/
test_page_delete.py
221 lines (193 loc) · 9.03 KB
/
test_page_delete.py
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
# -*- coding: utf-8 -*-
# rdiffweb, A web interface to rdiff-backup repositories
# Copyright (C) 2012-2021 rdiffweb contributors
#
# This program is free software: you can redistribute it and/or modify
# it under the terms of the GNU General Public License as published by
# the Free Software Foundation, either version 3 of the License, or
# (at your option) any later version.
#
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with this program. If not, see <http://www.gnu.org/licenses/>.
"""
Created on Apr 10, 2016
@author: Patrik Dufresne <patrik@ikus-soft.com>
"""
import os
from time import sleep
from unittest.case import skipIf
from parameterized import parameterized
import rdiffweb.test
from rdiffweb.core.librdiff import rdiff_backup_version
from rdiffweb.core.store import MAINTAINER_ROLE, USER_ROLE
RDIFF_BACKUP_VERSION = rdiff_backup_version()
class DeleteRepoTest(rdiffweb.test.WebCase):
login = True
def _delete(self, user, repo, confirm):
body = {}
if confirm is not None:
body.update({'confirm': confirm})
self.getPage("/delete/" + user + "/" + repo + "/", method="POST", body=body)
@skipIf(RDIFF_BACKUP_VERSION < (2, 0, 1), "rdiff-backup-delete is available since 2.0.1")
@parameterized.expand(
[
("with_dir", 'admin', '/testcases/Revisions', 'Revisions', 303, 404, '/browse/admin/testcases'),
("with_dir_wrong_confirmation", 'admin', '/testcases/Revisions', 'invalid', 400, 200),
("with_file", 'admin', '/testcases/Revisions/Data', 'Data', 303, 404, '/browse/admin/testcases/Revisions'),
("with_file_wrong_confirmation", 'admin', '/testcases/Revisions/Data', 'invalid', 400, 200),
("with_invalid", 'admin', '/testcases/invalid', 'invalid', 404, 404),
(
"with_broken_symlink",
'admin',
'/testcases/BrokenSymlink',
'BrokenSymlink',
303,
404,
'/browse/admin/testcases',
),
(
"with_utf8",
'admin',
'/testcases/R%C3%A9pertoire%20Existant',
'Répertoire Existant',
303,
404,
'/browse/admin/testcases',
),
("with_rdiff_backup_data", 'admin', '/testcases/rdiff-backup-data', 'rdiff-backup-data', 404, 404),
(
"with_quoted_path",
'admin',
'/testcases/Char%20%3B090%20to%20quote',
'Char Z to quote',
303,
404,
'/browse/admin/testcases',
),
]
)
def test_delete_path(
self, unused, username, path, confirmation, expected_status, expected_history_status, expected_redirect=None
):
# When trying to delete a file or a folder with a confirmation
self._delete(username, path, confirmation)
# Then a status is returned
self.assertStatus(expected_status)
if expected_redirect:
self.assertHeaderItemValue('Location', self.baseurl + expected_redirect)
# Check filesystem
sleep(1)
self.getPage("/history/" + username + "/" + path)
self.assertStatus(expected_history_status)
def test_delete_repo(self):
"""
Check to delete a repo.
"""
# Check initial list of repo
self.assertEqual(['broker-repo', 'testcases'], [r.name for r in self.app.store.get_user('admin').repo_objs])
# Delete repo
self._delete(self.USERNAME, self.REPO, 'testcases')
self.assertStatus(303)
self.assertHeaderItemValue('Location', self.baseurl + '/')
# Check filesystem
sleep(1)
self.assertEqual(['broker-repo'], [r.name for r in self.app.store.get_user('admin').repo_objs])
self.assertFalse(os.path.isdir(os.path.join(self.testcases, 'testcases')))
def test_delete_repo_with_slash(self):
# Check initial list of repo
self.assertEqual(['broker-repo', 'testcases'], [r.name for r in self.app.store.get_user('admin').repo_objs])
# Then delete it.
self._delete(self.USERNAME, self.REPO, 'testcases')
self.assertStatus(303)
self.assertHeaderItemValue('Location', self.baseurl + '/')
# Check filesystem
sleep(1)
self.assertEqual(['broker-repo'], [r.name for r in self.app.store.get_user('admin').repo_objs])
self.assertFalse(os.path.isdir(os.path.join(self.testcases, 'testcases')))
def test_delete_repo_wrong_confirm(self):
"""
Check failure to delete a repo with wrong confirmation.
"""
# Check initial list of repo
self.assertEqual(['broker-repo', 'testcases'], [r.name for r in self.app.store.get_user('admin').repo_objs])
# Delete repo with wrong confirmation.
self._delete(self.USERNAME, self.REPO, 'wrong')
# TODO Make sure the repository is not delete
self.assertStatus(400)
self.assertEqual(['broker-repo', 'testcases'], [r.name for r in self.app.store.get_user('admin').repo_objs])
def test_delete_repo_without_confirm(self):
"""
Check failure to delete a repo with wrong confirmation.
"""
# Check initial list of repo
self.assertEqual(['broker-repo', 'testcases'], [r.name for r in self.app.store.get_user('admin').repo_objs])
# Delete repo without confirmation.
self._delete(self.USERNAME, self.REPO, None)
# Make sure the repository is not delete
self.assertStatus(400)
self.assertInBody('confirm: This field is required')
self.assertEqual(['broker-repo', 'testcases'], [r.name for r in self.app.store.get_user('admin').repo_objs])
def test_delete_repo_as_admin(self):
# Create a another user with admin right
user_obj = self.app.store.add_user('anotheruser', 'password')
user_obj.user_root = self.testcases
self.assertEqual(['broker-repo', 'testcases'], [r.name for r in user_obj.repo_objs])
self._delete('anotheruser', 'testcases', 'testcases')
self.assertStatus(303)
self.assertHeaderItemValue('Location', self.baseurl + '/')
# Check filesystem
sleep(1)
self.assertEqual(['broker-repo'], [r.name for r in user_obj.repo_objs])
self.assertFalse(os.path.isdir(os.path.join(self.testcases, 'testcases')))
def test_delete_repo_as_maintainer(self):
self.assertTrue(os.path.isdir(self.testcases))
# Create a another user with maintainer right
user_obj = self.app.store.add_user('maintainer', 'password')
user_obj.user_root = self.testcases
user_obj.role = MAINTAINER_ROLE
self.assertEqual(['broker-repo', 'testcases'], [r.name for r in user_obj.repo_objs])
# Login as maintainer
self._login('maintainer', 'password')
# Try to delete your own repo
self._delete('maintainer', 'testcases', 'testcases')
self.assertStatus(303)
self.assertHeaderItemValue('Location', self.baseurl + '/')
# Check filesystem
sleep(1)
self.assertEqual(['broker-repo'], [r.name for r in user_obj.repo_objs])
self.assertFalse(os.path.isdir(os.path.join(self.testcases, 'testcases')))
def test_delete_repo_as_user(self):
# Create a another user with maintainer right
user_obj = self.app.store.add_user('user', 'password')
user_obj.user_root = self.testcases
user_obj.role = USER_ROLE
self.assertEqual(['broker-repo', 'testcases'], [r.name for r in user_obj.repo_objs])
# Login as maintainer
self._login('user', 'password')
# Try to delete own own repo
self._delete('user', 'testcases', 'testcases')
self.assertStatus(403)
# Check database don't change
self.assertEqual(['broker-repo', 'testcases'], [r.name for r in user_obj.repo_objs])
self.assertTrue(os.path.isdir(os.path.join(self.testcases, 'testcases')))
def test_delete_repo_does_not_exists(self):
# Given an invalid repo
repo = 'invalid'
# When trying to delete this repo
self._delete(self.USERNAME, repo, repo)
# Then a 404 is return to the user
self.assertStatus(404)
def test_delete_method_get(self):
# Given a user with repo
self.assertEqual(['broker-repo', 'testcases'], [r.name for r in self.app.store.get_user('admin').repo_objs])
# When trying to deleted repo with GET method
self.getPage("/delete/" + self.USERNAME + "/" + self.REPO + "/?confirm=" + self.REPO, method="GET")
# Then An error is returned
self.assertStatus(405)
# Then repo still exists
self.assertEqual(['broker-repo', 'testcases'], [r.name for r in self.app.store.get_user('admin').repo_objs])