Sākums Izpētīt Palīdzība
Pierakstīties
bux
/
tracim
Vērot 1
Pievienot zvaigznīti 0
Atdalīts 0
Kods Problēmas 0 Izmaiņu pieprasījumi 0 Laidieni 0 Vikivietne Aktivitāte
Pārlūkot izejas kodu

Calendar tests: auth & rights

Bastien Sevajol (Algoo) 9 gadus atpakaļ
vecāks
2d941d6847
revīzija
3570164b37
2 mainītis faili ar 81 papildinājumiem un 5 dzēšanām
Apvienotais skats Rādīt salīdzināšanas statistiku
  1. 15 2
      tracim/tracim/tests/__init__.py
  2. 66 3
      tracim/tracim/tests/functional/test_calendar.py

+ 15 - 2
tracim/tracim/tests/__init__.py Parādīt failu

37 
 from tracim.lib.workspace import WorkspaceApi
 37 
 from tracim.lib.workspace import WorkspaceApi
38 
 from tracim.model import DBSession, Content
 38 
 from tracim.model import DBSession, Content
39 
 from tracim.model.data import Workspace, ContentType, ContentRevisionRO
 39 
 from tracim.model.data import Workspace, ContentType, ContentRevisionRO
40 
-from tracim.lib.calendar import CALENDAR_BASE_URL
40 
+from tracim.lib.calendar import CALENDAR_BASE_URL_TEMPLATE
41 
+from tracim.lib.calendar import CALENDAR_USER_URL_TEMPLATE
41
42
42 
 __all__ = ['setup_app', 'setup_db', 'teardown_db', 'TestController']
 43 
 __all__ = ['setup_app', 'setup_db', 'teardown_db', 'TestController']
43
44
374 
         from tracim.config.app_cfg import CFG
 375 
         from tracim.config.app_cfg import CFG
375 
         cfg = CFG.get_instance()
 376 
         cfg = CFG.get_instance()
376
377
377 
-        return CALENDAR_BASE_URL.format(
378 
+        return CALENDAR_BASE_URL_TEMPLATE.format(
378 
             proto='https' if cfg.RADICALE_CLIENT_SSL else 'http',
 379 
             proto='https' if cfg.RADICALE_CLIENT_SSL else 'http',
379 
             domain=cfg.RADICALE_CLIENT_HOST or '127.0.0.1',
 380 
             domain=cfg.RADICALE_CLIENT_HOST or '127.0.0.1',
380 
             port=str(cfg.RADICALE_CLIENT_PORT)
 381 
             port=str(cfg.RADICALE_CLIENT_PORT)
381 
         )
 382 
         )
383 
+
384 
+    def _get_user_calendar_url(self, user_id):
385 
+        from tracim.config.app_cfg import CFG
386 
+        cfg = CFG.get_instance()
387 
+
388 
+        return CALENDAR_USER_URL_TEMPLATE.format(
389 
+            proto='https' if cfg.RADICALE_CLIENT_SSL else 'http',
390 
+            domain=cfg.RADICALE_CLIENT_HOST or '127.0.0.1',
391 
+            port=str(cfg.RADICALE_CLIENT_PORT),
392 
+            id=user_id,
393 
+            extra='',
394 
+        )

+ 66 - 3
tracim/tracim/tests/functional/test_calendar.py Parādīt failu

6 
 import requests
 6 
 import requests
7 
 from requests.exceptions import ConnectionError
 7 
 from requests.exceptions import ConnectionError
8
8
9 
+from tracim.model import DBSession
9 
 from tracim.tests import TestCalendar as BaseTestCalendar
 10 
 from tracim.tests import TestCalendar as BaseTestCalendar
11 
+from tracim.model.auth import User
10
12
11
13
12 
 class TestCalendar(BaseTestCalendar):
 14 
 class TestCalendar(BaseTestCalendar):
25 
             ok_(False, 'Unable to contact radicale on HTTP')
 27 
             ok_(False, 'Unable to contact radicale on HTTP')
26
28
27 
     def test_func__radicale_auth__ok__as_lawrence(self):
 29 
     def test_func__radicale_auth__ok__as_lawrence(self):
28 
-        client = caldav.DAVClient('http://127.0.0.1:15232',
29 
-                                  username='lawrence-not-real-email@fsf.local',
30 
-                                  password='foobarbaz')
30 
+        radicale_base_url = self._get_base_url()
31 
+        client = caldav.DAVClient(
32 
+            radicale_base_url,
33 
+            username='lawrence-not-real-email@fsf.local',
34 
+            password='foobarbaz'
35 
+        )
31 
         try:
 36 
         try:
32 
             client.propfind()
 37 
             client.propfind()
33 
             ok_(True, 'No auth error when communicate with radicale server')
 38 
             ok_(True, 'No auth error when communicate with radicale server')
34 
         except AuthorizationError:
 39 
         except AuthorizationError:
35 
             ok_(False, 'AuthorizationError when communicate with radicale')
 40 
             ok_(False, 'AuthorizationError when communicate with radicale')
41 
+
42 
+    def test_func__radicale_auth__fail__as_john_doe(self):
43 
+        radicale_base_url = self._get_base_url()
44 
+        client = caldav.DAVClient(
45 
+            radicale_base_url,
46 
+            username='john.doe@foo.local',
47 
+            password='nopasswd'
48 
+        )
49 
+        try:
50 
+            client.propfind()
51 
+            ok_(False, 'Auth with unknown user should be raise'
52 
+                       ' AuthorizationError !')
53 
+        except AuthorizationError:
54 
+            ok_(True, 'AuthorizationError thrown correctly')
55 
+
56 
+    def test_func__radicale_rights_read_user_calendar__ok__as_lawrence(self):
57 
+        radicale_base_url = self._get_base_url()
58 
+        client = caldav.DAVClient(
59 
+            radicale_base_url,
60 
+            username='lawrence-not-real-email@fsf.local',
61 
+            password='foobarbaz'
62 
+        )
63 
+        user = DBSession.query(User).filter(
64 
+            User.email == 'lawrence-not-real-email@fsf.local'
65 
+        ).one()
66 
+        calendar_base_url = self._get_user_calendar_url(user.user_id)
67 
+        try:
68 
+            caldav.Calendar(
69 
+                parent=client,
70 
+                client=client,
71 
+                url=calendar_base_url
72 
+            ).events()
73 
+
74 
+            ok_(True, 'User can access it\'s own calendar')
75 
+        except AuthorizationError:
76 
+            ok_(False, 'User should not access that')
77 
+
78 
+    def test_func__radicale_rights_read_user_calendar__fail__as_john_doe(self):
79 
+        radicale_base_url = self._get_base_url()
80 
+        client = caldav.DAVClient(
81 
+            radicale_base_url,
82 
+            username='john.doe@foo.local',
83 
+            password='nopasswd'
84 
+        )
85 
+        other_user = DBSession.query(User).filter(
86 
+            User.email == 'admin@admin.admin'
87 
+        ).one()
88 
+        calendar_base_url = self._get_user_calendar_url(other_user.user_id)
89 
+        try:
90 
+            caldav.Calendar(
91 
+                parent=client,
92 
+                client=client,
93 
+                url=calendar_base_url
94 
+            ).events()
95 
+
96 
+            ok_(False, 'User can\'t acces other user calendar')
97 
+        except AuthorizationError:
98 
+            ok_(True, 'User should not acces other user calendar')