googlechrome
/
chromium-dashboard
зеркало из https://github.com/GoogleChrome/chromium-dashboard.git
1
0
Форкнуть 0
Код Задачи Пакеты Проекты Релизы Вики Активность
chromium-dashboard/framework/permissions_test.py

312 строки
11 KiB
Python
Исходник Обычный вид История

Delete code for the legacy feature editing UI. (#1231)
2021-03-23 19:28:46 +03:00
# Copyright 2020 Google Inc.
#
# Licensed under the Apache License, Version 2.0 (the "License")
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
import testing_config # Must be imported before the module under test.
In py3 code, replace the separate mock lib with unittest.mock. (#1665)
2022-01-11 19:20:40 +03:00
from unittest import mock
Delete code for the legacy feature editing UI. (#1231)
2021-03-23 19:28:46 +03:00
import werkzeug.exceptions # Flask HTTP stuff.
20210418 google sign in (#1275) * Added Google Platform Library * Added Meta Element for Client ID * Added Google Sign-In Button * Authenticating the id_token on our backend * Saving id_token in flask session, using the id_token to fetch the current user and replaced the usages of AppEngine Users API (not from *_tests.py) * Correct the flow on pressing SignIn and SignOut * Code refactor * Added Comment for is_current_user_admin * Supporting GAE Users library for post request * Made some fixes * Changed Admin User condition * Reloading only on 200 response code * Do not require sign in and xsrf token while sending post request for login * Sign Out using Google Sign In if cookie is not set after login * Clearing the session if the id_token stored in the session variable becomes invalid or expires * Replaced GAE Users from tests * Replaced GAE users with framework users in tests.py
2021-05-07 02:37:30 +03:00
# from google.appengine.api import users
from framework import users
Flesh out permissions.py and simplify page logic. (#1237) * Flesh out permissions.py and simplify page logic. * Addressed review comments
2021-03-24 20:11:13 +03:00
from framework import basehandlers
Delete code for the legacy feature editing UI. (#1231)
2021-03-23 19:28:46 +03:00
from framework import permissions
Allow site admins to be specified via AppUser entities. (#1288)
2021-04-28 04:56:37 +03:00
from internals import models
Delete code for the legacy feature editing UI. (#1231)
2021-03-23 19:28:46 +03:00
Flesh out permissions.py and simplify page logic. (#1237) * Flesh out permissions.py and simplify page logic. * Addressed review comments
2021-03-24 20:11:13 +03:00
class MockHandler(basehandlers.BaseHandler):
Delete code for the legacy feature editing UI. (#1231)
2021-03-23 19:28:46 +03:00
def __init__(self):
self.called_with = None
@permissions.require_admin_site
def do_get(self, *args):
self.called_with = args
Flesh out permissions.py and simplify page logic. (#1237) * Flesh out permissions.py and simplify page logic. * Addressed review comments
2021-03-24 20:11:13 +03:00
return {'message': 'did get'}
Delete code for the legacy feature editing UI. (#1231)
2021-03-23 19:28:46 +03:00
Flesh out permissions.py and simplify page logic. (#1237) * Flesh out permissions.py and simplify page logic. * Addressed review comments
2021-03-24 20:11:13 +03:00
@permissions.require_admin_site
def do_post(self, *args):
self.called_with = args
return {'message': 'did post'}
Delete code for the legacy feature editing UI. (#1231)
2021-03-23 19:28:46 +03:00
Flesh out permissions.py and simplify page logic. (#1237) * Flesh out permissions.py and simplify page logic. * Addressed review comments
2021-03-24 20:11:13 +03:00
test_app = basehandlers.FlaskApplication(
Avoid needing to run py2 on workstations. (#1734) * Avoid needing to run py2 on workstations. * Use gunicorn instead of dev_appserver * Add comment to explain that dev-default.yaml is not currently used. * Use venv pip to install py3 deps. * Auto-activate and stop referencing lib/. * Make gunicorn use libs in cs-env.
2022-02-16 00:31:27 +03:00
__name__,
Flesh out permissions.py and simplify page logic. (#1237) * Flesh out permissions.py and simplify page logic. * Addressed review comments
2021-03-24 20:11:13 +03:00
[('/path', MockHandler),
],
debug=True)
Delete code for the legacy feature editing UI. (#1231)
2021-03-23 19:28:46 +03:00
20210618 gae ndb to cloud ndb (#1365) * Added Cloud NDB to requirements * google-cloud-core 1.7.0 requires google-auth<2.0dev,>=1.24.0, but you'll have google-auth 1.20.1 which is incompatible. * Running DataStore Emulator on port 15606 and setting environment variable for the same * Replaced GAE NDB imports with Cloud NDB imports * Solved Error: No Context for Ramcache * Solved No NDB Context Error for Cloud NDB * Fixed Error No object QueryOptions * Removed clear_datstore flag * Fixed to_dict() method * Added explicit call to method for stashing values while editing a feature * Using Cloud NDB in testbed * Updated README with JRE instructions and setting the DJANGO_SETTTINGS_MODULE environment variable for django.setup * Added Env Variable for datastore emulator * Migrated accounts_api_test.py * Migrated approvals_api_test.py * Migrated Comments.py and Cues_api_test.py * Migrated Features.py * Migrated metricsdata_test.py * Migrated stars_api_test.py * Fixed Deprecation warning for query options * Migrated token_refresh_api_test.py * Migrated basehandlers_test.py * Migrated permissions_test.py * Migrated ramcache_test.py * Migrated secrets_test.py * Migrated xsrf_test.py * Migrated fetchmetrics_test.py * Migrated models_test.py * Migrated notifier_test.py * Migrated processes_test.py * Migrated featuredetail_test.py * Migrated featurelist_test.py * Migrated guide_test.py * Migrated intentpreview_test.py * Migrated samples_test.py * Removed some unused stubs * Set the consistency of datastore emulator to be 1 * Resetting the database emulator before running the tests * Added npm targets for starting and stopping emulator * Updated README and Developer Docs * Removed unused imports * Made NDB calls DRY
2021-06-29 05:05:04 +03:00
class PermissionFunctionTests(testing_config.CustomTestCase):
Flesh out permissions.py and simplify page logic. (#1237) * Flesh out permissions.py and simplify page logic. * Addressed review comments
2021-03-24 20:11:13 +03:00
Reduce usage of GAE users. (#1355)
2021-06-09 20:35:55 +03:00
def setUp(self):
New permissions system implementation (#2011) * Check edit permissions by individual feature * update logic to check permissions * editors field added * editors can see edit access in UI * myfeatures shows editable features * Make editor field plural * 1 more plural update * change var name for site editor * Editors can delete a feature * Site editors can now be designated in admin ui * fix existing tests to work with new changes * feature and permissions tests * accounts and models test * new creator field * update tests for creator field * code cleanup * add creator field to new feature * unlisted features are displayed in "My Features" If the user is the creator, an owner, or an editor. * slight update in unlisted features logic * My features displays all editable features in a single dropdown. * fix web tests * add test to ensure creator can edit feature * remove unused _reject_or_proceed() change * remove mangle and log statement * Set original permissions All changes to permissions.py removed. This commit can be reverted to enable to new permissions system. * changes suggested by @jrobbins * update from merge * remove creator field for later implementation * changes suggested by @jrobbins
2022-07-14 00:31:27 +03:00
self.users = []
Reduce usage of GAE users. (#1355)
2021-06-09 20:35:55 +03:00
self.app_user = models.AppUser(email='registered@example.com')
self.app_user.put()
New permissions system implementation (#2011) * Check edit permissions by individual feature * update logic to check permissions * editors field added * editors can see edit access in UI * myfeatures shows editable features * Make editor field plural * 1 more plural update * change var name for site editor * Editors can delete a feature * Site editors can now be designated in admin ui * fix existing tests to work with new changes * feature and permissions tests * accounts and models test * new creator field * update tests for creator field * code cleanup * add creator field to new feature * unlisted features are displayed in "My Features" If the user is the creator, an owner, or an editor. * slight update in unlisted features logic * My features displays all editable features in a single dropdown. * fix web tests * add test to ensure creator can edit feature * remove unused _reject_or_proceed() change * remove mangle and log statement * Set original permissions All changes to permissions.py removed. This commit can be reverted to enable to new permissions system. * changes suggested by @jrobbins * update from merge * remove creator field for later implementation * changes suggested by @jrobbins
2022-07-14 00:31:27 +03:00
self.users.append(self.app_user)
Reduce usage of GAE users. (#1355)
2021-06-09 20:35:55 +03:00
self.app_admin = models.AppUser(email='admin@example.com')
self.app_admin.is_admin = True
self.app_admin.put()
New permissions system implementation (#2011) * Check edit permissions by individual feature * update logic to check permissions * editors field added * editors can see edit access in UI * myfeatures shows editable features * Make editor field plural * 1 more plural update * change var name for site editor * Editors can delete a feature * Site editors can now be designated in admin ui * fix existing tests to work with new changes * feature and permissions tests * accounts and models test * new creator field * update tests for creator field * code cleanup * add creator field to new feature * unlisted features are displayed in "My Features" If the user is the creator, an owner, or an editor. * slight update in unlisted features logic * My features displays all editable features in a single dropdown. * fix web tests * add test to ensure creator can edit feature * remove unused _reject_or_proceed() change * remove mangle and log statement * Set original permissions All changes to permissions.py removed. This commit can be reverted to enable to new permissions system. * changes suggested by @jrobbins * update from merge * remove creator field for later implementation * changes suggested by @jrobbins
2022-07-14 00:31:27 +03:00
self.users.append(self.app_admin)
self.app_editor = models.AppUser(email='editor@example.com')
self.app_editor.is_site_editor = True
self.app_editor.put()
self.users.append(self.app_editor)
self.feature_owner = models.AppUser(email='feature_owner@example.com')
self.feature_owner.put()
self.users.append(self.feature_owner)
self.feature_editor = models.AppUser(email='feature_editor@example.com')
self.feature_editor.put()
self.users.append(self.feature_editor)
# Feature for checking permissions against
self.feature_1 = models.Feature(
name='feature one', summary='sum',
Create new creator field for features (#2034) * add creator field * cron job to add creator field * changes suggested by @jrobbins * add logging
2022-07-20 19:43:19 +03:00
creator="feature_creator@example.com",
New permissions system implementation (#2011) * Check edit permissions by individual feature * update logic to check permissions * editors field added * editors can see edit access in UI * myfeatures shows editable features * Make editor field plural * 1 more plural update * change var name for site editor * Editors can delete a feature * Site editors can now be designated in admin ui * fix existing tests to work with new changes * feature and permissions tests * accounts and models test * new creator field * update tests for creator field * code cleanup * add creator field to new feature * unlisted features are displayed in "My Features" If the user is the creator, an owner, or an editor. * slight update in unlisted features logic * My features displays all editable features in a single dropdown. * fix web tests * add test to ensure creator can edit feature * remove unused _reject_or_proceed() change * remove mangle and log statement * Set original permissions All changes to permissions.py removed. This commit can be reverted to enable to new permissions system. * changes suggested by @jrobbins * update from merge * remove creator field for later implementation * changes suggested by @jrobbins
2022-07-14 00:31:27 +03:00
owner=['feature_owner@example.com'],
editors=['feature_editor@example.com'], category=1, visibility=1,
standardization=1, web_dev_views=1, impl_status_chrome=1)
self.feature_1.put()
self.feature_id = self.feature_1.key.integer_id()
Reduce usage of GAE users. (#1355)
2021-06-09 20:35:55 +03:00
def tearDown(self):
New permissions system implementation (#2011) * Check edit permissions by individual feature * update logic to check permissions * editors field added * editors can see edit access in UI * myfeatures shows editable features * Make editor field plural * 1 more plural update * change var name for site editor * Editors can delete a feature * Site editors can now be designated in admin ui * fix existing tests to work with new changes * feature and permissions tests * accounts and models test * new creator field * update tests for creator field * code cleanup * add creator field to new feature * unlisted features are displayed in "My Features" If the user is the creator, an owner, or an editor. * slight update in unlisted features logic * My features displays all editable features in a single dropdown. * fix web tests * add test to ensure creator can edit feature * remove unused _reject_or_proceed() change * remove mangle and log statement * Set original permissions All changes to permissions.py removed. This commit can be reverted to enable to new permissions system. * changes suggested by @jrobbins * update from merge * remove creator field for later implementation * changes suggested by @jrobbins
2022-07-14 00:31:27 +03:00
for user in self.users:
user.delete()
self.feature_1.key.delete()
Reduce usage of GAE users. (#1355)
2021-06-09 20:35:55 +03:00
Flesh out permissions.py and simplify page logic. (#1237) * Flesh out permissions.py and simplify page logic. * Addressed review comments
2021-03-24 20:11:13 +03:00
def check_function_results(
self, func, additional_args,
Reduce usage of GAE users. (#1355)
2021-06-09 20:35:55 +03:00
unregistered='missing', registered='missing',
New permissions system implementation (#2011) * Check edit permissions by individual feature * update logic to check permissions * editors field added * editors can see edit access in UI * myfeatures shows editable features * Make editor field plural * 1 more plural update * change var name for site editor * Editors can delete a feature * Site editors can now be designated in admin ui * fix existing tests to work with new changes * feature and permissions tests * accounts and models test * new creator field * update tests for creator field * code cleanup * add creator field to new feature * unlisted features are displayed in "My Features" If the user is the creator, an owner, or an editor. * slight update in unlisted features logic * My features displays all editable features in a single dropdown. * fix web tests * add test to ensure creator can edit feature * remove unused _reject_or_proceed() change * remove mangle and log statement * Set original permissions All changes to permissions.py removed. This commit can be reverted to enable to new permissions system. * changes suggested by @jrobbins * update from merge * remove creator field for later implementation * changes suggested by @jrobbins
2022-07-14 00:31:27 +03:00
special='missing', site_editor='missing', admin='missing', anon='missing'):
"""Test func under six conditions and check expected results."""
Reduce usage of GAE users. (#1355)
2021-06-09 20:35:55 +03:00
# Test unregistered users
testing_config.sign_in('unregistered@example.com', 123)
user = users.get_current_user()
self.assertEqual(unregistered, func(user, *additional_args))
# Test registered users
testing_config.sign_in('registered@example.com', 123)
Flesh out permissions.py and simplify page logic. (#1237) * Flesh out permissions.py and simplify page logic. * Addressed review comments
2021-03-24 20:11:13 +03:00
user = users.get_current_user()
Reduce usage of GAE users. (#1355)
2021-06-09 20:35:55 +03:00
self.assertEqual(registered, func(user, *additional_args))
Flesh out permissions.py and simplify page logic. (#1237) * Flesh out permissions.py and simplify page logic. * Addressed review comments
2021-03-24 20:11:13 +03:00
# Test special users
# TODO(jrobbins): generalize this.
testing_config.sign_in('user@google.com', 123)
user = users.get_current_user()
self.assertEqual(special, func(user, *additional_args))
testing_config.sign_in('user@chromium.org', 123)
user = users.get_current_user()
self.assertEqual(special, func(user, *additional_args))
New permissions system implementation (#2011) * Check edit permissions by individual feature * update logic to check permissions * editors field added * editors can see edit access in UI * myfeatures shows editable features * Make editor field plural * 1 more plural update * change var name for site editor * Editors can delete a feature * Site editors can now be designated in admin ui * fix existing tests to work with new changes * feature and permissions tests * accounts and models test * new creator field * update tests for creator field * code cleanup * add creator field to new feature * unlisted features are displayed in "My Features" If the user is the creator, an owner, or an editor. * slight update in unlisted features logic * My features displays all editable features in a single dropdown. * fix web tests * add test to ensure creator can edit feature * remove unused _reject_or_proceed() change * remove mangle and log statement * Set original permissions All changes to permissions.py removed. This commit can be reverted to enable to new permissions system. * changes suggested by @jrobbins * update from merge * remove creator field for later implementation * changes suggested by @jrobbins
2022-07-14 00:31:27 +03:00
# Test site editor user
testing_config.sign_in('editor@example.com', 123)
user = users.get_current_user()
self.assertEqual(site_editor, func(user, *additional_args))
Flesh out permissions.py and simplify page logic. (#1237) * Flesh out permissions.py and simplify page logic. * Addressed review comments
2021-03-24 20:11:13 +03:00
# Test admin users
Reduce usage of GAE users. (#1355)
2021-06-09 20:35:55 +03:00
testing_config.sign_in('admin@example.com', 123)
Flesh out permissions.py and simplify page logic. (#1237) * Flesh out permissions.py and simplify page logic. * Addressed review comments
2021-03-24 20:11:13 +03:00
user = users.get_current_user()
self.assertEqual(admin, func(user, *additional_args))
Delete code for the legacy feature editing UI. (#1231)
2021-03-23 19:28:46 +03:00
Flesh out permissions.py and simplify page logic. (#1237) * Flesh out permissions.py and simplify page logic. * Addressed review comments
2021-03-24 20:11:13 +03:00
# Test anonymous visitors
Delete code for the legacy feature editing UI. (#1231)
2021-03-23 19:28:46 +03:00
testing_config.sign_out()
Flesh out permissions.py and simplify page logic. (#1237) * Flesh out permissions.py and simplify page logic. * Addressed review comments
2021-03-24 20:11:13 +03:00
user = users.get_current_user()
self.assertEqual(anon, func(user, *additional_args))
New permissions system implementation (#2011) * Check edit permissions by individual feature * update logic to check permissions * editors field added * editors can see edit access in UI * myfeatures shows editable features * Make editor field plural * 1 more plural update * change var name for site editor * Editors can delete a feature * Site editors can now be designated in admin ui * fix existing tests to work with new changes * feature and permissions tests * accounts and models test * new creator field * update tests for creator field * code cleanup * add creator field to new feature * unlisted features are displayed in "My Features" If the user is the creator, an owner, or an editor. * slight update in unlisted features logic * My features displays all editable features in a single dropdown. * fix web tests * add test to ensure creator can edit feature * remove unused _reject_or_proceed() change * remove mangle and log statement * Set original permissions All changes to permissions.py removed. This commit can be reverted to enable to new permissions system. * changes suggested by @jrobbins * update from merge * remove creator field for later implementation * changes suggested by @jrobbins
2022-07-14 00:31:27 +03:00
def check_function_results_with_feature(
self, func, additional_args, unregistered='missing',
registered='missing', feature_owner='missing', feature_editor='missing',
Create new creator field for features (#2034) * add creator field * cron job to add creator field * changes suggested by @jrobbins * add logging
2022-07-20 19:43:19 +03:00
creator='missing', site_editor='missing', admin='missing'):
New permissions system implementation (#2011) * Check edit permissions by individual feature * update logic to check permissions * editors field added * editors can see edit access in UI * myfeatures shows editable features * Make editor field plural * 1 more plural update * change var name for site editor * Editors can delete a feature * Site editors can now be designated in admin ui * fix existing tests to work with new changes * feature and permissions tests * accounts and models test * new creator field * update tests for creator field * code cleanup * add creator field to new feature * unlisted features are displayed in "My Features" If the user is the creator, an owner, or an editor. * slight update in unlisted features logic * My features displays all editable features in a single dropdown. * fix web tests * add test to ensure creator can edit feature * remove unused _reject_or_proceed() change * remove mangle and log statement * Set original permissions All changes to permissions.py removed. This commit can be reverted to enable to new permissions system. * changes suggested by @jrobbins * update from merge * remove creator field for later implementation * changes suggested by @jrobbins
2022-07-14 00:31:27 +03:00
"""Test func in the context of a specific feature id."""
# Test unregistered users
testing_config.sign_in('unregistered@example.com', 123)
user = users.get_current_user()
self.assertEqual(unregistered, func(user, *additional_args))
# Test registered users
testing_config.sign_in('registered@example.com', 123)
user = users.get_current_user()
self.assertEqual(registered, func(user, *additional_args))
# Test feature owners
testing_config.sign_in('feature_owner@example.com', 123)
user = users.get_current_user()
self.assertEqual(feature_owner, func(user, *additional_args))
# Test feature editors
testing_config.sign_in('feature_editor@example.com', 123)
user = users.get_current_user()
self.assertEqual(feature_editor, func(user, *additional_args))
Create new creator field for features (#2034) * add creator field * cron job to add creator field * changes suggested by @jrobbins * add logging
2022-07-20 19:43:19 +03:00
# Test feature editors
testing_config.sign_in('feature_creator@example.com', 123)
user = users.get_current_user()
self.assertEqual(creator, func(user, *additional_args))
New permissions system implementation (#2011) * Check edit permissions by individual feature * update logic to check permissions * editors field added * editors can see edit access in UI * myfeatures shows editable features * Make editor field plural * 1 more plural update * change var name for site editor * Editors can delete a feature * Site editors can now be designated in admin ui * fix existing tests to work with new changes * feature and permissions tests * accounts and models test * new creator field * update tests for creator field * code cleanup * add creator field to new feature * unlisted features are displayed in "My Features" If the user is the creator, an owner, or an editor. * slight update in unlisted features logic * My features displays all editable features in a single dropdown. * fix web tests * add test to ensure creator can edit feature * remove unused _reject_or_proceed() change * remove mangle and log statement * Set original permissions All changes to permissions.py removed. This commit can be reverted to enable to new permissions system. * changes suggested by @jrobbins * update from merge * remove creator field for later implementation * changes suggested by @jrobbins
2022-07-14 00:31:27 +03:00
# Test site editor user
testing_config.sign_in('editor@example.com', 123)
user = users.get_current_user()
self.assertEqual(site_editor, func(user, *additional_args))
# Test admin users
testing_config.sign_in('admin@example.com', 123)
user = users.get_current_user()
self.assertEqual(admin, func(user, *additional_args))
Flesh out permissions.py and simplify page logic. (#1237) * Flesh out permissions.py and simplify page logic. * Addressed review comments
2021-03-24 20:11:13 +03:00
def test_can_admin_site(self):
self.check_function_results(
permissions.can_admin_site, tuple(),
Reduce usage of GAE users. (#1355)
2021-06-09 20:35:55 +03:00
unregistered=False, registered=False,
New permissions system implementation (#2011) * Check edit permissions by individual feature * update logic to check permissions * editors field added * editors can see edit access in UI * myfeatures shows editable features * Make editor field plural * 1 more plural update * change var name for site editor * Editors can delete a feature * Site editors can now be designated in admin ui * fix existing tests to work with new changes * feature and permissions tests * accounts and models test * new creator field * update tests for creator field * code cleanup * add creator field to new feature * unlisted features are displayed in "My Features" If the user is the creator, an owner, or an editor. * slight update in unlisted features logic * My features displays all editable features in a single dropdown. * fix web tests * add test to ensure creator can edit feature * remove unused _reject_or_proceed() change * remove mangle and log statement * Set original permissions All changes to permissions.py removed. This commit can be reverted to enable to new permissions system. * changes suggested by @jrobbins * update from merge * remove creator field for later implementation * changes suggested by @jrobbins
2022-07-14 00:31:27 +03:00
special=False, site_editor=False, admin=True, anon=False)
Allow site admins to be specified via AppUser entities. (#1288)
2021-04-28 04:56:37 +03:00
Flesh out permissions.py and simplify page logic. (#1237) * Flesh out permissions.py and simplify page logic. * Addressed review comments
2021-03-24 20:11:13 +03:00
def test_can_view_feature(self):
self.check_function_results(
permissions.can_view_feature, (None,),
Reduce usage of GAE users. (#1355)
2021-06-09 20:35:55 +03:00
unregistered=True, registered=True,
New permissions system implementation (#2011) * Check edit permissions by individual feature * update logic to check permissions * editors field added * editors can see edit access in UI * myfeatures shows editable features * Make editor field plural * 1 more plural update * change var name for site editor * Editors can delete a feature * Site editors can now be designated in admin ui * fix existing tests to work with new changes * feature and permissions tests * accounts and models test * new creator field * update tests for creator field * code cleanup * add creator field to new feature * unlisted features are displayed in "My Features" If the user is the creator, an owner, or an editor. * slight update in unlisted features logic * My features displays all editable features in a single dropdown. * fix web tests * add test to ensure creator can edit feature * remove unused _reject_or_proceed() change * remove mangle and log statement * Set original permissions All changes to permissions.py removed. This commit can be reverted to enable to new permissions system. * changes suggested by @jrobbins * update from merge * remove creator field for later implementation * changes suggested by @jrobbins
2022-07-14 00:31:27 +03:00
special=True, site_editor=True, admin=True, anon=True)
self.check_function_results_with_feature(
permissions.can_view_feature, (self.feature_id,),
unregistered=True, registered=True,
feature_owner=True, feature_editor=True,
Create new creator field for features (#2034) * add creator field * cron job to add creator field * changes suggested by @jrobbins * add logging
2022-07-20 19:43:19 +03:00
creator=True, site_editor=True, admin=True
New permissions system implementation (#2011) * Check edit permissions by individual feature * update logic to check permissions * editors field added * editors can see edit access in UI * myfeatures shows editable features * Make editor field plural * 1 more plural update * change var name for site editor * Editors can delete a feature * Site editors can now be designated in admin ui * fix existing tests to work with new changes * feature and permissions tests * accounts and models test * new creator field * update tests for creator field * code cleanup * add creator field to new feature * unlisted features are displayed in "My Features" If the user is the creator, an owner, or an editor. * slight update in unlisted features logic * My features displays all editable features in a single dropdown. * fix web tests * add test to ensure creator can edit feature * remove unused _reject_or_proceed() change * remove mangle and log statement * Set original permissions All changes to permissions.py removed. This commit can be reverted to enable to new permissions system. * changes suggested by @jrobbins * update from merge * remove creator field for later implementation * changes suggested by @jrobbins
2022-07-14 00:31:27 +03:00
)
Flesh out permissions.py and simplify page logic. (#1237) * Flesh out permissions.py and simplify page logic. * Addressed review comments
2021-03-24 20:11:13 +03:00
def test_can_create_feature(self):
self.check_function_results(
permissions.can_create_feature, tuple(),
Reduce usage of GAE users. (#1355)
2021-06-09 20:35:55 +03:00
unregistered=False, registered=True,
New permissions system implementation (#2011) * Check edit permissions by individual feature * update logic to check permissions * editors field added * editors can see edit access in UI * myfeatures shows editable features * Make editor field plural * 1 more plural update * change var name for site editor * Editors can delete a feature * Site editors can now be designated in admin ui * fix existing tests to work with new changes * feature and permissions tests * accounts and models test * new creator field * update tests for creator field * code cleanup * add creator field to new feature * unlisted features are displayed in "My Features" If the user is the creator, an owner, or an editor. * slight update in unlisted features logic * My features displays all editable features in a single dropdown. * fix web tests * add test to ensure creator can edit feature * remove unused _reject_or_proceed() change * remove mangle and log statement * Set original permissions All changes to permissions.py removed. This commit can be reverted to enable to new permissions system. * changes suggested by @jrobbins * update from merge * remove creator field for later implementation * changes suggested by @jrobbins
2022-07-14 00:31:27 +03:00
special=True, site_editor=True, admin=True, anon=False)
Flesh out permissions.py and simplify page logic. (#1237) * Flesh out permissions.py and simplify page logic. * Addressed review comments
2021-03-24 20:11:13 +03:00
def test_can_edit_any_feature(self):
self.check_function_results(
permissions.can_edit_any_feature, tuple(),
Reduce usage of GAE users. (#1355)
2021-06-09 20:35:55 +03:00
unregistered=False, registered=True,
New permissions system implementation (#2011) * Check edit permissions by individual feature * update logic to check permissions * editors field added * editors can see edit access in UI * myfeatures shows editable features * Make editor field plural * 1 more plural update * change var name for site editor * Editors can delete a feature * Site editors can now be designated in admin ui * fix existing tests to work with new changes * feature and permissions tests * accounts and models test * new creator field * update tests for creator field * code cleanup * add creator field to new feature * unlisted features are displayed in "My Features" If the user is the creator, an owner, or an editor. * slight update in unlisted features logic * My features displays all editable features in a single dropdown. * fix web tests * add test to ensure creator can edit feature * remove unused _reject_or_proceed() change * remove mangle and log statement * Set original permissions All changes to permissions.py removed. This commit can be reverted to enable to new permissions system. * changes suggested by @jrobbins * update from merge * remove creator field for later implementation * changes suggested by @jrobbins
2022-07-14 00:31:27 +03:00
special=True, site_editor=True, admin=True, anon=False)
Flesh out permissions.py and simplify page logic. (#1237) * Flesh out permissions.py and simplify page logic. * Addressed review comments
2021-03-24 20:11:13 +03:00
def test_can_edit_feature(self):
self.check_function_results(
permissions.can_edit_feature, (None,),
Reduce usage of GAE users. (#1355)
2021-06-09 20:35:55 +03:00
unregistered=False, registered=True,
New permissions system implementation (#2011) * Check edit permissions by individual feature * update logic to check permissions * editors field added * editors can see edit access in UI * myfeatures shows editable features * Make editor field plural * 1 more plural update * change var name for site editor * Editors can delete a feature * Site editors can now be designated in admin ui * fix existing tests to work with new changes * feature and permissions tests * accounts and models test * new creator field * update tests for creator field * code cleanup * add creator field to new feature * unlisted features are displayed in "My Features" If the user is the creator, an owner, or an editor. * slight update in unlisted features logic * My features displays all editable features in a single dropdown. * fix web tests * add test to ensure creator can edit feature * remove unused _reject_or_proceed() change * remove mangle and log statement * Set original permissions All changes to permissions.py removed. This commit can be reverted to enable to new permissions system. * changes suggested by @jrobbins * update from merge * remove creator field for later implementation * changes suggested by @jrobbins
2022-07-14 00:31:27 +03:00
special=True, site_editor=True, admin=True, anon=False)
# Check in context of specific feature.
self.check_function_results_with_feature(
permissions.can_edit_feature, (self.feature_id,),
unregistered=False, registered=True,
feature_owner=True, feature_editor=True,
Create new creator field for features (#2034) * add creator field * cron job to add creator field * changes suggested by @jrobbins * add logging
2022-07-20 19:43:19 +03:00
creator=False, site_editor=True, admin=True
New permissions system implementation (#2011) * Check edit permissions by individual feature * update logic to check permissions * editors field added * editors can see edit access in UI * myfeatures shows editable features * Make editor field plural * 1 more plural update * change var name for site editor * Editors can delete a feature * Site editors can now be designated in admin ui * fix existing tests to work with new changes * feature and permissions tests * accounts and models test * new creator field * update tests for creator field * code cleanup * add creator field to new feature * unlisted features are displayed in "My Features" If the user is the creator, an owner, or an editor. * slight update in unlisted features logic * My features displays all editable features in a single dropdown. * fix web tests * add test to ensure creator can edit feature * remove unused _reject_or_proceed() change * remove mangle and log statement * Set original permissions All changes to permissions.py removed. This commit can be reverted to enable to new permissions system. * changes suggested by @jrobbins * update from merge * remove creator field for later implementation * changes suggested by @jrobbins
2022-07-14 00:31:27 +03:00
)
Add entities, perms, and API handlers for approvals. (#1259) * Add entities, perms, and API handlers for approvals. * Add cacheing and more tests * Addressed review comments
2021-04-10 01:43:11 +03:00
def test_can_approve_feature(self):
approvers = []
self.check_function_results(
permissions.can_approve_feature, (None, approvers),
Reduce usage of GAE users. (#1355)
2021-06-09 20:35:55 +03:00
unregistered=False, registered=False,
New permissions system implementation (#2011) * Check edit permissions by individual feature * update logic to check permissions * editors field added * editors can see edit access in UI * myfeatures shows editable features * Make editor field plural * 1 more plural update * change var name for site editor * Editors can delete a feature * Site editors can now be designated in admin ui * fix existing tests to work with new changes * feature and permissions tests * accounts and models test * new creator field * update tests for creator field * code cleanup * add creator field to new feature * unlisted features are displayed in "My Features" If the user is the creator, an owner, or an editor. * slight update in unlisted features logic * My features displays all editable features in a single dropdown. * fix web tests * add test to ensure creator can edit feature * remove unused _reject_or_proceed() change * remove mangle and log statement * Set original permissions All changes to permissions.py removed. This commit can be reverted to enable to new permissions system. * changes suggested by @jrobbins * update from merge * remove creator field for later implementation * changes suggested by @jrobbins
2022-07-14 00:31:27 +03:00
special=False, site_editor=False, admin=True, anon=False)
Add entities, perms, and API handlers for approvals. (#1259) * Add entities, perms, and API handlers for approvals. * Add cacheing and more tests * Addressed review comments
2021-04-10 01:43:11 +03:00
Reduce usage of GAE users. (#1355)
2021-06-09 20:35:55 +03:00
approvers = ['registered@example.com']
Add entities, perms, and API handlers for approvals. (#1259) * Add entities, perms, and API handlers for approvals. * Add cacheing and more tests * Addressed review comments
2021-04-10 01:43:11 +03:00
self.check_function_results(
permissions.can_approve_feature, (None, approvers),
Reduce usage of GAE users. (#1355)
2021-06-09 20:35:55 +03:00
unregistered=False, registered=True,
New permissions system implementation (#2011) * Check edit permissions by individual feature * update logic to check permissions * editors field added * editors can see edit access in UI * myfeatures shows editable features * Make editor field plural * 1 more plural update * change var name for site editor * Editors can delete a feature * Site editors can now be designated in admin ui * fix existing tests to work with new changes * feature and permissions tests * accounts and models test * new creator field * update tests for creator field * code cleanup * add creator field to new feature * unlisted features are displayed in "My Features" If the user is the creator, an owner, or an editor. * slight update in unlisted features logic * My features displays all editable features in a single dropdown. * fix web tests * add test to ensure creator can edit feature * remove unused _reject_or_proceed() change * remove mangle and log statement * Set original permissions All changes to permissions.py removed. This commit can be reverted to enable to new permissions system. * changes suggested by @jrobbins * update from merge * remove creator field for later implementation * changes suggested by @jrobbins
2022-07-14 00:31:27 +03:00
special=False, site_editor=False, admin=True, anon=False)
Delete code for the legacy feature editing UI. (#1231)
2021-03-23 19:28:46 +03:00
20210618 gae ndb to cloud ndb (#1365) * Added Cloud NDB to requirements * google-cloud-core 1.7.0 requires google-auth<2.0dev,>=1.24.0, but you'll have google-auth 1.20.1 which is incompatible. * Running DataStore Emulator on port 15606 and setting environment variable for the same * Replaced GAE NDB imports with Cloud NDB imports * Solved Error: No Context for Ramcache * Solved No NDB Context Error for Cloud NDB * Fixed Error No object QueryOptions * Removed clear_datstore flag * Fixed to_dict() method * Added explicit call to method for stashing values while editing a feature * Using Cloud NDB in testbed * Updated README with JRE instructions and setting the DJANGO_SETTTINGS_MODULE environment variable for django.setup * Added Env Variable for datastore emulator * Migrated accounts_api_test.py * Migrated approvals_api_test.py * Migrated Comments.py and Cues_api_test.py * Migrated Features.py * Migrated metricsdata_test.py * Migrated stars_api_test.py * Fixed Deprecation warning for query options * Migrated token_refresh_api_test.py * Migrated basehandlers_test.py * Migrated permissions_test.py * Migrated ramcache_test.py * Migrated secrets_test.py * Migrated xsrf_test.py * Migrated fetchmetrics_test.py * Migrated models_test.py * Migrated notifier_test.py * Migrated processes_test.py * Migrated featuredetail_test.py * Migrated featurelist_test.py * Migrated guide_test.py * Migrated intentpreview_test.py * Migrated samples_test.py * Removed some unused stubs * Set the consistency of datastore emulator to be 1 * Resetting the database emulator before running the tests * Added npm targets for starting and stopping emulator * Updated README and Developer Docs * Removed unused imports * Made NDB calls DRY
2021-06-29 05:05:04 +03:00
class RequireAdminSiteTests(testing_config.CustomTestCase):
Delete code for the legacy feature editing UI. (#1231)
2021-03-23 19:28:46 +03:00
Reduce usage of GAE users. (#1355)
2021-06-09 20:35:55 +03:00
def setUp(self):
self.app_user = models.AppUser(email='registered@example.com')
self.app_user.put()
New permissions system implementation (#2011) * Check edit permissions by individual feature * update logic to check permissions * editors field added * editors can see edit access in UI * myfeatures shows editable features * Make editor field plural * 1 more plural update * change var name for site editor * Editors can delete a feature * Site editors can now be designated in admin ui * fix existing tests to work with new changes * feature and permissions tests * accounts and models test * new creator field * update tests for creator field * code cleanup * add creator field to new feature * unlisted features are displayed in "My Features" If the user is the creator, an owner, or an editor. * slight update in unlisted features logic * My features displays all editable features in a single dropdown. * fix web tests * add test to ensure creator can edit feature * remove unused _reject_or_proceed() change * remove mangle and log statement * Set original permissions All changes to permissions.py removed. This commit can be reverted to enable to new permissions system. * changes suggested by @jrobbins * update from merge * remove creator field for later implementation * changes suggested by @jrobbins
2022-07-14 00:31:27 +03:00
self.app_editor = models.AppUser(email='editor@example.com')
self.app_editor.is_site_editor = True
self.app_editor.put()
Reduce usage of GAE users. (#1355)
2021-06-09 20:35:55 +03:00
self.app_admin = models.AppUser(email='admin@example.com')
self.app_admin.is_admin = True
self.app_admin.put()
def tearDown(self):
self.app_user.delete()
New permissions system implementation (#2011) * Check edit permissions by individual feature * update logic to check permissions * editors field added * editors can see edit access in UI * myfeatures shows editable features * Make editor field plural * 1 more plural update * change var name for site editor * Editors can delete a feature * Site editors can now be designated in admin ui * fix existing tests to work with new changes * feature and permissions tests * accounts and models test * new creator field * update tests for creator field * code cleanup * add creator field to new feature * unlisted features are displayed in "My Features" If the user is the creator, an owner, or an editor. * slight update in unlisted features logic * My features displays all editable features in a single dropdown. * fix web tests * add test to ensure creator can edit feature * remove unused _reject_or_proceed() change * remove mangle and log statement * Set original permissions All changes to permissions.py removed. This commit can be reverted to enable to new permissions system. * changes suggested by @jrobbins * update from merge * remove creator field for later implementation * changes suggested by @jrobbins
2022-07-14 00:31:27 +03:00
self.app_editor.delete()
Reduce usage of GAE users. (#1355)
2021-06-09 20:35:55 +03:00
self.app_admin.delete()
def test_require_admin_site__unregistered_user(self):
"""Wrapped method rejects call from an unregistered user."""
handler = MockHandler()
testing_config.sign_in('unregistered@example.com', 123)
with test_app.test_request_context('/path', method='POST'):
with self.assertRaises(werkzeug.exceptions.Forbidden):
handler.do_post()
self.assertEqual(handler.called_with, None)
def test_require_admin_site__registered_user(self):
"""Wrapped method rejects call from registered non-admin user."""
Delete code for the legacy feature editing UI. (#1231)
2021-03-23 19:28:46 +03:00
handler = MockHandler()
Reduce usage of GAE users. (#1355)
2021-06-09 20:35:55 +03:00
testing_config.sign_in('registered@example.com', 123)
Flesh out permissions.py and simplify page logic. (#1237) * Flesh out permissions.py and simplify page logic. * Addressed review comments
2021-03-24 20:11:13 +03:00
with test_app.test_request_context('/path', method='POST'):
with self.assertRaises(werkzeug.exceptions.Forbidden):
handler.do_post()
Delete code for the legacy feature editing UI. (#1231)
2021-03-23 19:28:46 +03:00
self.assertEqual(handler.called_with, None)
Flesh out permissions.py and simplify page logic. (#1237) * Flesh out permissions.py and simplify page logic. * Addressed review comments
2021-03-24 20:11:13 +03:00
def test_require_admin_site__googler(self):
"""Wrapped method rejects call from googler."""
handler = MockHandler()
testing_config.sign_in('user@google.com', 123)
with test_app.test_request_context('/path', method='POST'):
with self.assertRaises(werkzeug.exceptions.Forbidden):
handler.do_post()
self.assertEqual(handler.called_with, None)
New permissions system implementation (#2011) * Check edit permissions by individual feature * update logic to check permissions * editors field added * editors can see edit access in UI * myfeatures shows editable features * Make editor field plural * 1 more plural update * change var name for site editor * Editors can delete a feature * Site editors can now be designated in admin ui * fix existing tests to work with new changes * feature and permissions tests * accounts and models test * new creator field * update tests for creator field * code cleanup * add creator field to new feature * unlisted features are displayed in "My Features" If the user is the creator, an owner, or an editor. * slight update in unlisted features logic * My features displays all editable features in a single dropdown. * fix web tests * add test to ensure creator can edit feature * remove unused _reject_or_proceed() change * remove mangle and log statement * Set original permissions All changes to permissions.py removed. This commit can be reverted to enable to new permissions system. * changes suggested by @jrobbins * update from merge * remove creator field for later implementation * changes suggested by @jrobbins
2022-07-14 00:31:27 +03:00
def test_require_admin_site__editor(self):
"""Wrapped method rejects call from a site editor."""
handler = MockHandler()
testing_config.sign_in('editor@example.com', 123)
with test_app.test_request_context('/path', method='POST'):
with self.assertRaises(werkzeug.exceptions.Forbidden):
handler.do_post()
self.assertEqual(handler.called_with, None)
Flesh out permissions.py and simplify page logic. (#1237) * Flesh out permissions.py and simplify page logic. * Addressed review comments
2021-03-24 20:11:13 +03:00
def test_require_admin_site__admin(self):
"""Wrapped method accepts call from an admin user."""
Delete code for the legacy feature editing UI. (#1231)
2021-03-23 19:28:46 +03:00
handler = MockHandler()
Reduce usage of GAE users. (#1355)
2021-06-09 20:35:55 +03:00
testing_config.sign_in('admin@example.com', 123)
Flesh out permissions.py and simplify page logic. (#1237) * Flesh out permissions.py and simplify page logic. * Addressed review comments
2021-03-24 20:11:13 +03:00
with test_app.test_request_context('/path'):
actual_response = handler.do_get(123, 234)
self.assertEqual(handler.called_with, (123, 234))
self.assertEqual({'message': 'did get'}, actual_response)
with test_app.test_request_context('/path', method='POST'):
actual_response = handler.do_post(345, 456)
self.assertEqual(handler.called_with, (345, 456))
self.assertEqual({'message': 'did post'}, actual_response)
Delete code for the legacy feature editing UI. (#1231)
2021-03-23 19:28:46 +03:00
def test_require_admin_site__anon(self):
Flesh out permissions.py and simplify page logic. (#1237) * Flesh out permissions.py and simplify page logic. * Addressed review comments
2021-03-24 20:11:13 +03:00
"""Wrapped method rejects call from anon, but offers sign-in."""
Delete code for the legacy feature editing UI. (#1231)
2021-03-23 19:28:46 +03:00
handler = MockHandler()
testing_config.sign_out()
Flesh out permissions.py and simplify page logic. (#1237) * Flesh out permissions.py and simplify page logic. * Addressed review comments
2021-03-24 20:11:13 +03:00
with test_app.test_request_context('/path'):
actual_response = handler.do_get(123, 234)
self.assertEqual(handler.called_with, None)
self.assertEqual(302, actual_response.status_code)
with test_app.test_request_context('/path', method='POST'):
with self.assertRaises(werkzeug.exceptions.Forbidden):
handler.do_post(345, 456)
In py3 code, replace the separate mock lib with unittest.mock. (#1665)
2022-01-11 19:20:40 +03:00
self.assertEqual(handler.called_with, None)