2015-01-29 17:41:30 +01:00
|
|
|
import os
|
|
|
|
import shutil
|
|
|
|
import StringIO
|
|
|
|
import time
|
|
|
|
|
|
|
|
try:
|
|
|
|
import lasso
|
|
|
|
except ImportError:
|
|
|
|
lasso = None
|
|
|
|
|
|
|
|
import pytest
|
|
|
|
|
|
|
|
from quixote import cleanup, get_publisher
|
|
|
|
from wcs.qommon import errors, sessions
|
2019-09-29 20:51:22 +02:00
|
|
|
from wcs.qommon.ident.password_accounts import PasswordAccount
|
2015-01-29 17:41:30 +01:00
|
|
|
from wcs.qommon.http_request import HTTPRequest
|
|
|
|
from wcs.qommon.template import get_current_theme
|
|
|
|
from wcs.categories import Category
|
|
|
|
from wcs.roles import Role
|
|
|
|
from wcs.workflows import Workflow
|
|
|
|
from wcs.formdef import FormDef
|
|
|
|
from wcs import fields
|
|
|
|
|
|
|
|
from utilities import get_app, login, create_temporary_pub
|
|
|
|
|
|
|
|
def setup_module(module):
|
|
|
|
cleanup()
|
|
|
|
|
|
|
|
global pub
|
|
|
|
|
|
|
|
pub = create_temporary_pub()
|
|
|
|
|
|
|
|
req = HTTPRequest(None, {'SCRIPT_NAME': '/', 'SERVER_NAME': 'example.net'})
|
|
|
|
pub.set_app_dir(req)
|
|
|
|
pub.cfg['identification'] = {'methods': ['password']}
|
|
|
|
pub.write_cfg()
|
|
|
|
|
|
|
|
def create_superuser():
|
|
|
|
global user1
|
|
|
|
if pub.user_class.has_key('admin'):
|
2015-10-08 08:34:10 +02:00
|
|
|
user1 = pub.user_class.get('admin')
|
|
|
|
user1.is_admin = True
|
|
|
|
user1.roles = []
|
2015-01-29 17:41:30 +01:00
|
|
|
return
|
|
|
|
user1 = pub.user_class(name='admin')
|
|
|
|
user1.id = 'admin'
|
|
|
|
user1.is_admin = True
|
2015-10-08 08:34:10 +02:00
|
|
|
user1.roles = []
|
2015-01-29 17:41:30 +01:00
|
|
|
user1.store()
|
|
|
|
|
|
|
|
account1 = PasswordAccount(id='admin')
|
|
|
|
account1.set_password('admin')
|
|
|
|
account1.user_id = user1.id
|
|
|
|
account1.store()
|
|
|
|
|
|
|
|
pub.cfg['identification'] = {'methods': ['password']}
|
|
|
|
pub.write_cfg()
|
|
|
|
|
|
|
|
def create_role():
|
|
|
|
Role.wipe()
|
|
|
|
role = Role(name='foobar')
|
|
|
|
role.store()
|
|
|
|
return role
|
|
|
|
|
|
|
|
def teardown_module(module):
|
|
|
|
shutil.rmtree(pub.APP_DIR)
|
|
|
|
|
2018-11-30 19:25:53 +01:00
|
|
|
@pytest.fixture
|
|
|
|
def empty_siteoptions():
|
|
|
|
open(os.path.join(pub.app_dir, 'site-options.cfg'), 'w').close()
|
|
|
|
|
2015-01-29 17:41:30 +01:00
|
|
|
def test_with_superuser():
|
|
|
|
create_superuser()
|
|
|
|
app = login(get_app(pub))
|
2015-04-22 12:35:12 +02:00
|
|
|
resp = app.get('/backoffice/')
|
2015-07-15 21:35:57 +02:00
|
|
|
# this makes sure the extension loaded properly
|
|
|
|
assert '<span id="applabel">Publik</span>' in resp.body
|
2015-10-08 08:34:10 +02:00
|
|
|
|
|
|
|
def test_general_admin_permissions():
|
|
|
|
create_superuser()
|
|
|
|
app = login(get_app(pub))
|
|
|
|
resp = app.get('/backoffice/settings/', status=200)
|
|
|
|
pub.cfg['admin-permissions'] = {'settings': ['XXX']}
|
|
|
|
pub.write_cfg()
|
|
|
|
resp = app.get('/backoffice/settings/', status=403)
|
|
|
|
user1.roles = ['XXX']
|
|
|
|
user1.store()
|
|
|
|
resp = app.get('/backoffice/settings/', status=200)
|
|
|
|
del pub.cfg['admin-permissions']
|
|
|
|
pub.write_cfg()
|
|
|
|
|
2018-11-30 19:25:53 +01:00
|
|
|
def test_aq_permissions_panel(empty_siteoptions):
|
2015-10-08 08:34:10 +02:00
|
|
|
create_superuser()
|
|
|
|
app = login(get_app(pub))
|
2018-11-30 19:25:53 +01:00
|
|
|
resp = app.get('/backoffice/settings/')
|
|
|
|
assert not 'aq/permissions' in resp.body
|
|
|
|
|
|
|
|
with open(os.path.join(pub.app_dir, 'site-options.cfg'), 'w') as fd:
|
|
|
|
if not pub.site_options.has_section('options'):
|
|
|
|
pub.site_options.add_section('options')
|
|
|
|
pub.site_options.set('options', 'auquotidien-links', 'true')
|
|
|
|
pub.site_options.write(fd)
|
|
|
|
|
2015-10-08 08:34:10 +02:00
|
|
|
resp = app.get('/backoffice/settings/')
|
|
|
|
assert 'aq/permissions' in resp.body
|
|
|
|
resp = app.get('/backoffice/settings/aq/permissions')
|
2015-10-08 09:03:03 +02:00
|
|
|
|
2018-11-30 19:25:53 +01:00
|
|
|
def test_menu_items(empty_siteoptions):
|
2015-10-08 09:03:03 +02:00
|
|
|
create_superuser()
|
|
|
|
role = create_role()
|
|
|
|
|
2018-11-30 19:25:53 +01:00
|
|
|
with open(os.path.join(pub.app_dir, 'site-options.cfg'), 'w') as fd:
|
|
|
|
if not pub.site_options.has_section('options'):
|
|
|
|
pub.site_options.add_section('options')
|
|
|
|
pub.site_options.set('options', 'auquotidien-links', 'true')
|
|
|
|
pub.site_options.write(fd)
|
|
|
|
|
2015-10-08 09:03:03 +02:00
|
|
|
for area in ('links', 'announces', 'events', 'links', 'payments'):
|
2018-11-30 19:25:53 +01:00
|
|
|
|
|
|
|
with open(os.path.join(pub.app_dir, 'site-options.cfg'), 'w') as fd:
|
|
|
|
if not pub.site_options.has_section('options'):
|
|
|
|
pub.site_options.add_section('options')
|
|
|
|
pub.site_options.set('options', 'auquotidien-%s' % area, 'true')
|
|
|
|
pub.site_options.write(fd)
|
|
|
|
|
2015-10-08 09:03:03 +02:00
|
|
|
pub.cfg['aq-permissions'] = {area: None}
|
|
|
|
pub.write_cfg()
|
|
|
|
|
|
|
|
user1.is_admin = True
|
|
|
|
user1.roles = []
|
|
|
|
user1.store()
|
|
|
|
|
|
|
|
app = login(get_app(pub))
|
|
|
|
resp = app.get('/backoffice/')
|
|
|
|
assert not '/%s/' % area in resp.body
|
|
|
|
resp = app.get('/backoffice/%s/' % area, status=403)
|
|
|
|
|
|
|
|
pub.cfg['aq-permissions'] = {area: 'XXX'}
|
|
|
|
pub.write_cfg()
|
|
|
|
|
|
|
|
resp = app.get('/backoffice/')
|
|
|
|
assert '/%s/' % area in resp.body
|
|
|
|
resp = app.get('/backoffice/%s/' % area, status=200)
|
|
|
|
|
|
|
|
user1.is_admin = False
|
|
|
|
user1.roles = [role.id]
|
|
|
|
user1.store()
|
|
|
|
resp = app.get('/backoffice/')
|
|
|
|
assert not '/%s/' % area in resp.body
|
|
|
|
resp = app.get('/backoffice/%s/' % area, status=403)
|
|
|
|
|
|
|
|
user1.is_admin = False
|
|
|
|
user1.roles = [role.id, 'XXX']
|
|
|
|
user1.store()
|
|
|
|
resp = app.get('/backoffice/')
|
|
|
|
assert '/%s/' % area in resp.body
|
|
|
|
resp = app.get('/backoffice/%s/' % area, status=200)
|