blob: 792ffb27ce8f219918e4235be3d7516e748af2d9 [file] [log] [blame]
Adrià Vilanova Martínezf19ea432024-01-23 20:20:52 +01001# Copyright 2016 The Chromium Authors
2# Use of this source code is governed by a BSD-style license that can be
3# found in the LICENSE file.
Copybara854996b2021-09-07 19:36:02 +00004
5"""Unittest for the people detail page."""
6from __future__ import print_function
7from __future__ import division
8from __future__ import absolute_import
9
10import logging
11
12import unittest
13
Copybara854996b2021-09-07 19:36:02 +000014from framework import authdata
15from framework import exceptions
16from framework import permissions
17from project import peopledetail
Adrià Vilanova Martínezf19ea432024-01-23 20:20:52 +010018from mrproto import project_pb2
Copybara854996b2021-09-07 19:36:02 +000019from services import service_manager
20from testing import fake
21from testing import testing_helpers
22
23
24class PeopleDetailTest(unittest.TestCase):
25
26 def setUp(self):
27 services = service_manager.Services(
28 project=fake.ProjectService(),
29 usergroup=fake.UserGroupService(),
30 user=fake.UserService())
31 services.user.TestAddUser('jrobbins', 111)
32 services.user.TestAddUser('jrobbins@jrobbins.org', 333)
33 services.user.TestAddUser('jrobbins@chromium.org', 555)
34 services.user.TestAddUser('imso31337@gmail.com', 999)
35 self.project = services.project.TestAddProject('proj')
36 self.project.owner_ids.extend([111, 222])
37 self.project.committer_ids.extend([333, 444])
38 self.project.contributor_ids.extend([555])
Adrià Vilanova Martínezf19ea432024-01-23 20:20:52 +010039 self.servlet = peopledetail.PeopleDetail(services=services)
Copybara854996b2021-09-07 19:36:02 +000040
41 def VerifyAccess(self, exception_expected):
42 mr = testing_helpers.MakeMonorailRequest(
43 path='/p/proj/people/detail?u=111',
44 project=self.project,
45 perms=permissions.OWNER_ACTIVE_PERMISSIONSET)
46 self.servlet.AssertBasePermission(mr)
47 # Owner never raises PermissionException.
48
49 mr = testing_helpers.MakeMonorailRequest(
50 path='/p/proj/people/detail?u=333',
51 project=self.project,
52 perms=permissions.COMMITTER_ACTIVE_PERMISSIONSET)
53 self.servlet.AssertBasePermission(mr)
54 # Committer never raises PermissionException.
55
56 mr = testing_helpers.MakeMonorailRequest(
57 path='/p/proj/people/detail?u=555',
58 project=self.project,
59 perms=permissions.CONTRIBUTOR_ACTIVE_PERMISSIONSET)
60 if exception_expected:
61 self.assertRaises(permissions.PermissionException,
62 self.servlet.AssertBasePermission, mr)
63 else:
64 self.servlet.AssertBasePermission(mr)
65 # No PermissionException raised
66
67 # Sign-out users
68 mr = testing_helpers.MakeMonorailRequest(
69 path='/p/proj/people/detail?u=555',
70 project=self.project,
71 perms=permissions.READ_ONLY_PERMISSIONSET)
72 if exception_expected:
73 self.assertRaises(permissions.PermissionException,
74 self.servlet.AssertBasePermission, mr)
75 else:
76 self.servlet.AssertBasePermission(mr)
77
78 # Non-membr users
79 mr = testing_helpers.MakeMonorailRequest(
80 path='/p/proj/people/detail?u=555',
81 project=self.project,
82 perms=permissions.USER_PERMISSIONSET)
83 if exception_expected:
84 self.assertRaises(permissions.PermissionException,
85 self.servlet.AssertBasePermission, mr)
86 else:
87 self.servlet.AssertBasePermission(mr)
88
89 def testAssertBasePermission_Normal(self):
90 self.VerifyAccess(False)
91
92 def testAssertBasePermission_HubSpoke(self):
93 self.project.only_owners_see_contributors = True
94 self.VerifyAccess(True)
95
96 def testAssertBasePermission_HubSpokeViewingSelf(self):
97 self.project.only_owners_see_contributors = True
98 mr = testing_helpers.MakeMonorailRequest(
99 path='/p/proj/people/detail?u=333',
100 project=self.project,
101 perms=permissions.COMMITTER_ACTIVE_PERMISSIONSET)
102 mr.auth.user_id = 333
103 self.servlet.AssertBasePermission(mr)
104 # No PermissionException raised
105
106 def testGatherPageData(self):
107 mr = testing_helpers.MakeMonorailRequest(
108 path='/p/proj/people/detail?u=111',
109 project=self.project,
110 perms=permissions.OWNER_ACTIVE_PERMISSIONSET)
111 mr.auth = authdata.AuthData()
112 page_data = self.servlet.GatherPageData(mr)
113 self.assertFalse(page_data['warn_abandonment'])
114 self.assertEqual(2, page_data['total_num_owners'])
115 # TODO(jrobbins): fill in tests for all other aspects.
116
117 def testValidateMemberID(self):
118 # We can validate owners
119 self.assertEqual(
120 111, self.servlet.ValidateMemberID('fake cnxn', 111, self.project))
121
122 # We can parse members
123 self.assertEqual(
124 333, self.servlet.ValidateMemberID('fake cnxn', 333, self.project))
125
126 # 404 for user that does not exist
Adrià Vilanova Martínezf19ea432024-01-23 20:20:52 +0100127 with self.assertRaises(Exception) as cm:
Copybara854996b2021-09-07 19:36:02 +0000128 self.servlet.ValidateMemberID('fake cnxn', 8933, self.project)
129 self.assertEqual(404, cm.exception.code)
130
131 # 404 for valid user that is not in this project
Adrià Vilanova Martínezf19ea432024-01-23 20:20:52 +0100132 with self.assertRaises(Exception) as cm:
Copybara854996b2021-09-07 19:36:02 +0000133 self.servlet.ValidateMemberID('fake cnxn', 999, self.project)
134 self.assertEqual(404, cm.exception.code)
135
136 def testParsePersonData_BadPost(self):
137 mr = testing_helpers.MakeMonorailRequest(
138 path='/p/proj/people/detail',
139 project=self.project)
140 post_data = fake.PostData()
141 with self.assertRaises(exceptions.InputException):
142 _result = self.servlet.ParsePersonData(mr, post_data)
143
144 def testParsePersonData_NoDetails(self):
145 mr = testing_helpers.MakeMonorailRequest(
146 path='/p/proj/people/detail?u=111',
147 project=self.project)
148 post_data = fake.PostData(role=['owner'])
149 u, r, ac, n, _, _ = self.servlet.ParsePersonData(mr, post_data)
150 self.assertEqual(111, u)
151 self.assertEqual('owner', r)
152 self.assertEqual([], ac)
153 self.assertEqual('', n)
154
155 mr = testing_helpers.MakeMonorailRequest(
156 path='/p/proj/people/detail?u=333',
157 project=self.project)
158 post_data = fake.PostData(role=['owner'])
159 u, r, ac, n, _, _ = self.servlet.ParsePersonData(mr, post_data)
160 self.assertEqual(333, u)
161
162 def testParsePersonData(self):
163 mr = testing_helpers.MakeMonorailRequest(
164 path='/p/proj/people/detail?u=111',
165 project=self.project)
166 post_data = fake.PostData(
167 role=['owner'], extra_perms=['ViewQuota', 'EditIssue'])
168 u, r, ac, n, _, _ = self.servlet.ParsePersonData(mr, post_data)
169 self.assertEqual(111, u)
170 self.assertEqual('owner', r)
171 self.assertEqual(['ViewQuota', 'EditIssue'], ac)
172 self.assertEqual('', n)
173
174 post_data = fake.PostData({
175 'role': ['owner'],
176 'extra_perms': [' ', ' \t'],
177 'notes': [''],
178 'ac_include': [123],
179 'ac_expand': [123],
180 })
181 (u, r, ac, n, ac_exclusion, no_expand
182 ) = self.servlet.ParsePersonData(mr, post_data)
183 self.assertEqual(111, u)
184 self.assertEqual('owner', r)
185 self.assertEqual([], ac)
186 self.assertEqual('', n)
187 self.assertFalse(ac_exclusion)
188 self.assertFalse(no_expand)
189
190 post_data = fake.PostData({
191 'username': ['jrobbins'],
192 'role': ['owner'],
193 'extra_perms': ['_ViewQuota', ' __EditIssue'],
194 'notes': [' Our local Python expert '],
195 })
196 (u, r, ac, n, ac_exclusion, no_expand
197 )= self.servlet.ParsePersonData(mr, post_data)
198 self.assertEqual(111, u)
199 self.assertEqual('owner', r)
200 self.assertEqual(['ViewQuota', 'EditIssue'], ac)
201 self.assertEqual('Our local Python expert', n)
202 self.assertTrue(ac_exclusion)
203 self.assertTrue(no_expand)
204
205 def testCanEditMemberNotes(self):
206 """Only owners can edit member notes."""
207 mr = testing_helpers.MakeMonorailRequest(
208 path='/p/proj/people/detail?u=111',
209 project=self.project,
210 perms=permissions.CONTRIBUTOR_ACTIVE_PERMISSIONSET)
211 result = self.servlet.CanEditMemberNotes(mr, 222)
212 self.assertFalse(result)
213
214 mr.auth.user_id = 222
215 result = self.servlet.CanEditMemberNotes(mr, 222)
216 self.assertTrue(result)
217
218 mr = testing_helpers.MakeMonorailRequest(
219 path='/p/proj/people/detail?u=111',
220 project=self.project,
221 perms=permissions.OWNER_ACTIVE_PERMISSIONSET)
222 result = self.servlet.CanEditMemberNotes(mr, 222)
223 self.assertTrue(result)
224
225 def testCanEditPerms(self):
226 """Only owners can edit member perms."""
227 mr = testing_helpers.MakeMonorailRequest(
228 path='/p/proj/people/detail?u=111',
229 project=self.project,
230 perms=permissions.CONTRIBUTOR_ACTIVE_PERMISSIONSET)
231 result = self.servlet.CanEditPerms(mr)
232 self.assertFalse(result)
233
234 mr = testing_helpers.MakeMonorailRequest(
235 path='/p/proj/people/detail?u=111',
236 project=self.project,
237 perms=permissions.OWNER_ACTIVE_PERMISSIONSET)
238 result = self.servlet.CanEditPerms(mr)
239 self.assertTrue(result)
240
241 def testCanRemoveRole(self):
242 """Owners can remove members. Users could also remove themselves."""
243 mr = testing_helpers.MakeMonorailRequest(
244 path='/p/proj/people/detail?u=111',
245 project=self.project,
246 perms=permissions.CONTRIBUTOR_ACTIVE_PERMISSIONSET)
247 result = self.servlet.CanRemoveRole(mr, 222)
248 self.assertFalse(result)
249
250 mr.auth.user_id = 111
251 result = self.servlet.CanRemoveRole(mr, 111)
252 self.assertTrue(result)
253
254 mr = testing_helpers.MakeMonorailRequest(
255 path='/p/proj/people/detail?u=111',
256 project=self.project,
257 perms=permissions.OWNER_ACTIVE_PERMISSIONSET)
258 result = self.servlet.CanRemoveRole(mr, 222)
259 self.assertTrue(result)