Files
@ 04d2bcfbe7a6
Branch filter:
Location: kallithea/rhodecode/tests/models/test_users.py - annotation
04d2bcfbe7a6
4.3 KiB
text/x-python
security fix, inspired by django security
announcement: https://www.djangoproject.com/weblog/2012/jul/30/security-releases-issued/
- filter out bad schemes and netloc differences
announcement: https://www.djangoproject.com/weblog/2012/jul/30/security-releases-issued/
- filter out bad schemes and netloc differences
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 | 95624ce4465f 95624ce4465f 95624ce4465f 95624ce4465f 95624ce4465f 95624ce4465f 95624ce4465f 95624ce4465f 95624ce4465f 95624ce4465f 95624ce4465f 95624ce4465f 95624ce4465f 95624ce4465f 95624ce4465f 95624ce4465f 95624ce4465f 95624ce4465f 95624ce4465f 95624ce4465f 95624ce4465f 95624ce4465f 95624ce4465f 95624ce4465f 95624ce4465f 95624ce4465f 95624ce4465f 95624ce4465f 95624ce4465f 95624ce4465f 95624ce4465f 95624ce4465f 95624ce4465f 95624ce4465f 95624ce4465f 95624ce4465f 95624ce4465f 95624ce4465f 95624ce4465f 95624ce4465f 95624ce4465f 95624ce4465f 95624ce4465f 95624ce4465f 95624ce4465f 95624ce4465f 95624ce4465f 95624ce4465f 95624ce4465f 95624ce4465f 95624ce4465f 95624ce4465f 95624ce4465f 95624ce4465f 95624ce4465f 95624ce4465f 95624ce4465f 95624ce4465f 95624ce4465f 95624ce4465f 95624ce4465f 95624ce4465f 95624ce4465f 95624ce4465f 95624ce4465f 95624ce4465f 95624ce4465f 95624ce4465f 95624ce4465f 95624ce4465f 95624ce4465f 95624ce4465f 95624ce4465f 95624ce4465f 95624ce4465f 95624ce4465f 95624ce4465f 95624ce4465f 95624ce4465f 95624ce4465f 95624ce4465f 95624ce4465f 95624ce4465f 95624ce4465f 95624ce4465f 95624ce4465f 95624ce4465f 95624ce4465f 95624ce4465f 95624ce4465f 95624ce4465f 95624ce4465f 95624ce4465f 95624ce4465f 95624ce4465f 95624ce4465f 95624ce4465f 95624ce4465f 95624ce4465f 95624ce4465f 95624ce4465f 95624ce4465f 95624ce4465f 95624ce4465f 95624ce4465f 95624ce4465f 95624ce4465f 95624ce4465f 95624ce4465f 95624ce4465f 95624ce4465f 95624ce4465f 95624ce4465f 95624ce4465f 95624ce4465f 95624ce4465f 95624ce4465f 95624ce4465f 95624ce4465f 95624ce4465f 95624ce4465f 95624ce4465f 95624ce4465f 95624ce4465f | import unittest
from rhodecode.tests import *
from rhodecode.model.db import User, UsersGroup, UsersGroupMember, UserEmailMap,\
Permission
from rhodecode.model.user import UserModel
from rhodecode.model.meta import Session
from rhodecode.model.users_group import UsersGroupModel
class TestUser(unittest.TestCase):
def __init__(self, methodName='runTest'):
Session.remove()
super(TestUser, self).__init__(methodName=methodName)
def test_create_and_remove(self):
usr = UserModel().create_or_update(username=u'test_user',
password=u'qweqwe',
email=u'u232@rhodecode.org',
firstname=u'u1', lastname=u'u1')
Session().commit()
self.assertEqual(User.get_by_username(u'test_user'), usr)
# make users group
users_group = UsersGroupModel().create('some_example_group')
Session().commit()
UsersGroupModel().add_user_to_group(users_group, usr)
Session().commit()
self.assertEqual(UsersGroup.get(users_group.users_group_id), users_group)
self.assertEqual(UsersGroupMember.query().count(), 1)
UserModel().delete(usr.user_id)
Session().commit()
self.assertEqual(UsersGroupMember.query().all(), [])
def test_additonal_email_as_main(self):
usr = UserModel().create_or_update(username=u'test_user',
password=u'qweqwe',
email=u'main_email@rhodecode.org',
firstname=u'u1', lastname=u'u1')
Session().commit()
def do():
m = UserEmailMap()
m.email = u'main_email@rhodecode.org'
m.user = usr
Session().add(m)
Session().commit()
self.assertRaises(AttributeError, do)
UserModel().delete(usr.user_id)
Session().commit()
def test_extra_email_map(self):
usr = UserModel().create_or_update(username=u'test_user',
password=u'qweqwe',
email=u'main_email@rhodecode.org',
firstname=u'u1', lastname=u'u1')
Session().commit()
m = UserEmailMap()
m.email = u'main_email2@rhodecode.org'
m.user = usr
Session().add(m)
Session().commit()
u = User.get_by_email(email='main_email@rhodecode.org')
self.assertEqual(usr.user_id, u.user_id)
self.assertEqual(usr.username, u.username)
u = User.get_by_email(email='main_email2@rhodecode.org')
self.assertEqual(usr.user_id, u.user_id)
self.assertEqual(usr.username, u.username)
u = User.get_by_email(email='main_email3@rhodecode.org')
self.assertEqual(None, u)
UserModel().delete(usr.user_id)
Session().commit()
class TestUsers(unittest.TestCase):
def __init__(self, methodName='runTest'):
super(TestUsers, self).__init__(methodName=methodName)
def setUp(self):
self.u1 = UserModel().create_or_update(username=u'u1',
password=u'qweqwe',
email=u'u1@rhodecode.org',
firstname=u'u1', lastname=u'u1')
def tearDown(self):
perm = Permission.query().all()
for p in perm:
UserModel().revoke_perm(self.u1, p)
UserModel().delete(self.u1)
Session().commit()
def test_add_perm(self):
perm = Permission.query().all()[0]
UserModel().grant_perm(self.u1, perm)
Session().commit()
self.assertEqual(UserModel().has_perm(self.u1, perm), True)
def test_has_perm(self):
perm = Permission.query().all()
for p in perm:
has_p = UserModel().has_perm(self.u1, p)
self.assertEqual(False, has_p)
def test_revoke_perm(self):
perm = Permission.query().all()[0]
UserModel().grant_perm(self.u1, perm)
Session().commit()
self.assertEqual(UserModel().has_perm(self.u1, perm), True)
#revoke
UserModel().revoke_perm(self.u1, perm)
Session().commit()
self.assertEqual(UserModel().has_perm(self.u1, perm), False)
|