Adrià Vilanova Martínez | f19ea43 | 2024-01-23 20:20:52 +0100 | [diff] [blame] | 1 | # Copyright 2016 The Chromium Authors |
| 2 | # Use of this source code is governed by a BSD-style license that can be |
| 3 | # found in the LICENSE file. |
Copybara | 854996b | 2021-09-07 19:36:02 +0000 | [diff] [blame] | 4 | |
| 5 | """Unittest for the people detail page.""" |
| 6 | from __future__ import print_function |
| 7 | from __future__ import division |
| 8 | from __future__ import absolute_import |
| 9 | |
| 10 | import logging |
| 11 | |
| 12 | import unittest |
| 13 | |
Copybara | 854996b | 2021-09-07 19:36:02 +0000 | [diff] [blame] | 14 | from framework import authdata |
| 15 | from framework import exceptions |
| 16 | from framework import permissions |
| 17 | from project import peopledetail |
Adrià Vilanova Martínez | f19ea43 | 2024-01-23 20:20:52 +0100 | [diff] [blame] | 18 | from mrproto import project_pb2 |
Copybara | 854996b | 2021-09-07 19:36:02 +0000 | [diff] [blame] | 19 | from services import service_manager |
| 20 | from testing import fake |
| 21 | from testing import testing_helpers |
| 22 | |
| 23 | |
| 24 | class PeopleDetailTest(unittest.TestCase): |
| 25 | |
| 26 | def setUp(self): |
| 27 | services = service_manager.Services( |
| 28 | project=fake.ProjectService(), |
| 29 | usergroup=fake.UserGroupService(), |
| 30 | user=fake.UserService()) |
| 31 | services.user.TestAddUser('jrobbins', 111) |
| 32 | services.user.TestAddUser('jrobbins@jrobbins.org', 333) |
| 33 | services.user.TestAddUser('jrobbins@chromium.org', 555) |
| 34 | services.user.TestAddUser('imso31337@gmail.com', 999) |
| 35 | self.project = services.project.TestAddProject('proj') |
| 36 | self.project.owner_ids.extend([111, 222]) |
| 37 | self.project.committer_ids.extend([333, 444]) |
| 38 | self.project.contributor_ids.extend([555]) |
Adrià Vilanova Martínez | f19ea43 | 2024-01-23 20:20:52 +0100 | [diff] [blame] | 39 | self.servlet = peopledetail.PeopleDetail(services=services) |
Copybara | 854996b | 2021-09-07 19:36:02 +0000 | [diff] [blame] | 40 | |
| 41 | def VerifyAccess(self, exception_expected): |
| 42 | mr = testing_helpers.MakeMonorailRequest( |
| 43 | path='/p/proj/people/detail?u=111', |
| 44 | project=self.project, |
| 45 | perms=permissions.OWNER_ACTIVE_PERMISSIONSET) |
| 46 | self.servlet.AssertBasePermission(mr) |
| 47 | # Owner never raises PermissionException. |
| 48 | |
| 49 | mr = testing_helpers.MakeMonorailRequest( |
| 50 | path='/p/proj/people/detail?u=333', |
| 51 | project=self.project, |
| 52 | perms=permissions.COMMITTER_ACTIVE_PERMISSIONSET) |
| 53 | self.servlet.AssertBasePermission(mr) |
| 54 | # Committer never raises PermissionException. |
| 55 | |
| 56 | mr = testing_helpers.MakeMonorailRequest( |
| 57 | path='/p/proj/people/detail?u=555', |
| 58 | project=self.project, |
| 59 | perms=permissions.CONTRIBUTOR_ACTIVE_PERMISSIONSET) |
| 60 | if exception_expected: |
| 61 | self.assertRaises(permissions.PermissionException, |
| 62 | self.servlet.AssertBasePermission, mr) |
| 63 | else: |
| 64 | self.servlet.AssertBasePermission(mr) |
| 65 | # No PermissionException raised |
| 66 | |
| 67 | # Sign-out users |
| 68 | mr = testing_helpers.MakeMonorailRequest( |
| 69 | path='/p/proj/people/detail?u=555', |
| 70 | project=self.project, |
| 71 | perms=permissions.READ_ONLY_PERMISSIONSET) |
| 72 | if exception_expected: |
| 73 | self.assertRaises(permissions.PermissionException, |
| 74 | self.servlet.AssertBasePermission, mr) |
| 75 | else: |
| 76 | self.servlet.AssertBasePermission(mr) |
| 77 | |
| 78 | # Non-membr users |
| 79 | mr = testing_helpers.MakeMonorailRequest( |
| 80 | path='/p/proj/people/detail?u=555', |
| 81 | project=self.project, |
| 82 | perms=permissions.USER_PERMISSIONSET) |
| 83 | if exception_expected: |
| 84 | self.assertRaises(permissions.PermissionException, |
| 85 | self.servlet.AssertBasePermission, mr) |
| 86 | else: |
| 87 | self.servlet.AssertBasePermission(mr) |
| 88 | |
| 89 | def testAssertBasePermission_Normal(self): |
| 90 | self.VerifyAccess(False) |
| 91 | |
| 92 | def testAssertBasePermission_HubSpoke(self): |
| 93 | self.project.only_owners_see_contributors = True |
| 94 | self.VerifyAccess(True) |
| 95 | |
| 96 | def testAssertBasePermission_HubSpokeViewingSelf(self): |
| 97 | self.project.only_owners_see_contributors = True |
| 98 | mr = testing_helpers.MakeMonorailRequest( |
| 99 | path='/p/proj/people/detail?u=333', |
| 100 | project=self.project, |
| 101 | perms=permissions.COMMITTER_ACTIVE_PERMISSIONSET) |
| 102 | mr.auth.user_id = 333 |
| 103 | self.servlet.AssertBasePermission(mr) |
| 104 | # No PermissionException raised |
| 105 | |
| 106 | def testGatherPageData(self): |
| 107 | mr = testing_helpers.MakeMonorailRequest( |
| 108 | path='/p/proj/people/detail?u=111', |
| 109 | project=self.project, |
| 110 | perms=permissions.OWNER_ACTIVE_PERMISSIONSET) |
| 111 | mr.auth = authdata.AuthData() |
| 112 | page_data = self.servlet.GatherPageData(mr) |
| 113 | self.assertFalse(page_data['warn_abandonment']) |
| 114 | self.assertEqual(2, page_data['total_num_owners']) |
| 115 | # TODO(jrobbins): fill in tests for all other aspects. |
| 116 | |
| 117 | def testValidateMemberID(self): |
| 118 | # We can validate owners |
| 119 | self.assertEqual( |
| 120 | 111, self.servlet.ValidateMemberID('fake cnxn', 111, self.project)) |
| 121 | |
| 122 | # We can parse members |
| 123 | self.assertEqual( |
| 124 | 333, self.servlet.ValidateMemberID('fake cnxn', 333, self.project)) |
| 125 | |
| 126 | # 404 for user that does not exist |
Adrià Vilanova Martínez | f19ea43 | 2024-01-23 20:20:52 +0100 | [diff] [blame] | 127 | with self.assertRaises(Exception) as cm: |
Copybara | 854996b | 2021-09-07 19:36:02 +0000 | [diff] [blame] | 128 | self.servlet.ValidateMemberID('fake cnxn', 8933, self.project) |
| 129 | self.assertEqual(404, cm.exception.code) |
| 130 | |
| 131 | # 404 for valid user that is not in this project |
Adrià Vilanova Martínez | f19ea43 | 2024-01-23 20:20:52 +0100 | [diff] [blame] | 132 | with self.assertRaises(Exception) as cm: |
Copybara | 854996b | 2021-09-07 19:36:02 +0000 | [diff] [blame] | 133 | self.servlet.ValidateMemberID('fake cnxn', 999, self.project) |
| 134 | self.assertEqual(404, cm.exception.code) |
| 135 | |
| 136 | def testParsePersonData_BadPost(self): |
| 137 | mr = testing_helpers.MakeMonorailRequest( |
| 138 | path='/p/proj/people/detail', |
| 139 | project=self.project) |
| 140 | post_data = fake.PostData() |
| 141 | with self.assertRaises(exceptions.InputException): |
| 142 | _result = self.servlet.ParsePersonData(mr, post_data) |
| 143 | |
| 144 | def testParsePersonData_NoDetails(self): |
| 145 | mr = testing_helpers.MakeMonorailRequest( |
| 146 | path='/p/proj/people/detail?u=111', |
| 147 | project=self.project) |
| 148 | post_data = fake.PostData(role=['owner']) |
| 149 | u, r, ac, n, _, _ = self.servlet.ParsePersonData(mr, post_data) |
| 150 | self.assertEqual(111, u) |
| 151 | self.assertEqual('owner', r) |
| 152 | self.assertEqual([], ac) |
| 153 | self.assertEqual('', n) |
| 154 | |
| 155 | mr = testing_helpers.MakeMonorailRequest( |
| 156 | path='/p/proj/people/detail?u=333', |
| 157 | project=self.project) |
| 158 | post_data = fake.PostData(role=['owner']) |
| 159 | u, r, ac, n, _, _ = self.servlet.ParsePersonData(mr, post_data) |
| 160 | self.assertEqual(333, u) |
| 161 | |
| 162 | def testParsePersonData(self): |
| 163 | mr = testing_helpers.MakeMonorailRequest( |
| 164 | path='/p/proj/people/detail?u=111', |
| 165 | project=self.project) |
| 166 | post_data = fake.PostData( |
| 167 | role=['owner'], extra_perms=['ViewQuota', 'EditIssue']) |
| 168 | u, r, ac, n, _, _ = self.servlet.ParsePersonData(mr, post_data) |
| 169 | self.assertEqual(111, u) |
| 170 | self.assertEqual('owner', r) |
| 171 | self.assertEqual(['ViewQuota', 'EditIssue'], ac) |
| 172 | self.assertEqual('', n) |
| 173 | |
| 174 | post_data = fake.PostData({ |
| 175 | 'role': ['owner'], |
| 176 | 'extra_perms': [' ', ' \t'], |
| 177 | 'notes': [''], |
| 178 | 'ac_include': [123], |
| 179 | 'ac_expand': [123], |
| 180 | }) |
| 181 | (u, r, ac, n, ac_exclusion, no_expand |
| 182 | ) = self.servlet.ParsePersonData(mr, post_data) |
| 183 | self.assertEqual(111, u) |
| 184 | self.assertEqual('owner', r) |
| 185 | self.assertEqual([], ac) |
| 186 | self.assertEqual('', n) |
| 187 | self.assertFalse(ac_exclusion) |
| 188 | self.assertFalse(no_expand) |
| 189 | |
| 190 | post_data = fake.PostData({ |
| 191 | 'username': ['jrobbins'], |
| 192 | 'role': ['owner'], |
| 193 | 'extra_perms': ['_ViewQuota', ' __EditIssue'], |
| 194 | 'notes': [' Our local Python expert '], |
| 195 | }) |
| 196 | (u, r, ac, n, ac_exclusion, no_expand |
| 197 | )= self.servlet.ParsePersonData(mr, post_data) |
| 198 | self.assertEqual(111, u) |
| 199 | self.assertEqual('owner', r) |
| 200 | self.assertEqual(['ViewQuota', 'EditIssue'], ac) |
| 201 | self.assertEqual('Our local Python expert', n) |
| 202 | self.assertTrue(ac_exclusion) |
| 203 | self.assertTrue(no_expand) |
| 204 | |
| 205 | def testCanEditMemberNotes(self): |
| 206 | """Only owners can edit member notes.""" |
| 207 | mr = testing_helpers.MakeMonorailRequest( |
| 208 | path='/p/proj/people/detail?u=111', |
| 209 | project=self.project, |
| 210 | perms=permissions.CONTRIBUTOR_ACTIVE_PERMISSIONSET) |
| 211 | result = self.servlet.CanEditMemberNotes(mr, 222) |
| 212 | self.assertFalse(result) |
| 213 | |
| 214 | mr.auth.user_id = 222 |
| 215 | result = self.servlet.CanEditMemberNotes(mr, 222) |
| 216 | self.assertTrue(result) |
| 217 | |
| 218 | mr = testing_helpers.MakeMonorailRequest( |
| 219 | path='/p/proj/people/detail?u=111', |
| 220 | project=self.project, |
| 221 | perms=permissions.OWNER_ACTIVE_PERMISSIONSET) |
| 222 | result = self.servlet.CanEditMemberNotes(mr, 222) |
| 223 | self.assertTrue(result) |
| 224 | |
| 225 | def testCanEditPerms(self): |
| 226 | """Only owners can edit member perms.""" |
| 227 | mr = testing_helpers.MakeMonorailRequest( |
| 228 | path='/p/proj/people/detail?u=111', |
| 229 | project=self.project, |
| 230 | perms=permissions.CONTRIBUTOR_ACTIVE_PERMISSIONSET) |
| 231 | result = self.servlet.CanEditPerms(mr) |
| 232 | self.assertFalse(result) |
| 233 | |
| 234 | mr = testing_helpers.MakeMonorailRequest( |
| 235 | path='/p/proj/people/detail?u=111', |
| 236 | project=self.project, |
| 237 | perms=permissions.OWNER_ACTIVE_PERMISSIONSET) |
| 238 | result = self.servlet.CanEditPerms(mr) |
| 239 | self.assertTrue(result) |
| 240 | |
| 241 | def testCanRemoveRole(self): |
| 242 | """Owners can remove members. Users could also remove themselves.""" |
| 243 | mr = testing_helpers.MakeMonorailRequest( |
| 244 | path='/p/proj/people/detail?u=111', |
| 245 | project=self.project, |
| 246 | perms=permissions.CONTRIBUTOR_ACTIVE_PERMISSIONSET) |
| 247 | result = self.servlet.CanRemoveRole(mr, 222) |
| 248 | self.assertFalse(result) |
| 249 | |
| 250 | mr.auth.user_id = 111 |
| 251 | result = self.servlet.CanRemoveRole(mr, 111) |
| 252 | self.assertTrue(result) |
| 253 | |
| 254 | mr = testing_helpers.MakeMonorailRequest( |
| 255 | path='/p/proj/people/detail?u=111', |
| 256 | project=self.project, |
| 257 | perms=permissions.OWNER_ACTIVE_PERMISSIONSET) |
| 258 | result = self.servlet.CanRemoveRole(mr, 222) |
| 259 | self.assertTrue(result) |