diff --git a/pagure/api/project.py b/pagure/api/project.py index 2f22e95..88b4c32 100644 --- a/pagure/api/project.py +++ b/pagure/api/project.py @@ -1760,9 +1760,10 @@ def api_modify_acls(repo, namespace=None, username=None): | | | | should be changed. | | | | | | +------------------+---------+---------------+---------------------------+ - | ``acl`` | String | Mandatory | can be either | + | ``acl`` | String | Optional | Can be either unspecified,| | | | | 'ticket', 'commit', | - | | | | 'admin'. | + | | | | 'admin'. If unspecified, | + | | | | the access will be removed| | | | | | +------------------+---------+---------------+---------------------------+ @@ -1821,23 +1822,31 @@ def api_modify_acls(repo, namespace=None, username=None): raise pagure.exceptions.APIError( 401, error_code=APIERROR.EINVALIDTOK) - is_site_admin = pagure.utils.is_admin() - admins = [u.username for u in project.get_project_users('admin')] - if flask.g.fas_user.username not in admins \ - and flask.g.fas_user.username != project.user.username \ - and not is_site_admin: - raise pagure.exceptions.APIError( - 401, error_code=APIERROR.EMODIFYPROJECTNOTALLOWED) - form = pagure.forms.ModifyACLForm(csrf_enabled=False) if form.validate_on_submit(): + acl = form.acl.data + group = None + user = None if form.user_type.data == 'user': user = form.name.data - group = None else: group = form.name.data - user = None - acl = form.acl.data + + is_site_admin = pagure.utils.is_admin() + admins = [u.username for u in project.get_project_users('admin')] + + if not acl: + if user and flask.g.fas_user.username != user \ + and flask.g.fas_user.username not in admins \ + and flask.g.fas_user.username != project.user.username \ + and not is_site_admin: + raise pagure.exceptions.APIError( + 401, error_code=APIERROR.EMODIFYPROJECTNOTALLOWED) + elif flask.g.fas_user.username not in admins \ + and flask.g.fas_user.username != project.user.username \ + and not is_site_admin: + raise pagure.exceptions.APIError( + 401, error_code=APIERROR.EMODIFYPROJECTNOTALLOWED) if user: user_obj = pagure.lib.search_user(flask.g.session, username=user) @@ -1852,25 +1861,47 @@ def api_modify_acls(repo, namespace=None, username=None): raise pagure.exceptions.APIError( 404, error_code=APIERROR.ENOGROUP) - if user and user_obj not in project.access_users[acl] and \ - user_obj != project.user.user: - msg = pagure.lib.add_user_to_project( - session=flask.g.session, - project=project, - new_user=user, - user=flask.g.fas_user.username, - access=acl - ) - elif group and group_obj not in project.access_groups[acl]: - msg = pagure.lib.add_group_to_project( - session=flask.g.session, - project=project, - new_group=group, - user=flask.g.fas_user.username, - access=acl, - create=pagure_config.get('ENABLE_GROUP_MNGT', False), - is_admin=pagure.utils.is_admin(), - ) + if acl: + if user and user_obj not in project.access_users[acl] and \ + user_obj.user != project.user.user: + _log.info( + 'Adding user %s to project: %s', user, project.fullname) + pagure.lib.add_user_to_project( + session=flask.g.session, + project=project, + new_user=user, + user=flask.g.fas_user.username, + access=acl + ) + elif group and group_obj not in project.access_groups[acl]: + _log.info( + 'Adding group %s to project: %s', group, + project.fullname) + pagure.lib.add_group_to_project( + session=flask.g.session, + project=project, + new_group=group, + user=flask.g.fas_user.username, + access=acl, + create=pagure_config.get('ENABLE_GROUP_MNGT', False), + is_admin=pagure.utils.is_admin(), + ) + else: + if user: + _log.info( + 'Looking at removing user %s from project %s', user, + project.fullname) + try: + msg = pagure.lib.remove_user_of_project( + flask.g.session, user_obj, project, + flask.g.fas_user.username) + except pagure.exceptions.PagureException as err: + raise pagure.exceptions.APIError( + 400, error_code=APIERROR.EINVALIDREQ, + errors='%s' % err) + elif group: + pass + try: flask.g.session.commit() except pagure.exceptions.PagureException as msg: @@ -1880,7 +1911,8 @@ def api_modify_acls(repo, namespace=None, username=None): except SQLAlchemyError as err: _log.exception(err) flask.g.session.rollback() - raise pagure.exceptions.APIError(400, error_code=APIERROR.EDBERROR) + raise pagure.exceptions.APIError( + 400, error_code=APIERROR.EDBERROR) pagure.lib.git.generate_gitolite_acls(project=project) output = project.to_json(api=True, public=True) diff --git a/pagure/forms.py b/pagure/forms.py index c63e1bd..58281db 100644 --- a/pagure/forms.py +++ b/pagure/forms.py @@ -600,9 +600,10 @@ class ModifyACLForm(PagureForm): ) acl = wtforms.SelectField( 'ACL type', - [wtforms.validators.Required()], + [wtforms.validators.Optional()], choices=[('admin', 'Admin'), ('ticket', 'Ticket'), - ('commit', 'Commit')] + ('commit', 'Commit'), (None, None)], + coerce=convert_value ) diff --git a/tests/test_pagure_flask_api_project.py b/tests/test_pagure_flask_api_project.py index b16b083..d5de9e5 100644 --- a/tests/test_pagure_flask_api_project.py +++ b/tests/test_pagure_flask_api_project.py @@ -14,6 +14,7 @@ from __future__ import unicode_literals __requires__ = ['SQLAlchemy >= 0.8'] import pkg_resources +import datetime import json import unittest import shutil @@ -2626,870 +2627,1084 @@ class PagureFlaskApiProjecttests(tests.Modeltests): } self.assertEqual(data, expected_output) - def test_api_modify_acls_no_project(self): - """ Test the api_modify_acls method of the flask api when the project - doesn't exist """ + def test_api_new_git_branch(self): + """ Test the api_new_branch method of the flask api """ tests.create_projects(self.session) + repo_path = os.path.join(self.path, 'repos') + tests.create_projects_git(repo_path, bare=True) + tests.add_content_git_repo(os.path.join(repo_path, 'test.git')) tests.create_tokens(self.session, project_id=None) tests.create_tokens_acl( - self.session, 'aaabbbcccddd', 'modify_project') + self.session, 'aaabbbcccddd', 'create_branch') headers = {'Authorization': 'token aaabbbcccddd'} - - data = { - 'user_type': 'user', - 'name': 'bar', - 'acl': 'commit' + args = {'branch': 'test123'} + output = self.app.post('/api/0/test/git/branch', headers=headers, + data=args) + self.assertEqual(output.status_code, 200) + data = json.loads(output.get_data(as_text=True)) + expected_output = { + 'message': 'Project branch was created', } - output = self.app.post( - '/api/0/test12345123/git/modifyacls', - headers=headers, data=data) - self.assertEqual(output.status_code, 404) + self.assertEqual(data, expected_output) + git_path = os.path.join(self.path, 'repos', 'test.git') + repo_obj = pygit2.Repository(git_path) + self.assertIn('test123', repo_obj.listall_branches()) + + def test_api_new_git_branch_json(self): + """ Test the api_new_branch method of the flask api """ + tests.create_projects(self.session) + repo_path = os.path.join(self.path, 'repos') + tests.create_projects_git(repo_path, bare=True) + tests.add_content_git_repo(os.path.join(repo_path, 'test.git')) + tests.create_tokens(self.session, project_id=None) + tests.create_tokens_acl( + self.session, 'aaabbbcccddd', 'create_branch') + headers = {'Authorization': 'token aaabbbcccddd', + 'Content-Type': 'application/json'} + args = {'branch': 'test123'} + output = self.app.post('/api/0/test/git/branch', headers=headers, + data=json.dumps(args)) + self.assertEqual(output.status_code, 200) data = json.loads(output.get_data(as_text=True)) expected_output = { - 'error_code': 'ENOPROJECT', - 'error': 'Project not found' + 'message': 'Project branch was created', } self.assertEqual(data, expected_output) + git_path = os.path.join(self.path, 'repos', 'test.git') + repo_obj = pygit2.Repository(git_path) + self.assertIn('test123', repo_obj.listall_branches()) - def test_api_modify_acls_no_user(self): - """ Test the api_modify_acls method of the flask api when the user - doesn't exist """ + def test_api_new_git_branch_from_branch(self): + """ Test the api_new_branch method of the flask api """ tests.create_projects(self.session) + repo_path = os.path.join(self.path, 'repos') + tests.create_projects_git(repo_path, bare=True) + tests.add_content_git_repo(os.path.join(repo_path, 'test.git')) tests.create_tokens(self.session, project_id=None) tests.create_tokens_acl( - self.session, 'aaabbbcccddd', 'modify_project') + self.session, 'aaabbbcccddd', 'create_branch') + git_path = os.path.join(self.path, 'repos', 'test.git') + repo_obj = pygit2.Repository(git_path) + parent = pagure.lib.git.get_branch_ref(repo_obj, 'master').get_object() + repo_obj.create_branch('dev123', parent) headers = {'Authorization': 'token aaabbbcccddd'} - - data = { - 'user_type': 'user', - 'name': 'nosuchuser', - 'acl': 'commit' - } - output = self.app.post( - '/api/0/test/git/modifyacls', - headers=headers, data=data) - self.assertEqual(output.status_code, 404) + args = {'branch': 'test123', 'from_branch': 'dev123'} + output = self.app.post('/api/0/test/git/branch', headers=headers, + data=args) + self.assertEqual(output.status_code, 200) data = json.loads(output.get_data(as_text=True)) expected_output = { - 'error': 'No such user found', - 'error_code': u'ENOUSER' + 'message': 'Project branch was created', } self.assertEqual(data, expected_output) + self.assertIn('test123', repo_obj.listall_branches()) - def test_api_modify_acls_no_group(self): - """ Test the api_modify_acls method of the flask api when the group - doesn't exist """ + def test_api_new_git_branch_already_exists(self): + """ Test the api_new_branch method of the flask api when branch already + exists """ tests.create_projects(self.session) + repo_path = os.path.join(self.path, 'repos') + tests.create_projects_git(repo_path, bare=True) + tests.add_content_git_repo(os.path.join(repo_path, 'test.git')) tests.create_tokens(self.session, project_id=None) tests.create_tokens_acl( - self.session, 'aaabbbcccddd', 'modify_project') + self.session, 'aaabbbcccddd', 'create_branch') headers = {'Authorization': 'token aaabbbcccddd'} - - data = { - 'user_type': 'group', - 'name': 'nosuchgroup', - 'acl': 'commit' - } - output = self.app.post( - '/api/0/test/git/modifyacls', - headers=headers, data=data) - self.assertEqual(output.status_code, 404) + args = {'branch': 'master'} + output = self.app.post('/api/0/test/git/branch', headers=headers, + data=args) + self.assertEqual(output.status_code, 400) data = json.loads(output.get_data(as_text=True)) expected_output = { - 'error': 'Group not found', - 'error_code': 'ENOGROUP' + 'error': 'The branch "master" already exists', + 'error_code': 'ENOCODE' } self.assertEqual(data, expected_output) - def test_api_modify_acls_no_permission(self): - """ Test the api_modify_acls method of the flask api when the user - doesn't have permissions """ + def test_api_new_git_branch_from_commit(self): + """ Test the api_new_branch method of the flask api """ tests.create_projects(self.session) - tests.create_tokens(self.session, project_id=None, user_id=2) + repos_path = os.path.join(self.path, 'repos') + tests.create_projects_git(repos_path, bare=True) + git_path = os.path.join(repos_path, 'test.git') + tests.add_content_git_repo(git_path) + tests.create_tokens(self.session, project_id=None) tests.create_tokens_acl( - self.session, 'aaabbbcccddd', 'modify_project') + self.session, 'aaabbbcccddd', 'create_branch') + repo_obj = pygit2.Repository(git_path) + from_commit = repo_obj.revparse_single('HEAD').oid.hex headers = {'Authorization': 'token aaabbbcccddd'} - - data = { - 'user_type': 'user', - 'name': 'foo', - 'acl': 'commit' - } - output = self.app.post( - '/api/0/test/git/modifyacls', - headers=headers, data=data) - self.assertEqual(output.status_code, 401) + args = {'branch': 'test123', 'from_commit': from_commit} + output = self.app.post('/api/0/test/git/branch', headers=headers, + data=args) + self.assertEqual(output.status_code, 200) data = json.loads(output.get_data(as_text=True)) expected_output = { - 'error': 'You are not allowed to modify this project', - 'error_code': 'EMODIFYPROJECTNOTALLOWED' + 'message': 'Project branch was created', } self.assertEqual(data, expected_output) + self.assertIn('test123', repo_obj.listall_branches()) + + +class PagureFlaskApiProjectFlagtests(tests.Modeltests): + """ Tests for the flask API of pagure for flagging commit in project + """ + + def setUp(self): + """ Set up the environnment, ran before every tests. """ + super(PagureFlaskApiProjectFlagtests, self).setUp() - def test_api_modify_acls_neither_user_nor_group(self): - """ Test the api_modify_acls method of the flask api when neither - user nor group was set """ tests.create_projects(self.session) + repo_path = os.path.join(self.path, 'repos') + self.git_path = os.path.join(repo_path, 'test.git') + tests.create_projects_git(repo_path, bare=True) + tests.add_content_git_repo(self.git_path) tests.create_tokens(self.session, project_id=None) tests.create_tokens_acl( - self.session, 'aaabbbcccddd', 'modify_project') - headers = {'Authorization': 'token aaabbbcccddd'} + self.session, 'aaabbbcccddd', 'commit_flag') + + def test_flag_commit_missing_status(self): + """ Test flagging a commit with missing precentage. """ + repo_obj = pygit2.Repository(self.git_path) + commit = repo_obj.revparse_single('HEAD') + headers = {'Authorization': 'token aaabbbcccddd'} data = { - 'acl': 'commit' + 'username': 'Jenkins', + 'comment': 'Tests passed', + 'url': 'http://jenkins.cloud.fedoraproject.org/', + 'uid': 'jenkins_build_pagure_100+seed', } output = self.app.post( - '/api/0/test/git/modifyacls', + '/api/0/test/c/%s/flag' % commit.oid.hex, headers=headers, data=data) self.assertEqual(output.status_code, 400) data = json.loads(output.get_data(as_text=True)) expected_output = { - 'error': 'Invalid or incomplete input submitted', - 'error_code': 'EINVALIDREQ', - 'errors': {'name': ['This field is required.'], - 'user_type': ['Not a valid choice']} + "error": "Invalid or incomplete input submitted", + "error_code": "EINVALIDREQ", + "errors": { + "status": [ + "Not a valid choice" + ] + } } self.assertEqual(data, expected_output) - def test_api_modify_acls_invalid_acl(self): - """ Test the api_modify_acls method of the flask api when the ACL - doesn't exist. Must be one of ticket, commit or admin. """ - tests.create_projects(self.session) - tests.create_tokens(self.session, project_id=None) - tests.create_tokens_acl( - self.session, 'aaabbbcccddd', 'modify_project') - headers = {'Authorization': 'token aaabbbcccddd'} + def test_flag_commit_missing_username(self): + """ Test flagging a commit with missing username. """ + repo_obj = pygit2.Repository(self.git_path) + commit = repo_obj.revparse_single('HEAD') + headers = {'Authorization': 'token aaabbbcccddd'} data = { - 'user_type': 'user', - 'name': 'bar', - 'acl': 'invalidacl' + 'percent': 100, + 'comment': 'Tests passed', + 'url': 'http://jenkins.cloud.fedoraproject.org/', + 'uid': 'jenkins_build_pagure_100+seed', + 'status': 'success', } output = self.app.post( - '/api/0/test/git/modifyacls', + '/api/0/test/c/%s/flag' % commit.oid.hex, headers=headers, data=data) self.assertEqual(output.status_code, 400) data = json.loads(output.get_data(as_text=True)) expected_output = { - 'error': 'Invalid or incomplete input submitted', - 'error_code': 'EINVALIDREQ', - 'errors': { - 'acl': ['Not a valid choice'] - } + "error": "Invalid or incomplete input submitted", + "error_code": "EINVALIDREQ", + "errors": { + "username": [ + "This field is required." + ] + } } self.assertEqual(data, expected_output) - def test_api_modify_acls_user(self): - """ Test the api_modify_acls method of the flask api for - setting an ACL for a user. """ - tests.create_projects(self.session) - tests.create_tokens(self.session, project_id=None) - tests.create_tokens_acl( - self.session, 'aaabbbcccddd', 'modify_project') - headers = {'Authorization': 'token aaabbbcccddd'} + def test_flag_commit_missing_comment(self): + """ Test flagging a commit with missing comment. """ + repo_obj = pygit2.Repository(self.git_path) + commit = repo_obj.revparse_single('HEAD') + headers = {'Authorization': 'token aaabbbcccddd'} data = { - 'user_type': 'user', - 'name': 'foo', - 'acl': 'commit' + 'username': 'Jenkins', + 'percent': 100, + 'url': 'http://jenkins.cloud.fedoraproject.org/', + 'uid': 'jenkins_build_pagure_100+seed', + 'status': 'success', } output = self.app.post( - '/api/0/test/git/modifyacls', + '/api/0/test/c/%s/flag' % commit.oid.hex, headers=headers, data=data) - self.assertEqual(output.status_code, 200) + self.assertEqual(output.status_code, 400) data = json.loads(output.get_data(as_text=True)) - data['date_created'] = '1510742565' - data['date_modified'] = '1510742566' - expected_output = { - 'access_groups': {'admin': [], 'commit': [], 'ticket': []}, - 'access_users': {'admin': [], - 'commit': ['foo'], - 'owner': ['pingou'], - 'ticket': []}, - 'close_status': - ['Invalid', 'Insufficient data', 'Fixed', 'Duplicate'], - 'custom_keys': [], - 'date_created': '1510742565', - 'date_modified': '1510742566', - 'description': 'test project #1', - 'fullname': 'test', - 'id': 1, - 'milestones': {}, - 'name': 'test', - 'namespace': None, - 'parent': None, - 'priorities': {}, - 'tags': [], - 'url_path': 'test', - 'user': {'fullname': 'PY C', 'name': 'pingou'} + "error": "Invalid or incomplete input submitted", + "error_code": "EINVALIDREQ", + "errors": { + "comment": [ + "This field is required." + ] + } + } + self.assertEqual(data, expected_output) + + def test_flag_commit_missing_url(self): + """ Test flagging a commit with missing url. """ + repo_obj = pygit2.Repository(self.git_path) + commit = repo_obj.revparse_single('HEAD') + + headers = {'Authorization': 'token aaabbbcccddd'} + data = { + 'username': 'Jenkins', + 'percent': 100, + 'comment': 'Tests passed', + 'uid': 'jenkins_build_pagure_100+seed', + 'status': 'success', + } + output = self.app.post( + '/api/0/test/c/%s/flag' % commit.oid.hex, + headers=headers, data=data) + self.assertEqual(output.status_code, 400) + data = json.loads(output.get_data(as_text=True)) + expected_output = { + "error": "Invalid or incomplete input submitted", + "error_code": "EINVALIDREQ", + "errors": { + "url": [ + "This field is required." + ] + } + } + self.assertEqual(data, expected_output) + + def test_flag_commit_invalid_token(self): + """ Test flagging a commit with missing info. """ + repo_obj = pygit2.Repository(self.git_path) + commit = repo_obj.revparse_single('HEAD') + + headers = {'Authorization': 'token 123'} + data = { + 'username': 'Jenkins', + 'percent': 100, + 'comment': 'Tests passed', + 'url': 'http://jenkins.cloud.fedoraproject.org/', + 'uid': 'jenkins_build_pagure_100+seed', + } + output = self.app.post( + '/api/0/test/c/%s/flag' % commit.oid.hex, + headers=headers, data=data) + self.assertEqual(output.status_code, 401) + data = json.loads(output.get_data(as_text=True)) + self.assertEqual(sorted(data.keys()), ['error', 'error_code']) + self.assertEqual( + pagure.api.APIERROR.EINVALIDTOK.value, data['error']) + self.assertEqual( + pagure.api.APIERROR.EINVALIDTOK.name, data['error_code']) + + def test_flag_commit_invalid_status(self): + """ Test flagging a commit with an invalid status. """ + repo_obj = pygit2.Repository(self.git_path) + commit = repo_obj.revparse_single('HEAD') + + headers = {'Authorization': 'token aaabbbcccddd'} + data = { + 'username': 'Jenkins', + 'percent': 100, + 'comment': 'Tests passed', + 'url': 'http://jenkins.cloud.fedoraproject.org/', + 'status': 'foobar', + } + output = self.app.post( + '/api/0/test/c/%s/flag' % commit.oid.hex, + headers=headers, data=data) + self.assertEqual(output.status_code, 400) + data = json.loads(output.get_data(as_text=True)) + self.assertEqual( + data, + { + 'errors': {'status': ['Not a valid choice']}, + 'error_code': 'EINVALIDREQ', + 'error': 'Invalid or incomplete input submitted' + } + ) + + def test_flag_commit_with_uid(self): + """ Test flagging a commit with provided uid. """ + repo_obj = pygit2.Repository(self.git_path) + commit = repo_obj.revparse_single('HEAD') + + headers = {'Authorization': 'token aaabbbcccddd'} + data = { + 'username': 'Jenkins', + 'percent': 100, + 'comment': 'Tests passed', + 'url': 'http://jenkins.cloud.fedoraproject.org/', + 'uid': 'jenkins_build_pagure_100+seed', + 'status': 'success', + } + output = self.app.post( + '/api/0/test/c/%s/flag' % commit.oid.hex, + headers=headers, data=data) + self.assertEqual(output.status_code, 200) + data = json.loads(output.get_data(as_text=True)) + data['flag']['date_created'] = '1510742565' + data['flag']['commit_hash'] = '62b49f00d489452994de5010565fab81' + expected_output = { + 'flag': { + 'comment': 'Tests passed', + 'commit_hash': '62b49f00d489452994de5010565fab81', + 'date_created': '1510742565', + 'percent': 100, + 'status': 'success', + 'url': 'http://jenkins.cloud.fedoraproject.org/', + 'user': { + 'default_email': 'bar@pingou.com', + 'emails': ['bar@pingou.com', 'foo@pingou.com'], + 'fullname': 'PY C', + 'name': 'pingou'}, + 'username': 'Jenkins' + }, + 'message': 'Flag added', + 'uid': 'jenkins_build_pagure_100+seed' + } + + self.assertEqual(data, expected_output) + + @patch('pagure.lib.notify.send_email') + def test_flag_commit_without_uid(self, mock_email): + """ Test flagging a commit with missing info. + + Also ensure notifications aren't sent when they are not asked for. + """ + repo_obj = pygit2.Repository(self.git_path) + commit = repo_obj.revparse_single('HEAD') + + headers = {'Authorization': 'token aaabbbcccddd'} + data = { + 'username': 'Jenkins', + 'percent': 100, + 'comment': 'Tests passed', + 'url': 'http://jenkins.cloud.fedoraproject.org/', + 'status': 'success', + } + output = self.app.post( + '/api/0/test/c/%s/flag' % commit.oid.hex, + headers=headers, data=data) + self.assertEqual(output.status_code, 200) + data = json.loads(output.get_data(as_text=True)) + self.assertNotEqual( + data['uid'], + 'jenkins_build_pagure_100+seed' + ) + data['flag']['date_created'] = '1510742565' + data['uid'] = 'b1de8f80defd4a81afe2e09f39678087' + expected_output = { + 'flag': { + 'comment': 'Tests passed', + 'commit_hash': commit.oid.hex, + 'date_created': '1510742565', + 'percent': 100, + 'status': 'success', + 'url': 'http://jenkins.cloud.fedoraproject.org/', + 'user': { + 'default_email': 'bar@pingou.com', + 'emails': ['bar@pingou.com', 'foo@pingou.com'], + 'fullname': 'PY C', + 'name': 'pingou'}, + 'username': 'Jenkins' + }, + 'message': 'Flag added', + 'uid': 'b1de8f80defd4a81afe2e09f39678087' + } + self.assertEqual(data, expected_output) + + mock_email.assert_not_called() + + @patch('pagure.lib.notify.send_email') + def test_flag_commit_with_notification(self, mock_email): + """ Test flagging a commit with notification enabled. """ + + # Enable commit notifications + repo = pagure.lib.get_authorized_project(self.session, 'test') + settings = repo.settings + settings['notify_on_commit_flag'] = True + repo.settings = settings + self.session.add(repo) + self.session.commit() + + repo_obj = pygit2.Repository(self.git_path) + commit = repo_obj.revparse_single('HEAD') + + headers = {'Authorization': 'token aaabbbcccddd'} + data = { + 'username': 'Jenkins', + 'percent': 100, + 'comment': 'Tests passed', + 'url': 'http://jenkins.cloud.fedoraproject.org/', + 'status': 'success', + } + output = self.app.post( + '/api/0/test/c/%s/flag' % commit.oid.hex, + headers=headers, data=data) + self.assertEqual(output.status_code, 200) + data = json.loads(output.get_data(as_text=True)) + self.assertNotEqual( + data['uid'], + 'jenkins_build_pagure_100+seed' + ) + data['flag']['date_created'] = '1510742565' + data['uid'] = 'b1de8f80defd4a81afe2e09f39678087' + expected_output = { + 'flag': { + 'comment': 'Tests passed', + 'commit_hash': commit.oid.hex, + 'date_created': '1510742565', + 'percent': 100, + 'status': 'success', + 'url': 'http://jenkins.cloud.fedoraproject.org/', + 'user': { + 'default_email': 'bar@pingou.com', + 'emails': ['bar@pingou.com', 'foo@pingou.com'], + 'fullname': 'PY C', + 'name': 'pingou'}, + 'username': 'Jenkins' + }, + 'message': 'Flag added', + 'uid': 'b1de8f80defd4a81afe2e09f39678087' + } + self.assertEqual(data, expected_output) + + mock_email.assert_called_once_with( + '\nJenkins flagged the commit ' + '`' + commit.oid.hex + '` as success: ' + 'Tests passed\n\n' + 'http://localhost.localdomain/test/c/' + commit.oid.hex + '\n', + 'Coommit #' + commit.oid.hex + ' - Jenkins: success', + 'bar@pingou.com', + in_reply_to='test-project-1', + mail_id='test-commit-1-1', + project_name='test', + user_from='Jenkins' + ) + + @patch.dict('pagure.config.config', + { + 'FLAG_STATUSES_LABELS': + { + 'pend!': 'label-info', + 'succeed!': 'label-success', + 'fail!': 'label-danger', + 'what?': 'label-warning', + }, + 'FLAG_PENDING': 'pend!', + 'FLAG_SUCCESS': 'succeed!', + 'FLAG_FAILURE': 'fail!', + }) + def test_flag_commit_with_custom_flags(self): + """ Test flagging when custom flags are set up + """ + repo_obj = pygit2.Repository(self.git_path) + commit = repo_obj.revparse_single('HEAD') + + headers = {'Authorization': 'token aaabbbcccddd'} + send_data = { + 'username': 'Jenkins', + 'percent': 100, + 'comment': 'Tests passed', + 'url': 'http://jenkins.cloud.fedoraproject.org/', + 'status': 'succeed!', + } + output = self.app.post( + '/api/0/test/c/%s/flag' % commit.oid.hex, + headers=headers, data=send_data) + self.assertEqual(output.status_code, 200) + data = json.loads(output.get_data(as_text=True)) + self.assertEqual(data['flag']['status'], 'succeed!') + + # Try invalid flag status + send_data['status'] = 'nooooo....' + output = self.app.post( + '/api/0/test/c/%s/flag' % commit.oid.hex, + headers=headers, data=send_data) + self.assertEqual(output.status_code, 400) + data = json.loads(output.get_data(as_text=True)) + self.assertEqual( + data, + { + 'errors': {'status': ['Not a valid choice']}, + 'error_code': 'EINVALIDREQ', + 'error': 'Invalid or incomplete input submitted' + } + ) + + def test_commit_flags(self): + """ Test retrieving commit flags. """ + repo = pagure.lib.get_authorized_project(self.session, 'test') + repo_obj = pygit2.Repository(self.git_path) + commit = repo_obj.revparse_single('HEAD') + + # test with no flags + output = self.app.get('/api/0/test/c/%s/flag' % commit.oid.hex) + self.assertEqual(json.loads(output.get_data(as_text=True)), {'total_flags': 0, 'flags': []}) + self.assertEqual(output.status_code, 200) + + # add some flags and retrieve them + pagure.lib.add_commit_flag( + session=self.session, + repo=repo, + commit_hash=commit.oid.hex, + username='simple-koji-ci', + status='pending', + percent=None, + comment='Build is running', + url='https://koji.fp.o/koji...', + uid='uid', + user='foo', + token='aaabbbcccddd' + ) + + pagure.lib.add_commit_flag( + session=self.session, + repo=repo, + commit_hash=commit.oid.hex, + username='complex-koji-ci', + status='success', + percent=None, + comment='Build succeeded', + url='https://koji.fp.o/koji...', + uid='uid2', + user='foo', + token='aaabbbcccddd' + ) + self.session.commit() + + output = self.app.get('/api/0/test/c/%s/flag' % commit.oid.hex) + data = json.loads(output.get_data(as_text=True)) + + for f in data['flags']: + f['date_created'] = '1510742565' + f['commit_hash'] = '62b49f00d489452994de5010565fab81' + expected_output = { + "flags": [ + { + "comment": "Build is running", + "commit_hash": "62b49f00d489452994de5010565fab81", + "date_created": "1510742565", + "percent": None, + "status": "pending", + "url": "https://koji.fp.o/koji...", + "user": { + "fullname": "foo bar", + "name": "foo" + }, + "username": "simple-koji-ci" + }, + { + "comment": "Build succeeded", + "commit_hash": "62b49f00d489452994de5010565fab81", + "date_created": "1510742565", + "percent": None, + "status": "success", + "url": "https://koji.fp.o/koji...", + "user": { + "fullname": "foo bar", + "name": "foo" + }, + "username": "complex-koji-ci" + } + ], + "total_flags": 2 } + self.assertEqual(data, expected_output) - def test_api_modify_acls_group(self): - """ Test the api_modify_acls method of the flask api for - setting an ACL for a group. """ + +class PagureFlaskApiProjectModifyAclTests(tests.Modeltests): + """ Tests for the flask API of pagure for modifying ACLs in a project + """ + + maxDiff = None + + def setUp(self): + """ Set up the environnment, ran before every tests. """ + super(PagureFlaskApiProjectModifyAclTests, self).setUp() tests.create_projects(self.session) tests.create_tokens(self.session, project_id=None) tests.create_tokens_acl( self.session, 'aaabbbcccddd', 'modify_project') - headers = {'Authorization': 'token aaabbbcccddd'} - # Create a group - msg = pagure.lib.add_group( - self.session, - group_name='baz', - display_name='baz group', - description=None, - group_type='bar', - user='foo', - is_admin=False, - blacklist=[], + project = pagure.lib._get_project(self.session, 'test') + self.assertEquals( + project.access_users, + {u'admin': [], u'commit': [], u'ticket': []} ) - self.session.commit() - self.assertEqual(msg, 'User `foo` added to the group `baz`.') + + def test_api_modify_acls_no_project(self): + """ Test the api_modify_acls method of the flask api when the project + doesn't exist """ + headers = {'Authorization': 'token aaabbbcccddd'} data = { - 'user_type': 'group', - 'name': 'baz', - 'acl': 'ticket' + 'user_type': 'user', + 'name': 'bar', + 'acl': 'commit' } output = self.app.post( - '/api/0/test/git/modifyacls', + '/api/0/test12345123/git/modifyacls', headers=headers, data=data) - - self.assertEqual(output.status_code, 200) + self.assertEqual(output.status_code, 404) data = json.loads(output.get_data(as_text=True)) - data['date_created'] = '1510742565' - data['date_modified'] = '1510742566' - expected_output = { - 'access_groups': { - 'admin': [], - 'commit': [], - 'ticket': ['baz'] - }, - 'access_users': { - 'admin': [], - 'commit': [], - 'owner': ['pingou'], - 'ticket': [] - }, - 'close_status': [ - 'Invalid', - 'Insufficient data', - 'Fixed', - 'Duplicate' - ], - 'custom_keys': [], - 'date_created': '1510742565', - 'date_modified': '1510742566', - 'description': 'test project #1', - 'fullname': 'test', - 'id': 1, - 'milestones': {}, - 'name': 'test', - 'namespace': None, - 'parent': None, - 'priorities': {}, - 'tags': [], - 'url_path': 'test', - 'user': {'fullname': 'PY C', 'name': 'pingou'} + 'error_code': 'ENOPROJECT', + 'error': 'Project not found' } self.assertEqual(data, expected_output) - def test_api_new_git_branch(self): - """ Test the api_new_branch method of the flask api """ - tests.create_projects(self.session) - repo_path = os.path.join(self.path, 'repos') - tests.create_projects_git(repo_path, bare=True) - tests.add_content_git_repo(os.path.join(repo_path, 'test.git')) - tests.create_tokens(self.session, project_id=None) - tests.create_tokens_acl( - self.session, 'aaabbbcccddd', 'create_branch') + def test_api_modify_acls_no_user(self): + """ Test the api_modify_acls method of the flask api when the user + doesn't exist """ headers = {'Authorization': 'token aaabbbcccddd'} - args = {'branch': 'test123'} - output = self.app.post('/api/0/test/git/branch', headers=headers, - data=args) - self.assertEqual(output.status_code, 200) - data = json.loads(output.get_data(as_text=True)) - expected_output = { - 'message': 'Project branch was created', - } - self.assertEqual(data, expected_output) - git_path = os.path.join(self.path, 'repos', 'test.git') - repo_obj = pygit2.Repository(git_path) - self.assertIn('test123', repo_obj.listall_branches()) - - def test_api_new_git_branch_json(self): - """ Test the api_new_branch method of the flask api """ - tests.create_projects(self.session) - repo_path = os.path.join(self.path, 'repos') - tests.create_projects_git(repo_path, bare=True) - tests.add_content_git_repo(os.path.join(repo_path, 'test.git')) - tests.create_tokens(self.session, project_id=None) - tests.create_tokens_acl( - self.session, 'aaabbbcccddd', 'create_branch') - headers = {'Authorization': 'token aaabbbcccddd', - 'Content-Type': 'application/json'} - args = {'branch': 'test123'} - output = self.app.post('/api/0/test/git/branch', headers=headers, - data=json.dumps(args)) - self.assertEqual(output.status_code, 200) - data = json.loads(output.get_data(as_text=True)) - expected_output = { - 'message': 'Project branch was created', - } - self.assertEqual(data, expected_output) - git_path = os.path.join(self.path, 'repos', 'test.git') - repo_obj = pygit2.Repository(git_path) - self.assertIn('test123', repo_obj.listall_branches()) - def test_api_new_git_branch_from_branch(self): - """ Test the api_new_branch method of the flask api """ - tests.create_projects(self.session) - repo_path = os.path.join(self.path, 'repos') - tests.create_projects_git(repo_path, bare=True) - tests.add_content_git_repo(os.path.join(repo_path, 'test.git')) - tests.create_tokens(self.session, project_id=None) - tests.create_tokens_acl( - self.session, 'aaabbbcccddd', 'create_branch') - git_path = os.path.join(self.path, 'repos', 'test.git') - repo_obj = pygit2.Repository(git_path) - parent = pagure.lib.git.get_branch_ref(repo_obj, 'master').get_object() - repo_obj.create_branch('dev123', parent) - headers = {'Authorization': 'token aaabbbcccddd'} - args = {'branch': 'test123', 'from_branch': 'dev123'} - output = self.app.post('/api/0/test/git/branch', headers=headers, - data=args) - self.assertEqual(output.status_code, 200) - data = json.loads(output.get_data(as_text=True)) - expected_output = { - 'message': 'Project branch was created', + data = { + 'user_type': 'user', + 'name': 'nosuchuser', + 'acl': 'commit' } - self.assertEqual(data, expected_output) - self.assertIn('test123', repo_obj.listall_branches()) - - def test_api_new_git_branch_already_exists(self): - """ Test the api_new_branch method of the flask api when branch already - exists """ - tests.create_projects(self.session) - repo_path = os.path.join(self.path, 'repos') - tests.create_projects_git(repo_path, bare=True) - tests.add_content_git_repo(os.path.join(repo_path, 'test.git')) - tests.create_tokens(self.session, project_id=None) - tests.create_tokens_acl( - self.session, 'aaabbbcccddd', 'create_branch') - headers = {'Authorization': 'token aaabbbcccddd'} - args = {'branch': 'master'} - output = self.app.post('/api/0/test/git/branch', headers=headers, - data=args) - self.assertEqual(output.status_code, 400) + output = self.app.post( + '/api/0/test/git/modifyacls', + headers=headers, data=data) + self.assertEqual(output.status_code, 404) data = json.loads(output.get_data(as_text=True)) expected_output = { - 'error': 'The branch "master" already exists', - 'error_code': 'ENOCODE' + 'error': 'No such user found', + 'error_code': u'ENOUSER' } self.assertEqual(data, expected_output) - def test_api_new_git_branch_from_commit(self): - """ Test the api_new_branch method of the flask api """ - tests.create_projects(self.session) - repos_path = os.path.join(self.path, 'repos') - tests.create_projects_git(repos_path, bare=True) - git_path = os.path.join(repos_path, 'test.git') - tests.add_content_git_repo(git_path) - tests.create_tokens(self.session, project_id=None) - tests.create_tokens_acl( - self.session, 'aaabbbcccddd', 'create_branch') - repo_obj = pygit2.Repository(git_path) - from_commit = repo_obj.revparse_single('HEAD').oid.hex + def test_api_modify_acls_no_group(self): + """ Test the api_modify_acls method of the flask api when the group + doesn't exist """ headers = {'Authorization': 'token aaabbbcccddd'} - args = {'branch': 'test123', 'from_commit': from_commit} - output = self.app.post('/api/0/test/git/branch', headers=headers, - data=args) - self.assertEqual(output.status_code, 200) - data = json.loads(output.get_data(as_text=True)) - expected_output = { - 'message': 'Project branch was created', - } - self.assertEqual(data, expected_output) - self.assertIn('test123', repo_obj.listall_branches()) - - -class PagureFlaskApiProjectFlagtests(tests.Modeltests): - """ Tests for the flask API of pagure for flagging commit in project - """ - - def setUp(self): - """ Set up the environnment, ran before every tests. """ - super(PagureFlaskApiProjectFlagtests, self).setUp() - - tests.create_projects(self.session) - repo_path = os.path.join(self.path, 'repos') - self.git_path = os.path.join(repo_path, 'test.git') - tests.create_projects_git(repo_path, bare=True) - tests.add_content_git_repo(self.git_path) - tests.create_tokens(self.session, project_id=None) - tests.create_tokens_acl( - self.session, 'aaabbbcccddd', 'commit_flag') - - def test_flag_commit_missing_status(self): - """ Test flagging a commit with missing precentage. """ - repo_obj = pygit2.Repository(self.git_path) - commit = repo_obj.revparse_single('HEAD') - headers = {'Authorization': 'token aaabbbcccddd'} data = { - 'username': 'Jenkins', - 'comment': 'Tests passed', - 'url': 'http://jenkins.cloud.fedoraproject.org/', - 'uid': 'jenkins_build_pagure_100+seed', + 'user_type': 'group', + 'name': 'nosuchgroup', + 'acl': 'commit' } output = self.app.post( - '/api/0/test/c/%s/flag' % commit.oid.hex, + '/api/0/test/git/modifyacls', headers=headers, data=data) - self.assertEqual(output.status_code, 400) + self.assertEqual(output.status_code, 404) data = json.loads(output.get_data(as_text=True)) expected_output = { - "error": "Invalid or incomplete input submitted", - "error_code": "EINVALIDREQ", - "errors": { - "status": [ - "Not a valid choice" - ] - } + 'error': 'Group not found', + 'error_code': 'ENOGROUP' } self.assertEqual(data, expected_output) - def test_flag_commit_missing_username(self): - """ Test flagging a commit with missing username. """ - repo_obj = pygit2.Repository(self.git_path) - commit = repo_obj.revparse_single('HEAD') + def test_api_modify_acls_no_permission(self): + """ Test the api_modify_acls method of the flask api when the user + doesn't have permissions """ + item = pagure.lib.model.Token( + id='foo_token2', + user_id=2, + project_id=None, + expiration=datetime.datetime.utcnow() + + datetime.timedelta(days=30) + ) + self.session.add(item) + self.session.commit() + tests.create_tokens_acl( + self.session, 'foo_token2', 'modify_project') + + headers = {'Authorization': 'token foo_token2'} - headers = {'Authorization': 'token aaabbbcccddd'} data = { - 'percent': 100, - 'comment': 'Tests passed', - 'url': 'http://jenkins.cloud.fedoraproject.org/', - 'uid': 'jenkins_build_pagure_100+seed', - 'status': 'success', + 'user_type': 'user', + 'name': 'foo', + 'acl': 'commit' } output = self.app.post( - '/api/0/test/c/%s/flag' % commit.oid.hex, + '/api/0/test/git/modifyacls', headers=headers, data=data) - self.assertEqual(output.status_code, 400) + self.assertEqual(output.status_code, 401) data = json.loads(output.get_data(as_text=True)) expected_output = { - "error": "Invalid or incomplete input submitted", - "error_code": "EINVALIDREQ", - "errors": { - "username": [ - "This field is required." - ] - } + 'error': 'You are not allowed to modify this project', + 'error_code': 'EMODIFYPROJECTNOTALLOWED' } self.assertEqual(data, expected_output) - def test_flag_commit_missing_comment(self): - """ Test flagging a commit with missing comment. """ - repo_obj = pygit2.Repository(self.git_path) - commit = repo_obj.revparse_single('HEAD') - + def test_api_modify_acls_neither_user_nor_group(self): + """ Test the api_modify_acls method of the flask api when neither + user nor group was set """ headers = {'Authorization': 'token aaabbbcccddd'} + data = { - 'username': 'Jenkins', - 'percent': 100, - 'url': 'http://jenkins.cloud.fedoraproject.org/', - 'uid': 'jenkins_build_pagure_100+seed', - 'status': 'success', + 'acl': 'commit' } output = self.app.post( - '/api/0/test/c/%s/flag' % commit.oid.hex, + '/api/0/test/git/modifyacls', headers=headers, data=data) self.assertEqual(output.status_code, 400) data = json.loads(output.get_data(as_text=True)) expected_output = { - "error": "Invalid or incomplete input submitted", - "error_code": "EINVALIDREQ", - "errors": { - "comment": [ - "This field is required." - ] - } + 'error': 'Invalid or incomplete input submitted', + 'error_code': 'EINVALIDREQ', + 'errors': {'name': ['This field is required.'], + 'user_type': ['Not a valid choice']} } self.assertEqual(data, expected_output) - def test_flag_commit_missing_url(self): - """ Test flagging a commit with missing url. """ - repo_obj = pygit2.Repository(self.git_path) - commit = repo_obj.revparse_single('HEAD') - + def test_api_modify_acls_invalid_acl(self): + """ Test the api_modify_acls method of the flask api when the ACL + doesn't exist. Must be one of ticket, commit or admin. """ headers = {'Authorization': 'token aaabbbcccddd'} + data = { - 'username': 'Jenkins', - 'percent': 100, - 'comment': 'Tests passed', - 'uid': 'jenkins_build_pagure_100+seed', - 'status': 'success', + 'user_type': 'user', + 'name': 'bar', + 'acl': 'invalidacl' } output = self.app.post( - '/api/0/test/c/%s/flag' % commit.oid.hex, + '/api/0/test/git/modifyacls', headers=headers, data=data) self.assertEqual(output.status_code, 400) data = json.loads(output.get_data(as_text=True)) expected_output = { - "error": "Invalid or incomplete input submitted", - "error_code": "EINVALIDREQ", - "errors": { - "url": [ - "This field is required." - ] - } + 'error': 'Invalid or incomplete input submitted', + 'error_code': 'EINVALIDREQ', + 'errors': { + 'acl': ['Not a valid choice'] + } } self.assertEqual(data, expected_output) - def test_flag_commit_invalid_token(self): - """ Test flagging a commit with missing info. """ - repo_obj = pygit2.Repository(self.git_path) - commit = repo_obj.revparse_single('HEAD') + def test_api_modify_acls_user(self): + """ Test the api_modify_acls method of the flask api for + setting an ACL for a user. """ + headers = {'Authorization': 'token aaabbbcccddd'} - headers = {'Authorization': 'token 123'} data = { - 'username': 'Jenkins', - 'percent': 100, - 'comment': 'Tests passed', - 'url': 'http://jenkins.cloud.fedoraproject.org/', - 'uid': 'jenkins_build_pagure_100+seed', + 'user_type': 'user', + 'name': 'foo', + 'acl': 'commit' } output = self.app.post( - '/api/0/test/c/%s/flag' % commit.oid.hex, + '/api/0/test/git/modifyacls', headers=headers, data=data) - self.assertEqual(output.status_code, 401) + self.assertEqual(output.status_code, 200) data = json.loads(output.get_data(as_text=True)) - self.assertEqual(sorted(data.keys()), ['error', 'error_code']) - self.assertEqual( - pagure.api.APIERROR.EINVALIDTOK.value, data['error']) - self.assertEqual( - pagure.api.APIERROR.EINVALIDTOK.name, data['error_code']) + data['date_created'] = '1510742565' + data['date_modified'] = '1510742566' - def test_flag_commit_invalid_status(self): - """ Test flagging a commit with an invalid status. """ - repo_obj = pygit2.Repository(self.git_path) - commit = repo_obj.revparse_single('HEAD') + expected_output = { + 'access_groups': {'admin': [], 'commit': [], 'ticket': []}, + 'access_users': {'admin': [], + 'commit': ['foo'], + 'owner': ['pingou'], + 'ticket': []}, + 'close_status': + ['Invalid', 'Insufficient data', 'Fixed', 'Duplicate'], + 'custom_keys': [], + 'date_created': '1510742565', + 'date_modified': '1510742566', + 'description': 'test project #1', + 'fullname': 'test', + 'id': 1, + 'milestones': {}, + 'name': 'test', + 'namespace': None, + 'parent': None, + 'priorities': {}, + 'tags': [], + 'url_path': 'test', + 'user': {'fullname': 'PY C', 'name': 'pingou'} + } + self.assertEqual(data, expected_output) + def test_api_modify_acls_group(self): + """ Test the api_modify_acls method of the flask api for + setting an ACL for a group. """ headers = {'Authorization': 'token aaabbbcccddd'} - data = { - 'username': 'Jenkins', - 'percent': 100, - 'comment': 'Tests passed', - 'url': 'http://jenkins.cloud.fedoraproject.org/', - 'status': 'foobar', - } - output = self.app.post( - '/api/0/test/c/%s/flag' % commit.oid.hex, - headers=headers, data=data) - self.assertEqual(output.status_code, 400) - data = json.loads(output.get_data(as_text=True)) - self.assertEqual( - data, - { - 'errors': {'status': ['Not a valid choice']}, - 'error_code': 'EINVALIDREQ', - 'error': 'Invalid or incomplete input submitted' - } - ) - def test_flag_commit_with_uid(self): - """ Test flagging a commit with provided uid. """ - repo_obj = pygit2.Repository(self.git_path) - commit = repo_obj.revparse_single('HEAD') + # Create a group + msg = pagure.lib.add_group( + self.session, + group_name='baz', + display_name='baz group', + description=None, + group_type='bar', + user='foo', + is_admin=False, + blacklist=[], + ) + self.session.commit() + self.assertEqual(msg, 'User `foo` added to the group `baz`.') - headers = {'Authorization': 'token aaabbbcccddd'} data = { - 'username': 'Jenkins', - 'percent': 100, - 'comment': 'Tests passed', - 'url': 'http://jenkins.cloud.fedoraproject.org/', - 'uid': 'jenkins_build_pagure_100+seed', - 'status': 'success', + 'user_type': 'group', + 'name': 'baz', + 'acl': 'ticket' } output = self.app.post( - '/api/0/test/c/%s/flag' % commit.oid.hex, + '/api/0/test/git/modifyacls', headers=headers, data=data) + self.assertEqual(output.status_code, 200) data = json.loads(output.get_data(as_text=True)) - data['flag']['date_created'] = '1510742565' - data['flag']['commit_hash'] = '62b49f00d489452994de5010565fab81' + data['date_created'] = '1510742565' + data['date_modified'] = '1510742566' + expected_output = { - 'flag': { - 'comment': 'Tests passed', - 'commit_hash': '62b49f00d489452994de5010565fab81', - 'date_created': '1510742565', - 'percent': 100, - 'status': 'success', - 'url': 'http://jenkins.cloud.fedoraproject.org/', - 'user': { - 'default_email': 'bar@pingou.com', - 'emails': ['bar@pingou.com', 'foo@pingou.com'], - 'fullname': 'PY C', - 'name': 'pingou'}, - 'username': 'Jenkins' + 'access_groups': { + 'admin': [], + 'commit': [], + 'ticket': ['baz'] }, - 'message': 'Flag added', - 'uid': 'jenkins_build_pagure_100+seed' + 'access_users': { + 'admin': [], + 'commit': [], + 'owner': ['pingou'], + 'ticket': [] + }, + 'close_status': [ + 'Invalid', + 'Insufficient data', + 'Fixed', + 'Duplicate' + ], + 'custom_keys': [], + 'date_created': '1510742565', + 'date_modified': '1510742566', + 'description': 'test project #1', + 'fullname': 'test', + 'id': 1, + 'milestones': {}, + 'name': 'test', + 'namespace': None, + 'parent': None, + 'priorities': {}, + 'tags': [], + 'url_path': 'test', + 'user': {'fullname': 'PY C', 'name': 'pingou'} + } + self.assertEqual(data, expected_output) + + def test_api_modify_acls_no_acl(self): + """ Test the api_modify_acls method of the flask api when no ACL + are specified. """ + headers = {'Authorization': 'token aaabbbcccddd'} + + project = pagure.lib._get_project(self.session, 'test') + self.assertEquals( + project.access_users, + {u'admin': [], u'commit': [], u'ticket': []} + ) + + data = { + 'user_type': 'user', + 'name': 'foo', + } + output = self.app.post( + '/api/0/test/git/modifyacls', headers=headers, data=data) + self.assertEqual(output.status_code, 400) + data = json.loads(output.get_data(as_text=True)) + expected_output = { + "error": "Invalid or incomplete input submitted", + "error_code": "EINVALIDREQ", + "errors": "User does not have any access on the repo" } self.assertEqual(data, expected_output) - @patch('pagure.lib.notify.send_email') - def test_flag_commit_without_uid(self, mock_email): - """ Test flagging a commit with missing info. - - Also ensure notifications aren't sent when they are not asked for. - """ - repo_obj = pygit2.Repository(self.git_path) - commit = repo_obj.revparse_single('HEAD') - + def test_api_modify_acls_remove_own_acl_no_access(self): + """ Test the api_modify_acls method of the flask api when no ACL + are specified, so the user tries to remove their own access but the + user is the project owner. """ headers = {'Authorization': 'token aaabbbcccddd'} + data = { - 'username': 'Jenkins', - 'percent': 100, - 'comment': 'Tests passed', - 'url': 'http://jenkins.cloud.fedoraproject.org/', - 'status': 'success', + 'user_type': 'user', + 'name': 'pingou', } output = self.app.post( - '/api/0/test/c/%s/flag' % commit.oid.hex, - headers=headers, data=data) - self.assertEqual(output.status_code, 200) + '/api/0/test/git/modifyacls', headers=headers, data=data) + self.assertEqual(output.status_code, 400) data = json.loads(output.get_data(as_text=True)) - self.assertNotEqual( - data['uid'], - 'jenkins_build_pagure_100+seed' - ) - data['flag']['date_created'] = '1510742565' - data['uid'] = 'b1de8f80defd4a81afe2e09f39678087' expected_output = { - 'flag': { - 'comment': 'Tests passed', - 'commit_hash': commit.oid.hex, - 'date_created': '1510742565', - 'percent': 100, - 'status': 'success', - 'url': 'http://jenkins.cloud.fedoraproject.org/', - 'user': { - 'default_email': 'bar@pingou.com', - 'emails': ['bar@pingou.com', 'foo@pingou.com'], - 'fullname': 'PY C', - 'name': 'pingou'}, - 'username': 'Jenkins' - }, - 'message': 'Flag added', - 'uid': 'b1de8f80defd4a81afe2e09f39678087' + "error": "Invalid or incomplete input submitted", + "error_code": "EINVALIDREQ", + "errors": "User does not have any access on the repo" } + self.assertEqual(data, expected_output) - mock_email.assert_not_called() + def test_api_modify_acls_remove_own_acl_(self): + """ Test the api_modify_acls method of the flask api when no ACL + are specified, so the user tries to remove their own access but the + user is the project owner. """ + # Add the user `foo` to the project + self.test_api_modify_acls_user() - @patch('pagure.lib.notify.send_email') - def test_flag_commit_with_notification(self, mock_email): - """ Test flagging a commit with notification enabled. """ + # Ensure `foo` was properly added: + project = pagure.lib._get_project(self.session, 'test') + user_foo = pagure.lib.search_user(self.session, username='foo') + self.assertEquals( + project.access_users, + {u'admin': [], u'commit': [user_foo], u'ticket': []} + ) - # Enable commit notifications - repo = pagure.lib.get_authorized_project(self.session, 'test') - settings = repo.settings - settings['notify_on_commit_flag'] = True - repo.settings = settings - self.session.add(repo) + # Create an API token for `foo` for the project `test` + item = pagure.lib.model.Token( + id='foo_test_token', + user_id=2, # foo + project_id=1, # test + expiration=datetime.datetime.utcnow() + datetime.timedelta(days=10) + ) + self.session.add(item) self.session.commit() + tests.create_tokens_acl( + self.session, 'foo_test_token', 'modify_project') - repo_obj = pygit2.Repository(self.git_path) - commit = repo_obj.revparse_single('HEAD') + headers = {'Authorization': 'token foo_test_token'} - headers = {'Authorization': 'token aaabbbcccddd'} data = { - 'username': 'Jenkins', - 'percent': 100, - 'comment': 'Tests passed', - 'url': 'http://jenkins.cloud.fedoraproject.org/', - 'status': 'success', + 'user_type': 'user', + 'name': 'foo', } output = self.app.post( - '/api/0/test/c/%s/flag' % commit.oid.hex, - headers=headers, data=data) + '/api/0/test/git/modifyacls', headers=headers, data=data) self.assertEqual(output.status_code, 200) data = json.loads(output.get_data(as_text=True)) - self.assertNotEqual( - data['uid'], - 'jenkins_build_pagure_100+seed' - ) - data['flag']['date_created'] = '1510742565' - data['uid'] = 'b1de8f80defd4a81afe2e09f39678087' + data['date_created'] = '1510742565' + data['date_modified'] = '1510742566' + expected_output = { - 'flag': { - 'comment': 'Tests passed', - 'commit_hash': commit.oid.hex, - 'date_created': '1510742565', - 'percent': 100, - 'status': 'success', - 'url': 'http://jenkins.cloud.fedoraproject.org/', - 'user': { - 'default_email': 'bar@pingou.com', - 'emails': ['bar@pingou.com', 'foo@pingou.com'], - 'fullname': 'PY C', - 'name': 'pingou'}, - 'username': 'Jenkins' - }, - 'message': 'Flag added', - 'uid': 'b1de8f80defd4a81afe2e09f39678087' + "access_groups": { + "admin": [], + "commit": [], + "ticket": [] + }, + "access_users": { + "admin": [], + "commit": [], + "owner": [ + "pingou" + ], + "ticket": [] + }, + "close_status": [ + "Invalid", + "Insufficient data", + "Fixed", + "Duplicate" + ], + "custom_keys": [], + "date_created": "1510742565", + "date_modified": "1510742566", + "description": "test project #1", + "fullname": "test", + "id": 1, + "milestones": {}, + "name": "test", + "namespace": None, + "parent": None, + "priorities": {}, + "tags": [], + "url_path": "test", + "user": { + "fullname": "PY C", + "name": "pingou" + } } + self.assertEqual(data, expected_output) - mock_email.assert_called_once_with( - '\nJenkins flagged the commit ' - '`' + commit.oid.hex + '` as success: ' - 'Tests passed\n\n' - 'http://localhost.localdomain/test/c/' + commit.oid.hex + '\n', - 'Coommit #' + commit.oid.hex + ' - Jenkins: success', - 'bar@pingou.com', - in_reply_to='test-project-1', - mail_id='test-commit-1-1', - project_name='test', - user_from='Jenkins' + # Ensure `foo` was properly removed + self.session = pagure.lib.create_session(self.dbpath) + project = pagure.lib._get_project(self.session, 'test') + self.assertEquals( + project.access_users, + {u'admin': [], u'commit': [], u'ticket': []} ) - @patch.dict('pagure.config.config', - { - 'FLAG_STATUSES_LABELS': - { - 'pend!': 'label-info', - 'succeed!': 'label-success', - 'fail!': 'label-danger', - 'what?': 'label-warning', - }, - 'FLAG_PENDING': 'pend!', - 'FLAG_SUCCESS': 'succeed!', - 'FLAG_FAILURE': 'fail!', - }) - def test_flag_commit_with_custom_flags(self): - """ Test flagging when custom flags are set up - """ - repo_obj = pygit2.Repository(self.git_path) - commit = repo_obj.revparse_single('HEAD') + def test_api_modify_acls_remove_someone_else_acl(self): + """ Test the api_modify_acls method of the flask api an admin tries + to remove access from someone else. """ + # Add the user `foo` to the project + self.test_api_modify_acls_user() + + # Ensure `foo` was properly added: + project = pagure.lib._get_project(self.session, 'test') + user_foo = pagure.lib.search_user(self.session, username='foo') + self.assertEquals( + project.access_users, + {u'admin': [], u'commit': [user_foo], u'ticket': []} + ) headers = {'Authorization': 'token aaabbbcccddd'} - send_data = { - 'username': 'Jenkins', - 'percent': 100, - 'comment': 'Tests passed', - 'url': 'http://jenkins.cloud.fedoraproject.org/', - 'status': 'succeed!', + data = { + 'user_type': 'user', + 'name': 'foo', } output = self.app.post( - '/api/0/test/c/%s/flag' % commit.oid.hex, - headers=headers, data=send_data) - self.assertEqual(output.status_code, 200) - data = json.loads(output.get_data(as_text=True)) - self.assertEqual(data['flag']['status'], 'succeed!') - - # Try invalid flag status - send_data['status'] = 'nooooo....' - output = self.app.post( - '/api/0/test/c/%s/flag' % commit.oid.hex, - headers=headers, data=send_data) - self.assertEqual(output.status_code, 400) - data = json.loads(output.get_data(as_text=True)) - self.assertEqual( - data, - { - 'errors': {'status': ['Not a valid choice']}, - 'error_code': 'EINVALIDREQ', - 'error': 'Invalid or incomplete input submitted' - } - ) - - def test_commit_flags(self): - """ Test retrieving commit flags. """ - repo = pagure.lib.get_authorized_project(self.session, 'test') - repo_obj = pygit2.Repository(self.git_path) - commit = repo_obj.revparse_single('HEAD') - - # test with no flags - output = self.app.get('/api/0/test/c/%s/flag' % commit.oid.hex) - self.assertEqual(json.loads(output.get_data(as_text=True)), {'total_flags': 0, 'flags': []}) + '/api/0/test/git/modifyacls', headers=headers, data=data) self.assertEqual(output.status_code, 200) - - # add some flags and retrieve them - pagure.lib.add_commit_flag( - session=self.session, - repo=repo, - commit_hash=commit.oid.hex, - username='simple-koji-ci', - status='pending', - percent=None, - comment='Build is running', - url='https://koji.fp.o/koji...', - uid='uid', - user='foo', - token='aaabbbcccddd' - ) - - pagure.lib.add_commit_flag( - session=self.session, - repo=repo, - commit_hash=commit.oid.hex, - username='complex-koji-ci', - status='success', - percent=None, - comment='Build succeeded', - url='https://koji.fp.o/koji...', - uid='uid2', - user='foo', - token='aaabbbcccddd' - ) - self.session.commit() - - output = self.app.get('/api/0/test/c/%s/flag' % commit.oid.hex) data = json.loads(output.get_data(as_text=True)) + data['date_created'] = '1510742565' + data['date_modified'] = '1510742566' - for f in data['flags']: - f['date_created'] = '1510742565' - f['commit_hash'] = '62b49f00d489452994de5010565fab81' expected_output = { - "flags": [ - { - "comment": "Build is running", - "commit_hash": "62b49f00d489452994de5010565fab81", - "date_created": "1510742565", - "percent": None, - "status": "pending", - "url": "https://koji.fp.o/koji...", - "user": { - "fullname": "foo bar", - "name": "foo" - }, - "username": "simple-koji-ci" - }, - { - "comment": "Build succeeded", - "commit_hash": "62b49f00d489452994de5010565fab81", - "date_created": "1510742565", - "percent": None, - "status": "success", - "url": "https://koji.fp.o/koji...", - "user": { - "fullname": "foo bar", - "name": "foo" - }, - "username": "complex-koji-ci" - } + "access_groups": { + "admin": [], + "commit": [], + "ticket": [] + }, + "access_users": { + "admin": [], + "commit": [], + "owner": [ + "pingou" ], - "total_flags": 2 + "ticket": [] + }, + "close_status": [ + "Invalid", + "Insufficient data", + "Fixed", + "Duplicate" + ], + "custom_keys": [], + "date_created": "1510742565", + "date_modified": "1510742566", + "description": "test project #1", + "fullname": "test", + "id": 1, + "milestones": {}, + "name": "test", + "namespace": None, + "parent": None, + "priorities": {}, + "tags": [], + "url_path": "test", + "user": { + "fullname": "PY C", + "name": "pingou" + } } self.assertEqual(data, expected_output) + # Ensure `foo` was properly removed + self.session = pagure.lib.create_session(self.dbpath) + project = pagure.lib._get_project(self.session, 'test') + self.assertEquals( + project.access_users, + {u'admin': [], u'commit': [], u'ticket': []} + ) + if __name__ == '__main__': unittest.main(verbosity=2)