189 lines
4.9 KiB
Python
189 lines
4.9 KiB
Python
import os
|
|
import shutil
|
|
import sys
|
|
|
|
import pytest
|
|
from quixote import cleanup
|
|
|
|
import wcs.forms.root
|
|
from wcs import formdef
|
|
from wcs.categories import Category
|
|
from wcs.formdef import FormDef
|
|
from wcs.qommon import sessions
|
|
from wcs.qommon.http_request import HTTPRequest
|
|
|
|
from .utilities import create_temporary_pub, get_app
|
|
|
|
|
|
def setup_module(module):
|
|
cleanup()
|
|
|
|
global pub, req
|
|
global user1, user2
|
|
global category
|
|
|
|
pub = create_temporary_pub()
|
|
|
|
req = HTTPRequest(None, {'SCRIPT_NAME': '/'})
|
|
req._user = None
|
|
pub._set_request(req)
|
|
req.session = sessions.Session(id=1)
|
|
|
|
user1 = pub.user_class(name='user-one-role')
|
|
user1.id = 'user-one-role'
|
|
user1.roles = ['role-1']
|
|
|
|
user2 = pub.user_class(name='user-other-role')
|
|
user2.id = 'user-other-role'
|
|
user2.roles = ['role-2']
|
|
|
|
category = Category()
|
|
category.name = 'category1'
|
|
category.store()
|
|
|
|
|
|
def create_formdef():
|
|
global formdef1, formdef2
|
|
|
|
formdef1 = FormDef()
|
|
formdef1.category_id = category.id
|
|
formdef1.name = formdef1.url_name = 'test-formdef-1'
|
|
formdef1.store()
|
|
|
|
formdef2 = FormDef()
|
|
formdef2.category_id = category.id
|
|
formdef2.name = formdef2.url_name = 'test-formdef-2'
|
|
formdef2.store()
|
|
|
|
|
|
def teardown_module(module):
|
|
shutil.rmtree(pub.APP_DIR)
|
|
|
|
|
|
def indexhtml(user=None):
|
|
req._user = req.session.user = user
|
|
return str(wcs.forms.root.RootDirectory()._q_index())
|
|
|
|
|
|
def test_empty_site():
|
|
FormDef.wipe()
|
|
assert indexhtml() == ''
|
|
|
|
|
|
def test_public_site_anonymous_access():
|
|
FormDef.wipe()
|
|
create_formdef()
|
|
output = indexhtml()
|
|
assert 'href="category1/test-formdef-1/"' in output
|
|
assert 'href="category1/test-formdef-2/"' in output
|
|
|
|
|
|
def test_private_site_anonymous_access():
|
|
FormDef.wipe()
|
|
create_formdef()
|
|
formdef1.roles = formdef2.roles = ['role-1']
|
|
formdef1.store()
|
|
formdef2.store()
|
|
with pytest.raises(wcs.forms.root.errors.AccessUnauthorizedError):
|
|
output = indexhtml()
|
|
|
|
|
|
def test_semi_private_site_anonymous_access():
|
|
FormDef.wipe()
|
|
create_formdef()
|
|
formdef1.roles = ['role-1']
|
|
formdef1.store()
|
|
output = indexhtml()
|
|
assert 'href="category1/test-formdef-1/"' not in output
|
|
assert 'href="category1/test-formdef-2/"' in output
|
|
|
|
|
|
def test_private_site_authorized_access():
|
|
FormDef.wipe()
|
|
create_formdef()
|
|
formdef1.roles = formdef2.roles = ['role-1']
|
|
formdef1.store()
|
|
formdef2.store()
|
|
output = indexhtml(user1)
|
|
assert 'href="category1/test-formdef-1/"' in output
|
|
assert 'href="category1/test-formdef-2/"' in output
|
|
|
|
|
|
def test_private_site_unauthorized_access():
|
|
FormDef.wipe()
|
|
create_formdef()
|
|
formdef1.roles = formdef2.roles = ['role-1']
|
|
formdef1.store()
|
|
formdef2.store()
|
|
with pytest.raises(wcs.forms.root.errors.AccessUnauthorizedError):
|
|
output = indexhtml(user2)
|
|
|
|
|
|
def test_private_site_semi_authorized_access():
|
|
FormDef.wipe()
|
|
create_formdef()
|
|
formdef1.roles = ['role-1']
|
|
formdef2.roles = ['role-2']
|
|
formdef1.store()
|
|
formdef2.store()
|
|
output = indexhtml(user1)
|
|
assert 'href="category1/test-formdef-1/"' in output
|
|
assert 'href="category1/test-formdef-2/"' not in output
|
|
|
|
|
|
def test_advertized_site_anonymous_access():
|
|
FormDef.wipe()
|
|
create_formdef()
|
|
formdef1.roles = formdef2.roles = ['role-1']
|
|
formdef1.always_advertise = True
|
|
formdef1.store()
|
|
formdef2.store()
|
|
output = indexhtml()
|
|
assert 'href="category1/test-formdef-1/"' in output
|
|
assert 'href="category1/test-formdef-2/"' not in output
|
|
assert 'authentication required' in output # locales ?
|
|
|
|
|
|
def test_advertized_site_user_access():
|
|
FormDef.wipe()
|
|
create_formdef()
|
|
formdef1.roles = formdef2.roles = ['role-2']
|
|
formdef1.always_advertise = True
|
|
formdef1.store()
|
|
formdef2.store()
|
|
output = indexhtml(user1)
|
|
assert 'href="category1/test-formdef-1/"' in output
|
|
assert 'href="category1/test-formdef-2/"' not in output
|
|
assert 'authentication required' in output # locales ?
|
|
|
|
|
|
def test_categories_page():
|
|
FormDef.wipe()
|
|
create_formdef()
|
|
resp = get_app(pub).get('/categories')
|
|
assert 'href="category1/"' in resp
|
|
FormDef.wipe()
|
|
resp = get_app(pub).get('/categories')
|
|
assert 'href="category1/"' not in resp
|
|
|
|
|
|
def test_static_directories():
|
|
assert get_app(pub).get('/static/images/feed-icon-10x10.png')
|
|
assert get_app(pub).get('/static/css/gadjo.css')
|
|
assert get_app(pub).get('/static/xstatic/jquery.js')
|
|
assert get_app(pub).get('/static/xstatic/jquery-ui.js')
|
|
|
|
assert 'Directory listing denied' in get_app(pub).get('/static/css/').text
|
|
assert get_app(pub).get('/static/xxx', status=404)
|
|
|
|
|
|
def test_jquery_debug_mode():
|
|
FormDef.wipe()
|
|
create_formdef()
|
|
resp = get_app(pub).get('/category1/test-formdef-1/')
|
|
assert 'jquery.min.js' in resp.text
|
|
pub.cfg['debug'] = {'debug_mode': True}
|
|
pub.write_cfg()
|
|
resp = get_app(pub).get('/category1/test-formdef-1/')
|
|
assert 'jquery.js' in resp.text
|