more rights tests

2018-09-18 21:05:04 +02:00 · 2018-09-18 21:05:04 +02:00 · 818c9e273e
commit 818c9e273e
parent 73338ac20b
1 changed files with 64 additions and 3 deletions
--- a/radicale/tests/test_rights.py
+++ b/radicale/tests/test_rights.py
@ -25,10 +25,11 @@ import tempfile

 from radicale import Application, config

+from .helpers import get_file_content
 from .test_base import BaseTest


-class TestBaseAuthRequests(BaseTest):
+class TestBaseRightsRequests(BaseTest):
    """Tests basic requests with rights."""

    def setup(self):
@ -41,14 +42,16 @@ class TestBaseAuthRequests(BaseTest):
    def teardown(self):
        shutil.rmtree(self.colpath)

-    def _test_rights(self, rights_type, user, path, mode, expected_status):
+    def _test_rights(self, rights_type, user, path, mode, expected_status,
+                     with_auth=True):
        assert mode in ("r", "w")
        assert user in ("", "tmp")
        htpasswd_file_path = os.path.join(self.colpath, ".htpasswd")
        with open(htpasswd_file_path, "w") as f:
            f.write("tmp:bepo\nother:bepo")
        self.configuration["rights"]["type"] = rights_type
-        self.configuration["auth"]["type"] = "htpasswd"
+        if with_auth:
+            self.configuration["auth"]["type"] = "htpasswd"
        self.configuration["auth"]["htpasswd_filename"] = htpasswd_file_path
        self.configuration["auth"]["htpasswd_encryption"] = "plain"
        self.application = Application(self.configuration)
@ -75,6 +78,12 @@ class TestBaseAuthRequests(BaseTest):
        self._test_rights("owner_only", "tmp", "/other", "r", 403)
        self._test_rights("owner_only", "tmp", "/other", "w", 403)

+    def test_owner_only_without_auth(self):
+        self._test_rights("owner_only", "", "/", "r", 207, False)
+        self._test_rights("owner_only", "", "/", "w", 401, False)
+        self._test_rights("owner_only", "", "/tmp", "r", 207, False)
+        self._test_rights("owner_only", "", "/tmp", "w", 207, False)
+
    def test_owner_write(self):
        self._test_rights("owner_write", "", "/", "r", 401)
        self._test_rights("owner_write", "", "/", "w", 401)
@ -87,6 +96,12 @@ class TestBaseAuthRequests(BaseTest):
        self._test_rights("owner_write", "tmp", "/other", "r", 207)
        self._test_rights("owner_write", "tmp", "/other", "w", 403)

+    def test_owner_write_without_auth(self):
+        self._test_rights("owner_write", "", "/", "r", 207, False)
+        self._test_rights("owner_write", "", "/", "w", 401, False)
+        self._test_rights("owner_write", "", "/tmp", "r", 207, False)
+        self._test_rights("owner_write", "", "/tmp", "w", 207, False)
+
    def test_authenticated(self):
        self._test_rights("authenticated", "", "/", "r", 401)
        self._test_rights("authenticated", "", "/", "w", 401)
@ -99,6 +114,12 @@ class TestBaseAuthRequests(BaseTest):
        self._test_rights("authenticated", "tmp", "/other", "r", 207)
        self._test_rights("authenticated", "tmp", "/other", "w", 207)

+    def test_authenticated_without_auth(self):
+        self._test_rights("authenticated", "", "/", "r", 207, False)
+        self._test_rights("authenticated", "", "/", "w", 207, False)
+        self._test_rights("authenticated", "", "/tmp", "r", 207, False)
+        self._test_rights("authenticated", "", "/tmp", "w", 207, False)
+
    def test_from_file(self):
        rights_file_path = os.path.join(self.colpath, "rights")
        with open(rights_file_path, "w") as f:
@ -123,3 +144,43 @@ permissions: Rr""")
        """Custom rights management."""
        self._test_rights("tests.custom.rights", "", "/", "r", 401)
        self._test_rights("tests.custom.rights", "", "/tmp", "r", 207)
+
+    def test_collections_and_items(self):
+        """Test rights for creation of collections, calendars and items.
+
+        Collections are allowed at "/" and "/.../".
+        Calendars/Address books are allowed at "/.../.../".
+        Items are allowed at "/.../.../...".
+
+        """
+        self.application = Application(self.configuration)
+        status, _, _ = self.request("MKCALENDAR", "/")
+        assert status == 401
+        status, _, _ = self.request("MKCALENDAR", "/user/")
+        assert status == 401
+        status, _, _ = self.request("MKCOL", "/user/")
+        assert status == 201
+        status, _, _ = self.request("MKCOL", "/user/calendar/")
+        assert status == 401
+        status, _, _ = self.request("MKCALENDAR", "/user/calendar/")
+        assert status == 201
+        status, _, _ = self.request("MKCOL", "/user/calendar/item")
+        assert status == 401
+        status, _, _ = self.request("MKCALENDAR", "/user/calendar/item")
+        assert status == 401
+
+    def test_put_collections_and_items(self):
+        """Test rights for creation of calendars and items with PUT."""
+        self.application = Application(self.configuration)
+        status, _, _ = self.request(
+            "PUT", "/user/", "BEGIN:VCALENDAR\r\nEND:VCALENDAR")
+        assert status == 401
+        status, _, _ = self.request("MKCOL", "/user/")
+        assert status == 201
+        status, _, _ = self.request(
+            "PUT", "/user/calendar/", "BEGIN:VCALENDAR\r\nEND:VCALENDAR")
+        assert status == 201
+        event1 = get_file_content("event1.ics")
+        status, _, _ = self.request(
+            "PUT", "/user/calendar/event1.ics", event1)
+        assert status == 201