blob: 643b1a6216327db7f7e81efd9c163a52ab07fb61 [file] [log] [blame]
Adrià Vilanova Martínezf19ea432024-01-23 20:20:52 +01001# Copyright 2016 The Chromium Authors
2# Use of this source code is governed by a BSD-style license that can be
3# found in the LICENSE file.
Copybara854996b2021-09-07 19:36:02 +00004
5"""Unittest for Hotlist People servlet."""
6from __future__ import print_function
7from __future__ import division
8from __future__ import absolute_import
9
Adrià Vilanova Martínez9f9ade52022-10-10 23:20:11 +020010try:
11 from mox3 import mox
12except ImportError:
13 import mox
Copybara854996b2021-09-07 19:36:02 +000014import unittest
15import logging
16
17import ezt
18
19from testing import fake
20from features import hotlistpeople
21from framework import permissions
22from services import service_manager
23from testing import testing_helpers
24
25class HotlistPeopleListTest(unittest.TestCase):
26
27 def setUp(self):
28 self.services = service_manager.Services(
29 features=fake.FeaturesService(),
30 project=fake.ProjectService(),
31 user=fake.UserService(),
32 usergroup=fake.UserGroupService())
33 self.owner_user = self.services.user.TestAddUser('buzbuz@gmail.com', 111)
34 self.editor_user = self.services.user.TestAddUser('monica@gmail.com', 222)
35 self.non_member_user = self.services.user.TestAddUser(
36 'who-dis@gmail.com', 333)
37 self.private_hotlist = self.services.features.TestAddHotlist(
38 'PrivateHotlist', 'owner only', [111], [222], is_private=True)
39 self.public_hotlist = self.services.features.TestAddHotlist(
40 'PublicHotlist', 'everyone', [111], [222], is_private=False)
Adrià Vilanova Martínezf19ea432024-01-23 20:20:52 +010041 self.servlet = hotlistpeople.HotlistPeopleList(services=self.services)
Copybara854996b2021-09-07 19:36:02 +000042 self.mox = mox.Mox()
43
44 def tearDown(self):
45 self.mox.UnsetStubs()
46 self.mox.ResetAll()
47
48 def testAssertBasePermission(self):
49 # owner can view people in private hotlist
50 mr = testing_helpers.MakeMonorailRequest(
51 hotlist=self.private_hotlist, perms=permissions.EMPTY_PERMISSIONSET)
52 mr.auth.effective_ids = {111, 444}
53 self.servlet.AssertBasePermission(mr)
54
55 # editor can view people in private hotlist
56 mr.auth.effective_ids = {222, 333}
57 self.servlet.AssertBasePermission(mr)
58
59 # non-members cannot view people in private hotlist
60 mr.auth.effective_ids = {444, 333}
61 self.assertRaises(permissions.PermissionException,
62 self.servlet.AssertBasePermission, mr)
63
64 # owner can view people in public hotlist
65 mr = testing_helpers.MakeMonorailRequest(hotlist=self.public_hotlist)
66 mr.auth.effective_ids = {111, 444}
67 self.servlet.AssertBasePermission(mr)
68
69 # editor can view people in public hotlist
70 mr.auth.effective_ids = {222, 333}
71 self.servlet.AssertBasePermission(mr)
72
73 # non-members cannot view people in public hotlist
74 mr.auth.effective_ids = {444, 333}
75 self.servlet.AssertBasePermission(mr)
76
77 def testGatherPageData(self):
78 mr = testing_helpers.MakeMonorailRequest(
79 hotlist=self.public_hotlist, perms=permissions.EMPTY_PERMISSIONSET)
80 mr.auth.user_id = 111
81 mr.auth.effective_ids = {111}
82 mr.cnxn = 'fake cnxn'
83 page_data = self.servlet.GatherPageData(mr)
84 self.assertEqual(ezt.boolean(True), page_data['offer_membership_editing'])
85 self.assertEqual(ezt.boolean(False), page_data['offer_remove_self'])
86 self.assertEqual(page_data['total_num_owners'], 1)
87 self.assertEqual(page_data['newly_added_views'], [])
88 self.assertEqual(len(page_data['pagination'].visible_results), 2)
89
90 # non-owners cannot edit people list
91 mr.auth.user_id = 222
92 mr.auth.effective_ids = {222}
93 page_data = self.servlet.GatherPageData(mr)
94 self.assertEqual(ezt.boolean(False), page_data['offer_membership_editing'])
95 self.assertEqual(ezt.boolean(True), page_data['offer_remove_self'])
96
97 mr.auth.user_id = 333
98 mr.auth.effective_ids = {333}
99 page_data = self.servlet.GatherPageData(mr)
100 self.assertEqual(ezt.boolean(False), page_data['offer_membership_editing'])
101 self.assertEqual(ezt.boolean(False), page_data['offer_remove_self'])
102
103 def testProcessFormData_Permission(self):
104 """Only owner can change member of hotlist."""
105 mr = testing_helpers.MakeMonorailRequest(
106 path='/u/buzbuz@gmail.com/hotlists/PrivateHotlist/people',
107 hotlist=self.private_hotlist, perms=permissions.EMPTY_PERMISSIONSET)
108 mr.auth.effective_ids = {111, 444}
109 self.servlet.ProcessFormData(mr, {})
110
111 mr.auth.effective_ids = {222, 444}
112 self.assertRaises(permissions.PermissionException,
113 self.servlet.ProcessFormData, mr, {})
114
115 def testProcessRemoveMembers(self):
116 hotlist = self.servlet.services.features.TestAddHotlist(
117 'HotlistName', 'removing 222, monica', [111], [222])
118 mr = testing_helpers.MakeMonorailRequest(
119 path='/u/buzbuz@gmail.com/hotlists/HotlistName/people',
120 hotlist=hotlist)
121 mr.hotlist_id = hotlist.hotlist_id
122 post_data = fake.PostData(
123 remove = ['monica@gmail.com'])
124 url = self.servlet.ProcessRemoveMembers(
125 mr, post_data, '/u/111/hotlists/HotlistName')
126 self.assertTrue('/u/111/hotlists/HotlistName/people' in url)
127 self.assertEqual(hotlist.editor_ids, [])
128
129 def testProcessRemoveSelf(self):
130 hotlist = self.servlet.services.features.TestAddHotlist(
131 'HotlistName', 'self removing 222, monica', [111], [222])
132 mr = testing_helpers.MakeMonorailRequest(
133 path='/u/buzbuz@gmail.com/hotlists/HotlistName/people',
134 hotlist=hotlist)
135 mr.hotlist_id = hotlist.hotlist_id
136 mr.cnxn = 'fake cnxn'
137 # The owner cannot be removed using ProcessRemoveSelf(); this is enforced
138 # by permission in ProcessFormData, not in the function itself;
139 # nor may a random user...
140 mr.auth.user_id = 333
141 mr.auth.effective_ids = {333}
142 url = self.servlet.ProcessRemoveSelf(mr, '/u/111/hotlists/HotlistName')
143 self.assertTrue('/u/111/hotlists/HotlistName/people' in url)
144 self.assertEqual(hotlist.owner_ids, [111])
145 self.assertEqual(hotlist.editor_ids, [222])
146 # ...but an editor can.
147 mr.auth.user_id = 222
148 mr.auth.effective_ids = {222}
149 url = self.servlet.ProcessRemoveSelf(mr, '/u/111/hotlists/HotlistName')
150 self.assertTrue('/u/111/hotlists/HotlistName/people' in url)
151 self.assertEqual(hotlist.owner_ids, [111])
152 self.assertEqual(hotlist.editor_ids, [])
153
154 def testProcessAddMembers(self):
155 hotlist = self.servlet.services.features.TestAddHotlist(
156 'HotlistName', 'adding 333, who-dis', [111], [222])
157 mr = testing_helpers.MakeMonorailRequest(
158 path='/u/buzbuz@gmail.com/hotlists/HotlistName/people',
159 hotlist=hotlist)
160 mr.hotlist_id = hotlist.hotlist_id
161 post_data = fake.PostData(
162 addmembers = ['who-dis@gmail.com'],
163 role = ['editor'])
164 url = self.servlet.ProcessAddMembers(
165 mr, post_data, '/u/111/hotlists/HotlistName')
166 self.assertTrue('/u/111/hotlists/HotlistName/people' in url)
167 self.assertEqual(hotlist.editor_ids, [222, 333])
168
169 def testProcessAddMembers_OwnerToEditor(self):
170 hotlist = self.servlet.services.features.TestAddHotlist(
171 'HotlistName', 'adding owner 111, buzbuz as editor', [111], [222])
172 mr = testing_helpers.MakeMonorailRequest(
173 path='/u/buzbuz@gmail.com/hotlists/HotlistName/people',
174 hotlist=hotlist)
175 mr.hotlist_id = hotlist.hotlist_id
176 addmembers_input = 'buzbuz@gmail.com'
177 post_data = fake.PostData(
178 addmembers = [addmembers_input],
179 role = ['editor'])
180 self.mox.StubOutWithMock(self.servlet, 'PleaseCorrect')
181 self.servlet.PleaseCorrect(
182 mr, initial_add_members=addmembers_input, initially_expand_form=True)
183 self.mox.ReplayAll()
184 url = self.servlet.ProcessAddMembers(
185 mr, post_data, '/u/111/hotlists/HotlistName')
186 self.mox.VerifyAll()
187 self.assertEqual(
188 'Cannot have a hotlist without an owner; please leave at least one.',
189 mr.errors.addmembers)
190 self.assertIsNone(url)
191 # Verify that no changes have actually occurred.
192 self.assertEqual(hotlist.owner_ids, [111])
193 self.assertEqual(hotlist.editor_ids, [222])
194
195 def testProcessChangeOwnership(self):
196 hotlist = self.servlet.services.features.TestAddHotlist(
197 'HotlistName', 'new owner 333, who-dis', [111], [222])
198 mr = testing_helpers.MakeMonorailRequest(
199 path='/u/buzbuz@gmail.com/hotlists/HotlistName/people',
200 hotlist=hotlist)
201 mr.hotlist_id = hotlist.hotlist_id
202 post_data = fake.PostData(
203 changeowners = ['who-dis@gmail.com'],
204 becomeeditor = ['on'])
205 url = self.servlet.ProcessChangeOwnership(mr, post_data)
206 self.assertTrue('/u/333/hotlists/HotlistName/people' in url)
207 self.assertEqual(hotlist.owner_ids, [333])
208 self.assertEqual(hotlist.editor_ids, [222, 111])
209
210 def testProcessChangeOwnership_UnownedHotlist(self):
211 hotlist = self.services.features.TestAddHotlist(
212 'unowned', 'new owner 333, who-dis', [], [222])
213 mr = testing_helpers.MakeMonorailRequest(
214 path='/whatever',
215 hotlist=hotlist)
216 mr.hotlist_id = hotlist.hotlist_id
217 post_data = fake.PostData(
218 changeowners = ['who-dis@gmail.com'],
219 becomeeditor = ['on'])
220 self.servlet.ProcessChangeOwnership(mr, post_data)
221 self.assertEqual([333], mr.hotlist.owner_ids)
222
223 def testProcessChangeOwnership_BadEmail(self):
224 hotlist = self.servlet.services.features.TestAddHotlist(
225 'HotlistName', 'new owner 333, who-dis', [111], [222])
226 mr = testing_helpers.MakeMonorailRequest(
227 path='/u/buzbuz@gmail.com/hotlists/HotlistName/people',
228 hotlist=hotlist)
229 mr.hotlist_id = hotlist.hotlist_id
230 changeowners_input = 'who-dis@gmail.com, extra-email@gmail.com'
231 post_data = fake.PostData(
232 changeowners = [changeowners_input],
233 becomeeditor = ['on'])
234 self.mox.StubOutWithMock(self.servlet, 'PleaseCorrect')
235 self.servlet.PleaseCorrect(
236 mr, initial_new_owner_username=changeowners_input, open_dialog='yes')
237 self.mox.ReplayAll()
238 url = self.servlet.ProcessChangeOwnership(mr, post_data)
239 self.mox.VerifyAll()
240 self.assertEqual(
241 'Please add one valid user email.', mr.errors.transfer_ownership)
242 self.assertIsNone(url)
243
244 def testProcessChangeOwnership_DuplicateName(self):
245 # other_hotlist = self.servlet.services.features.TestAddHotlist(
246 # 'HotlistName', 'hotlist with same name', [333], [])
247 # hotlist = self.servlet.services.features.TestAddHotlist(
248 # 'HotlistName', 'new owner 333, who-dis', [111], [222])
249
250 # in the test_hotlists dict of features_service in testing/fake
251 # 'other_hotlist' is overwritten by 'hotlist'
252 # TODO(jojwang): edit the fake features_service to allow hotlists
253 # with the same name but different owners
254 pass