1.1 --- a/hgapp/test.ini Fri Mar 12 20:07:41 2010 +0100
1.2 +++ b/hgapp/test.ini Sat Mar 13 10:34:45 2010 +0100
1.3 @@ -1,3 +1,5 @@
1.4 +[DEFAULT]
1.5 +
1.6 [hg:public]
1.7 hgweb=%(here)s/..
1.8 allow_read=*
2.1 --- /dev/null Thu Jan 01 00:00:00 1970 +0000
2.2 +++ b/hgapp/test_perms.py Sat Mar 13 10:34:45 2010 +0100
2.3 @@ -0,0 +1,67 @@
2.4 +# -*- coding: utf-8 -*-
2.5 +from unittest import TestCase
2.6 +from testing import *
2.7 +from webob import Request, exc
2.8 +from hgapp import utils
2.9 +
2.10 +def request(meth='post', user=None, **kwargs):
2.11 + req = Request.blank('/')
2.12 + req.method = meth.upper()
2.13 + if user:
2.14 + kwargs['REMOTE_USER'] = user
2.15 + req.environ.update(kwargs)
2.16 + return req
2.17 +
2.18 +class TestPerms(TestCase):
2.19 +
2.20 + def get_request(self, section, **kwargs):
2.21 + ui = utils.get_ui(CONFIG['hg:%s' % section])
2.22 + req = request(baseui=ui, **kwargs)
2.23 + return req
2.24 +
2.25 + def test_public_anon(self):
2.26 + req = self.get_request('public', meth='get')
2.27 + eq_(utils.check_perm(req, 'pull'), None)
2.28 + req = self.get_request('public')
2.29 + self.assertRaises(exc.HTTPUnauthorized, utils.check_perm, req, 'push')
2.30 +
2.31 + def test_public_user(self):
2.32 + req = self.get_request('public', user='toto')
2.33 + eq_(utils.check_perm(req, 'pull'), None)
2.34 + req = self.get_request('public', user='toto')
2.35 + eq_(utils.check_perm(req, 'push'), None)
2.36 +
2.37 + def test_private_anon(self):
2.38 + req = self.get_request('private', user='toto')
2.39 + self.assertRaises(exc.HTTPUnauthorized, utils.check_perm, req, 'pull')
2.40 + req = self.get_request('private', user='toto')
2.41 + self.assertRaises(exc.HTTPUnauthorized, utils.check_perm, req, 'push')
2.42 +
2.43 + def test_private_user(self):
2.44 + req = self.get_request('private', user='toto')
2.45 + self.assertRaises(exc.HTTPUnauthorized, utils.check_perm, req, 'pull')
2.46 + req = self.get_request('private', user='toto')
2.47 + self.assertRaises(exc.HTTPUnauthorized, utils.check_perm, req, 'push')
2.48 +
2.49 + def test_private_gawel(self):
2.50 + req = self.get_request('private', user='gawel')
2.51 + eq_(utils.check_perm(req, 'pull'), None)
2.52 + req = self.get_request('private', user='gawel')
2.53 + eq_(utils.check_perm(req, 'push'), None)
2.54 +
2.55 +
2.56 +class TestRepozePerms(TestPerms):
2.57 +
2.58 + def get_request(self, section, user=None, **kwargs):
2.59 + ui = utils.get_ui(CONFIG['hg:%s' % section])
2.60 + if user:
2.61 + if section == 'public':
2.62 + permissions = set(['allow_read', 'allow_push'])
2.63 + elif user == 'gawel':
2.64 + permissions = set(['allow_read', 'allow_push'])
2.65 + else:
2.66 + permissions = set()
2.67 + kwargs['repoze.what.credentials'] = dict(permissions=permissions)
2.68 + req = request(baseui=ui, user=user, **kwargs)
2.69 + return req
2.70 +
3.1 --- /dev/null Thu Jan 01 00:00:00 1970 +0000
3.2 +++ b/hgapp/testing.py Sat Mar 13 10:34:45 2010 +0100
3.3 @@ -0,0 +1,63 @@
3.4 +# -*- coding: utf-8 -*-
3.5 +from ConfigObject import ConfigObject
3.6 +from nose.tools import *
3.7 +import tempfile
3.8 +import logging
3.9 +import shutil
3.10 +import time
3.11 +import sys
3.12 +import os
3.13 +
3.14 +log = logging.getLogger('nose')
3.15 +
3.16 +DIR_NAME = os.path.dirname(__file__)
3.17 +package_repo = os.path.dirname(DIR_NAME)
3.18 +CONFIG_FILE = os.path.join(DIR_NAME, 'test.ini')
3.19 +CONFIG = ConfigObject(dict(here=DIR_NAME))
3.20 +CONFIG.read([CONFIG_FILE])
3.21 +sys.argv.append(CONFIG_FILE)
3.22 +
3.23 +TEMP_DIR = tempfile.mkdtemp(prefix='{{egg}}')
3.24 +
3.25 +def setup_func():
3.26 + "set up test fixtures"
3.27 + if os.path.isdir(TEMP_DIR):
3.28 + shutil.rmtree(TEMP_DIR)
3.29 + os.makedirs(TEMP_DIR)
3.30 +
3.31 +def teardown_func():
3.32 + "tear down test fixtures"
3.33 + if os.path.isdir(TEMP_DIR):
3.34 + shutil.rmtree(TEMP_DIR)
3.35 +
3.36 +def timeit(func):
3.37 + name = func.func_name
3.38 + def wrapper(*args, **kwargs):
3.39 + st = time.time()
3.40 + func(*args, **kwargs)
3.41 + t = time.time() - st
3.42 + if args:
3.43 + self = args[0]
3.44 + log.warn('%s.%s() %2.3fs', self.__class__.__name__, t)
3.45 + else:
3.46 + log.warn('%s() %2.3fs', name, t)
3.47 + wrapper.func_name = name
3.48 + if hasattr(wrapper, '__name__'):
3.49 + wrapper.__name__ = func.func_name
3.50 + return wrapper
3.51 +
3.52 +class TimeIt(object):
3.53 + """time middleware"""
3.54 +
3.55 + def __init__(self, app, msg=''):
3.56 + self.app = app
3.57 + self.msg = msg
3.58 +
3.59 + def __call__(self, environ, start_response):
3.60 + ct = time.time()
3.61 + result = self.app(environ, start_response)
3.62 + log.warn('%s %s %s %2.6fs', self.msg,
3.63 + environ['REQUEST_METHOD'], environ['PATH_INFO'],
3.64 + time.time() - ct)
3.65 + return result
3.66 +
4.1 --- a/hgapp/tests.py Fri Mar 12 20:07:41 2010 +0100
4.2 +++ b/hgapp/tests.py Sat Mar 13 10:34:45 2010 +0100
4.3 @@ -5,22 +5,14 @@
4.4 import unittest
4.5 import subprocess
4.6 import hgapp
4.7 -
4.8 -dirname = os.path.dirname(hgapp.__file__)
4.9 -package_repo = os.path.dirname(dirname)
4.10 -configfile = os.path.join(dirname, 'test.ini')
4.11 -sys.argv.append(configfile)
4.12 -
4.13 +from testing import *
4.14 from hgapp.skin import make_skinned_app
4.15 from hgapp.pool import make_app
4.16 from webtest import TestApp, AppError
4.17 -from ConfigObject import ConfigObject
4.18
4.19 from mercurial.hgweb.request import wsgirequest
4.20 wsgirequest.drain = lambda *args, **kwargs: None
4.21
4.22 -test_log = logging.getLogger('nose.loader')
4.23 -
4.24 from hgapp import config
4.25
4.26 hgrc = os.path.join(package_repo, '.hg', 'hgrc')
4.27 @@ -31,7 +23,7 @@
4.28 user = group = ''
4.29
4.30 def setUp(self):
4.31 - self.app = TestApp(make_app({'__file__':configfile, 'here':dirname}))
4.32 + self.app = TestApp(make_app({'__file__':CONFIG_FILE, 'here':DIR_NAME}))
4.33
4.34 def tearDown(self):
4.35 open(hgrc, 'w').write(hgrc_orig)
4.36 @@ -101,7 +93,7 @@
4.37 class TestSkin(TestHgwebdir):
4.38
4.39 def setUp(self):
4.40 - self.app = TestApp(make_skinned_app({'__file__':configfile, 'here':dirname}))
4.41 + self.app = TestApp(make_skinned_app({'__file__':CONFIG_FILE, 'here':DIR_NAME}))
4.42
4.43
4.44 def test_read(self):
5.1 --- a/hgapp/utils.py Fri Mar 12 20:07:41 2010 +0100
5.2 +++ b/hgapp/utils.py Sat Mar 13 10:34:45 2010 +0100
5.3 @@ -49,20 +49,20 @@
5.4 result = (not allow_read) or (allow_read == ['*'])
5.5 if not (result or user in allow_read):
5.6 resp = exc.HTTPUnauthorized()
5.7 - resp.status = '%s %s' % (resp.code, 'read not authorized')
5.8 + resp.status = '%s %s' % (resp.code, 'read not authorized for %s' % user)
5.9 raise resp
5.10 else:
5.11 allow_read = c.configlist('web', 'allow_read')
5.12 if allow_read != ['*'] and user not in allow_read:
5.13 log.debug('allow_read failed')
5.14 resp = exc.HTTPUnauthorized()
5.15 - resp.status = '%s %s' % (resp.code, 'read not authorized')
5.16 + resp.status = '%s %s' % (resp.code, 'read not authorized for %s' % user)
5.17 raise resp
5.18
5.19 if op == 'pull' and not c.configbool('web', 'allowpull', True):
5.20 log.debug('allow_pull failed')
5.21 resp = exc.HTTPUnauthorized()
5.22 - resp.status = '%s %s' % (resp.code, 'pull not authorized')
5.23 + resp.status = '%s %s' % (resp.code, 'pull not authorized for %s' % user)
5.24 raise resp
5.25 elif op == 'pull' or op is None: # op is None for interface requests
5.26 return
5.27 @@ -93,7 +93,7 @@
5.28 if deny and (not user or deny == ['*'] or user in deny):
5.29 log.debug('deny_push success')
5.30 resp = exc.HTTPUnauthorized()
5.31 - resp.status = '%s %s' % (resp.code, 'push not allowed')
5.32 + resp.status = '%s %s' % (resp.code, 'push not allowed for user %s' % user)
5.33 raise resp
5.34
5.35 allow = c.configlist('web', 'allow_push')
5.36 @@ -101,7 +101,7 @@
5.37 if not result:
5.38 log.debug('allow_push fail')
5.39 resp = exc.HTTPUnauthorized()
5.40 - resp.status = '%s %s' % (resp.code, 'push not allowed')
5.41 + resp.status = '%s %s' % (resp.code, 'push not allowed for user %s' % user)
5.42 raise resp
5.43 else:
5.44 allow_push = c.configlist('web', 'allow_push')