Mercurial > kallithea
comparison rhodecode/tests/api/api_base.py @ 3163:28571535dd61 beta
API methods create_repo, fork_repo, delete_repo, get_repo, get_repos
can be executed by non-admin users ref #539
author | Marcin Kuzminski <marcin@python-works.com> |
---|---|
date | Mon, 14 Jan 2013 00:38:24 +0100 |
parents | 3563c47e52fd |
children | e1baadec6217 |
comparison
equal
deleted
inserted
replaced
3162:a0a8f38e8fb8 | 3163:28571535dd61 |
---|---|
57 def destroy_users_group(name=TEST_USERS_GROUP): | 57 def destroy_users_group(name=TEST_USERS_GROUP): |
58 UsersGroupModel().delete(users_group=name, force=True) | 58 UsersGroupModel().delete(users_group=name, force=True) |
59 Session().commit() | 59 Session().commit() |
60 | 60 |
61 | 61 |
62 def create_repo(repo_name, repo_type): | 62 def create_repo(repo_name, repo_type, owner=None): |
63 # create new repo | 63 # create new repo |
64 form_data = _get_repo_create_params( | 64 form_data = _get_repo_create_params( |
65 repo_name_full=repo_name, | 65 repo_name_full=repo_name, |
66 repo_description='description %s' % repo_name, | 66 repo_description='description %s' % repo_name, |
67 ) | 67 ) |
68 cur_user = UserModel().get_by_username(TEST_USER_ADMIN_LOGIN) | 68 cur_user = UserModel().get_by_username(owner or TEST_USER_ADMIN_LOGIN) |
69 r = RepoModel().create(form_data, cur_user) | 69 r = RepoModel().create(form_data, cur_user) |
70 Session().commit() | 70 Session().commit() |
71 return r | 71 return r |
72 | 72 |
73 | 73 |
91 | 91 |
92 @classmethod | 92 @classmethod |
93 def setUpClass(self): | 93 def setUpClass(self): |
94 self.usr = UserModel().get_by_username(TEST_USER_ADMIN_LOGIN) | 94 self.usr = UserModel().get_by_username(TEST_USER_ADMIN_LOGIN) |
95 self.apikey = self.usr.api_key | 95 self.apikey = self.usr.api_key |
96 self.TEST_USER = UserModel().create_or_update( | 96 self.test_user = UserModel().create_or_update( |
97 username='test-api', | 97 username='test-api', |
98 password='test', | 98 password='test', |
99 email='test@api.rhodecode.org', | 99 email='test@api.rhodecode.org', |
100 firstname='first', | 100 firstname='first', |
101 lastname='last' | 101 lastname='last' |
102 ) | 102 ) |
103 Session().commit() | 103 Session().commit() |
104 self.TEST_USER_LOGIN = self.TEST_USER.username | 104 self.TEST_USER_LOGIN = self.test_user.username |
105 self.apikey_regular = self.test_user.api_key | |
105 | 106 |
106 @classmethod | 107 @classmethod |
107 def teardownClass(self): | 108 def teardownClass(self): |
108 pass | 109 pass |
109 | 110 |
146 | 147 |
147 expected = 'Invalid API KEY' | 148 expected = 'Invalid API KEY' |
148 self._compare_error(id_, expected, given=response.body) | 149 self._compare_error(id_, expected, given=response.body) |
149 | 150 |
150 def test_api_missing_non_optional_param(self): | 151 def test_api_missing_non_optional_param(self): |
151 id_, params = _build_data(self.apikey, 'get_user') | 152 id_, params = _build_data(self.apikey, 'get_repo') |
152 response = api_call(self, params) | 153 response = api_call(self, params) |
153 | 154 |
154 expected = 'Missing non optional `userid` arg in JSON DATA' | 155 expected = 'Missing non optional `repoid` arg in JSON DATA' |
155 self._compare_error(id_, expected, given=response.body) | 156 self._compare_error(id_, expected, given=response.body) |
156 | 157 |
157 def test_api_get_users(self): | 158 def test_api_get_users(self): |
158 id_, params = _build_data(self.apikey, 'get_users',) | 159 id_, params = _build_data(self.apikey, 'get_users',) |
159 response = api_call(self, params) | 160 response = api_call(self, params) |
180 id_, params = _build_data(self.apikey, 'get_user', | 181 id_, params = _build_data(self.apikey, 'get_user', |
181 userid='trololo') | 182 userid='trololo') |
182 response = api_call(self, params) | 183 response = api_call(self, params) |
183 | 184 |
184 expected = "user `%s` does not exist" % 'trololo' | 185 expected = "user `%s` does not exist" % 'trololo' |
186 self._compare_error(id_, expected, given=response.body) | |
187 | |
188 def test_api_get_user_without_giving_userid(self): | |
189 id_, params = _build_data(self.apikey, 'get_user') | |
190 response = api_call(self, params) | |
191 | |
192 usr = UserModel().get_by_username(TEST_USER_ADMIN_LOGIN) | |
193 ret = usr.get_api_data() | |
194 ret['permissions'] = AuthUser(usr.user_id).permissions | |
195 | |
196 expected = ret | |
197 self._compare_ok(id_, expected, given=response.body) | |
198 | |
199 def test_api_get_user_without_giving_userid_non_admin(self): | |
200 id_, params = _build_data(self.apikey_regular, 'get_user') | |
201 response = api_call(self, params) | |
202 | |
203 usr = UserModel().get_by_username(self.TEST_USER_LOGIN) | |
204 ret = usr.get_api_data() | |
205 ret['permissions'] = AuthUser(usr.user_id).permissions | |
206 | |
207 expected = ret | |
208 self._compare_ok(id_, expected, given=response.body) | |
209 | |
210 def test_api_get_user_with_giving_userid_non_admin(self): | |
211 id_, params = _build_data(self.apikey_regular, 'get_user', | |
212 userid=self.TEST_USER_LOGIN) | |
213 response = api_call(self, params) | |
214 | |
215 expected = 'userid is not the same as your user' | |
185 self._compare_error(id_, expected, given=response.body) | 216 self._compare_error(id_, expected, given=response.body) |
186 | 217 |
187 def test_api_pull(self): | 218 def test_api_pull(self): |
188 #TODO: issues with rhodecode_extras here.. not sure why ! | 219 #TODO: issues with rhodecode_extras here.. not sure why ! |
189 pass | 220 pass |
234 locked=True) | 265 locked=True) |
235 response = api_call(self, params) | 266 response = api_call(self, params) |
236 expected = ('User `%s` set lock state for repo `%s` to `%s`' | 267 expected = ('User `%s` set lock state for repo `%s` to `%s`' |
237 % (TEST_USER_ADMIN_LOGIN, self.REPO, True)) | 268 % (TEST_USER_ADMIN_LOGIN, self.REPO, True)) |
238 self._compare_ok(id_, expected, given=response.body) | 269 self._compare_ok(id_, expected, given=response.body) |
270 | |
271 def test_api_lock_repo_lock_aquire_by_non_admin(self): | |
272 repo_name = 'api_delete_me' | |
273 create_repo(repo_name, self.REPO_TYPE, owner=self.TEST_USER_LOGIN) | |
274 try: | |
275 id_, params = _build_data(self.apikey_regular, 'lock', | |
276 repoid=repo_name, | |
277 locked=True) | |
278 response = api_call(self, params) | |
279 expected = ('User `%s` set lock state for repo `%s` to `%s`' | |
280 % (self.TEST_USER_LOGIN, repo_name, True)) | |
281 self._compare_ok(id_, expected, given=response.body) | |
282 finally: | |
283 destroy_repo(repo_name) | |
284 | |
285 def test_api_lock_repo_lock_aquire_non_admin_with_userid(self): | |
286 repo_name = 'api_delete_me' | |
287 create_repo(repo_name, self.REPO_TYPE, owner=self.TEST_USER_LOGIN) | |
288 try: | |
289 id_, params = _build_data(self.apikey_regular, 'lock', | |
290 userid=TEST_USER_ADMIN_LOGIN, | |
291 repoid=repo_name, | |
292 locked=True) | |
293 response = api_call(self, params) | |
294 expected = 'userid is not the same as your user' | |
295 self._compare_error(id_, expected, given=response.body) | |
296 finally: | |
297 destroy_repo(repo_name) | |
298 | |
299 def test_api_lock_repo_lock_aquire_non_admin_not_his_repo(self): | |
300 id_, params = _build_data(self.apikey_regular, 'lock', | |
301 repoid=self.REPO, | |
302 locked=True) | |
303 response = api_call(self, params) | |
304 expected = 'repository `%s` does not exist' % (self.REPO) | |
305 self._compare_error(id_, expected, given=response.body) | |
239 | 306 |
240 def test_api_lock_repo_lock_release(self): | 307 def test_api_lock_repo_lock_release(self): |
241 id_, params = _build_data(self.apikey, 'lock', | 308 id_, params = _build_data(self.apikey, 'lock', |
242 userid=TEST_USER_ADMIN_LOGIN, | 309 userid=TEST_USER_ADMIN_LOGIN, |
243 repoid=self.REPO, | 310 repoid=self.REPO, |
464 | 531 |
465 expected = ret | 532 expected = ret |
466 self._compare_ok(id_, expected, given=response.body) | 533 self._compare_ok(id_, expected, given=response.body) |
467 destroy_users_group(new_group) | 534 destroy_users_group(new_group) |
468 | 535 |
536 def test_api_get_repo_by_non_admin(self): | |
537 id_, params = _build_data(self.apikey, 'get_repo', | |
538 repoid=self.REPO) | |
539 response = api_call(self, params) | |
540 | |
541 repo = RepoModel().get_by_repo_name(self.REPO) | |
542 ret = repo.get_api_data() | |
543 | |
544 members = [] | |
545 for user in repo.repo_to_perm: | |
546 perm = user.permission.permission_name | |
547 user = user.user | |
548 user_data = user.get_api_data() | |
549 user_data['type'] = "user" | |
550 user_data['permission'] = perm | |
551 members.append(user_data) | |
552 | |
553 for users_group in repo.users_group_to_perm: | |
554 perm = users_group.permission.permission_name | |
555 users_group = users_group.users_group | |
556 users_group_data = users_group.get_api_data() | |
557 users_group_data['type'] = "users_group" | |
558 users_group_data['permission'] = perm | |
559 members.append(users_group_data) | |
560 | |
561 ret['members'] = members | |
562 | |
563 expected = ret | |
564 self._compare_ok(id_, expected, given=response.body) | |
565 | |
566 def test_api_get_repo_by_non_admin_no_permission_to_repo(self): | |
567 RepoModel().grant_user_permission(repo=self.REPO, | |
568 user=self.TEST_USER_LOGIN, | |
569 perm='repository.none') | |
570 | |
571 id_, params = _build_data(self.apikey_regular, 'get_repo', | |
572 repoid=self.REPO) | |
573 response = api_call(self, params) | |
574 | |
575 expected = 'repository `%s` does not exist' % (self.REPO) | |
576 self._compare_error(id_, expected, given=response.body) | |
577 | |
469 def test_api_get_repo_that_doesn_not_exist(self): | 578 def test_api_get_repo_that_doesn_not_exist(self): |
470 id_, params = _build_data(self.apikey, 'get_repo', | 579 id_, params = _build_data(self.apikey, 'get_repo', |
471 repoid='no-such-repo') | 580 repoid='no-such-repo') |
472 response = api_call(self, params) | 581 response = api_call(self, params) |
473 | 582 |
479 id_, params = _build_data(self.apikey, 'get_repos') | 588 id_, params = _build_data(self.apikey, 'get_repos') |
480 response = api_call(self, params) | 589 response = api_call(self, params) |
481 | 590 |
482 result = [] | 591 result = [] |
483 for repo in RepoModel().get_all(): | 592 for repo in RepoModel().get_all(): |
593 result.append(repo.get_api_data()) | |
594 ret = jsonify(result) | |
595 | |
596 expected = ret | |
597 self._compare_ok(id_, expected, given=response.body) | |
598 | |
599 def test_api_get_repos_non_admin(self): | |
600 id_, params = _build_data(self.apikey_regular, 'get_repos') | |
601 response = api_call(self, params) | |
602 | |
603 result = [] | |
604 for repo in RepoModel().get_all_user_repos(self.TEST_USER_LOGIN): | |
484 result.append(repo.get_api_data()) | 605 result.append(repo.get_api_data()) |
485 ret = jsonify(result) | 606 ret = jsonify(result) |
486 | 607 |
487 expected = ret | 608 expected = ret |
488 self._compare_ok(id_, expected, given=response.body) | 609 self._compare_ok(id_, expected, given=response.body) |
567 ) | 688 ) |
568 response = api_call(self, params) | 689 response = api_call(self, params) |
569 expected = 'user `%s` does not exist' % owner | 690 expected = 'user `%s` does not exist' % owner |
570 self._compare_error(id_, expected, given=response.body) | 691 self._compare_error(id_, expected, given=response.body) |
571 | 692 |
693 def test_api_create_repo_dont_specify_owner(self): | |
694 repo_name = 'api-repo' | |
695 owner = 'i-dont-exist' | |
696 id_, params = _build_data(self.apikey, 'create_repo', | |
697 repo_name=repo_name, | |
698 repo_type='hg', | |
699 ) | |
700 response = api_call(self, params) | |
701 | |
702 repo = RepoModel().get_by_repo_name(repo_name) | |
703 ret = { | |
704 'msg': 'Created new repository `%s`' % repo_name, | |
705 'repo': jsonify(repo.get_api_data()) | |
706 } | |
707 expected = ret | |
708 self._compare_ok(id_, expected, given=response.body) | |
709 destroy_repo(repo_name) | |
710 | |
711 def test_api_create_repo_by_non_admin(self): | |
712 repo_name = 'api-repo' | |
713 owner = 'i-dont-exist' | |
714 id_, params = _build_data(self.apikey_regular, 'create_repo', | |
715 repo_name=repo_name, | |
716 repo_type='hg', | |
717 ) | |
718 response = api_call(self, params) | |
719 | |
720 repo = RepoModel().get_by_repo_name(repo_name) | |
721 ret = { | |
722 'msg': 'Created new repository `%s`' % repo_name, | |
723 'repo': jsonify(repo.get_api_data()) | |
724 } | |
725 expected = ret | |
726 self._compare_ok(id_, expected, given=response.body) | |
727 destroy_repo(repo_name) | |
728 | |
729 def test_api_create_repo_by_non_admin_specify_owner(self): | |
730 repo_name = 'api-repo' | |
731 owner = 'i-dont-exist' | |
732 id_, params = _build_data(self.apikey_regular, 'create_repo', | |
733 repo_name=repo_name, | |
734 repo_type='hg', | |
735 owner=owner | |
736 ) | |
737 response = api_call(self, params) | |
738 | |
739 expected = 'Only RhodeCode admin can specify `owner` param' | |
740 self._compare_error(id_, expected, given=response.body) | |
741 destroy_repo(repo_name) | |
742 | |
572 def test_api_create_repo_exists(self): | 743 def test_api_create_repo_exists(self): |
573 repo_name = self.REPO | 744 repo_name = self.REPO |
574 id_, params = _build_data(self.apikey, 'create_repo', | 745 id_, params = _build_data(self.apikey, 'create_repo', |
575 repo_name=repo_name, | 746 repo_name=repo_name, |
576 owner=TEST_USER_ADMIN_LOGIN, | 747 owner=TEST_USER_ADMIN_LOGIN, |
604 'msg': 'Deleted repository `%s`' % repo_name, | 775 'msg': 'Deleted repository `%s`' % repo_name, |
605 'success': True | 776 'success': True |
606 } | 777 } |
607 expected = ret | 778 expected = ret |
608 self._compare_ok(id_, expected, given=response.body) | 779 self._compare_ok(id_, expected, given=response.body) |
780 | |
781 def test_api_delete_repo_by_non_admin(self): | |
782 repo_name = 'api_delete_me' | |
783 create_repo(repo_name, self.REPO_TYPE, owner=self.TEST_USER_LOGIN) | |
784 try: | |
785 id_, params = _build_data(self.apikey_regular, 'delete_repo', | |
786 repoid=repo_name,) | |
787 response = api_call(self, params) | |
788 | |
789 ret = { | |
790 'msg': 'Deleted repository `%s`' % repo_name, | |
791 'success': True | |
792 } | |
793 expected = ret | |
794 self._compare_ok(id_, expected, given=response.body) | |
795 finally: | |
796 destroy_repo(repo_name) | |
797 | |
798 def test_api_delete_repo_by_non_admin_no_permission(self): | |
799 repo_name = 'api_delete_me' | |
800 create_repo(repo_name, self.REPO_TYPE) | |
801 try: | |
802 id_, params = _build_data(self.apikey_regular, 'delete_repo', | |
803 repoid=repo_name,) | |
804 response = api_call(self, params) | |
805 expected = 'repository `%s` does not exist' % (repo_name) | |
806 self._compare_error(id_, expected, given=response.body) | |
807 finally: | |
808 destroy_repo(repo_name) | |
609 | 809 |
610 def test_api_delete_repo_exception_occurred(self): | 810 def test_api_delete_repo_exception_occurred(self): |
611 repo_name = 'api_delete_me' | 811 repo_name = 'api_delete_me' |
612 create_repo(repo_name, self.REPO_TYPE) | 812 create_repo(repo_name, self.REPO_TYPE) |
613 try: | 813 try: |
637 } | 837 } |
638 expected = ret | 838 expected = ret |
639 self._compare_ok(id_, expected, given=response.body) | 839 self._compare_ok(id_, expected, given=response.body) |
640 destroy_repo(fork_name) | 840 destroy_repo(fork_name) |
641 | 841 |
842 def test_api_fork_repo_non_admin(self): | |
843 fork_name = 'api-repo-fork' | |
844 id_, params = _build_data(self.apikey_regular, 'fork_repo', | |
845 repoid=self.REPO, | |
846 fork_name=fork_name, | |
847 ) | |
848 response = api_call(self, params) | |
849 | |
850 ret = { | |
851 'msg': 'Created fork of `%s` as `%s`' % (self.REPO, | |
852 fork_name), | |
853 'success': True | |
854 } | |
855 expected = ret | |
856 self._compare_ok(id_, expected, given=response.body) | |
857 destroy_repo(fork_name) | |
858 | |
859 def test_api_fork_repo_non_admin_specify_owner(self): | |
860 fork_name = 'api-repo-fork' | |
861 id_, params = _build_data(self.apikey_regular, 'fork_repo', | |
862 repoid=self.REPO, | |
863 fork_name=fork_name, | |
864 owner=TEST_USER_ADMIN_LOGIN, | |
865 ) | |
866 response = api_call(self, params) | |
867 expected = 'Only RhodeCode admin can specify `owner` param' | |
868 self._compare_error(id_, expected, given=response.body) | |
869 destroy_repo(fork_name) | |
870 | |
871 def test_api_fork_repo_non_admin_no_permission_to_fork(self): | |
872 RepoModel().grant_user_permission(repo=self.REPO, | |
873 user=self.TEST_USER_LOGIN, | |
874 perm='repository.none') | |
875 fork_name = 'api-repo-fork' | |
876 id_, params = _build_data(self.apikey_regular, 'fork_repo', | |
877 repoid=self.REPO, | |
878 fork_name=fork_name, | |
879 ) | |
880 response = api_call(self, params) | |
881 expected = 'repository `%s` does not exist' % (self.REPO) | |
882 self._compare_error(id_, expected, given=response.body) | |
883 destroy_repo(fork_name) | |
884 | |
642 def test_api_fork_repo_unknown_owner(self): | 885 def test_api_fork_repo_unknown_owner(self): |
643 fork_name = 'api-repo-fork' | 886 fork_name = 'api-repo-fork' |
644 owner = 'i-dont-exist' | 887 owner = 'i-dont-exist' |
645 id_, params = _build_data(self.apikey, 'fork_repo', | 888 id_, params = _build_data(self.apikey, 'fork_repo', |
646 repoid=self.REPO, | 889 repoid=self.REPO, |