Blame - search/test/search_helpers_test.py - monorail-avm99963

blob: b9cfb511eb5abfb9fb027b46c839d0cbe4e29d31 [file] [log] [blame]

Copybara	854996b	2021-09-07 19:36:02 +0000	[diff] [blame]	1	# Copyright 2018 The Chromium Authors. All rights reserved.
				2	# Use of this source code is governed by a BSD-style
				3	# license that can be found in the LICENSE file or at
				4	# https://developers.google.com/open-source/licenses/bsd
				5
				6	"""Unit tests for monorail.search.search_helpers."""
				7	from __future__ import print_function
				8	from __future__ import division
				9	from __future__ import absolute_import
				10
Adrià Vilanova Martínez	9f9ade5	2022-10-10 23:20:11 +0200	[diff] [blame^]	11	try:
				12	from mox3 import mox
				13	except ImportError:
				14	import mox
Copybara	854996b	2021-09-07 19:36:02 +0000	[diff] [blame]	15	import unittest
				16
				17	from search import search_helpers
				18
				19	from google.appengine.ext import testbed
				20	from framework import permissions
				21	from framework import sql
				22	from proto import user_pb2
				23	from services import chart_svc
				24	from services import service_manager
				25	from testing import fake
				26
				27
				28	def MakeChartService(my_mox, config):
				29	chart_service = chart_svc.ChartService(config)
				30	for table_var in ['issuesnapshot_tbl', 'labeldef_tbl']:
				31	setattr(chart_service, table_var, my_mox.CreateMock(sql.SQLTableManager))
				32	return chart_service
				33
				34
				35	class SearchHelpersTest(unittest.TestCase):
				36	"""Tests for functions in search_helpers.
				37
				38	Also covered by search.backendnonviewable.GetAtRiskIIDs cases.
				39	"""
				40
				41	def setUp(self):
				42	self.testbed = testbed.Testbed()
				43	self.testbed.activate()
				44	self.testbed.init_memcache_stub()
				45
				46	self.mox = mox.Mox()
				47	self.cnxn = self.mox.CreateMock(sql.MonorailConnection)
				48	self.services = service_manager.Services()
				49	self.services.chart = MakeChartService(self.mox, self.services.config)
				50	self.config_service = fake.ConfigService()
				51	self.user = user_pb2.User()
				52
				53	def testGetPersonalAtRiskLabelIDs_ReadOnly(self):
				54	"""Test returns risky IDs a read-only user cannot access."""
				55	self.mox.StubOutWithMock(self.config_service, 'GetLabelDefRowsAnyProject')
				56	self.config_service.GetLabelDefRowsAnyProject(
				57	self.cnxn, where=[('LOWER(label) LIKE %s', ['restrict-view-%'])]
				58	).AndReturn([
				59	(123, 789, 0, 'Restrict-View-Google', 'docstring', 0),
				60	(124, 789, 0, 'Restrict-View-SecurityTeam', 'docstring', 0),
				61	])
				62
				63	self.mox.ReplayAll()
				64	ids = search_helpers.GetPersonalAtRiskLabelIDs(
				65	self.cnxn,
				66	self.user,
				67	self.config_service,
				68	effective_ids=[10, 20],
				69	project=fake.Project(project_id=789),
				70	perms=permissions.READ_ONLY_PERMISSIONSET)
				71	self.mox.VerifyAll()
				72
				73	self.assertEqual(ids, [123, 124])
				74
				75	def testGetPersonalAtRiskLabelIDs_LoggedInUser(self):
				76	"""Test returns restricted label IDs a logged in user cannot access."""
				77	self.mox.StubOutWithMock(self.config_service, 'GetLabelDefRowsAnyProject')
				78	self.config_service.GetLabelDefRowsAnyProject(
				79	self.cnxn, where=[('LOWER(label) LIKE %s', ['restrict-view-%'])]
				80	).AndReturn([
				81	(123, 789, 0, 'Restrict-View-Google', 'docstring', 0),
				82	(124, 789, 0, 'Restrict-View-SecurityTeam', 'docstring', 0),
				83	])
				84
				85	self.mox.ReplayAll()
				86	ids = search_helpers.GetPersonalAtRiskLabelIDs(
				87	self.cnxn,
				88	self.user,
				89	self.config_service,
				90	effective_ids=[10, 20],
				91	project=fake.Project(project_id=789),
				92	perms=permissions.USER_PERMISSIONSET)
				93	self.mox.VerifyAll()
				94
				95	self.assertEqual(ids, [123, 124])
				96
				97	def testGetPersonalAtRiskLabelIDs_UserWithRVG(self):
				98	"""Test returns restricted label IDs a logged in user cannot access."""
				99	self.mox.StubOutWithMock(self.config_service, 'GetLabelDefRowsAnyProject')
				100	self.config_service.GetLabelDefRowsAnyProject(
				101	self.cnxn, where=[('LOWER(label) LIKE %s', ['restrict-view-%'])]
				102	).AndReturn([
				103	(123, 789, 0, 'Restrict-View-Google', 'docstring', 0),
				104	(124, 789, 0, 'Restrict-View-SecurityTeam', 'docstring', 0),
				105	])
				106
				107	self.mox.ReplayAll()
				108	perms = permissions.PermissionSet(['Google'])
				109	ids = search_helpers.GetPersonalAtRiskLabelIDs(
				110	self.cnxn,
				111	self.user,
				112	self.config_service,
				113	effective_ids=[10, 20],
				114	project=fake.Project(project_id=789),
				115	perms=perms)
				116	self.mox.VerifyAll()
				117
				118	self.assertEqual(ids, [124])
				119
				120	def testGetPersonalAtRiskLabelIDs_Admin(self):
				121	"""Test returns nothing for an admin (who can view everything)."""
				122	self.user.is_site_admin = True
				123	self.mox.ReplayAll()
				124	ids = search_helpers.GetPersonalAtRiskLabelIDs(
				125	self.cnxn,
				126	self.user,
				127	self.config_service,
				128	effective_ids=[10, 20],
				129	project=fake.Project(project_id=789),
				130	perms=permissions.ADMIN_PERMISSIONSET)
				131	self.mox.VerifyAll()
				132
				133	self.assertEqual(ids, [])