% (repo_name, repo_name))

        #test if the repo was created in the database

        new_repo = self.Session().query(Repository)\

            .filter(Repository.repo_name == repo_name).one()

        self.assertEqual(new_repo.repo_name, repo_name)

        self.assertEqual(new_repo.description, description)

        #test if repository is visible in the list ?

        response = response.follow()

        response.mustcontain(repo_name)

        #test if repository was created on filesystem

        try:

            vcs.get_repo(os.path.join(TESTS_TMP_PATH, repo_name))

        except Exception:

            self.fail('no repo %s in filesystem' % repo_name)

    def test_create_git_non_ascii(self):

        self.log_user()

        non_ascii = "ąęł"

        repo_name = "%s%s" % (NEW_GIT_REPO, non_ascii)

        repo_name_unicode = repo_name.decode('utf8')

        description = 'description for newly created repo' + non_ascii

        description_unicode = description.decode('utf8')

        private = False

        response = self.app.post(url('repos'),

                        _get_repo_create_params(repo_private=False,

                                                repo_type='git',

                                                repo_name=repo_name,

                                                repo_description=description))

        self.checkSessionFlash(response,

                               u'Created repository <a href="/%s">%s</a>'

                               % (urllib.quote(repo_name), repo_name_unicode))

        #test if the repo was created in the database

        new_repo = self.Session().query(Repository)\

            .filter(Repository.repo_name == repo_name_unicode).one()

        self.assertEqual(new_repo.repo_name, repo_name_unicode)

        self.assertEqual(new_repo.description, description_unicode)

        #test if repository is visible in the list ?

        response = response.follow()

        response.mustcontain(repo_name)

        #test if repository was created on filesystem

        try:

            vcs.get_repo(os.path.join(TESTS_TMP_PATH, repo_name))

        except Exception:

            self.fail('no repo %s in filesystem' % repo_name)

    def test_update(self):

        response = self.app.put(url('repo', repo_name=HG_REPO))

    def test_update_browser_fakeout(self):

        response = self.app.post(url('repo', repo_name=HG_REPO),

                                 params=dict(_method='put'))

    def test_delete_hg(self):

        self.log_user()

        repo_name = 'vcs_test_new_to_delete'

        description = 'description for newly created repo'

        response = self.app.post(url('repos'),

                        _get_repo_create_params(repo_private=False,

                                                repo_type='hg',

                                                repo_name=repo_name,

                                                repo_description=description))

        self.checkSessionFlash(response,

                               'Created repository <a href="/%s">%s</a>'

                               % (repo_name, repo_name))

        #test if the repo was created in the database

        new_repo = self.Session().query(Repository)\

            .filter(Repository.repo_name == repo_name).one()

        self.assertEqual(new_repo.repo_name, repo_name)

        self.assertEqual(new_repo.description, description)

        #test if repository is visible in the list ?

        response = response.follow()

        response.mustcontain(repo_name)

        #test if repository was created on filesystem

        try:

            vcs.get_repo(os.path.join(TESTS_TMP_PATH, repo_name))

        except Exception:

            self.fail('no repo %s in filesystem' % repo_name)

        response = self.app.delete(url('repo', repo_name=repo_name))

        response.follow()

        #check if repo was deleted from db

        deleted_repo = self.Session().query(Repository)\

            .filter(Repository.repo_name == repo_name).scalar()

        self.assertEqual(deleted_repo, None)

        self.assertEqual(os.path.isdir(os.path.join(TESTS_TMP_PATH, repo_name)),

                                  False)

    def test_delete_git(self):

        self.log_user()

        repo_name = 'vcs_test_new_to_delete'

        description = 'description for newly created repo'

        private = False

        response = self.app.post(url('repos'),

                        _get_repo_create_params(repo_private=False,

                                                repo_type='git',

                                                repo_name=repo_name,

                                                repo_description=description))

        self.checkSessionFlash(response,

                               'Created repository <a href="/%s">%s</a>'

                               % (repo_name, repo_name))

        #test if the repo was created in the database

        new_repo = self.Session().query(Repository)\

            .filter(Repository.repo_name == repo_name).one()

        self.assertEqual(new_repo.repo_name, repo_name)

        self.assertEqual(new_repo.description, description)

        #test if repository is visible in the list ?

        response = response.follow()

        response.mustcontain(repo_name)

        #test if repository was created on filesystem

        try:

            vcs.get_repo(os.path.join(TESTS_TMP_PATH, repo_name))

        except Exception:

            self.fail('no repo %s in filesystem' % repo_name)

        response = self.app.delete(url('repo', repo_name=repo_name))

        response.follow()

        #check if repo was deleted from db

        deleted_repo = self.Session().query(Repository)\

            .filter(Repository.repo_name == repo_name).scalar()

        self.assertEqual(deleted_repo, None)

        self.assertEqual(os.path.isdir(os.path.join(TESTS_TMP_PATH, repo_name)),

                                  False)

    def test_delete_repo_with_group(self):

        #TODO:

        pass

    def test_delete_browser_fakeout(self):

        response = self.app.post(url('repo', repo_name=HG_REPO),

                                 params=dict(_method='delete'))

    def test_show_hg(self):

        self.log_user()

        response = self.app.get(url('repo', repo_name=HG_REPO))

    def test_show_git(self):

        self.log_user()

        response = self.app.get(url('repo', repo_name=GIT_REPO))

    def test_edit(self):

        response = self.app.get(url('edit_repo', repo_name=HG_REPO))

    def test_set_private_flag_sets_default_to_none(self):

        self.log_user()

        #initially repository perm should be read

        perm = _get_permission_for_user(user='default', repo=HG_REPO)

        self.assertTrue(len(perm), 1)

        self.assertEqual(perm[0].permission.permission_name, 'repository.read')

        self.assertEqual(Repository.get_by_repo_name(HG_REPO).private, False)

        response = self.app.put(url('repo', repo_name=HG_REPO),

                        _get_repo_create_params(repo_private=1,

                                                repo_name=HG_REPO,

                                                user=TEST_USER_ADMIN_LOGIN))

        self.checkSessionFlash(response,

                               msg='Repository %s updated successfully' % (HG_REPO))

        self.assertEqual(Repository.get_by_repo_name(HG_REPO).private, True)

        #now the repo default permission should be None

        perm = _get_permission_for_user(user='default', repo=HG_REPO)

        self.assertTrue(len(perm), 1)

        self.assertEqual(perm[0].permission.permission_name, 'repository.none')

        response = self.app.put(url('repo', repo_name=HG_REPO),

                        _get_repo_create_params(repo_private=False,

                                                repo_name=HG_REPO,

                                                user=TEST_USER_ADMIN_LOGIN))

        self.checkSessionFlash(response,

                               msg='Repository %s updated successfully' % (HG_REPO))

        self.assertEqual(Repository.get_by_repo_name(HG_REPO).private, False)

        #we turn off private now the repo default permission should stay None

        perm = _get_permission_for_user(user='default', repo=HG_REPO)

        self.assertTrue(len(perm), 1)

        self.assertEqual(perm[0].permission.permission_name, 'repository.none')

        #update this permission back

        perm[0].permission = Permission.get_by_key('repository.read')

        Session().add(perm[0])

        Session().commit()

# -*- coding: utf-8 -*-

from rhodecode.lib.auth import get_crypt_password, check_password

from rhodecode.model.db import User, RhodeCodeSetting, Repository

from rhodecode.tests import *

from rhodecode.lib import helpers as h

from rhodecode.model.user import UserModel

from rhodecode.model.scm import ScmModel

class TestAdminSettingsController(TestController):

    def test_index(self):

        response = self.app.get(url('admin_settings'))

        # Test response...

    def test_index_as_xml(self):

        response = self.app.get(url('formatted_admin_settings', format='xml'))

    def test_create(self):

        response = self.app.post(url('admin_settings'))

    def test_new(self):

        response = self.app.get(url('admin_new_setting'))

    def test_new_as_xml(self):

        response = self.app.get(url('formatted_admin_new_setting', format='xml'))

    def test_update(self):

        response = self.app.put(url('admin_setting', setting_id=1))

    def test_update_browser_fakeout(self):

        response = self.app.post(url('admin_setting', setting_id=1), params=dict(_method='put'))

    def test_delete(self):

        response = self.app.delete(url('admin_setting', setting_id=1))

    def test_delete_browser_fakeout(self):

        response = self.app.post(url('admin_setting', setting_id=1), params=dict(_method='delete'))

    def test_show(self):

        response = self.app.get(url('admin_setting', setting_id=1))

    def test_show_as_xml(self):

        response = self.app.get(url('formatted_admin_setting', setting_id=1, format='xml'))

    def test_edit(self):

        response = self.app.get(url('admin_edit_setting', setting_id=1))

    def test_edit_as_xml(self):

        response = self.app.get(url('formatted_admin_edit_setting',

                                    setting_id=1, format='xml'))

    def test_ga_code_active(self):

        self.log_user()

        old_title = 'RhodeCode'

        old_realm = 'RhodeCode authentication'

        new_ga_code = 'ga-test-123456789'

        response = self.app.post(url('admin_setting', setting_id='global'),

                                     params=dict(

                                                 _method='put',

                                                 rhodecode_title=old_title,

                                                 rhodecode_realm=old_realm,

                                                 rhodecode_ga_code=new_ga_code

                                                 ))

        self.checkSessionFlash(response, 'Updated application settings')

        self.assertEqual(RhodeCodeSetting

                         .get_app_settings()['rhodecode_ga_code'], new_ga_code)

        response = response.follow()

        response.mustcontain("""_gaq.push(['_setAccount', '%s']);""" % new_ga_code)

    def test_ga_code_inactive(self):

        self.log_user()

        old_title = 'RhodeCode'

        old_realm = 'RhodeCode authentication'

        new_ga_code = ''

        response = self.app.post(url('admin_setting', setting_id='global'),

                                     params=dict(

                                                 _method='put',

                                                 rhodecode_title=old_title,

                                                 rhodecode_realm=old_realm,

                                                 rhodecode_ga_code=new_ga_code

                                                 ))

        self.assertEqual(RhodeCodeSetting

                        .get_app_settings()['rhodecode_ga_code'], new_ga_code)

        response = response.follow()

        self.assertFalse("""_gaq.push(['_setAccount', '%s']);""" % new_ga_code

                         in response.body)

    def test_title_change(self):

        self.log_user()

        old_title = 'RhodeCode'

        new_title = old_title + '_changed'

        old_realm = 'RhodeCode authentication'

        for new_title in ['Changed', 'Żółwik', old_title]:

            response = self.app.post(url('admin_setting', setting_id='global'),

                                         params=dict(

                                                     _method='put',

                                                     rhodecode_title=new_title,

                                                     rhodecode_realm=old_realm,

                                                     rhodecode_ga_code=''

                                                     ))

            self.checkSessionFlash(response, 'Updated application settings')

            self.assertEqual(RhodeCodeSetting

                             .get_app_settings()['rhodecode_title'],

                             new_title.decode('utf-8'))

            response = response.follow()

            response.mustcontain("""<h1><a href="/">%s</a></h1>""" % new_title)

    def test_my_account(self):

        self.log_user()

        response = self.app.get(url('admin_settings_my_account'))

        self.assertTrue('value="test_admin' in response.body)

    @parameterized.expand([('firstname', 'new_username'),

                           ('lastname', 'new_username'),

                           ('admin', True),

                           ('admin', False),

                           ('ldap_dn', 'test'),

                           ('ldap_dn', None),

                           ('active', False),

                           ('active', True),

                           ('email', 'some@email.com'),

                           ])

    def test_my_account_update(self, name, expected):

        uname = 'testme'

        usr = UserModel().create_or_update(username=uname, password='qweqwe',

                                           email='testme@rhodecod.org')

        self.Session().commit()

        params = usr.get_api_data()

        user_id = usr.user_id

        self.log_user(username=uname, password='qweqwe')

        params.update({name: expected})

        params.update({'password_confirmation': ''})

        params.update({'new_password': ''})

        try:

            response = self.app.put(url('admin_settings_my_account_update',

                                        id=user_id), params)

            self.checkSessionFlash(response,

                                   'Your account was updated successfully')

            updated_user = User.get_by_username(uname)

            updated_params = updated_user.get_api_data()

            updated_params.update({'password_confirmation': ''})

            updated_params.update({'new_password': ''})

            params['last_login'] = updated_params['last_login']

            if name == 'email':

                params['emails'] = [expected]

            if name == 'ldap_dn':

                #cannot update this via form

                params['ldap_dn'] = None

            if name == 'active':

                #my account cannot deactivate account

                params['active'] = True

            if name == 'admin':

                #my account cannot make you an admin !

                params['admin'] = False

            self.assertEqual(params, updated_params)

        finally:

            UserModel().delete('testme')

    def test_my_account_update_err_email_exists(self):

        self.log_user()

        new_email = 'test_regular@mail.com'  # already exisitn email

        response = self.app.put(url('admin_settings_my_account_update'),

                                params=dict(

                                    username='test_admin',

                                    new_password='test12',

        username = 'new_user'

        password = ''

        name = 'name'

        lastname = 'lastname'

        email = 'errmail.com'

        response = self.app.post(url('users'), {'username': username,

                                               'password': password,

                                               'name': name,

                                               'active': False,

                                               'lastname': lastname,

                                               'email': email})

        msg = validators.ValidUsername(False, {})._messages['system_invalid_username']

        msg = h.html_escape(msg % {'username': 'new_user'})

        response.mustcontain("""<span class="error-message">%s</span>""" % msg)

        response.mustcontain("""<span class="error-message">Please enter a value</span>""")

        response.mustcontain("""<span class="error-message">An email address must contain a single @</span>""")

        def get_user():

            self.Session.query(User).filter(User.username == username).one()

        self.assertRaises(NoResultFound, get_user), 'found user in database'

    def test_new(self):

        self.log_user()

        response = self.app.get(url('new_user'))

    def test_new_as_xml(self):

        response = self.app.get(url('formatted_new_user', format='xml'))

    @parameterized.expand([('firstname', 'new_username'),

                           ('lastname', 'new_username'),

                           ('admin', True),

                           ('admin', False),

                           ('ldap_dn', 'test'),

                           ('ldap_dn', None),

                           ('active', False),

                           ('active', True),

                           ('email', 'some@email.com'),

                           ])

    def test_update(self, name, expected):

        self.log_user()

        uname = 'testme'

        usr = UserModel().create_or_update(username=uname, password='qweqwe',

                                           email='testme@rhodecod.org')

        self.Session().commit()

        params = usr.get_api_data()

        params.update({name: expected})

        params.update({'password_confirmation': ''})

        params.update({'new_password': ''})

        if name == 'email':

            params['emails'] = [expected]

        if name == 'ldap_dn':

            #cannot update this via form

            params['ldap_dn'] = None

        try:

            response = self.app.put(url('user', id=usr.user_id), params)

            self.checkSessionFlash(response, '''User updated successfully''')

            updated_user = User.get_by_username(uname)

            updated_params = updated_user.get_api_data()

            updated_params.update({'password_confirmation': ''})

            updated_params.update({'new_password': ''})

            self.assertEqual(params, updated_params)

        finally:

            UserModel().delete('testme')

    def test_update_browser_fakeout(self):

        response = self.app.post(url('user', id=1), params=dict(_method='put'))

    def test_delete(self):

        self.log_user()

        username = 'newtestuserdeleteme'

        password = 'test12'

        name = 'name'

        lastname = 'lastname'

        email = 'todeletemail@mail.com'

        response = self.app.post(url('users'), {'username': username,

                                               'password': password,

                                               'password_confirmation': password,

                                               'firstname': name,

                                               'active': True,

                                               'lastname': lastname,

                                               'email': email})

        response = response.follow()

        new_user = self.Session.query(User)\

            .filter(User.username == username).one()

        response = self.app.delete(url('user', id=new_user.user_id))

    def test_delete_browser_fakeout(self):

        response = self.app.post(url('user', id=1),

                                 params=dict(_method='delete'))

    def test_show(self):

        response = self.app.get(url('user', id=1))

    def test_show_as_xml(self):

        response = self.app.get(url('formatted_user', id=1, format='xml'))

    def test_edit(self):

        self.log_user()

        user = User.get_by_username(TEST_USER_ADMIN_LOGIN)

        response = self.app.get(url('edit_user', id=user.user_id))

    def test_add_perm_create_repo(self):

        self.log_user()

        perm_none = Permission.get_by_key('hg.create.none')

        perm_create = Permission.get_by_key('hg.create.repository')

        user = UserModel().create_or_update(username='dummy', password='qwe',

                                            email='dummy', firstname='a',

                                            lastname='b')

        Session().commit()

        uid = user.user_id

        try:

            #User should have None permission on creation repository

            self.assertEqual(UserModel().has_perm(user, perm_none), False)

            self.assertEqual(UserModel().has_perm(user, perm_create), False)

            response = self.app.post(url('user_perm', id=uid),

                                     params=dict(_method='put',

                                                 create_repo_perm=True))

            perm_none = Permission.get_by_key('hg.create.none')

            perm_create = Permission.get_by_key('hg.create.repository')

            #User should have None permission on creation repository

            self.assertEqual(UserModel().has_perm(uid, perm_none), False)

            self.assertEqual(UserModel().has_perm(uid, perm_create), True)

        finally:

            UserModel().delete(uid)

            Session().commit()

    def test_revoke_perm_create_repo(self):

        self.log_user()

        perm_none = Permission.get_by_key('hg.create.none')

        perm_create = Permission.get_by_key('hg.create.repository')

        user = UserModel().create_or_update(username='dummy', password='qwe',

                                            email='dummy', firstname='a',

                                            lastname='b')

        Session().commit()

        uid = user.user_id

        try:

            #User should have None permission on creation repository

            self.assertEqual(UserModel().has_perm(user, perm_none), False)

            self.assertEqual(UserModel().has_perm(user, perm_create), False)

            response = self.app.post(url('user_perm', id=uid),

                                     params=dict(_method='put'))

            perm_none = Permission.get_by_key('hg.create.none')

            perm_create = Permission.get_by_key('hg.create.repository')

            #User should have None permission on creation repository

            self.assertEqual(UserModel().has_perm(uid, perm_none), True)

            self.assertEqual(UserModel().has_perm(uid, perm_create), False)

        finally:

            UserModel().delete(uid)

            Session().commit()

    def test_add_perm_fork_repo(self):

        self.log_user()

        perm_none = Permission.get_by_key('hg.fork.none')

        perm_fork = Permission.get_by_key('hg.fork.repository')

        user = UserModel().create_or_update(username='dummy', password='qwe',

                                            email='dummy', firstname='a',

                                            lastname='b')

        Session().commit()

        uid = user.user_id

        try:

            #User should have None permission on creation repository

            self.assertEqual(UserModel().has_perm(user, perm_none), False)

            self.assertEqual(UserModel().has_perm(user, perm_fork), False)

            response = self.app.post(url('user_perm', id=uid),

                                     params=dict(_method='put',

                                                 create_repo_perm=True))

            perm_none = Permission.get_by_key('hg.create.none')