more rights tests

This commit is contained in:
Unrud 2018-09-18 21:05:04 +02:00
parent 73338ac20b
commit 818c9e273e

View File

@ -25,10 +25,11 @@ import tempfile
from radicale import Application, config from radicale import Application, config
from .helpers import get_file_content
from .test_base import BaseTest from .test_base import BaseTest
class TestBaseAuthRequests(BaseTest): class TestBaseRightsRequests(BaseTest):
"""Tests basic requests with rights.""" """Tests basic requests with rights."""
def setup(self): def setup(self):
@ -41,13 +42,15 @@ class TestBaseAuthRequests(BaseTest):
def teardown(self): def teardown(self):
shutil.rmtree(self.colpath) shutil.rmtree(self.colpath)
def _test_rights(self, rights_type, user, path, mode, expected_status): def _test_rights(self, rights_type, user, path, mode, expected_status,
with_auth=True):
assert mode in ("r", "w") assert mode in ("r", "w")
assert user in ("", "tmp") assert user in ("", "tmp")
htpasswd_file_path = os.path.join(self.colpath, ".htpasswd") htpasswd_file_path = os.path.join(self.colpath, ".htpasswd")
with open(htpasswd_file_path, "w") as f: with open(htpasswd_file_path, "w") as f:
f.write("tmp:bepo\nother:bepo") f.write("tmp:bepo\nother:bepo")
self.configuration["rights"]["type"] = rights_type self.configuration["rights"]["type"] = rights_type
if with_auth:
self.configuration["auth"]["type"] = "htpasswd" self.configuration["auth"]["type"] = "htpasswd"
self.configuration["auth"]["htpasswd_filename"] = htpasswd_file_path self.configuration["auth"]["htpasswd_filename"] = htpasswd_file_path
self.configuration["auth"]["htpasswd_encryption"] = "plain" self.configuration["auth"]["htpasswd_encryption"] = "plain"
@ -75,6 +78,12 @@ class TestBaseAuthRequests(BaseTest):
self._test_rights("owner_only", "tmp", "/other", "r", 403) self._test_rights("owner_only", "tmp", "/other", "r", 403)
self._test_rights("owner_only", "tmp", "/other", "w", 403) self._test_rights("owner_only", "tmp", "/other", "w", 403)
def test_owner_only_without_auth(self):
self._test_rights("owner_only", "", "/", "r", 207, False)
self._test_rights("owner_only", "", "/", "w", 401, False)
self._test_rights("owner_only", "", "/tmp", "r", 207, False)
self._test_rights("owner_only", "", "/tmp", "w", 207, False)
def test_owner_write(self): def test_owner_write(self):
self._test_rights("owner_write", "", "/", "r", 401) self._test_rights("owner_write", "", "/", "r", 401)
self._test_rights("owner_write", "", "/", "w", 401) self._test_rights("owner_write", "", "/", "w", 401)
@ -87,6 +96,12 @@ class TestBaseAuthRequests(BaseTest):
self._test_rights("owner_write", "tmp", "/other", "r", 207) self._test_rights("owner_write", "tmp", "/other", "r", 207)
self._test_rights("owner_write", "tmp", "/other", "w", 403) self._test_rights("owner_write", "tmp", "/other", "w", 403)
def test_owner_write_without_auth(self):
self._test_rights("owner_write", "", "/", "r", 207, False)
self._test_rights("owner_write", "", "/", "w", 401, False)
self._test_rights("owner_write", "", "/tmp", "r", 207, False)
self._test_rights("owner_write", "", "/tmp", "w", 207, False)
def test_authenticated(self): def test_authenticated(self):
self._test_rights("authenticated", "", "/", "r", 401) self._test_rights("authenticated", "", "/", "r", 401)
self._test_rights("authenticated", "", "/", "w", 401) self._test_rights("authenticated", "", "/", "w", 401)
@ -99,6 +114,12 @@ class TestBaseAuthRequests(BaseTest):
self._test_rights("authenticated", "tmp", "/other", "r", 207) self._test_rights("authenticated", "tmp", "/other", "r", 207)
self._test_rights("authenticated", "tmp", "/other", "w", 207) self._test_rights("authenticated", "tmp", "/other", "w", 207)
def test_authenticated_without_auth(self):
self._test_rights("authenticated", "", "/", "r", 207, False)
self._test_rights("authenticated", "", "/", "w", 207, False)
self._test_rights("authenticated", "", "/tmp", "r", 207, False)
self._test_rights("authenticated", "", "/tmp", "w", 207, False)
def test_from_file(self): def test_from_file(self):
rights_file_path = os.path.join(self.colpath, "rights") rights_file_path = os.path.join(self.colpath, "rights")
with open(rights_file_path, "w") as f: with open(rights_file_path, "w") as f:
@ -123,3 +144,43 @@ permissions: Rr""")
"""Custom rights management.""" """Custom rights management."""
self._test_rights("tests.custom.rights", "", "/", "r", 401) self._test_rights("tests.custom.rights", "", "/", "r", 401)
self._test_rights("tests.custom.rights", "", "/tmp", "r", 207) self._test_rights("tests.custom.rights", "", "/tmp", "r", 207)
def test_collections_and_items(self):
"""Test rights for creation of collections, calendars and items.
Collections are allowed at "/" and "/.../".
Calendars/Address books are allowed at "/.../.../".
Items are allowed at "/.../.../...".
"""
self.application = Application(self.configuration)
status, _, _ = self.request("MKCALENDAR", "/")
assert status == 401
status, _, _ = self.request("MKCALENDAR", "/user/")
assert status == 401
status, _, _ = self.request("MKCOL", "/user/")
assert status == 201
status, _, _ = self.request("MKCOL", "/user/calendar/")
assert status == 401
status, _, _ = self.request("MKCALENDAR", "/user/calendar/")
assert status == 201
status, _, _ = self.request("MKCOL", "/user/calendar/item")
assert status == 401
status, _, _ = self.request("MKCALENDAR", "/user/calendar/item")
assert status == 401
def test_put_collections_and_items(self):
"""Test rights for creation of calendars and items with PUT."""
self.application = Application(self.configuration)
status, _, _ = self.request(
"PUT", "/user/", "BEGIN:VCALENDAR\r\nEND:VCALENDAR")
assert status == 401
status, _, _ = self.request("MKCOL", "/user/")
assert status == 201
status, _, _ = self.request(
"PUT", "/user/calendar/", "BEGIN:VCALENDAR\r\nEND:VCALENDAR")
assert status == 201
event1 = get_file_content("event1.ics")
status, _, _ = self.request(
"PUT", "/user/calendar/event1.ics", event1)
assert status == 201