger . uuid ) ,
2014-04-03 03:33:58 +00:00
data = { ' config ' : trigger_config } )
self . assertEquals ( ' error ' , analyze_json [ ' status ' ] )
2015-07-15 21:25:41 +00:00
nofound = ' Repository " localhost:5000/ %s /randomrepo " referenced by the Dockerfile was not found '
self . assertEquals ( nofound % ' nothere ' , analyze_json [ ' message ' ] )
2014-04-03 03:33:58 +00:00
2015-07-15 21:25:41 +00:00
# Analyze the trigger's dockerfile: Sixth, dockerfile with private repo that the user cannot see
2014-04-03 03:33:58 +00:00
trigger_config = { ' dockerfile ' : ' FROM localhost:5000/randomuser/randomrepo ' }
analyze_json = self . postJsonResponse ( BuildTriggerAnalyze ,
2015-07-15 21:25:41 +00:00
params = dict ( repository = ADMIN_ACCESS_USER + ' /simple ' ,
trigger_uuid = trigger . uuid ) ,
2014-04-03 03:33:58 +00:00
data = { ' config ' : trigger_config } )
self . assertEquals ( ' error ' , analyze_json [ ' status ' ] )
2015-07-15 21:25:41 +00:00
self . assertEquals ( nofound % ' randomuser ' , analyze_json [ ' message ' ] )
2014-04-03 03:33:58 +00:00
# Analyze the trigger's dockerfile: Seventh, dockerfile with private repo that the user see.
trigger_config = { ' dockerfile ' : ' FROM localhost:5000/devtable/complex ' }
analyze_json = self . postJsonResponse ( BuildTriggerAnalyze ,
2015-07-15 21:25:41 +00:00
params = dict ( repository = ADMIN_ACCESS_USER + ' /simple ' ,
trigger_uuid = trigger . uuid ) ,
2014-04-03 03:33:58 +00:00
data = { ' config ' : trigger_config } )
self . assertEquals ( ' analyzed ' , analyze_json [ ' status ' ] )
self . assertEquals ( ' devtable ' , analyze_json [ ' namespace ' ] )
self . assertEquals ( ' complex ' , analyze_json [ ' name ' ] )
self . assertEquals ( False , analyze_json [ ' is_public ' ] )
self . assertEquals ( ADMIN_ACCESS_USER + ' +dtrobot ' , analyze_json [ ' robots ' ] [ 0 ] [ ' name ' ] )
2014-02-26 20:19:07 +00:00
def test_fake_trigger ( self ) :
self . login ( ADMIN_ACCESS_USER )
database . BuildTriggerService . create ( name = ' fakeservice ' )
# Add a new fake trigger.
2015-07-15 21:25:41 +00:00
repo = model . repository . get_repository ( ADMIN_ACCESS_USER , ' simple ' )
user = model . user . get_user ( ADMIN_ACCESS_USER )
trigger = model . build . create_build_trigger ( repo , ' fakeservice ' , ' sometoken ' , user )
2014-02-26 20:19:07 +00:00
# Verify the trigger.
2015-07-15 21:25:41 +00:00
json = self . getJsonResponse ( BuildTriggerList ,
params = dict ( repository = ADMIN_ACCESS_USER + ' /simple ' ) )
2014-02-26 20:19:07 +00:00
self . assertEquals ( 1 , len ( json [ ' triggers ' ] ) )
self . assertEquals ( trigger . uuid , json [ ' triggers ' ] [ 0 ] [ ' id ' ] )
self . assertEquals ( trigger . service . name , json [ ' triggers ' ] [ 0 ] [ ' service ' ] )
self . assertEquals ( False , json [ ' triggers ' ] [ 0 ] [ ' is_active ' ] )
# List the trigger's sources.
2015-07-15 21:25:41 +00:00
source_json = self . getJsonResponse ( BuildTriggerSources ,
params = dict ( repository = ADMIN_ACCESS_USER + ' /simple ' ,
trigger_uuid = trigger . uuid ) )
2014-02-26 20:19:07 +00:00
self . assertEquals ( [ { ' first ' : ' source ' } , { ' second ' : ' sometoken ' } ] , source_json [ ' sources ' ] )
# List the trigger's subdirs.
2014-03-18 23:34:26 +00:00
subdir_json = self . postJsonResponse ( BuildTriggerSubdirs ,
2015-07-15 21:25:41 +00:00
params = dict ( repository = ADMIN_ACCESS_USER + ' /simple ' ,
trigger_uuid = trigger . uuid ) ,
2014-02-26 20:19:07 +00:00
data = { ' somevalue ' : ' meh ' } )
2015-07-15 21:25:41 +00:00
self . assertEquals ( { ' status ' : ' success ' , ' subdir ' : [ ' sometoken ' , ' foo ' , ' bar ' , ' meh ' ] } ,
subdir_json )
2014-02-26 20:19:07 +00:00
# Activate the trigger.
2015-04-30 19:47:40 +00:00
trigger_config = {
' build_source ' : ' somesource '
}
2014-03-18 23:34:26 +00:00
activate_json = self . postJsonResponse ( BuildTriggerActivate ,
2015-07-15 21:25:41 +00:00
params = dict ( repository = ADMIN_ACCESS_USER + ' /simple ' ,
trigger_uuid = trigger . uuid ) ,
2014-03-27 22:33:13 +00:00
data = { ' config ' : trigger_config } )
2014-02-26 20:19:07 +00:00
self . assertEquals ( True , activate_json [ ' is_active ' ] )
# Make sure the trigger has a write token.
2015-07-15 21:25:41 +00:00
trigger = model . build . get_build_trigger ( trigger . uuid )
2014-02-26 20:19:07 +00:00
self . assertNotEquals ( None , trigger . write_token )
self . assertEquals ( True , py_json . loads ( trigger . config ) [ ' active ' ] )
# Make sure we cannot activate again.
2014-03-18 23:34:26 +00:00
self . postResponse ( BuildTriggerActivate ,
2015-07-15 21:25:41 +00:00
params = dict ( repository = ADMIN_ACCESS_USER + ' /simple ' ,
trigger_uuid = trigger . uuid ) ,
2014-03-27 22:33:13 +00:00
data = { ' config ' : trigger_config } ,
2014-02-26 20:19:07 +00:00
expected_code = 400 )
2014-09-30 20:29:32 +00:00
# Retrieve values for a field.
2014-10-14 20:23:01 +00:00
result = self . postJsonResponse ( BuildTriggerFieldValues ,
2014-11-24 21:07:38 +00:00
params = dict ( repository = ADMIN_ACCESS_USER + ' /simple ' ,
2015-07-15 21:25:41 +00:00
trigger_uuid = trigger . uuid , field_name = " test_field " ) )
2014-09-30 20:29:32 +00:00
self . assertEquals ( result [ ' values ' ] , [ 1 , 2 , 3 ] )
2014-10-14 20:23:01 +00:00
self . postResponse ( BuildTriggerFieldValues ,
2014-11-24 21:07:38 +00:00
params = dict ( repository = ADMIN_ACCESS_USER + ' /simple ' ,
2014-09-30 20:29:32 +00:00
trigger_uuid = trigger . uuid , field_name = " another_field " ) ,
2015-07-15 21:25:41 +00:00
expected_code = 404 )
2014-09-30 20:29:32 +00:00
2014-02-26 20:19:07 +00:00
# Start a manual build.
2014-03-18 23:34:26 +00:00
start_json = self . postJsonResponse ( ActivateBuildTrigger ,
2015-07-15 21:25:41 +00:00
params = dict ( repository = ADMIN_ACCESS_USER + ' /simple ' ,
trigger_uuid = trigger . uuid ) ,
2014-09-30 20:29:32 +00:00
data = dict ( ) ,
2014-02-26 20:19:07 +00:00
expected_code = 201 )
assert ' id ' in start_json
self . assertEquals ( " build-name " , start_json [ ' display_name ' ] )
2015-04-30 19:47:40 +00:00
self . assertEquals ( [ ' bar ' ] , start_json [ ' tags ' ] )
self . assertEquals ( ' subdir ' , start_json [ ' subdirectory ' ] )
self . assertEquals ( ' somesource ' , start_json [ ' trigger ' ] [ ' build_source ' ] )
2014-02-26 20:19:07 +00:00
2015-02-18 19:12:59 +00:00
# Verify the metadata was added.
build_obj = database . RepositoryBuild . get ( database . RepositoryBuild . uuid == start_json [ ' id ' ] )
self . assertEquals ( ' bar ' , py_json . loads ( build_obj . job_config ) [ ' trigger_metadata ' ] [ ' foo ' ] )
2014-03-25 00:57:02 +00:00
2015-08-07 17:01:49 +00:00
# Start another manual build, with a ref.
start_json = self . postJsonResponse ( ActivateBuildTrigger ,
params = dict ( repository = ADMIN_ACCESS_USER + ' /simple ' ,
trigger_uuid = trigger . uuid ) ,
2015-08-11 21:17:18 +00:00
data = dict ( refs = { ' kind ' : ' branch ' , ' name ' : ' foobar ' } ) ,
2015-08-07 17:01:49 +00:00
expected_code = 201 )
2014-03-27 22:33:13 +00:00
def test_invalid_robot_account ( self ) :
self . login ( ADMIN_ACCESS_USER )
database . BuildTriggerService . create ( name = ' fakeservice ' )
# Add a new fake trigger.
2015-07-15 21:25:41 +00:00
repo = model . repository . get_repository ( ADMIN_ACCESS_USER , ' simple ' )
user = model . user . get_user ( ADMIN_ACCESS_USER )
trigger = model . build . create_build_trigger ( repo , ' fakeservice ' , ' sometoken ' , user )
2014-03-27 22:33:13 +00:00
# Try to activate it with an invalid robot account.
trigger_config = { }
2015-07-15 21:25:41 +00:00
self . postJsonResponse ( BuildTriggerActivate ,
params = dict ( repository = ADMIN_ACCESS_USER + ' /simple ' ,
trigger_uuid = trigger . uuid ) ,
data = { ' config ' : trigger_config , ' pull_robot ' : ' someinvalidrobot ' } ,
expected_code = 404 )
2014-03-27 22:33:13 +00:00
def test_unauthorized_robot_account ( self ) :
self . login ( ADMIN_ACCESS_USER )
database . BuildTriggerService . create ( name = ' fakeservice ' )
# Add a new fake trigger.
2015-07-15 21:25:41 +00:00
repo = model . repository . get_repository ( ADMIN_ACCESS_USER , ' simple ' )
user = model . user . get_user ( ADMIN_ACCESS_USER )
trigger = model . build . create_build_trigger ( repo , ' fakeservice ' , ' sometoken ' , user )
2014-03-27 22:33:13 +00:00
# Try to activate it with a robot account in the wrong namespace.
trigger_config = { }
2015-07-15 21:25:41 +00:00
self . postJsonResponse ( BuildTriggerActivate ,
params = dict ( repository = ADMIN_ACCESS_USER + ' /simple ' ,
trigger_uuid = trigger . uuid ) ,
data = { ' config ' : trigger_config , ' pull_robot ' : ' freshuser+anotherrobot ' } ,
expected_code = 403 )
2014-03-27 22:33:13 +00:00
def test_robot_account ( self ) :
self . login ( ADMIN_ACCESS_USER )
database . BuildTriggerService . create ( name = ' fakeservice ' )
# Add a new fake trigger.
2015-07-15 21:25:41 +00:00
repo = model . repository . get_repository ( ADMIN_ACCESS_USER , ' simple ' )
user = model . user . get_user ( ADMIN_ACCESS_USER )
trigger = model . build . create_build_trigger ( repo , ' fakeservice ' , ' sometoken ' , user )
2014-03-27 22:33:13 +00:00
# Try to activate it with a robot account.
trigger_config = { }
activate_json = self . postJsonResponse ( BuildTriggerActivate ,
2015-07-15 21:25:41 +00:00
params = dict ( repository = ADMIN_ACCESS_USER + ' /simple ' ,
trigger_uuid = trigger . uuid ) ,
data = { ' config ' : trigger_config ,
' pull_robot ' : ADMIN_ACCESS_USER + ' +dtrobot ' } )
2014-03-27 22:33:13 +00:00
# Verify that the robot was saved.
self . assertEquals ( True , activate_json [ ' is_active ' ] )
2014-04-02 01:49:06 +00:00
self . assertEquals ( ADMIN_ACCESS_USER + ' +dtrobot ' , activate_json [ ' pull_robot ' ] [ ' name ' ] )
2014-03-27 22:33:13 +00:00
# Start a manual build.
start_json = self . postJsonResponse ( ActivateBuildTrigger ,
2015-07-15 21:25:41 +00:00
params = dict ( repository = ADMIN_ACCESS_USER + ' /simple ' ,
trigger_uuid = trigger . uuid ) ,
2015-08-11 21:17:18 +00:00
data = dict ( refs = dict ( kind = ' branch ' , name = ' foobar ' ) ) ,
2014-03-27 22:33:13 +00:00
expected_code = 201 )
assert ' id ' in start_json
self . assertEquals ( " build-name " , start_json [ ' display_name ' ] )
2015-04-30 19:47:40 +00:00
self . assertEquals ( [ ' bar ' ] , start_json [ ' tags ' ] )
2014-03-27 22:33:13 +00:00
2014-03-25 00:57:02 +00:00
class TestUserAuthorizations ( ApiTestCase ) :
def test_list_get_delete_user_authorizations ( self ) :
self . login ( ADMIN_ACCESS_USER )
json = self . getJsonResponse ( UserAuthorizationList )
2014-11-24 21:07:38 +00:00
2014-03-25 00:57:02 +00:00
self . assertEquals ( 1 , len ( json [ ' authorizations ' ] ) )
authorization = json [ ' authorizations ' ] [ 0 ]
assert ' uuid ' in authorization
assert ' scopes ' in authorization
assert ' application ' in authorization
# Retrieve the authorization.
2015-07-15 21:25:41 +00:00
get_json = self . getJsonResponse ( UserAuthorization ,
params = dict ( access_token_uuid = authorization [ ' uuid ' ] ) )
2014-03-25 00:57:02 +00:00
self . assertEquals ( authorization , get_json )
# Delete the authorization.
2016-12-14 21:24:06 +00:00
self . deleteEmptyResponse ( UserAuthorization , params = dict ( access_token_uuid = authorization [ ' uuid ' ] ) )
2014-03-25 00:57:02 +00:00
# Verify it has been deleted.
2015-07-15 21:25:41 +00:00
self . getJsonResponse ( UserAuthorization , params = dict ( access_token_uuid = authorization [ ' uuid ' ] ) ,
2014-03-25 00:57:02 +00:00
expected_code = 404 )
2014-05-12 19:22:58 +00:00
class TestSuperUserLogs ( ApiTestCase ) :
def test_get_logs ( self ) :
self . login ( ADMIN_ACCESS_USER )
json = self . getJsonResponse ( SuperUserLogs )
assert ' logs ' in json
assert len ( json [ ' logs ' ] ) > 0
class TestSuperUserList ( ApiTestCase ) :
def test_get_users ( self ) :
self . login ( ADMIN_ACCESS_USER )
json = self . getJsonResponse ( SuperUserList )
assert ' users ' in json
assert len ( json [ ' users ' ] ) > 0
2016-02-11 09:04:37 +00:00
class TestSuperUserCreateInitialSuperUser ( ApiTestCase ) :
def test_create_superuser ( self ) :
data = {
' username ' : ' newsuper ' ,
' password ' : ' password ' ,
' email ' : ' jschorr+fake@devtable.com ' ,
}
# Try to write before some config. Should 403.
self . postResponse ( SuperUserCreateInitialSuperUser , data = data , expected_code = 403 )
# Add some fake config.
fake_config = {
' AUTHENTICATION_TYPE ' : ' Database ' ,
' SECRET_KEY ' : ' fakekey ' ,
}
self . putJsonResponse ( SuperUserConfig , data = dict ( config = fake_config , hostname = ' fakehost ' ) )
# Try to write with config. Should 403 since there are users in the DB.
self . postResponse ( SuperUserCreateInitialSuperUser , data = data , expected_code = 403 )
# Delete all users in the DB.
for user in list ( database . User . select ( ) ) :
2016-08-09 21:58:33 +00:00
model . user . delete_user ( user , all_queues , force = True )
2016-02-11 09:04:37 +00:00
# Create the superuser.
self . postJsonResponse ( SuperUserCreateInitialSuperUser , data = data )
# Ensure the user exists in the DB.
self . assertIsNotNone ( model . user . get_user ( ' newsuper ' ) )
# Ensure that the current user is newsuper.
json = self . getJsonResponse ( User )
self . assertEquals ( ' newsuper ' , json [ ' username ' ] )
# Ensure that the current user is a superuser in the config.
json = self . getJsonResponse ( SuperUserConfig )
self . assertEquals ( [ ' newsuper ' ] , json [ ' config ' ] [ ' SUPER_USERS ' ] )
# Ensure that the current user is a superuser in memory by trying to call an API
# that will fail otherwise.
self . getResponse ( SuperUserConfigFile , params = dict ( filename = ' ssl.cert ' ) )
class TestSuperUserConfig ( ApiTestCase ) :
def test_get_status_update_config ( self ) :
2015-12-08 20:00:50 +00:00
# With no config the status should be 'upload-license'.
2016-02-11 09:04:37 +00:00
json = self . getJsonResponse ( SuperUserRegistryStatus )
2015-12-08 20:00:50 +00:00
self . assertEquals ( ' upload-license ' , json [ ' status ' ] )
2016-02-11 09:04:37 +00:00
# And the config should 401.
self . getResponse ( SuperUserConfig , expected_code = 401 )
2015-12-08 20:00:50 +00:00
# Add a fake license file.
config_provider . save_license ( ' something ' )
# With no config but a license the status should be 'config-db'.
json = self . getJsonResponse ( SuperUserRegistryStatus )
self . assertEquals ( ' config-db ' , json [ ' status ' ] )
2016-02-11 09:04:37 +00:00
# Add some fake config.
fake_config = {
' AUTHENTICATION_TYPE ' : ' Database ' ,
' SECRET_KEY ' : ' fakekey ' ,
}
json = self . putJsonResponse ( SuperUserConfig , data = dict ( config = fake_config , hostname = ' fakehost ' ) )
self . assertEquals ( ' fakekey ' , json [ ' config ' ] [ ' SECRET_KEY ' ] )
self . assertEquals ( ' fakehost ' , json [ ' config ' ] [ ' SERVER_HOSTNAME ' ] )
self . assertEquals ( ' Database ' , json [ ' config ' ] [ ' AUTHENTICATION_TYPE ' ] )
# With config the status should be 'setup-db'.
json = self . getJsonResponse ( SuperUserRegistryStatus )
self . assertEquals ( ' setup-db ' , json [ ' status ' ] )
def test_config_file ( self ) :
# Try without an account. Should 403.
self . getResponse ( SuperUserConfigFile , params = dict ( filename = ' ssl.cert ' ) , expected_code = 403 )
# Login to a superuser.
self . login ( ADMIN_ACCESS_USER )
# Try for an invalid file. Should 404.
self . getResponse ( SuperUserConfigFile , params = dict ( filename = ' foobar ' ) , expected_code = 404 )
# Try for a valid filename. Should not exist.
json = self . getJsonResponse ( SuperUserConfigFile , params = dict ( filename = ' ssl.cert ' ) )
self . assertFalse ( json [ ' exists ' ] )
# Add the file.
self . postResponse ( SuperUserConfigFile , params = dict ( filename = ' ssl.cert ' ) ,
file = ( StringIO ( ' my file contents ' ) , ' ssl.cert ' ) )
# Should now exist.
json = self . getJsonResponse ( SuperUserConfigFile , params = dict ( filename = ' ssl.cert ' ) )
self . assertTrue ( json [ ' exists ' ] )
2016-05-23 19:08:51 +00:00
def test_update_with_external_auth ( self ) :
self . login ( ADMIN_ACCESS_USER )
# Run a mock LDAP.
mockldap = MockLdap ( {
' dc=quay,dc=io ' : { ' dc ' : [ ' quay ' , ' io ' ] } ,
' ou=employees,dc=quay,dc=io ' : {
' dc ' : [ ' quay ' , ' io ' ] ,
' ou ' : ' employees '
} ,
' uid= ' + ADMIN_ACCESS_USER + ' ,ou=employees,dc=quay,dc=io ' : {
' dc ' : [ ' quay ' , ' io ' ] ,
' ou ' : ' employees ' ,
' uid ' : [ ADMIN_ACCESS_USER ] ,
' userPassword ' : [ ' password ' ] ,
' mail ' : [ ADMIN_ACCESS_EMAIL ] ,
} ,
} )
config = {
' AUTHENTICATION_TYPE ' : ' LDAP ' ,
' LDAP_BASE_DN ' : [ ' dc=quay ' , ' dc=io ' ] ,
' LDAP_ADMIN_DN ' : ' uid=devtable,ou=employees,dc=quay,dc=io ' ,
' LDAP_ADMIN_PASSWD ' : ' password ' ,
' LDAP_USER_RDN ' : [ ' ou=employees ' ] ,
' LDAP_UID_ATTR ' : ' uid ' ,
' LDAP_EMAIL_ATTR ' : ' mail ' ,
}
mockldap . start ( )
try :
# Try writing some config with an invalid password.
self . putResponse ( SuperUserConfig , data = { ' config ' : config , ' hostname ' : ' foo ' } , expected_code = 400 )
self . putResponse ( SuperUserConfig ,
data = { ' config ' : config , ' password ' : ' invalid ' , ' hostname ' : ' foo ' } , expected_code = 400 )
# Write the config with the valid password.
self . putResponse ( SuperUserConfig ,
data = { ' config ' : config , ' password ' : ' password ' , ' hostname ' : ' foo ' } , expected_code = 200 )
# Ensure that the user row has been linked.
self . assertEquals ( ADMIN_ACCESS_USER , model . user . verify_federated_login ( ' ldap ' , ADMIN_ACCESS_USER ) . username )
finally :
mockldap . stop ( )
2016-02-11 09:04:37 +00:00
2016-02-24 21:01:27 +00:00
@urlmatch ( netloc = r ' (.* \ .)?mockclairservice ' , path = r ' /v1/layers/(.+) ' )
def get_layer_success_mock ( url , request ) :
vulnerabilities = [
{
" Name " : " CVE-2014-9471 " ,
" Namespace " : " debian:8 " ,
" Description " : " The parse_datetime function in GNU coreutils allows remote attackers to cause a denial of service (crash) or possibly execute arbitrary code via a crafted date string, as demonstrated by the \" --date=TZ= \" 123 \" 345 \" @1 \" string to the touch or date command. " ,
" Link " : " https://security-tracker.debian.org/tracker/CVE-2014-9471 " ,
" Severity " : " Low " ,
" FixedBy " : " 9.23-5 "
}
]
features = [
{
" Name " : " coreutils " ,
" Namespace " : " debian:8 " ,
" Version " : " 8.23-4 " ,
" Vulnerabilities " : vulnerabilities ,
}
]
2016-02-25 20:58:42 +00:00
if not request . url . index ( ' vulnerabilities ' ) > 0 :
2016-02-24 21:01:27 +00:00
vulnerabilities = [ ]
2016-02-25 20:58:42 +00:00
if not request . url . index ( ' features ' ) > 0 :
2016-02-24 21:01:27 +00:00
features = [ ]
return py_json . dumps ( {
" Layer " : {
" Name " : " 17675ec01494d651e1ccf81dc9cf63959ebfeed4f978fddb1666b6ead008ed52 " ,
" Namespace " : " debian:8 " ,
" ParentName " : " 140f9bdfeb9784cf8730e9dab5dd12fbd704151cf555ac8cae650451794e5ac2 " ,
" IndexedByVersion " : 1 ,
" Features " : features
}
} )
class TestRepositoryImageSecurity ( ApiTestCase ) :
def test_get_vulnerabilities ( self ) :
self . login ( ADMIN_ACCESS_USER )
layer = model . tag . get_tag_image ( ADMIN_ACCESS_USER , ' simple ' , ' latest ' )
# Grab the security info for the tag. It should be queued.
response = self . getJsonResponse ( RepositoryImageSecurity ,
params = dict ( repository = ADMIN_ACCESS_USER + ' /simple ' ,
imageid = layer . docker_image_id ,
vulnerabilities = ' true ' ) )
self . assertEquals ( ' queued ' , response [ ' status ' ] )
# Mark the layer as indexed.
layer . security_indexed = True
2016-05-02 19:29:31 +00:00
layer . security_indexed_engine = app . config [ ' SECURITY_SCANNER_ENGINE_VERSION_TARGET ' ]
2016-02-24 21:01:27 +00:00
layer . save ( )
# Grab the security info again.
with HTTMock ( get_layer_success_mock ) :
response = self . getJsonResponse ( RepositoryImageSecurity ,
params = dict ( repository = ADMIN_ACCESS_USER + ' /simple ' ,
imageid = layer . docker_image_id ,
vulnerabilities = ' true ' ) )
self . assertEquals ( ' scanned ' , response [ ' status ' ] )
self . assertEquals ( 1 , response [ ' data ' ] [ ' Layer ' ] [ ' IndexedByVersion ' ] )
2016-06-07 22:12:11 +00:00
class TestSuperUserTakeOwnership ( ApiTestCase ) :
def test_take_ownership_superuser ( self ) :
self . login ( ADMIN_ACCESS_USER )
# Should fail to take ownership of a superuser.
self . postResponse ( SuperUserTakeOwnership , params = dict ( namespace = ADMIN_ACCESS_USER ) ,
expected_code = 400 )
def test_take_ownership_invalid_namespace ( self ) :
self . login ( ADMIN_ACCESS_USER )
self . postResponse ( SuperUserTakeOwnership , params = dict ( namespace = ' invalid ' ) ,
expected_code = 404 )
def test_take_ownership_non_superuser ( self ) :
self . login ( READ_ACCESS_USER )
self . postResponse ( SuperUserTakeOwnership , params = dict ( namespace = ' freshuser ' ) ,
expected_code = 403 )
def test_take_ownership_user ( self ) :
self . login ( ADMIN_ACCESS_USER )
with assert_action_logged ( ' take_ownership ' ) :
# Take ownership of the read user.
self . postResponse ( SuperUserTakeOwnership , params = dict ( namespace = READ_ACCESS_USER ) )
# Ensure that the read access user is now an org, with the superuser as the owner.
reader = model . user . get_user_or_org ( READ_ACCESS_USER )
self . assertTrue ( reader . organization )
usernames = [ admin . username for admin in model . organization . get_admin_users ( reader ) ]
self . assertIn ( ADMIN_ACCESS_USER , usernames )
def test_take_ownership_org ( self ) :
# Create a new org with another user as owner.
public_user = model . user . get_user ( PUBLIC_USER )
org = model . organization . create_organization ( ' someorg ' , ' some@example.com ' , public_user )
# Ensure that the admin is not yet owner of the org.
usernames = [ admin . username for admin in model . organization . get_admin_users ( org ) ]
self . assertNotIn ( ADMIN_ACCESS_USER , usernames )
with assert_action_logged ( ' take_ownership ' ) :
# Take ownership.
self . login ( ADMIN_ACCESS_USER )
self . postResponse ( SuperUserTakeOwnership , params = dict ( namespace = ' someorg ' ) )
# Ensure now in the admin users.
usernames = [ admin . username for admin in model . organization . get_admin_users ( org ) ]
self . assertIn ( ADMIN_ACCESS_USER , usernames )
2016-04-05 19:27:45 +00:00
class TestSuperUserKeyManagement ( ApiTestCase ) :
def test_get_update_keys ( self ) :
self . login ( ADMIN_ACCESS_USER )
json = self . getJsonResponse ( SuperUserServiceKeyManagement )
2016-04-12 23:17:19 +00:00
key_count = len ( json [ ' keys ' ] )
2016-04-05 19:27:45 +00:00
key = json [ ' keys ' ] [ 0 ]
self . assertTrue ( ' name ' in key )
self . assertTrue ( ' service ' in key )
self . assertTrue ( ' kid ' in key )
self . assertTrue ( ' created_date ' in key )
self . assertTrue ( ' expiration_date ' in key )
self . assertTrue ( ' jwk ' in key )
self . assertTrue ( ' approval ' in key )
self . assertTrue ( ' metadata ' in key )
2016-06-07 22:12:11 +00:00
with assert_action_logged ( ' service_key_modify ' ) :
# Update the key's name.
self . putJsonResponse ( SuperUserServiceKey , params = dict ( kid = key [ ' kid ' ] ) ,
data = dict ( name = ' somenewname ' ) )
2016-04-05 19:27:45 +00:00
2016-06-07 22:12:11 +00:00
# Ensure the key's name has been changed.
json = self . getJsonResponse ( SuperUserServiceKey , params = dict ( kid = key [ ' kid ' ] ) )
self . assertEquals ( ' somenewname ' , json [ ' name ' ] )
2016-04-05 19:27:45 +00:00
2016-06-07 22:12:11 +00:00
with assert_action_logged ( ' service_key_modify ' ) :
# Update the key's metadata.
self . putJsonResponse ( SuperUserServiceKey , params = dict ( kid = key [ ' kid ' ] ) ,
data = dict ( metadata = dict ( foo = ' bar ' ) ) )
2016-04-05 19:27:45 +00:00
2016-06-07 22:12:11 +00:00
# Ensure the key's metadata has been changed.
json = self . getJsonResponse ( SuperUserServiceKey , params = dict ( kid = key [ ' kid ' ] ) )
self . assertEquals ( ' bar ' , json [ ' metadata ' ] [ ' foo ' ] )
2016-04-05 19:27:45 +00:00
2016-06-07 22:12:11 +00:00
with assert_action_logged ( ' service_key_extend ' ) :
# Change the key's expiration.
self . putJsonResponse ( SuperUserServiceKey , params = dict ( kid = key [ ' kid ' ] ) ,
data = dict ( expiration = None ) )
2016-04-05 19:27:45 +00:00
2016-06-07 22:12:11 +00:00
# Ensure the key's expiration has been changed.
json = self . getJsonResponse ( SuperUserServiceKey , params = dict ( kid = key [ ' kid ' ] ) )
self . assertIsNone ( json [ ' expiration_date ' ] )
2016-04-05 19:27:45 +00:00
2016-06-07 22:12:11 +00:00
with assert_action_logged ( ' service_key_delete ' ) :
# Delete the key.
2016-12-14 21:24:06 +00:00
self . deleteEmptyResponse ( SuperUserServiceKey , params = dict ( kid = key [ ' kid ' ] ) )
2016-04-05 19:27:45 +00:00
2016-06-07 22:12:11 +00:00
# Ensure the key no longer exists.
self . getResponse ( SuperUserServiceKey , params = dict ( kid = key [ ' kid ' ] ) , expected_code = 404 )
2016-04-05 19:27:45 +00:00
2016-06-07 22:12:11 +00:00
json = self . getJsonResponse ( SuperUserServiceKeyManagement )
self . assertEquals ( key_count - 1 , len ( json [ ' keys ' ] ) )
2016-04-05 19:27:45 +00:00
2016-04-05 19:57:44 +00:00
def test_approve_key ( self ) :
self . login ( ADMIN_ACCESS_USER )
# Ensure the key is not yet approved.
json = self . getJsonResponse ( SuperUserServiceKey , params = dict ( kid = ' kid3 ' ) )
self . assertEquals ( ' unapprovedkey ' , json [ ' name ' ] )
self . assertIsNone ( json [ ' approval ' ] )
# Approve the key.
2016-06-07 22:12:11 +00:00
with assert_action_logged ( ' service_key_approve ' ) :
self . postResponse ( SuperUserServiceKeyApproval , params = dict ( kid = ' kid3 ' ) ,
data = dict ( notes = ' testapprove ' ) , expected_code = 201 )
2016-04-05 19:57:44 +00:00
2016-06-07 22:12:11 +00:00
# Ensure the key is approved.
json = self . getJsonResponse ( SuperUserServiceKey , params = dict ( kid = ' kid3 ' ) )
self . assertEquals ( ' unapprovedkey ' , json [ ' name ' ] )
self . assertIsNotNone ( json [ ' approval ' ] )
self . assertEquals ( ' ServiceKeyApprovalType.SUPERUSER ' , json [ ' approval ' ] [ ' approval_type ' ] )
self . assertEquals ( ADMIN_ACCESS_USER , json [ ' approval ' ] [ ' approver ' ] [ ' username ' ] )
self . assertEquals ( ' testapprove ' , json [ ' approval ' ] [ ' notes ' ] )
2016-04-05 19:57:44 +00:00
def test_approve_preapproved ( self ) :
self . login ( ADMIN_ACCESS_USER )
new_key = {
' service ' : ' coolservice ' ,
' name ' : ' mynewkey ' ,
' metadata ' : dict ( foo = ' baz ' ) ,
' notes ' : ' whazzup!? ' ,
' expiration ' : timegm ( ( datetime . datetime . now ( ) + datetime . timedelta ( days = 1 ) ) . utctimetuple ( ) ) ,
}
# Create the key (preapproved automatically)
json = self . postJsonResponse ( SuperUserServiceKeyManagement , data = new_key )
# Try to approve again.
self . postResponse ( SuperUserServiceKeyApproval , params = dict ( kid = json [ ' kid ' ] ) , expected_code = 201 )
2016-04-05 19:27:45 +00:00
def test_create_key ( self ) :
self . login ( ADMIN_ACCESS_USER )
new_key = {
' service ' : ' coolservice ' ,
' name ' : ' mynewkey ' ,
' metadata ' : dict ( foo = ' baz ' ) ,
' notes ' : ' whazzup!? ' ,
' expiration ' : timegm ( ( datetime . datetime . now ( ) + datetime . timedelta ( days = 1 ) ) . utctimetuple ( ) ) ,
}
2016-06-07 22:12:11 +00:00
with assert_action_logged ( ' service_key_create ' ) :
# Create the key.
json = self . postJsonResponse ( SuperUserServiceKeyManagement , data = new_key )
self . assertEquals ( ' mynewkey ' , json [ ' name ' ] )
self . assertTrue ( ' kid ' in json )
self . assertTrue ( ' public_key ' in json )
self . assertTrue ( ' private_key ' in json )
# Verify the private key is a valid PEM.
serialization . load_pem_private_key ( json [ ' private_key ' ] . encode ( ' utf-8 ' ) , None , default_backend ( ) )
# Verify the key.
kid = json [ ' kid ' ]
json = self . getJsonResponse ( SuperUserServiceKey , params = dict ( kid = kid ) )
self . assertEquals ( ' mynewkey ' , json [ ' name ' ] )
self . assertEquals ( ' coolservice ' , json [ ' service ' ] )
self . assertEquals ( ' baz ' , json [ ' metadata ' ] [ ' foo ' ] )
self . assertEquals ( kid , json [ ' kid ' ] )
self . assertIsNotNone ( json [ ' approval ' ] )
self . assertEquals ( ' ServiceKeyApprovalType.SUPERUSER ' , json [ ' approval ' ] [ ' approval_type ' ] )
self . assertEquals ( ADMIN_ACCESS_USER , json [ ' approval ' ] [ ' approver ' ] [ ' username ' ] )
self . assertEquals ( ' whazzup!? ' , json [ ' approval ' ] [ ' notes ' ] )
2016-04-05 19:27:45 +00:00
2016-07-18 22:20:00 +00:00
class TestRepositoryManifestLabels ( ApiTestCase ) :
def test_basic_labels ( self ) :
self . login ( ADMIN_ACCESS_USER )
# Find the manifest digest for the prod tag in the complex repo.
tag_manifest = model . tag . load_tag_manifest ( ADMIN_ACCESS_USER , ' complex ' , ' prod ' )
repository = ADMIN_ACCESS_USER + ' /complex '
# Check the existing labels on the complex repo, which should be empty
json = self . getJsonResponse ( RepositoryManifestLabels ,
params = dict ( repository = repository , manifestref = tag_manifest . digest ) )
self . assertEquals ( 0 , len ( json [ ' labels ' ] ) )
# Add some labels to the manifest.
with assert_action_logged ( ' manifest_label_add ' ) :
label1 = self . postJsonResponse ( RepositoryManifestLabels ,
params = dict ( repository = repository ,
manifestref = tag_manifest . digest ) ,
data = dict ( key = ' hello ' , value = ' world ' ,
media_type = ' text/plain ' ) ,
expected_code = 201 )
with assert_action_logged ( ' manifest_label_add ' ) :
label2 = self . postJsonResponse ( RepositoryManifestLabels ,
params = dict ( repository = repository ,
manifestref = tag_manifest . digest ) ,
data = dict ( key = ' hi ' , value = ' there ' ,
media_type = ' text/plain ' ) ,
expected_code = 201 )
with assert_action_logged ( ' manifest_label_add ' ) :
label3 = self . postJsonResponse ( RepositoryManifestLabels ,
params = dict ( repository = repository ,
manifestref = tag_manifest . digest ) ,
data = dict ( key = ' hello ' , value = ' someone ' ,
media_type = ' application/json ' ) ,
expected_code = 201 )
# Ensure we have *3* labels
json = self . getJsonResponse ( RepositoryManifestLabels ,
params = dict ( repository = repository ,
manifestref = tag_manifest . digest ) )
self . assertEquals ( 3 , len ( json [ ' labels ' ] ) )
self . assertNotEquals ( label2 [ ' label ' ] [ ' id ' ] , label1 [ ' label ' ] [ ' id ' ] )
self . assertNotEquals ( label3 [ ' label ' ] [ ' id ' ] , label1 [ ' label ' ] [ ' id ' ] )
self . assertNotEquals ( label2 [ ' label ' ] [ ' id ' ] , label3 [ ' label ' ] [ ' id ' ] )
self . assertEquals ( ' text/plain ' , label1 [ ' label ' ] [ ' media_type ' ] )
self . assertEquals ( ' text/plain ' , label2 [ ' label ' ] [ ' media_type ' ] )
self . assertEquals ( ' application/json ' , label3 [ ' label ' ] [ ' media_type ' ] )
2016-11-17 19:55:14 +00:00
# Ensure we can retrieve each of the labels.
for label in json [ ' labels ' ] :
label_json = self . getJsonResponse ( ManageRepositoryManifestLabel ,
params = dict ( repository = repository ,
manifestref = tag_manifest . digest ,
labelid = label [ ' id ' ] ) )
self . assertEquals ( label [ ' id ' ] , label_json [ ' id ' ] )
2016-07-18 22:20:00 +00:00
# Delete a label.
with assert_action_logged ( ' manifest_label_delete ' ) :
2016-12-14 21:24:06 +00:00
self . deleteEmptyResponse ( ManageRepositoryManifestLabel ,
2016-07-18 22:20:00 +00:00
params = dict ( repository = repository ,
manifestref = tag_manifest . digest ,
labelid = label1 [ ' label ' ] [ ' id ' ] ) )
# Ensure the label is gone.
json = self . getJsonResponse ( RepositoryManifestLabels ,
params = dict ( repository = repository ,
manifestref = tag_manifest . digest ) )
self . assertEquals ( 2 , len ( json [ ' labels ' ] ) )
# Check filtering.
json = self . getJsonResponse ( RepositoryManifestLabels ,
params = dict ( repository = repository ,
manifestref = tag_manifest . digest ,
filter = ' hello ' ) )
self . assertEquals ( 1 , len ( json [ ' labels ' ] ) )
def test_prefixed_labels ( self ) :
self . login ( ADMIN_ACCESS_USER )
# Find the manifest digest for the prod tag in the complex repo.
tag_manifest = model . tag . load_tag_manifest ( ADMIN_ACCESS_USER , ' complex ' , ' prod ' )
repository = ADMIN_ACCESS_USER + ' /complex '
self . postJsonResponse ( RepositoryManifestLabels ,
params = dict ( repository = repository ,
manifestref = tag_manifest . digest ) ,
data = dict ( key = ' com.dockers.whatever ' , value = ' pants ' ,
media_type = ' text/plain ' ) ,
expected_code = 201 )
self . postJsonResponse ( RepositoryManifestLabels ,
params = dict ( repository = repository ,
manifestref = tag_manifest . digest ) ,
data = dict ( key = ' my.cool.prefix.for.my.label ' , value = ' value ' ,
media_type = ' text/plain ' ) ,
expected_code = 201 )
def test_add_invalid_media_type ( self ) :
self . login ( ADMIN_ACCESS_USER )
tag_manifest = model . tag . load_tag_manifest ( ADMIN_ACCESS_USER , ' complex ' , ' prod ' )
repository = ADMIN_ACCESS_USER + ' /complex '
self . postResponse ( RepositoryManifestLabels ,
params = dict ( repository = repository ,
manifestref = tag_manifest . digest ) ,
data = dict ( key = ' hello ' , value = ' world ' , media_type = ' some/invalid ' ) ,
expected_code = 400 )
def test_add_invalid_key ( self ) :
self . login ( ADMIN_ACCESS_USER )
tag_manifest = model . tag . load_tag_manifest ( ADMIN_ACCESS_USER , ' complex ' , ' prod ' )
repository = ADMIN_ACCESS_USER + ' /complex '
# Try to add an empty label key.
self . postResponse ( RepositoryManifestLabels ,
params = dict ( repository = repository ,
manifestref = tag_manifest . digest ) ,
data = dict ( key = ' ' , value = ' world ' ) ,
expected_code = 400 )
# Try to add an invalid label key.
self . postResponse ( RepositoryManifestLabels ,
params = dict ( repository = repository ,
manifestref = tag_manifest . digest ) ,
data = dict ( key = ' invalid___key ' , value = ' world ' ) ,
expected_code = 400 )
# Try to add a label key in a reserved namespace.
self . postResponse ( RepositoryManifestLabels ,
params = dict ( repository = repository ,
manifestref = tag_manifest . digest ) ,
data = dict ( key = ' io.docker.whatever ' , value = ' world ' ) ,
expected_code = 400 )
2014-05-12 19:22:58 +00:00
class TestSuperUserManagement ( ApiTestCase ) :
def test_get_user ( self ) :
self . login ( ADMIN_ACCESS_USER )
2015-07-15 21:25:41 +00:00
json = self . getJsonResponse ( SuperUserManagement , params = dict ( username = ' freshuser ' ) )
2014-05-12 19:22:58 +00:00
self . assertEquals ( ' freshuser ' , json [ ' username ' ] )
2014-08-18 21:24:00 +00:00
self . assertEquals ( ' jschorr+test@devtable.com ' , json [ ' email ' ] )
2014-11-24 21:07:38 +00:00
self . assertEquals ( False , json [ ' super_user ' ] )
2014-05-12 19:22:58 +00:00
def test_delete_user ( self ) :
self . login ( ADMIN_ACCESS_USER )
# Verify the user exists.
2015-07-15 21:25:41 +00:00
json = self . getJsonResponse ( SuperUserManagement , params = dict ( username = ' freshuser ' ) )
2014-05-12 19:22:58 +00:00
self . assertEquals ( ' freshuser ' , json [ ' username ' ] )
# Delete the user.
2016-12-14 21:24:06 +00:00
self . deleteEmptyResponse ( SuperUserManagement , params = dict ( username = ' freshuser ' ) , expected_code = 204 )
2014-11-24 21:07:38 +00:00
2014-05-12 19:22:58 +00:00
# Verify the user no longer exists.
2015-07-15 21:25:41 +00:00
self . getResponse ( SuperUserManagement , params = dict ( username = ' freshuser ' ) , expected_code = 404 )
2014-11-24 21:07:38 +00:00
2015-06-30 16:42:19 +00:00
def test_change_user_password ( self ) :
self . login ( ADMIN_ACCESS_USER )
# Verify the user exists.
2015-07-15 21:25:41 +00:00
json = self . getJsonResponse ( SuperUserManagement , params = dict ( username = ' freshuser ' ) )
2015-06-30 16:42:19 +00:00
self . assertEquals ( ' freshuser ' , json [ ' username ' ] )
self . assertEquals ( ' jschorr+test@devtable.com ' , json [ ' email ' ] )
# Update the user.
2015-07-15 21:25:41 +00:00
json = self . putJsonResponse ( SuperUserManagement , params = dict ( username = ' freshuser ' ) ,
data = dict ( password = ' somepassword ' ) )
2015-06-30 16:42:19 +00:00
self . assertTrue ( ' encrypted_password ' in json )
2014-05-12 19:22:58 +00:00
def test_update_user ( self ) :
self . login ( ADMIN_ACCESS_USER )
# Verify the user exists.
2015-07-15 21:25:41 +00:00
json = self . getJsonResponse ( SuperUserManagement , params = dict ( username = ' freshuser ' ) )
2014-05-12 19:22:58 +00:00
self . assertEquals ( ' freshuser ' , json [ ' username ' ] )
2014-08-18 21:24:00 +00:00
self . assertEquals ( ' jschorr+test@devtable.com ' , json [ ' email ' ] )
2014-05-12 19:22:58 +00:00
# Update the user.
2015-07-15 21:25:41 +00:00
json = self . putJsonResponse ( SuperUserManagement , params = dict ( username = ' freshuser ' ) ,
data = dict ( email = ' foo@bar.com ' ) )
2015-06-30 16:42:19 +00:00
self . assertFalse ( ' encrypted_password ' in json )
2014-11-24 21:07:38 +00:00
2014-05-12 19:22:58 +00:00
# Verify the user was updated.
2015-07-15 21:25:41 +00:00
json = self . getJsonResponse ( SuperUserManagement , params = dict ( username = ' freshuser ' ) )
2014-05-12 19:22:58 +00:00
self . assertEquals ( ' freshuser ' , json [ ' username ' ] )
self . assertEquals ( ' foo@bar.com ' , json [ ' email ' ] )
2016-10-07 14:22:30 +00:00
def test_set_message ( self ) :
self . login ( ADMIN_ACCESS_USER )
# Create a message
2016-10-17 19:43:03 +00:00
self . postResponse ( GlobalUserMessages , data = dict ( message = { " content " : " new message " } ) , expected_code = 201 )
2016-10-07 19:56:58 +00:00
2016-10-17 19:43:03 +00:00
json = self . getJsonResponse ( GlobalUserMessages )
2016-10-07 19:56:58 +00:00
self . assertEquals ( len ( json [ ' messages ' ] ) , 2 )
2016-10-10 16:55:00 +00:00
self . assertEquals ( json [ ' messages ' ] [ 1 ] [ " content " ] , " new message " )
2016-10-10 18:00:20 +00:00
self . assertNotEqual ( json [ ' messages ' ] [ 0 ] [ " content " ] , json [ ' messages ' ] [ 1 ] [ " content " ] )
2016-10-11 19:09:38 +00:00
self . assertTrue ( json [ ' messages ' ] [ 1 ] [ " uuid " ] )
def test_delete_message ( self ) :
self . login ( ADMIN_ACCESS_USER )
2016-10-17 19:43:03 +00:00
json = self . getJsonResponse ( GlobalUserMessages )
2016-12-14 21:24:06 +00:00
self . deleteEmptyResponse ( GlobalUserMessage , { " uuid " : json [ ' messages ' ] [ 0 ] [ ' uuid ' ] } , 204 )
2016-10-11 19:09:38 +00:00
2016-10-17 19:43:03 +00:00
json = self . getJsonResponse ( GlobalUserMessages )
2016-10-11 19:09:38 +00:00
self . assertEquals ( len ( json [ ' messages ' ] ) , 0 )
2014-05-12 19:22:58 +00:00
2014-01-31 21:19:29 +00:00
if __name__ == ' __main__ ' :
unittest . main ( )