Merge remote-tracking branch 'origin/redalert'

Conflicts: app.py
2014-08-04 16:56:34 -04:00 · 2014-08-04 16:56:34 -04:00 · 0372013f70
commit 0372013f70
parent 0aa6e92b02 cd5af72ba8
46 changed files with 2432 additions and 432 deletions
--- a/test/data/test.db
+++ b/test/data/test.db
--- a/test/test_api_security.py
+++ b/test/test_api_security.py
@ -18,9 +18,10 @@ from endpoints.api.robot import UserRobotList, OrgRobot, OrgRobotList, UserRobot
 from endpoints.api.trigger import (BuildTriggerActivate, BuildTriggerSources, BuildTriggerSubdirs,
                                   TriggerBuildList, ActivateBuildTrigger, BuildTrigger,
                                   BuildTriggerList, BuildTriggerAnalyze)
-from endpoints.api.webhook import Webhook, WebhookList
+from endpoints.api.repoemail import RepositoryAuthorizedEmail
+from endpoints.api.repositorynotification import RepositoryNotification, RepositoryNotificationList
 from endpoints.api.user import (PrivateRepositories, ConvertToOrganization, Recovery, Signout,
-                                Signin, User, UserAuthorizationList, UserAuthorization)
+                                Signin, User, UserAuthorizationList, UserAuthorization, UserNotification)
 from endpoints.api.repotoken import RepositoryToken, RepositoryTokenList
 from endpoints.api.prototype import PermissionPrototype, PermissionPrototypeList
 from endpoints.api.logs import UserLogs, OrgLogs, RepositoryLogs
@ -122,6 +123,37 @@ class TestFindRepositories(ApiTestCase):
    self._run_test('GET', 200, 'devtable', None)


+
+class TestUserNotification(ApiTestCase):
+  def setUp(self):
+    ApiTestCase.setUp(self)
+    self._set_url(UserNotification, uuid='someuuid')
+
+  def test_get_anonymous(self):
+    self._run_test('GET', 401, None, None)
+
+  def test_get_freshuser(self):
+    self._run_test('GET', 404, 'freshuser', None)
+
+  def test_get_reader(self):
+    self._run_test('GET', 404, 'reader', None)
+
+  def test_get_devtable(self):
+    self._run_test('GET', 404, 'devtable', None)
+
+  def test_put_anonymous(self):
+    self._run_test('PUT', 401, None, {})
+
+  def test_put_freshuser(self):
+    self._run_test('PUT', 404, 'freshuser', {})
+
+  def test_put_reader(self):
+    self._run_test('PUT', 404, 'reader', {})
+
+  def test_put_devtable(self):
+    self._run_test('PUT', 404, 'devtable', {})
+
+
 class TestUserInvoiceList(ApiTestCase):
  def setUp(self):
    ApiTestCase.setUp(self)
@ -1883,10 +1915,10 @@ class TestBuildTriggerD6tiBuynlargeOrgrepo(ApiTestCase):
    self._run_test('DELETE', 404, 'devtable', None)


-class TestWebhookQfatPublicPublicrepo(ApiTestCase):
+class TestRepositoryNotificationQfatPublicPublicrepo(ApiTestCase):
  def setUp(self):
    ApiTestCase.setUp(self)
-    self._set_url(Webhook, public_id="QFAT", repository="public/publicrepo")
+    self._set_url(RepositoryNotification, uuid="QFAT", repository="public/publicrepo")

  def test_get_anonymous(self):
    self._run_test('GET', 401, None, None)
@ -1913,10 +1945,10 @@ class TestWebhookQfatPublicPublicrepo(ApiTestCase):
    self._run_test('DELETE', 403, 'devtable', None)


-class TestWebhookQfatDevtableShared(ApiTestCase):
+class TestRepositoryNotificationQfatDevtableShared(ApiTestCase):
  def setUp(self):
    ApiTestCase.setUp(self)
-    self._set_url(Webhook, public_id="QFAT", repository="devtable/shared")
+    self._set_url(RepositoryNotification, uuid="QFAT", repository="devtable/shared")

  def test_get_anonymous(self):
    self._run_test('GET', 401, None, None)
@ -1943,10 +1975,10 @@ class TestWebhookQfatDevtableShared(ApiTestCase):
    self._run_test('DELETE', 400, 'devtable', None)


-class TestWebhookQfatBuynlargeOrgrepo(ApiTestCase):
+class TestRepositoryNotificationQfatBuynlargeOrgrepo(ApiTestCase):
  def setUp(self):
    ApiTestCase.setUp(self)
-    self._set_url(Webhook, public_id="QFAT", repository="buynlarge/orgrepo")
+    self._set_url(RepositoryNotification, uuid="QFAT", repository="buynlarge/orgrepo")

  def test_get_anonymous(self):
    self._run_test('GET', 401, None, None)
@ -2529,10 +2561,10 @@ class TestBuildTriggerListBuynlargeOrgrepo(ApiTestCase):
    self._run_test('GET', 200, 'devtable', None)


-class TestWebhookListPublicPublicrepo(ApiTestCase):
+class TestRepositoryNotificationListPublicPublicrepo(ApiTestCase):
  def setUp(self):
    ApiTestCase.setUp(self)
-    self._set_url(WebhookList, repository="public/publicrepo")
+    self._set_url(RepositoryNotificationList, repository="public/publicrepo")

  def test_get_anonymous(self):
    self._run_test('GET', 401, None, None)
@ -2559,10 +2591,10 @@ class TestWebhookListPublicPublicrepo(ApiTestCase):
    self._run_test('POST', 403, 'devtable', {})


-class TestWebhookListDevtableShared(ApiTestCase):
+class TestRepositoryNotificationListDevtableShared(ApiTestCase):
  def setUp(self):
    ApiTestCase.setUp(self)
-    self._set_url(WebhookList, repository="devtable/shared")
+    self._set_url(RepositoryNotificationList, repository="devtable/shared")

  def test_get_anonymous(self):
    self._run_test('GET', 401, None, None)
@ -2586,13 +2618,14 @@ class TestWebhookListDevtableShared(ApiTestCase):
    self._run_test('POST', 403, 'reader', {})

  def test_post_devtable(self):
-    self._run_test('POST', 201, 'devtable', {})
+    self._run_test('POST', 400, 'devtable', {'event': 'repo_push', 'method': 'email',
+                                             'config': {'email': 'a@b.com'}})


-class TestWebhookListBuynlargeOrgrepo(ApiTestCase):
+class TestRepositoryNotificationListBuynlargeOrgrepo(ApiTestCase):
  def setUp(self):
    ApiTestCase.setUp(self)
-    self._set_url(WebhookList, repository="buynlarge/orgrepo")
+    self._set_url(RepositoryNotificationList, repository="buynlarge/orgrepo")

  def test_get_anonymous(self):
    self._run_test('GET', 401, None, None)
@ -2616,7 +2649,102 @@ class TestWebhookListBuynlargeOrgrepo(ApiTestCase):
    self._run_test('POST', 403, 'reader', {})

  def test_post_devtable(self):
-    self._run_test('POST', 201, 'devtable', {})
+    self._run_test('POST', 400, 'devtable', {'event': 'repo_push', 'method': 'email',
+                                             'config': {'email': 'a@b.com'}})
+
+
+class TestRepositoryAuthorizedEmailPublicPublicrepo(ApiTestCase):
+  def setUp(self):
+    ApiTestCase.setUp(self)
+    self._set_url(RepositoryAuthorizedEmail, repository="public/publicrepo",
+                  email="jschorr@devtable.com")
+
+  def test_get_anonymous(self):
+    self._run_test('GET', 401, None, None)
+
+  def test_get_freshuser(self):
+    self._run_test('GET', 403, 'freshuser', None)
+
+  def test_get_reader(self):
+    self._run_test('GET', 403, 'reader', None)
+
+  def test_get_devtable(self):
+    self._run_test('GET', 403, 'devtable', None)
+
+  def test_post_anonymous(self):
+    self._run_test('POST', 401, None, {})
+
+  def test_post_freshuser(self):
+    self._run_test('POST', 403, 'freshuser', {})
+
+  def test_post_reader(self):
+    self._run_test('POST', 403, 'reader', {})
+
+  def test_post_devtable(self):
+    self._run_test('POST', 403, 'devtable', {})
+
+
+class TestRepositoryAuthorizedEmailDevtableSharedrepo(ApiTestCase):
+  def setUp(self):
+    ApiTestCase.setUp(self)
+    self._set_url(RepositoryAuthorizedEmail, repository="devtable/shared",
+                  email="jschorr@devtable.com")
+
+  def test_get_anonymous(self):
+    self._run_test('GET', 401, None, None)
+
+  def test_get_freshuser(self):
+    self._run_test('GET', 403, 'freshuser', None)
+
+  def test_get_reader(self):
+    self._run_test('GET', 403, 'reader', None)
+
+  def test_get_devtable(self):
+    self._run_test('GET', 404, 'devtable', None)
+
+  def test_post_anonymous(self):
+    self._run_test('POST', 401, None, {})
+
+  def test_post_freshuser(self):
+    self._run_test('POST', 403, 'freshuser', {})
+
+  def test_post_reader(self):
+    self._run_test('POST', 403, 'reader', {})
+
+  def test_post_devtable(self):
+    self._run_test('POST', 200, 'devtable', {})
+
+
+class TestRepositoryAuthorizedEmailBuynlargeOrgrepo(ApiTestCase):
+  def setUp(self):
+    ApiTestCase.setUp(self)
+    self._set_url(RepositoryAuthorizedEmail, repository="buynlarge/orgrepo",
+                  email="jschorr@devtable.com")
+
+  def test_get_anonymous(self):
+    self._run_test('GET', 401, None, None)
+
+  def test_get_freshuser(self):
+    self._run_test('GET', 403, 'freshuser', None)
+
+  def test_get_reader(self):
+    self._run_test('GET', 403, 'reader', None)
+
+  def test_get_devtable(self):
+    self._run_test('GET', 404, 'devtable', None)
+
+  def test_post_anonymous(self):
+    self._run_test('POST', 401, None, {})
+
+  def test_post_freshuser(self):
+    self._run_test('POST', 403, 'freshuser', {})
+
+  def test_post_reader(self):
+    self._run_test('POST', 403, 'reader', {})
+
+  def test_post_devtable(self):
+    self._run_test('POST', 200, 'devtable', {})
+


 class TestRepositoryTokenListPublicPublicrepo(ApiTestCase):
--- a/test/test_api_usage.py
+++ b/test/test_api_usage.py
@ -20,9 +20,11 @@ from endpoints.api.robot import UserRobotList, OrgRobot, OrgRobotList, UserRobot
 from endpoints.api.trigger import (BuildTriggerActivate, BuildTriggerSources, BuildTriggerSubdirs,
                                   TriggerBuildList, ActivateBuildTrigger, BuildTrigger,
                                   BuildTriggerList, BuildTriggerAnalyze)
-from endpoints.api.webhook import Webhook, WebhookList
+from endpoints.api.repoemail import RepositoryAuthorizedEmail
+from endpoints.api.repositorynotification import RepositoryNotification, RepositoryNotificationList
 from endpoints.api.user import (PrivateRepositories, ConvertToOrganization, Signout, Signin, User,
-                                UserAuthorizationList, UserAuthorization)
+                                UserAuthorizationList, UserAuthorization, UserNotification,
+                                UserNotificationList)

 from endpoints.api.repotoken import RepositoryToken, RepositoryTokenList
 from endpoints.api.prototype import PermissionPrototype, PermissionPrototypeList
@ -207,6 +209,26 @@ class TestLoggedInUser(ApiTestCase):
    assert json['username'] == READ_ACCESS_USER


+class TestUserNotification(ApiTestCase):
+  def test_get(self):
+    self.login(ADMIN_ACCESS_USER)
+    json = self.getJsonResponse(UserNotificationList)
+
+    # Make sure each notification can be retrieved.
+    for notification in json['notifications']:
+      njson = self.getJsonResponse(UserNotification, params=dict(uuid=notification['id']))
+      self.assertEquals(notification['id'], njson['id'])
+
+    # Update a notification.
+    assert json['notifications']
+    assert not json['notifications'][0]['dismissed']
+    
+    pjson = self.putJsonResponse(UserNotification, params=dict(uuid=notification['id']),
+                                 data=dict(dismissed=True))
+      
+    self.assertEquals(True, pjson['dismissed'])
+
+
 class TestGetUserPrivateAllowed(ApiTestCase):
  def test_nonallowed(self):
    self.login(READ_ACCESS_USER)
@ -388,6 +410,16 @@ class TestGetMatchingEntities(ApiTestCase):
    assert 'outsideorg' in names
    assert 'owners' in names

+  def test_inorg_withorgs(self):
+    self.login(ADMIN_ACCESS_USER)
+    
+    json = self.getJsonResponse(EntitySearch,
+                                params=dict(prefix=ORGANIZATION[0], namespace=ORGANIZATION,
+                                            includeOrgs='true'))
+
+    names = set([r['name'] for r in json['results']])
+    assert ORGANIZATION in names
+

 class TestCreateOrganization(ApiTestCase):
  def test_existinguser(self):
@ -1072,42 +1104,89 @@ class TestRequestRepoBuild(ApiTestCase):
                      expected_code=403)


+class TestRepositoryEmail(ApiTestCase):
+  def test_emailnotauthorized(self):
+    self.login(ADMIN_ACCESS_USER)
+    
+    # Verify the e-mail address is not authorized.
+    json = self.getResponse(RepositoryAuthorizedEmail,
+                            params=dict(repository=ADMIN_ACCESS_USER + '/simple', email='test@example.com'),
+                            expected_code=404)

-class TestWebhooks(ApiTestCase):
+  def test_emailnotauthorized_butsent(self):
+    self.login(ADMIN_ACCESS_USER)
+    
+    # Verify the e-mail address is not authorized.
+    json = self.getJsonResponse(RepositoryAuthorizedEmail,
+                                params=dict(repository=ADMIN_ACCESS_USER + '/simple', email='jschorr+other@devtable.com'))
+
+    self.assertEquals(False, json['confirmed'])
+    self.assertEquals(ADMIN_ACCESS_USER, json['namespace'])
+    self.assertEquals('simple', json['repository'])
+    
+
+  def test_emailauthorized(self):
+    self.login(ADMIN_ACCESS_USER)
+    
+    # Verify the e-mail address is authorized.
+    json = self.getJsonResponse(RepositoryAuthorizedEmail,
+                                params=dict(repository=ADMIN_ACCESS_USER + '/simple', email='jschorr@devtable.com'))
+
+    self.assertEquals(True, json['confirmed'])
+    self.assertEquals(ADMIN_ACCESS_USER, json['namespace'])
+    self.assertEquals('simple', json['repository'])
+
+
+  def test_send_email_authorization(self):
+    self.login(ADMIN_ACCESS_USER)
+    
+    # Send the email.
+    json = self.postJsonResponse(RepositoryAuthorizedEmail,
+                                params=dict(repository=ADMIN_ACCESS_USER + '/simple', email='jschorr+foo@devtable.com'))
+
+    self.assertEquals(False, json['confirmed'])
+    self.assertEquals(ADMIN_ACCESS_USER, json['namespace'])
+    self.assertEquals('simple', json['repository'])
+
+
+class TestRepositoryNotifications(ApiTestCase):
  def test_webhooks(self):
    self.login(ADMIN_ACCESS_USER)

-    # Add a webhook.
-    json = self.postJsonResponse(WebhookList,
+    # Add a notification.
+    json = self.postJsonResponse(RepositoryNotificationList,
                                 params=dict(repository=ADMIN_ACCESS_USER + '/simple'),
-                                 data=dict(url='http://example.com'),
+                                 data=dict(config={'url': 'http://example.com'}, event='repo_push', method='webhook'),
                                 expected_code=201)

-    self.assertEquals('http://example.com', json['parameters']['url'])
-    wid = json['public_id']
+    self.assertEquals('repo_push', json['event'])
+    self.assertEquals('webhook', json['method'])
+    self.assertEquals('http://example.com', json['config']['url'])
+    wid = json['uuid']

-    # Get the webhook.
-    json = self.getJsonResponse(Webhook,
-                                params=dict(repository=ADMIN_ACCESS_USER + '/simple', public_id=wid))
+    # Get the notification.
+    json = self.getJsonResponse(RepositoryNotification,
+                                params=dict(repository=ADMIN_ACCESS_USER + '/simple', uuid=wid))

-    self.assertEquals(wid, json['public_id'])
-    self.assertEquals('http://example.com', json['parameters']['url'])
+    self.assertEquals(wid, json['uuid'])
+    self.assertEquals('repo_push', json['event'])
+    self.assertEquals('webhook', json['method'])

-    # Verify the webhook is listed.
-    json = self.getJsonResponse(WebhookList,
+    # Verify the notification is listed.
+    json = self.getJsonResponse(RepositoryNotificationList,
                                params=dict(repository=ADMIN_ACCESS_USER + '/simple'))

-    ids = [w['public_id'] for w in json['webhooks']]
+    ids = [w['uuid'] for w in json['notifications']]
    assert wid in ids

-    # Delete the webhook.
-    self.deleteResponse(Webhook,
-                        params=dict(repository=ADMIN_ACCESS_USER + '/simple', public_id=wid),
+    # Delete the notification.
+    self.deleteResponse(RepositoryNotification,
+                        params=dict(repository=ADMIN_ACCESS_USER + '/simple', uuid=wid),
                        expected_code=204)

-    # Verify the webhook is gone.
-    self.getResponse(Webhook,
-                     params=dict(repository=ADMIN_ACCESS_USER + '/simple', public_id=wid),
+    # Verify the notification is gone.
+    self.getResponse(RepositoryNotification,
+                     params=dict(repository=ADMIN_ACCESS_USER + '/simple', uuid=wid),
                     expected_code=404)