Adrià Vilanova Martínez | f19ea43 | 2024-01-23 20:20:52 +0100 | [diff] [blame] | 1 | # Copyright 2016 The Chromium Authors |
| 2 | # Use of this source code is governed by a BSD-style license that can be |
| 3 | # found in the LICENSE file. |
Copybara | 854996b | 2021-09-07 19:36:02 +0000 | [diff] [blame] | 4 | |
| 5 | """Unittest for Hotlist People servlet.""" |
| 6 | from __future__ import print_function |
| 7 | from __future__ import division |
| 8 | from __future__ import absolute_import |
| 9 | |
Adrià Vilanova Martínez | 9f9ade5 | 2022-10-10 23:20:11 +0200 | [diff] [blame] | 10 | try: |
| 11 | from mox3 import mox |
| 12 | except ImportError: |
| 13 | import mox |
Copybara | 854996b | 2021-09-07 19:36:02 +0000 | [diff] [blame] | 14 | import unittest |
| 15 | import logging |
| 16 | |
| 17 | import ezt |
| 18 | |
| 19 | from testing import fake |
| 20 | from features import hotlistpeople |
| 21 | from framework import permissions |
| 22 | from services import service_manager |
| 23 | from testing import testing_helpers |
| 24 | |
| 25 | class HotlistPeopleListTest(unittest.TestCase): |
| 26 | |
| 27 | def setUp(self): |
| 28 | self.services = service_manager.Services( |
| 29 | features=fake.FeaturesService(), |
| 30 | project=fake.ProjectService(), |
| 31 | user=fake.UserService(), |
| 32 | usergroup=fake.UserGroupService()) |
| 33 | self.owner_user = self.services.user.TestAddUser('buzbuz@gmail.com', 111) |
| 34 | self.editor_user = self.services.user.TestAddUser('monica@gmail.com', 222) |
| 35 | self.non_member_user = self.services.user.TestAddUser( |
| 36 | 'who-dis@gmail.com', 333) |
| 37 | self.private_hotlist = self.services.features.TestAddHotlist( |
| 38 | 'PrivateHotlist', 'owner only', [111], [222], is_private=True) |
| 39 | self.public_hotlist = self.services.features.TestAddHotlist( |
| 40 | 'PublicHotlist', 'everyone', [111], [222], is_private=False) |
Adrià Vilanova Martínez | f19ea43 | 2024-01-23 20:20:52 +0100 | [diff] [blame] | 41 | self.servlet = hotlistpeople.HotlistPeopleList(services=self.services) |
Copybara | 854996b | 2021-09-07 19:36:02 +0000 | [diff] [blame] | 42 | self.mox = mox.Mox() |
| 43 | |
| 44 | def tearDown(self): |
| 45 | self.mox.UnsetStubs() |
| 46 | self.mox.ResetAll() |
| 47 | |
| 48 | def testAssertBasePermission(self): |
| 49 | # owner can view people in private hotlist |
| 50 | mr = testing_helpers.MakeMonorailRequest( |
| 51 | hotlist=self.private_hotlist, perms=permissions.EMPTY_PERMISSIONSET) |
| 52 | mr.auth.effective_ids = {111, 444} |
| 53 | self.servlet.AssertBasePermission(mr) |
| 54 | |
| 55 | # editor can view people in private hotlist |
| 56 | mr.auth.effective_ids = {222, 333} |
| 57 | self.servlet.AssertBasePermission(mr) |
| 58 | |
| 59 | # non-members cannot view people in private hotlist |
| 60 | mr.auth.effective_ids = {444, 333} |
| 61 | self.assertRaises(permissions.PermissionException, |
| 62 | self.servlet.AssertBasePermission, mr) |
| 63 | |
| 64 | # owner can view people in public hotlist |
| 65 | mr = testing_helpers.MakeMonorailRequest(hotlist=self.public_hotlist) |
| 66 | mr.auth.effective_ids = {111, 444} |
| 67 | self.servlet.AssertBasePermission(mr) |
| 68 | |
| 69 | # editor can view people in public hotlist |
| 70 | mr.auth.effective_ids = {222, 333} |
| 71 | self.servlet.AssertBasePermission(mr) |
| 72 | |
| 73 | # non-members cannot view people in public hotlist |
| 74 | mr.auth.effective_ids = {444, 333} |
| 75 | self.servlet.AssertBasePermission(mr) |
| 76 | |
| 77 | def testGatherPageData(self): |
| 78 | mr = testing_helpers.MakeMonorailRequest( |
| 79 | hotlist=self.public_hotlist, perms=permissions.EMPTY_PERMISSIONSET) |
| 80 | mr.auth.user_id = 111 |
| 81 | mr.auth.effective_ids = {111} |
| 82 | mr.cnxn = 'fake cnxn' |
| 83 | page_data = self.servlet.GatherPageData(mr) |
| 84 | self.assertEqual(ezt.boolean(True), page_data['offer_membership_editing']) |
| 85 | self.assertEqual(ezt.boolean(False), page_data['offer_remove_self']) |
| 86 | self.assertEqual(page_data['total_num_owners'], 1) |
| 87 | self.assertEqual(page_data['newly_added_views'], []) |
| 88 | self.assertEqual(len(page_data['pagination'].visible_results), 2) |
| 89 | |
| 90 | # non-owners cannot edit people list |
| 91 | mr.auth.user_id = 222 |
| 92 | mr.auth.effective_ids = {222} |
| 93 | page_data = self.servlet.GatherPageData(mr) |
| 94 | self.assertEqual(ezt.boolean(False), page_data['offer_membership_editing']) |
| 95 | self.assertEqual(ezt.boolean(True), page_data['offer_remove_self']) |
| 96 | |
| 97 | mr.auth.user_id = 333 |
| 98 | mr.auth.effective_ids = {333} |
| 99 | page_data = self.servlet.GatherPageData(mr) |
| 100 | self.assertEqual(ezt.boolean(False), page_data['offer_membership_editing']) |
| 101 | self.assertEqual(ezt.boolean(False), page_data['offer_remove_self']) |
| 102 | |
| 103 | def testProcessFormData_Permission(self): |
| 104 | """Only owner can change member of hotlist.""" |
| 105 | mr = testing_helpers.MakeMonorailRequest( |
| 106 | path='/u/buzbuz@gmail.com/hotlists/PrivateHotlist/people', |
| 107 | hotlist=self.private_hotlist, perms=permissions.EMPTY_PERMISSIONSET) |
| 108 | mr.auth.effective_ids = {111, 444} |
| 109 | self.servlet.ProcessFormData(mr, {}) |
| 110 | |
| 111 | mr.auth.effective_ids = {222, 444} |
| 112 | self.assertRaises(permissions.PermissionException, |
| 113 | self.servlet.ProcessFormData, mr, {}) |
| 114 | |
| 115 | def testProcessRemoveMembers(self): |
| 116 | hotlist = self.servlet.services.features.TestAddHotlist( |
| 117 | 'HotlistName', 'removing 222, monica', [111], [222]) |
| 118 | mr = testing_helpers.MakeMonorailRequest( |
| 119 | path='/u/buzbuz@gmail.com/hotlists/HotlistName/people', |
| 120 | hotlist=hotlist) |
| 121 | mr.hotlist_id = hotlist.hotlist_id |
| 122 | post_data = fake.PostData( |
| 123 | remove = ['monica@gmail.com']) |
| 124 | url = self.servlet.ProcessRemoveMembers( |
| 125 | mr, post_data, '/u/111/hotlists/HotlistName') |
| 126 | self.assertTrue('/u/111/hotlists/HotlistName/people' in url) |
| 127 | self.assertEqual(hotlist.editor_ids, []) |
| 128 | |
| 129 | def testProcessRemoveSelf(self): |
| 130 | hotlist = self.servlet.services.features.TestAddHotlist( |
| 131 | 'HotlistName', 'self removing 222, monica', [111], [222]) |
| 132 | mr = testing_helpers.MakeMonorailRequest( |
| 133 | path='/u/buzbuz@gmail.com/hotlists/HotlistName/people', |
| 134 | hotlist=hotlist) |
| 135 | mr.hotlist_id = hotlist.hotlist_id |
| 136 | mr.cnxn = 'fake cnxn' |
| 137 | # The owner cannot be removed using ProcessRemoveSelf(); this is enforced |
| 138 | # by permission in ProcessFormData, not in the function itself; |
| 139 | # nor may a random user... |
| 140 | mr.auth.user_id = 333 |
| 141 | mr.auth.effective_ids = {333} |
| 142 | url = self.servlet.ProcessRemoveSelf(mr, '/u/111/hotlists/HotlistName') |
| 143 | self.assertTrue('/u/111/hotlists/HotlistName/people' in url) |
| 144 | self.assertEqual(hotlist.owner_ids, [111]) |
| 145 | self.assertEqual(hotlist.editor_ids, [222]) |
| 146 | # ...but an editor can. |
| 147 | mr.auth.user_id = 222 |
| 148 | mr.auth.effective_ids = {222} |
| 149 | url = self.servlet.ProcessRemoveSelf(mr, '/u/111/hotlists/HotlistName') |
| 150 | self.assertTrue('/u/111/hotlists/HotlistName/people' in url) |
| 151 | self.assertEqual(hotlist.owner_ids, [111]) |
| 152 | self.assertEqual(hotlist.editor_ids, []) |
| 153 | |
| 154 | def testProcessAddMembers(self): |
| 155 | hotlist = self.servlet.services.features.TestAddHotlist( |
| 156 | 'HotlistName', 'adding 333, who-dis', [111], [222]) |
| 157 | mr = testing_helpers.MakeMonorailRequest( |
| 158 | path='/u/buzbuz@gmail.com/hotlists/HotlistName/people', |
| 159 | hotlist=hotlist) |
| 160 | mr.hotlist_id = hotlist.hotlist_id |
| 161 | post_data = fake.PostData( |
| 162 | addmembers = ['who-dis@gmail.com'], |
| 163 | role = ['editor']) |
| 164 | url = self.servlet.ProcessAddMembers( |
| 165 | mr, post_data, '/u/111/hotlists/HotlistName') |
| 166 | self.assertTrue('/u/111/hotlists/HotlistName/people' in url) |
| 167 | self.assertEqual(hotlist.editor_ids, [222, 333]) |
| 168 | |
| 169 | def testProcessAddMembers_OwnerToEditor(self): |
| 170 | hotlist = self.servlet.services.features.TestAddHotlist( |
| 171 | 'HotlistName', 'adding owner 111, buzbuz as editor', [111], [222]) |
| 172 | mr = testing_helpers.MakeMonorailRequest( |
| 173 | path='/u/buzbuz@gmail.com/hotlists/HotlistName/people', |
| 174 | hotlist=hotlist) |
| 175 | mr.hotlist_id = hotlist.hotlist_id |
| 176 | addmembers_input = 'buzbuz@gmail.com' |
| 177 | post_data = fake.PostData( |
| 178 | addmembers = [addmembers_input], |
| 179 | role = ['editor']) |
| 180 | self.mox.StubOutWithMock(self.servlet, 'PleaseCorrect') |
| 181 | self.servlet.PleaseCorrect( |
| 182 | mr, initial_add_members=addmembers_input, initially_expand_form=True) |
| 183 | self.mox.ReplayAll() |
| 184 | url = self.servlet.ProcessAddMembers( |
| 185 | mr, post_data, '/u/111/hotlists/HotlistName') |
| 186 | self.mox.VerifyAll() |
| 187 | self.assertEqual( |
| 188 | 'Cannot have a hotlist without an owner; please leave at least one.', |
| 189 | mr.errors.addmembers) |
| 190 | self.assertIsNone(url) |
| 191 | # Verify that no changes have actually occurred. |
| 192 | self.assertEqual(hotlist.owner_ids, [111]) |
| 193 | self.assertEqual(hotlist.editor_ids, [222]) |
| 194 | |
| 195 | def testProcessChangeOwnership(self): |
| 196 | hotlist = self.servlet.services.features.TestAddHotlist( |
| 197 | 'HotlistName', 'new owner 333, who-dis', [111], [222]) |
| 198 | mr = testing_helpers.MakeMonorailRequest( |
| 199 | path='/u/buzbuz@gmail.com/hotlists/HotlistName/people', |
| 200 | hotlist=hotlist) |
| 201 | mr.hotlist_id = hotlist.hotlist_id |
| 202 | post_data = fake.PostData( |
| 203 | changeowners = ['who-dis@gmail.com'], |
| 204 | becomeeditor = ['on']) |
| 205 | url = self.servlet.ProcessChangeOwnership(mr, post_data) |
| 206 | self.assertTrue('/u/333/hotlists/HotlistName/people' in url) |
| 207 | self.assertEqual(hotlist.owner_ids, [333]) |
| 208 | self.assertEqual(hotlist.editor_ids, [222, 111]) |
| 209 | |
| 210 | def testProcessChangeOwnership_UnownedHotlist(self): |
| 211 | hotlist = self.services.features.TestAddHotlist( |
| 212 | 'unowned', 'new owner 333, who-dis', [], [222]) |
| 213 | mr = testing_helpers.MakeMonorailRequest( |
| 214 | path='/whatever', |
| 215 | hotlist=hotlist) |
| 216 | mr.hotlist_id = hotlist.hotlist_id |
| 217 | post_data = fake.PostData( |
| 218 | changeowners = ['who-dis@gmail.com'], |
| 219 | becomeeditor = ['on']) |
| 220 | self.servlet.ProcessChangeOwnership(mr, post_data) |
| 221 | self.assertEqual([333], mr.hotlist.owner_ids) |
| 222 | |
| 223 | def testProcessChangeOwnership_BadEmail(self): |
| 224 | hotlist = self.servlet.services.features.TestAddHotlist( |
| 225 | 'HotlistName', 'new owner 333, who-dis', [111], [222]) |
| 226 | mr = testing_helpers.MakeMonorailRequest( |
| 227 | path='/u/buzbuz@gmail.com/hotlists/HotlistName/people', |
| 228 | hotlist=hotlist) |
| 229 | mr.hotlist_id = hotlist.hotlist_id |
| 230 | changeowners_input = 'who-dis@gmail.com, extra-email@gmail.com' |
| 231 | post_data = fake.PostData( |
| 232 | changeowners = [changeowners_input], |
| 233 | becomeeditor = ['on']) |
| 234 | self.mox.StubOutWithMock(self.servlet, 'PleaseCorrect') |
| 235 | self.servlet.PleaseCorrect( |
| 236 | mr, initial_new_owner_username=changeowners_input, open_dialog='yes') |
| 237 | self.mox.ReplayAll() |
| 238 | url = self.servlet.ProcessChangeOwnership(mr, post_data) |
| 239 | self.mox.VerifyAll() |
| 240 | self.assertEqual( |
| 241 | 'Please add one valid user email.', mr.errors.transfer_ownership) |
| 242 | self.assertIsNone(url) |
| 243 | |
| 244 | def testProcessChangeOwnership_DuplicateName(self): |
| 245 | # other_hotlist = self.servlet.services.features.TestAddHotlist( |
| 246 | # 'HotlistName', 'hotlist with same name', [333], []) |
| 247 | # hotlist = self.servlet.services.features.TestAddHotlist( |
| 248 | # 'HotlistName', 'new owner 333, who-dis', [111], [222]) |
| 249 | |
| 250 | # in the test_hotlists dict of features_service in testing/fake |
| 251 | # 'other_hotlist' is overwritten by 'hotlist' |
| 252 | # TODO(jojwang): edit the fake features_service to allow hotlists |
| 253 | # with the same name but different owners |
| 254 | pass |