more rights tests
This commit is contained in:
parent
73338ac20b
commit
818c9e273e
@ -25,10 +25,11 @@ import tempfile
|
|||||||
|
|
||||||
from radicale import Application, config
|
from radicale import Application, config
|
||||||
|
|
||||||
|
from .helpers import get_file_content
|
||||||
from .test_base import BaseTest
|
from .test_base import BaseTest
|
||||||
|
|
||||||
|
|
||||||
class TestBaseAuthRequests(BaseTest):
|
class TestBaseRightsRequests(BaseTest):
|
||||||
"""Tests basic requests with rights."""
|
"""Tests basic requests with rights."""
|
||||||
|
|
||||||
def setup(self):
|
def setup(self):
|
||||||
@ -41,14 +42,16 @@ class TestBaseAuthRequests(BaseTest):
|
|||||||
def teardown(self):
|
def teardown(self):
|
||||||
shutil.rmtree(self.colpath)
|
shutil.rmtree(self.colpath)
|
||||||
|
|
||||||
def _test_rights(self, rights_type, user, path, mode, expected_status):
|
def _test_rights(self, rights_type, user, path, mode, expected_status,
|
||||||
|
with_auth=True):
|
||||||
assert mode in ("r", "w")
|
assert mode in ("r", "w")
|
||||||
assert user in ("", "tmp")
|
assert user in ("", "tmp")
|
||||||
htpasswd_file_path = os.path.join(self.colpath, ".htpasswd")
|
htpasswd_file_path = os.path.join(self.colpath, ".htpasswd")
|
||||||
with open(htpasswd_file_path, "w") as f:
|
with open(htpasswd_file_path, "w") as f:
|
||||||
f.write("tmp:bepo\nother:bepo")
|
f.write("tmp:bepo\nother:bepo")
|
||||||
self.configuration["rights"]["type"] = rights_type
|
self.configuration["rights"]["type"] = rights_type
|
||||||
self.configuration["auth"]["type"] = "htpasswd"
|
if with_auth:
|
||||||
|
self.configuration["auth"]["type"] = "htpasswd"
|
||||||
self.configuration["auth"]["htpasswd_filename"] = htpasswd_file_path
|
self.configuration["auth"]["htpasswd_filename"] = htpasswd_file_path
|
||||||
self.configuration["auth"]["htpasswd_encryption"] = "plain"
|
self.configuration["auth"]["htpasswd_encryption"] = "plain"
|
||||||
self.application = Application(self.configuration)
|
self.application = Application(self.configuration)
|
||||||
@ -75,6 +78,12 @@ class TestBaseAuthRequests(BaseTest):
|
|||||||
self._test_rights("owner_only", "tmp", "/other", "r", 403)
|
self._test_rights("owner_only", "tmp", "/other", "r", 403)
|
||||||
self._test_rights("owner_only", "tmp", "/other", "w", 403)
|
self._test_rights("owner_only", "tmp", "/other", "w", 403)
|
||||||
|
|
||||||
|
def test_owner_only_without_auth(self):
|
||||||
|
self._test_rights("owner_only", "", "/", "r", 207, False)
|
||||||
|
self._test_rights("owner_only", "", "/", "w", 401, False)
|
||||||
|
self._test_rights("owner_only", "", "/tmp", "r", 207, False)
|
||||||
|
self._test_rights("owner_only", "", "/tmp", "w", 207, False)
|
||||||
|
|
||||||
def test_owner_write(self):
|
def test_owner_write(self):
|
||||||
self._test_rights("owner_write", "", "/", "r", 401)
|
self._test_rights("owner_write", "", "/", "r", 401)
|
||||||
self._test_rights("owner_write", "", "/", "w", 401)
|
self._test_rights("owner_write", "", "/", "w", 401)
|
||||||
@ -87,6 +96,12 @@ class TestBaseAuthRequests(BaseTest):
|
|||||||
self._test_rights("owner_write", "tmp", "/other", "r", 207)
|
self._test_rights("owner_write", "tmp", "/other", "r", 207)
|
||||||
self._test_rights("owner_write", "tmp", "/other", "w", 403)
|
self._test_rights("owner_write", "tmp", "/other", "w", 403)
|
||||||
|
|
||||||
|
def test_owner_write_without_auth(self):
|
||||||
|
self._test_rights("owner_write", "", "/", "r", 207, False)
|
||||||
|
self._test_rights("owner_write", "", "/", "w", 401, False)
|
||||||
|
self._test_rights("owner_write", "", "/tmp", "r", 207, False)
|
||||||
|
self._test_rights("owner_write", "", "/tmp", "w", 207, False)
|
||||||
|
|
||||||
def test_authenticated(self):
|
def test_authenticated(self):
|
||||||
self._test_rights("authenticated", "", "/", "r", 401)
|
self._test_rights("authenticated", "", "/", "r", 401)
|
||||||
self._test_rights("authenticated", "", "/", "w", 401)
|
self._test_rights("authenticated", "", "/", "w", 401)
|
||||||
@ -99,6 +114,12 @@ class TestBaseAuthRequests(BaseTest):
|
|||||||
self._test_rights("authenticated", "tmp", "/other", "r", 207)
|
self._test_rights("authenticated", "tmp", "/other", "r", 207)
|
||||||
self._test_rights("authenticated", "tmp", "/other", "w", 207)
|
self._test_rights("authenticated", "tmp", "/other", "w", 207)
|
||||||
|
|
||||||
|
def test_authenticated_without_auth(self):
|
||||||
|
self._test_rights("authenticated", "", "/", "r", 207, False)
|
||||||
|
self._test_rights("authenticated", "", "/", "w", 207, False)
|
||||||
|
self._test_rights("authenticated", "", "/tmp", "r", 207, False)
|
||||||
|
self._test_rights("authenticated", "", "/tmp", "w", 207, False)
|
||||||
|
|
||||||
def test_from_file(self):
|
def test_from_file(self):
|
||||||
rights_file_path = os.path.join(self.colpath, "rights")
|
rights_file_path = os.path.join(self.colpath, "rights")
|
||||||
with open(rights_file_path, "w") as f:
|
with open(rights_file_path, "w") as f:
|
||||||
@ -123,3 +144,43 @@ permissions: Rr""")
|
|||||||
"""Custom rights management."""
|
"""Custom rights management."""
|
||||||
self._test_rights("tests.custom.rights", "", "/", "r", 401)
|
self._test_rights("tests.custom.rights", "", "/", "r", 401)
|
||||||
self._test_rights("tests.custom.rights", "", "/tmp", "r", 207)
|
self._test_rights("tests.custom.rights", "", "/tmp", "r", 207)
|
||||||
|
|
||||||
|
def test_collections_and_items(self):
|
||||||
|
"""Test rights for creation of collections, calendars and items.
|
||||||
|
|
||||||
|
Collections are allowed at "/" and "/.../".
|
||||||
|
Calendars/Address books are allowed at "/.../.../".
|
||||||
|
Items are allowed at "/.../.../...".
|
||||||
|
|
||||||
|
"""
|
||||||
|
self.application = Application(self.configuration)
|
||||||
|
status, _, _ = self.request("MKCALENDAR", "/")
|
||||||
|
assert status == 401
|
||||||
|
status, _, _ = self.request("MKCALENDAR", "/user/")
|
||||||
|
assert status == 401
|
||||||
|
status, _, _ = self.request("MKCOL", "/user/")
|
||||||
|
assert status == 201
|
||||||
|
status, _, _ = self.request("MKCOL", "/user/calendar/")
|
||||||
|
assert status == 401
|
||||||
|
status, _, _ = self.request("MKCALENDAR", "/user/calendar/")
|
||||||
|
assert status == 201
|
||||||
|
status, _, _ = self.request("MKCOL", "/user/calendar/item")
|
||||||
|
assert status == 401
|
||||||
|
status, _, _ = self.request("MKCALENDAR", "/user/calendar/item")
|
||||||
|
assert status == 401
|
||||||
|
|
||||||
|
def test_put_collections_and_items(self):
|
||||||
|
"""Test rights for creation of calendars and items with PUT."""
|
||||||
|
self.application = Application(self.configuration)
|
||||||
|
status, _, _ = self.request(
|
||||||
|
"PUT", "/user/", "BEGIN:VCALENDAR\r\nEND:VCALENDAR")
|
||||||
|
assert status == 401
|
||||||
|
status, _, _ = self.request("MKCOL", "/user/")
|
||||||
|
assert status == 201
|
||||||
|
status, _, _ = self.request(
|
||||||
|
"PUT", "/user/calendar/", "BEGIN:VCALENDAR\r\nEND:VCALENDAR")
|
||||||
|
assert status == 201
|
||||||
|
event1 = get_file_content("event1.ics")
|
||||||
|
status, _, _ = self.request(
|
||||||
|
"PUT", "/user/calendar/event1.ics", event1)
|
||||||
|
assert status == 201
|
||||||
|
Loading…
Reference in New Issue
Block a user