blob: 792ffb27ce8f219918e4235be3d7516e748af2d9 [file] [log] [blame]
# Copyright 2016 The Chromium Authors
# Use of this source code is governed by a BSD-style license that can be
# found in the LICENSE file.
"""Unittest for the people detail page."""
from __future__ import print_function
from __future__ import division
from __future__ import absolute_import
import logging
import unittest
from framework import authdata
from framework import exceptions
from framework import permissions
from project import peopledetail
from mrproto import project_pb2
from services import service_manager
from testing import fake
from testing import testing_helpers
class PeopleDetailTest(unittest.TestCase):
def setUp(self):
services = service_manager.Services(
project=fake.ProjectService(),
usergroup=fake.UserGroupService(),
user=fake.UserService())
services.user.TestAddUser('jrobbins', 111)
services.user.TestAddUser('jrobbins@jrobbins.org', 333)
services.user.TestAddUser('jrobbins@chromium.org', 555)
services.user.TestAddUser('imso31337@gmail.com', 999)
self.project = services.project.TestAddProject('proj')
self.project.owner_ids.extend([111, 222])
self.project.committer_ids.extend([333, 444])
self.project.contributor_ids.extend([555])
self.servlet = peopledetail.PeopleDetail(services=services)
def VerifyAccess(self, exception_expected):
mr = testing_helpers.MakeMonorailRequest(
path='/p/proj/people/detail?u=111',
project=self.project,
perms=permissions.OWNER_ACTIVE_PERMISSIONSET)
self.servlet.AssertBasePermission(mr)
# Owner never raises PermissionException.
mr = testing_helpers.MakeMonorailRequest(
path='/p/proj/people/detail?u=333',
project=self.project,
perms=permissions.COMMITTER_ACTIVE_PERMISSIONSET)
self.servlet.AssertBasePermission(mr)
# Committer never raises PermissionException.
mr = testing_helpers.MakeMonorailRequest(
path='/p/proj/people/detail?u=555',
project=self.project,
perms=permissions.CONTRIBUTOR_ACTIVE_PERMISSIONSET)
if exception_expected:
self.assertRaises(permissions.PermissionException,
self.servlet.AssertBasePermission, mr)
else:
self.servlet.AssertBasePermission(mr)
# No PermissionException raised
# Sign-out users
mr = testing_helpers.MakeMonorailRequest(
path='/p/proj/people/detail?u=555',
project=self.project,
perms=permissions.READ_ONLY_PERMISSIONSET)
if exception_expected:
self.assertRaises(permissions.PermissionException,
self.servlet.AssertBasePermission, mr)
else:
self.servlet.AssertBasePermission(mr)
# Non-membr users
mr = testing_helpers.MakeMonorailRequest(
path='/p/proj/people/detail?u=555',
project=self.project,
perms=permissions.USER_PERMISSIONSET)
if exception_expected:
self.assertRaises(permissions.PermissionException,
self.servlet.AssertBasePermission, mr)
else:
self.servlet.AssertBasePermission(mr)
def testAssertBasePermission_Normal(self):
self.VerifyAccess(False)
def testAssertBasePermission_HubSpoke(self):
self.project.only_owners_see_contributors = True
self.VerifyAccess(True)
def testAssertBasePermission_HubSpokeViewingSelf(self):
self.project.only_owners_see_contributors = True
mr = testing_helpers.MakeMonorailRequest(
path='/p/proj/people/detail?u=333',
project=self.project,
perms=permissions.COMMITTER_ACTIVE_PERMISSIONSET)
mr.auth.user_id = 333
self.servlet.AssertBasePermission(mr)
# No PermissionException raised
def testGatherPageData(self):
mr = testing_helpers.MakeMonorailRequest(
path='/p/proj/people/detail?u=111',
project=self.project,
perms=permissions.OWNER_ACTIVE_PERMISSIONSET)
mr.auth = authdata.AuthData()
page_data = self.servlet.GatherPageData(mr)
self.assertFalse(page_data['warn_abandonment'])
self.assertEqual(2, page_data['total_num_owners'])
# TODO(jrobbins): fill in tests for all other aspects.
def testValidateMemberID(self):
# We can validate owners
self.assertEqual(
111, self.servlet.ValidateMemberID('fake cnxn', 111, self.project))
# We can parse members
self.assertEqual(
333, self.servlet.ValidateMemberID('fake cnxn', 333, self.project))
# 404 for user that does not exist
with self.assertRaises(Exception) as cm:
self.servlet.ValidateMemberID('fake cnxn', 8933, self.project)
self.assertEqual(404, cm.exception.code)
# 404 for valid user that is not in this project
with self.assertRaises(Exception) as cm:
self.servlet.ValidateMemberID('fake cnxn', 999, self.project)
self.assertEqual(404, cm.exception.code)
def testParsePersonData_BadPost(self):
mr = testing_helpers.MakeMonorailRequest(
path='/p/proj/people/detail',
project=self.project)
post_data = fake.PostData()
with self.assertRaises(exceptions.InputException):
_result = self.servlet.ParsePersonData(mr, post_data)
def testParsePersonData_NoDetails(self):
mr = testing_helpers.MakeMonorailRequest(
path='/p/proj/people/detail?u=111',
project=self.project)
post_data = fake.PostData(role=['owner'])
u, r, ac, n, _, _ = self.servlet.ParsePersonData(mr, post_data)
self.assertEqual(111, u)
self.assertEqual('owner', r)
self.assertEqual([], ac)
self.assertEqual('', n)
mr = testing_helpers.MakeMonorailRequest(
path='/p/proj/people/detail?u=333',
project=self.project)
post_data = fake.PostData(role=['owner'])
u, r, ac, n, _, _ = self.servlet.ParsePersonData(mr, post_data)
self.assertEqual(333, u)
def testParsePersonData(self):
mr = testing_helpers.MakeMonorailRequest(
path='/p/proj/people/detail?u=111',
project=self.project)
post_data = fake.PostData(
role=['owner'], extra_perms=['ViewQuota', 'EditIssue'])
u, r, ac, n, _, _ = self.servlet.ParsePersonData(mr, post_data)
self.assertEqual(111, u)
self.assertEqual('owner', r)
self.assertEqual(['ViewQuota', 'EditIssue'], ac)
self.assertEqual('', n)
post_data = fake.PostData({
'role': ['owner'],
'extra_perms': [' ', ' \t'],
'notes': [''],
'ac_include': [123],
'ac_expand': [123],
})
(u, r, ac, n, ac_exclusion, no_expand
) = self.servlet.ParsePersonData(mr, post_data)
self.assertEqual(111, u)
self.assertEqual('owner', r)
self.assertEqual([], ac)
self.assertEqual('', n)
self.assertFalse(ac_exclusion)
self.assertFalse(no_expand)
post_data = fake.PostData({
'username': ['jrobbins'],
'role': ['owner'],
'extra_perms': ['_ViewQuota', ' __EditIssue'],
'notes': [' Our local Python expert '],
})
(u, r, ac, n, ac_exclusion, no_expand
)= self.servlet.ParsePersonData(mr, post_data)
self.assertEqual(111, u)
self.assertEqual('owner', r)
self.assertEqual(['ViewQuota', 'EditIssue'], ac)
self.assertEqual('Our local Python expert', n)
self.assertTrue(ac_exclusion)
self.assertTrue(no_expand)
def testCanEditMemberNotes(self):
"""Only owners can edit member notes."""
mr = testing_helpers.MakeMonorailRequest(
path='/p/proj/people/detail?u=111',
project=self.project,
perms=permissions.CONTRIBUTOR_ACTIVE_PERMISSIONSET)
result = self.servlet.CanEditMemberNotes(mr, 222)
self.assertFalse(result)
mr.auth.user_id = 222
result = self.servlet.CanEditMemberNotes(mr, 222)
self.assertTrue(result)
mr = testing_helpers.MakeMonorailRequest(
path='/p/proj/people/detail?u=111',
project=self.project,
perms=permissions.OWNER_ACTIVE_PERMISSIONSET)
result = self.servlet.CanEditMemberNotes(mr, 222)
self.assertTrue(result)
def testCanEditPerms(self):
"""Only owners can edit member perms."""
mr = testing_helpers.MakeMonorailRequest(
path='/p/proj/people/detail?u=111',
project=self.project,
perms=permissions.CONTRIBUTOR_ACTIVE_PERMISSIONSET)
result = self.servlet.CanEditPerms(mr)
self.assertFalse(result)
mr = testing_helpers.MakeMonorailRequest(
path='/p/proj/people/detail?u=111',
project=self.project,
perms=permissions.OWNER_ACTIVE_PERMISSIONSET)
result = self.servlet.CanEditPerms(mr)
self.assertTrue(result)
def testCanRemoveRole(self):
"""Owners can remove members. Users could also remove themselves."""
mr = testing_helpers.MakeMonorailRequest(
path='/p/proj/people/detail?u=111',
project=self.project,
perms=permissions.CONTRIBUTOR_ACTIVE_PERMISSIONSET)
result = self.servlet.CanRemoveRole(mr, 222)
self.assertFalse(result)
mr.auth.user_id = 111
result = self.servlet.CanRemoveRole(mr, 111)
self.assertTrue(result)
mr = testing_helpers.MakeMonorailRequest(
path='/p/proj/people/detail?u=111',
project=self.project,
perms=permissions.OWNER_ACTIVE_PERMISSIONSET)
result = self.servlet.CanRemoveRole(mr, 222)
self.assertTrue(result)