Changeset - 975f5769be08
Parent rev.
Child rev.
[Not reviewed]
default
0 1 0
Thomas De Schampheleire - 10 years ago 2015-07-24 16:37:40
thomas.de.schampheleire@gmail.com
tests: add test coverage for how repo creation access control is different through API and Web
1 file changed with 34 insertions and 1 deletions:
kallithea/tests/api/api_base.py
34
1
0 comments (0 inline, 0 general)
kallithea/tests/api/api_base.py
Show inline comments
 
@@ -806,404 +806,437 @@ class _BaseTestApi(object):
 
        self._compare_ok(id_, expected, given=response.body)
 
        fixture.destroy_user_group(new_group)
 

			




	
	
	
		
 
    @parameterized.expand([

			




	
	
	
		
 
        ('repository.admin',),

			




	
	
	
		
 
        ('repository.write',),

			




	
	
	
		
 
        ('repository.read',),

			




	
	
	
		
 
    ])

			




	
	
	
		
 
    def test_api_get_repo_by_non_admin(self, grant_perm):

			




	
	
	
		
 
        RepoModel().grant_user_permission(repo=self.REPO,

			




	
	
	
		
 
                                          user=self.TEST_USER_LOGIN,

			




	
	
	
		
 
                                          perm=grant_perm)

			




	
	
	
		
 
        Session().commit()

			




	
	
	
		
 
        id_, params = _build_data(self.apikey_regular, 'get_repo',

			




	
	
	
		
 
                                  repoid=self.REPO)

			




	
	
	
		
 
        response = api_call(self, params)

			




	
	
	
		
 

			




	
	
	
		
 
        repo = RepoModel().get_by_repo_name(self.REPO)

			




	
	
	
		
 
        ret = repo.get_api_data()

			




	
	
	
		
 

			




	
	
	
		
 
        members = []

			




	
	
	
		
 
        followers = []

			




	
	
	
		
 
        self.assertEqual(2, len(repo.repo_to_perm))

			




	
	
	
		
 
        for user in repo.repo_to_perm:

			




	
	
	
		
 
            perm = user.permission.permission_name

			




	
	
	
		
 
            user_obj = user.user

			




	
	
	
		
 
            user_data = {'name': user_obj.username, 'type': "user",

			




	
	
	
		
 
                         'permission': perm}

			




	
	
	
		
 
            members.append(user_data)

			




	
	
	
		
 

			




	
	
	
		
 
        for user_group in repo.users_group_to_perm:

			




	
	
	
		
 
            perm = user_group.permission.permission_name

			




	
	
	
		
 
            user_group_obj = user_group.users_group

			




	
	
	
		
 
            user_group_data = {'name': user_group_obj.users_group_name,

			




	
	
	
		
 
                               'type': "user_group", 'permission': perm}

			




	
	
	
		
 
            members.append(user_group_data)

			




	
	
	
		
 

			




	
	
	
		
 
        for user in repo.followers:

			




	
	
	
		
 
            followers.append(user.user.get_api_data())

			




	
	
	
		
 

			




	
	
	
		
 
        ret['members'] = members

			




	
	
	
		
 
        ret['followers'] = followers

			




	
	
	
		
 

			




	
	
	
		
 
        expected = ret

			




	
	
	
		
 
        try:

			




	
	
	
		
 
            self._compare_ok(id_, expected, given=response.body)

			




	
	
	
		
 
        finally:

			




	
	
	
		
 
            RepoModel().revoke_user_permission(self.REPO, self.TEST_USER_LOGIN)

			




	
	
	
		
 

			




	
	
	
		
 
    def test_api_get_repo_by_non_admin_no_permission_to_repo(self):

			




	
	
	
		
 
        RepoModel().grant_user_permission(repo=self.REPO,

			




	
	
	
		
 
                                          user=self.TEST_USER_LOGIN,

			




	
	
	
		
 
                                          perm='repository.none')

			




	
	
	
		
 

			




	
	
	
		
 
        id_, params = _build_data(self.apikey_regular, 'get_repo',

			




	
	
	
		
 
                                  repoid=self.REPO)

			




	
	
	
		
 
        response = api_call(self, params)

			




	
	
	
		
 

			




	
	
	
		
 
        expected = 'repository `%s` does not exist' % (self.REPO)

			




	
	
	
		
 
        self._compare_error(id_, expected, given=response.body)

			




	
	
	
		
 

			




	
	
	
		
 
    def test_api_get_repo_that_doesn_not_exist(self):

			




	
	
	
		
 
        id_, params = _build_data(self.apikey, 'get_repo',

			




	
	
	
		
 
                                  repoid='no-such-repo')

			




	
	
	
		
 
        response = api_call(self, params)

			




	
	
	
		
 

			




	
	
	
		
 
        ret = 'repository `%s` does not exist' % 'no-such-repo'

			




	
	
	
		
 
        expected = ret

			




	
	
	
		
 
        self._compare_error(id_, expected, given=response.body)

			




	
	
	
		
 

			




	
	
	
		
 
    def test_api_get_repos(self):

			




	
	
	
		
 
        id_, params = _build_data(self.apikey, 'get_repos')

			




	
	
	
		
 
        response = api_call(self, params)

			




	
	
	
		
 

			




	
	
	
		
 
        result = []

			




	
	
	
		
 
        for repo in RepoModel().get_all():

			




	
	
	
		
 
            result.append(repo.get_api_data())

			




	
	
	
		
 
        ret = jsonify(result)

			




	
	
	
		
 

			




	
	
	
		
 
        expected = ret

			




	
	
	
		
 
        self._compare_ok(id_, expected, given=response.body)

			




	
	
	
		
 

			




	
	
	
		
 
    def test_api_get_repos_non_admin(self):

			




	
	
	
		
 
        id_, params = _build_data(self.apikey_regular, 'get_repos')

			




	
	
	
		
 
        response = api_call(self, params)

			




	
	
	
		
 

			




	
	
	
		
 
        result = []

			




	
	
	
		
 
        for repo in RepoModel().get_all_user_repos(self.TEST_USER_LOGIN):

			




	
	
	
		
 
            result.append(repo.get_api_data())

			




	
	
	
		
 
        ret = jsonify(result)

			




	
	
	
		
 

			




	
	
	
		
 
        expected = ret

			




	
	
	
		
 
        self._compare_ok(id_, expected, given=response.body)

			




	
	
	
		
 

			




	
	
	
		
 
    @parameterized.expand([('all', 'all'),

			




	
	
	
		
 
                           ('dirs', 'dirs'),

			




	
	
	
		
 
                           ('files', 'files'), ])

			




	
	
	
		
 
    def test_api_get_repo_nodes(self, name, ret_type):

			




	
	
	
		
 
        rev = 'tip'

			




	
	
	
		
 
        path = '/'

			




	
	
	
		
 
        id_, params = _build_data(self.apikey, 'get_repo_nodes',

			




	
	
	
		
 
                                  repoid=self.REPO, revision=rev,

			




	
	
	
		
 
                                  root_path=path,

			




	
	
	
		
 
                                  ret_type=ret_type)

			




	
	
	
		
 
        response = api_call(self, params)

			




	
	
	
		
 

			




	
	
	
		
 
        # we don't the actual return types here since it's tested somewhere

			




	
	
	
		
 
        # else

			




	
	
	
		
 
        expected = response.json['result']

			




	
	
	
		
 
        self._compare_ok(id_, expected, given=response.body)

			




	
	
	
		
 

			




	
	
	
		
 
    def test_api_get_repo_nodes_bad_revisions(self):

			




	
	
	
		
 
        rev = 'i-dont-exist'

			




	
	
	
		
 
        path = '/'

			




	
	
	
		
 
        id_, params = _build_data(self.apikey, 'get_repo_nodes',

			




	
	
	
		
 
                                  repoid=self.REPO, revision=rev,

			




	
	
	
		
 
                                  root_path=path, )

			




	
	
	
		
 
        response = api_call(self, params)

			




	
	
	
		
 

			




	
	
	
		
 
        expected = 'failed to get repo: `%s` nodes' % self.REPO

			




	
	
	
		
 
        self._compare_error(id_, expected, given=response.body)

			




	
	
	
		
 

			




	
	
	
		
 
    def test_api_get_repo_nodes_bad_path(self):

			




	
	
	
		
 
        rev = 'tip'

			




	
	
	
		
 
        path = '/idontexits'

			




	
	
	
		
 
        id_, params = _build_data(self.apikey, 'get_repo_nodes',

			




	
	
	
		
 
                                  repoid=self.REPO, revision=rev,

			




	
	
	
		
 
                                  root_path=path, )

			




	
	
	
		
 
        response = api_call(self, params)

			




	
	
	
		
 

			




	
	
	
		
 
        expected = 'failed to get repo: `%s` nodes' % self.REPO

			




	
	
	
		
 
        self._compare_error(id_, expected, given=response.body)

			




	
	
	
		
 

			




	
	
	
		
 
    def test_api_get_repo_nodes_bad_ret_type(self):

			




	
	
	
		
 
        rev = 'tip'

			




	
	
	
		
 
        path = '/'

			




	
	
	
		
 
        ret_type = 'error'

			




	
	
	
		
 
        id_, params = _build_data(self.apikey, 'get_repo_nodes',

			




	
	
	
		
 
                                  repoid=self.REPO, revision=rev,

			




	
	
	
		
 
                                  root_path=path,

			




	
	
	
		
 
                                  ret_type=ret_type)

			




	
	
	
		
 
        response = api_call(self, params)

			




	
	
	
		
 

			




	
	
	
		
 
        expected = ('ret_type must be one of %s'

			




	
	
	
		
 
                    % (','.join(['files', 'dirs', 'all'])))

			




	
	
	
		
 
        self._compare_error(id_, expected, given=response.body)

			




	
	
	
		
 

			




	
	
	
		
 
    @parameterized.expand([('all', 'all', 'repository.write'),

			




	
	
	
		
 
                           ('dirs', 'dirs', 'repository.admin'),

			




	
	
	
		
 
                           ('files', 'files', 'repository.read'), ])

			




	
	
	
		
 
    def test_api_get_repo_nodes_by_regular_user(self, name, ret_type, grant_perm):

			




	
	
	
		
 
        RepoModel().grant_user_permission(repo=self.REPO,

			




	
	
	
		
 
                                          user=self.TEST_USER_LOGIN,

			




	
	
	
		
 
                                          perm=grant_perm)

			




	
	
	
		
 
        Session().commit()

			




	
	
	
		
 

			




	
	
	
		
 
        rev = 'tip'

			




	
	
	
		
 
        path = '/'

			




	
	
	
		
 
        id_, params = _build_data(self.apikey_regular, 'get_repo_nodes',

			




	
	
	
		
 
                                  repoid=self.REPO, revision=rev,

			




	
	
	
		
 
                                  root_path=path,

			




	
	
	
		
 
                                  ret_type=ret_type)

			




	
	
	
		
 
        response = api_call(self, params)

			




	
	
	
		
 

			




	
	
	
		
 
        # we don't the actual return types here since it's tested somewhere

			




	
	
	
		
 
        # else

			




	
	
	
		
 
        expected = response.json['result']

			




	
	
	
		
 
        try:

			




	
	
	
		
 
            self._compare_ok(id_, expected, given=response.body)

			




	
	
	
		
 
        finally:

			




	
	
	
		
 
            RepoModel().revoke_user_permission(self.REPO, self.TEST_USER_LOGIN)

			




	
	
	
		
 

			




	
	
	
		
 
    def test_api_create_repo(self):

			




	
	
	
		
 
        repo_name = 'api-repo'

			




	
	
	
		
 
        id_, params = _build_data(self.apikey, 'create_repo',

			




	
	
	
		
 
                                  repo_name=repo_name,

			




	
	
	
		
 
                                  owner=TEST_USER_ADMIN_LOGIN,

			




	
	
	
		
 
                                  repo_type=self.REPO_TYPE,

			




	
	
	
		
 
        )

			




	
	
	
		
 
        response = api_call(self, params)

			




	
	
	
		
 

			




	
	
	
		
 
        repo = RepoModel().get_by_repo_name(repo_name)

			




	
	
	
		
 
        self.assertNotEqual(repo, None)

			




	
	
	
		
 
        ret = {

			




	
	
	
		
 
            'msg': 'Created new repository `%s`' % repo_name,

			




	
	
	
		
 
            'success': True,

			




	
	
	
		
 
            'task': None,

			




	
	
	
		
 
        }

			




	
	
	
		
 
        expected = ret

			




	
	
	
		
 
        self._compare_ok(id_, expected, given=response.body)

			




	
	
	
		
 
        fixture.destroy_repo(repo_name)

			




	
	
	
		
 

			




	
	
	
		
 
    def test_api_create_repo_in_group(self):

			




	
	
	
		
 
    def test_api_create_repo_and_repo_group(self):

			




	
	
	
		
 
        repo_name = 'my_gr/api-repo'

			




	
	
	
		
 
        id_, params = _build_data(self.apikey, 'create_repo',

			




	
	
	
		
 
                                  repo_name=repo_name,

			




	
	
	
		
 
                                  owner=TEST_USER_ADMIN_LOGIN,

			




	
	
	
		
 
                                  repo_type=self.REPO_TYPE,)

			




	
	
	
		
 
        response = api_call(self, params)

			




	
	
	
		
 
        print params

			




	
	
	
		
 
        repo = RepoModel().get_by_repo_name(repo_name)

			




	
	
	
		
 
        self.assertNotEqual(repo, None)

			




	
	
	
		
 
        ret = {

			




	
	
	
		
 
            'msg': 'Created new repository `%s`' % repo_name,

			




	
	
	
		
 
            'success': True,

			




	
	
	
		
 
            'task': None,

			




	
	
	
		
 
        }

			




	
	
	
		
 
        expected = ret

			




	
	
	
		
 
        self._compare_ok(id_, expected, given=response.body)

			




	
	
	
		
 
        fixture.destroy_repo(repo_name)

			




	
	
	
		
 
        fixture.destroy_repo_group('my_gr')

			




	
	
	
		
 

			




	
	
	
		
 
    def test_api_create_repo_in_repo_group_without_permission(self):

			




	
	
	
		
 
        repo_group_name = '%s/api-repo-repo' % TEST_REPO_GROUP

			




	
	
	
		
 
        repo_name = '%s/api-repo' % repo_group_name

			




	
	
	
		
 

			




	
	
	
		
 
        rg = fixture.create_repo_group(repo_group_name)

			




	
	
	
		
 
        Session().commit()

			




	
	
	
		
 
        RepoGroupModel().grant_user_permission(repo_group_name,

			




	
	
	
		
 
                                               self.TEST_USER_LOGIN,

			




	
	
	
		
 
                                               'group.none')

			




	
	
	
		
 
        Session().commit()

			




	
	
	
		
 

			




	
	
	
		
 
        id_, params = _build_data(self.apikey_regular, 'create_repo',

			




	
	
	
		
 
                                  repo_name=repo_name,

			




	
	
	
		
 
                                  repo_type=self.REPO_TYPE,

			




	
	
	
		
 
        )

			




	
	
	
		
 
        response = api_call(self, params)

			




	
	
	
		
 

			




	
	
	
		
 
        # Current result when API access control is different from Web:

			




	
	
	
		
 
        ret = {

			




	
	
	
		
 
            'msg': 'Created new repository `%s`' % repo_name,

			




	
	
	
		
 
            'success': True,

			




	
	
	
		
 
            'task': None,

			




	
	
	
		
 
        }

			




	
	
	
		
 
        expected = ret

			




	
	
	
		
 
        self._compare_ok(id_, expected, given=response.body)

			




	
	
	
		
 
        fixture.destroy_repo(repo_name)

			




	
	
	
		
 

			




	
	
	
		
 
        # Expected and arguably more correct result:

			




	
	
	
		
 
        #expected = 'failed to create repository `%s`' % repo_name

			




	
	
	
		
 
        #self._compare_error(id_, expected, given=response.body)

			




	
	
	
		
 

			




	
	
	
		
 
        fixture.destroy_repo_group(repo_group_name)

			




	
	
	
		
 

			




	
	
	
		
 
    def test_api_create_repo_unknown_owner(self):

			




	
	
	
		
 
        repo_name = 'api-repo'

			




	
	
	
		
 
        owner = 'i-dont-exist'

			




	
	
	
		
 
        id_, params = _build_data(self.apikey, 'create_repo',

			




	
	
	
		
 
                                  repo_name=repo_name,

			




	
	
	
		
 
                                  owner=owner,

			




	
	
	
		
 
                                  repo_type=self.REPO_TYPE,

			




	
	
	
		
 
        )

			




	
	
	
		
 
        response = api_call(self, params)

			




	
	
	
		
 
        expected = 'user `%s` does not exist' % owner

			




	
	
	
		
 
        self._compare_error(id_, expected, given=response.body)

			




	
	
	
		
 

			




	
	
	
		
 
    def test_api_create_repo_dont_specify_owner(self):

			




	
	
	
		
 
        repo_name = 'api-repo'

			




	
	
	
		
 
        owner = 'i-dont-exist'

			




	
	
	
		
 
        id_, params = _build_data(self.apikey, 'create_repo',

			




	
	
	
		
 
                                  repo_name=repo_name,

			




	
	
	
		
 
                                  repo_type=self.REPO_TYPE,

			




	
	
	
		
 
        )

			




	
	
	
		
 
        response = api_call(self, params)

			




	
	
	
		
 

			




	
	
	
		
 
        repo = RepoModel().get_by_repo_name(repo_name)

			




	
	
	
		
 
        self.assertNotEqual(repo, None)

			




	
	
	
		
 
        ret = {

			




	
	
	
		
 
            'msg': 'Created new repository `%s`' % repo_name,

			




	
	
	
		
 
            'success': True,

			




	
	
	
		
 
            'task': None,

			




	
	
	
		
 
        }

			




	
	
	
		
 
        expected = ret

			




	
	
	
		
 
        self._compare_ok(id_, expected, given=response.body)

			




	
	
	
		
 
        fixture.destroy_repo(repo_name)

			




	
	
	
		
 

			




	
	
	
		
 
    def test_api_create_repo_by_non_admin(self):

			




	
	
	
		
 
        repo_name = 'api-repo'

			




	
	
	
		
 
        owner = 'i-dont-exist'

			




	
	
	
		
 
        id_, params = _build_data(self.apikey_regular, 'create_repo',

			




	
	
	
		
 
                                  repo_name=repo_name,

			




	
	
	
		
 
                                  repo_type=self.REPO_TYPE,

			




	
	
	
		
 
        )

			




	
	
	
		
 
        response = api_call(self, params)

			




	
	
	
		
 

			




	
	
	
		
 
        repo = RepoModel().get_by_repo_name(repo_name)

			




	
	
	
		
 
        self.assertNotEqual(repo, None)

			




	
	
	
		
 
        ret = {

			




	
	
	
		
 
            'msg': 'Created new repository `%s`' % repo_name,

			




	
	
	
		
 
            'success': True,

			




	
	
	
		
 
            'task': None,

			




	
	
	
		
 
        }

			




	
	
	
		
 
        expected = ret

			




	
	
	
		
 
        self._compare_ok(id_, expected, given=response.body)

			




	
	
	
		
 
        fixture.destroy_repo(repo_name)

			




	
	
	
		
 

			




	
	
	
		
 
    def test_api_create_repo_by_non_admin_specify_owner(self):

			




	
	
	
		
 
        repo_name = 'api-repo'

			




	
	
	
		
 
        owner = 'i-dont-exist'

			




	
	
	
		
 
        id_, params = _build_data(self.apikey_regular, 'create_repo',

			




	
	
	
		
 
                                  repo_name=repo_name,

			




	
	
	
		
 
                                  repo_type=self.REPO_TYPE,

			




	
	
	
		
 
                                  owner=owner)

			




	
	
	
		
 
        response = api_call(self, params)

			




	
	
	
		
 

			




	
	
	
		
 
        expected = 'Only Kallithea admin can specify `owner` param'

			




	
	
	
		
 
        self._compare_error(id_, expected, given=response.body)

			




	
	
	
		
 
        fixture.destroy_repo(repo_name)

			




	
	
	
		
 

			




	
	
	
		
 
    def test_api_create_repo_exists(self):

			




	
	
	
		
 
        repo_name = self.REPO

			




	
	
	
		
 
        id_, params = _build_data(self.apikey, 'create_repo',

			




	
	
	
		
 
                                  repo_name=repo_name,

			




	
	
	
		
 
                                  owner=TEST_USER_ADMIN_LOGIN,

			




	
	
	
		
 
                                  repo_type=self.REPO_TYPE,)

			




	
	
	
		
 
        response = api_call(self, params)

			




	
	
	
		
 
        expected = "repo `%s` already exist" % repo_name

			




	
	
	
		
 
        self._compare_error(id_, expected, given=response.body)

			




	
	
	
		
 

			




	
	
	
		
 
    @mock.patch.object(RepoModel, 'create', crash)

			




	
	
	
		
 
    def test_api_create_repo_exception_occurred(self):

			




	
	
	
		
 
        repo_name = 'api-repo'

			




	
	
	
		
 
        id_, params = _build_data(self.apikey, 'create_repo',

			




	
	
	
		
 
                                  repo_name=repo_name,

			




	
	
	
		
 
                                  owner=TEST_USER_ADMIN_LOGIN,

			




	
	
	
		
 
                                  repo_type=self.REPO_TYPE,)

			




	
	
	
		
 
        response = api_call(self, params)

			




	
	
	
		
 
        expected = 'failed to create repository `%s`' % repo_name

			




	
	
	
		
 
        self._compare_error(id_, expected, given=response.body)

			




	
	
	
		
 

			




	
	
	
		
 
    @parameterized.expand([

			




	
	
	
		
 
        ('owner', {'owner': TEST_USER_REGULAR_LOGIN}),

			




	
	
	
		
 
        ('description', {'description': 'new description'}),

			




	
	
	
		
 
        ('active', {'active': True}),

			




	
	
	
		
 
        ('active', {'active': False}),

			




	
	
	
		
 
        ('clone_uri', {'clone_uri': 'http://foo.com/repo'}),

			




	
	
	
		
 
        ('clone_uri', {'clone_uri': None}),

			




	
	
	
		
 
        ('landing_rev', {'landing_rev': 'branch:master'}),

			




	
	
	
		
 
        ('enable_statistics', {'enable_statistics': True}),

			




	
	
	
		
 
        ('enable_locking', {'enable_locking': True}),

			




	
	
	
		
 
        ('enable_downloads', {'enable_downloads': True}),

			




	
	
	
		
 
        ('name', {'name': 'new_repo_name'}),

			




	
	
	
		
 
        ('repo_group', {'group': 'test_group_for_update'}),

			




	
	
	
		
 
    ])

			




	
	
	
		
 
    def test_api_update_repo(self, changing_attr, updates):

			




	
	
	
		
 
        repo_name = 'api_update_me'

			




	
	
	
		
 
        repo = fixture.create_repo(repo_name, repo_type=self.REPO_TYPE)

			




	
	
	
		
 
        if changing_attr == 'repo_group':

			




	
	
	
		
 
            fixture.create_repo_group(updates['group'])

			




	
	
	
		
 

			




	
	
	
		
 
        id_, params = _build_data(self.apikey, 'update_repo',

			




	
	
	
		
 
                                  repoid=repo_name, **updates)

			




	
	
	
		
 
        response = api_call(self, params)

			




	
	
	
		
 
        if changing_attr == 'name':

			




	
	
	
		
 
            repo_name = updates['name']

			




	
	
	
		
 
        if changing_attr == 'repo_group':

			




	
	
	
		
 
            repo_name = '/'.join([updates['group'], repo_name])

			




	
	
	
		
 
        try:

			




	
	
	
		
 
            expected = {

			




	
	
	
		
 
                'msg': 'updated repo ID:%s %s' % (repo.repo_id, repo_name),

			




	
	
	
		
 
                'repository': repo.get_api_data()

			




	
	
	
		
 
            }

			




	
	
	
		
 
            self._compare_ok(id_, expected, given=response.body)

			




	
	
	
		
 
        finally:

			




	
	
	
		
 
            fixture.destroy_repo(repo_name)

			




	
	
	
		
 
            if changing_attr == 'repo_group':

			




	
	
	
		
 
                fixture.destroy_repo_group(updates['group'])

			




	
	
	
		
 

			




	
	
	
		
 
    def test_api_update_repo_repo_group_does_not_exist(self):

			




	
	
	
		
 
        repo_name = 'admin_owned'

			




	
	
	
		
 
        fixture.create_repo(repo_name)

			




	
	
	
		
 
        updates = {'group': 'test_group_for_update'}

			




	
	
	
		
 
        id_, params = _build_data(self.apikey, 'update_repo',

			




	
	
	
		
 
                                  repoid=repo_name, **updates)

			




	
	
	
		
 
        response = api_call(self, params)

			




	
	
	
		
 
        try:

			




	
	
	
		
 
            expected = 'repository group `%s` does not exist' % updates['group']

			




	
	
	
		
 
            self._compare_error(id_, expected, given=response.body)

			




	
	
	
		
 
        finally:

			




	
	
	
		
 
            fixture.destroy_repo(repo_name)

			




	
	
	
		
 

			




	
	
	
		
 
    def test_api_update_repo_regular_user_not_allowed(self):

			




	
	
	
		
 
        repo_name = 'admin_owned'

			




	
	
	
		
 
        fixture.create_repo(repo_name)

			




	
	
	
		
 
        updates = {'active': False}

			




	
	
	
		
 
        id_, params = _build_data(self.apikey_regular, 'update_repo',

			




	
	
	
		
 
                                  repoid=repo_name, **updates)

			




	
	
	
		
 
        response = api_call(self, params)

			




	
	
	
		
 
        try:

			




	
	
	
		
 
            expected = 'repository `%s` does not exist' % repo_name

			




	
	
	
		
 
            self._compare_error(id_, expected, given=response.body)

			




	
	
	
		
 
        finally:

			




	
	
	
		
 
            fixture.destroy_repo(repo_name)

			




	
	
	
		
 

			




	
	
	
		
 
    @mock.patch.object(RepoModel, 'update', crash)

			




	
	
	
		
 
    def test_api_update_repo_exception_occurred(self):

			




	
	
	
		
 
        repo_name = 'api_update_me'

			




	
	
	
		
 
        fixture.create_repo(repo_name, repo_type=self.REPO_TYPE)

			




	
	
	
		
 
        id_, params = _build_data(self.apikey, 'update_repo',

			




	
	
	
		
 
                                  repoid=repo_name, owner=TEST_USER_ADMIN_LOGIN,)

			




	
	
	
		
 
        response = api_call(self, params)

			




	
	
	
		
 
        try:

			




	
	
	
		
 
            expected = 'failed to update repo `%s`' % repo_name

			




	
	
	
		
 
            self._compare_error(id_, expected, given=response.body)

			




	
	
	
		
 
        finally:

			




	
	
	
		
 
            fixture.destroy_repo(repo_name)

			




	
	
	
		
 

			




	
	
	
		
 
    def test_api_update_repo_regular_user_change_repo_name(self):

			




	
	
	
		
 
        repo_name = 'admin_owned'

			




	
	
	
		
 
        new_repo_name = 'new_repo_name'

			




	
	
	
		
 
        fixture.create_repo(repo_name, repo_type=self.REPO_TYPE)

			




	
	
	
		
 
        RepoModel().grant_user_permission(repo=repo_name,

			




	
	
	
		
 
                                          user=self.TEST_USER_LOGIN,

			




	
	
	
		
 
                                          perm='repository.admin')

			




	
	
	
		
 
        UserModel().revoke_perm('default', 'hg.create.repository')

			




	
	
	
		
 
        UserModel().grant_perm('default', 'hg.create.none')

			




	
	
	
		
 
        updates = {'name': new_repo_name}

			




	
	
	
		
 
        id_, params = _build_data(self.apikey_regular, 'update_repo',

			




	
	
	
		
 
                                  repoid=repo_name, **updates)

			




	
	
	
		
 
        response = api_call(self, params)

			




	
	
	
		
 
        try:

			




	
	
	
		
 
            expected = 'no permission to create (or move) repositories'

			




	
	
	
		
 
            self._compare_error(id_, expected, given=response.body)

			




	
	
	
		
 
        finally:

			




	
	
	
		
 
            fixture.destroy_repo(repo_name)

			




	
	
	
		
 
            fixture.destroy_repo(new_repo_name)

			




	
	
	
		
 

			




	
	
	
		
 
    def test_api_update_repo_regular_user_change_repo_name_allowed(self):

			




	
	
	
		
 
        repo_name = 'admin_owned'

			




	
	
	
		
 
        new_repo_name = 'new_repo_name'

			




	
	
	
		
 
        repo = fixture.create_repo(repo_name, repo_type=self.REPO_TYPE)

			




	
	
	
		
 
        RepoModel().grant_user_permission(repo=repo_name,

			




	
	
	
		
 
                                          user=self.TEST_USER_LOGIN,

			




	
	
	
		
 
                                          perm='repository.admin')

			




	
	
	
		
 
        UserModel().revoke_perm('default', 'hg.create.none')

			




	
	
	
		
 
        UserModel().grant_perm('default', 'hg.create.repository')

			




        

    



    


    



    



      

      





    
    0 comments (0 inline, 0 general)
    





    


  

  







  


    




    








    
        
    
    
        This site is powered by
            Kallithea 0.7.0,
        which is
        © 2010–2025 by various authors & licensed under GPLv3.