test/unittest_ruleset.py
changeset 371 e9ce904b62a9
child 372 80f78674c56e
equal deleted inserted replaced
369:c359a85eef93 371:e9ce904b62a9
       
     1 import os.path as osp
       
     2 from unittest import TestCase
       
     3 
       
     4 from mercurialserver import ruleset
       
     5 
       
     6 class _RuleSetBaseTC(TestCase):
       
     7     alllevels = ["init", "write", "read", "deny", "none"]
       
     8     levels = alllevels[:-1]
       
     9     def setUp(self):
       
    10         self.rs = ruleset.Ruleset()
       
    11         self.rs.buildrules(self.accessrules.splitlines())
       
    12 
       
    13     def check_level(self, level, **kw):
       
    14         idx = self.alllevels.index(level)
       
    15         msg = ", ".join(["%s=%s"%item for item in self.rs.preset.items()])
       
    16         msg = msg + ": "
       
    17         if idx > 0:
       
    18             prevlevel = self.levels[idx-1]
       
    19             self.assertFalse(self.rs.allow(prevlevel, **kw), msg+prevlevel)
       
    20         if level != "none":
       
    21             self.assertTrue(self.rs.allow(level, **kw), msg+level)
       
    22 
       
    23 class RuleSetDefaultTC(_RuleSetBaseTC):
       
    24     accessrules = '''
       
    25 init user=root/**
       
    26 deny repo=hgadmin
       
    27 write user=users/**
       
    28 '''
       
    29 
       
    30     def test_norules(self):
       
    31         for level in self.levels:
       
    32             self.assertFalse(self.rs.allow(level), level)
       
    33 
       
    34     def test_root(self):
       
    35         self.rs.set(user='root/key')
       
    36         for level in self.levels:
       
    37             self.assertTrue(self.rs.allow(level), level)
       
    38 
       
    39     def test_user_norepo(self):
       
    40         self.rs.set(user='user/key')
       
    41         for level in self.levels:
       
    42             self.assertFalse(self.rs.allow(level), level)
       
    43 
       
    44     def test_user(self):
       
    45         self.rs.set(user='users/key')
       
    46         self.rs.set(repo='some/repo')
       
    47         self.check_level('write')
       
    48 
       
    49     def test_user_kwargs(self):
       
    50         self.check_level('write', user='users/key', repo='some/repo')
       
    51 
       
    52 class RuleSet2TC(_RuleSetBaseTC):
       
    53     accessrules = '''
       
    54 init user=root/**
       
    55 deny repo=hgadmin
       
    56 init user=users/toto/* repo=toto
       
    57 write user=users/toto/* repo=pub/**
       
    58 write user=users/w/*
       
    59 write repo=allpub/**
       
    60 read user=users/**
       
    61 '''
       
    62 
       
    63     def test_hgadmin(self):
       
    64         self.rs.set(repo='hgadmin')
       
    65         self.check_level('deny', user='users/key')
       
    66         self.check_level('deny', user='key')
       
    67 
       
    68     def test_user(self):
       
    69         self.check_level('read', user='users/key', repo='some/repo')
       
    70 
       
    71     def test_repo(self):
       
    72         self.check_level('init', user='users/toto/key', repo='toto')
       
    73 
       
    74     def test_write(self):
       
    75         self.rs.set(repo='toto')
       
    76         self.check_level('read', user='users/w')
       
    77         self.check_level('write', user='users/w/key')
       
    78 
       
    79         self.rs.set(repo='pub/stuff')
       
    80         self.check_level('read', user='users/w')
       
    81         self.check_level('write', user='users/w/key')
       
    82         self.check_level('read', user='users/toto')
       
    83         self.check_level('write', user='users/toto/key')
       
    84 
       
    85         self.rs.set(repo='other/repo')
       
    86         self.check_level('read', user='users/toto')
       
    87         self.check_level('read', user='users/toto/key')
       
    88         self.check_level('read', user='users/w')
       
    89         self.check_level('write', user='users/w/key')
       
    90 
       
    91         self.rs.set(repo='allpub/repo')
       
    92         self.check_level('write', user='users/toto')
       
    93         self.check_level('write', user='users/toto/key')
       
    94         self.check_level('write', user='users/w')
       
    95         self.check_level('write', user='users/w/key')
       
    96 
       
    97         self.rs.set(repo='hgadmin')
       
    98         self.check_level('deny', user='users/toto')
       
    99         self.check_level('deny', user='users/toto/key')
       
   100         self.check_level('deny', user='users/w')
       
   101         self.check_level('deny', user='users/w/key')
       
   102 
       
   103     def test_init(self):
       
   104         self.rs.set(repo='toto')
       
   105         self.check_level('read', user='users/toto')
       
   106         self.check_level('init', user='users/toto/key')
       
   107 
       
   108 class RuleSet3TC(_RuleSetBaseTC):
       
   109     accessrules = '''
       
   110 read  user=users/w/* repo=toto
       
   111 deny  user=users/w/* repo=no
       
   112 write user=users/w/*
       
   113 read  user=users/**
       
   114 '''
       
   115 
       
   116     def test_user_w(self):
       
   117         self.rs.set(user='users/w/key')
       
   118         self.check_level('read', repo='toto')
       
   119         self.check_level('deny', repo='no')
       
   120         self.check_level('write', repo='other')
       
   121 
       
   122     def test_user_k(self):
       
   123         self.rs.set(user='users/k/key')
       
   124         self.check_level('read', repo='toto')
       
   125         self.check_level('read', repo='no')
       
   126         self.check_level('read', repo='other')
       
   127 
       
   128     def test_otheruser(self):
       
   129         self.rs.set(user='jay/key')
       
   130         self.check_level('none', repo='toto')
       
   131         self.check_level('none', repo='no')
       
   132         self.check_level('none', repo='other')
       
   133 
       
   134 class RuleSet4TC(_RuleSetBaseTC):
       
   135     accessrules = '''
       
   136 read  user=users/w/* repo=toto
       
   137 write user=users/w/*
       
   138 deny  user=users/w/* repo=no
       
   139 read  user=users/**
       
   140 '''
       
   141 
       
   142     def test_user_w(self):
       
   143         self.rs.set(user='users/w/key')
       
   144         self.check_level('read', repo='toto')
       
   145         # deny has no effect here, write match first
       
   146         self.check_level('write', repo='no')
       
   147         self.check_level('write', repo='other')
       
   148 
       
   149 class RuleSet5TC(_RuleSetBaseTC):
       
   150     accessrules = '''
       
   151 read  user=users/w/* repo=toto
       
   152 deny  user=users/w/* repo=no
       
   153 write user=users/w/*
       
   154 read  user=users/**
       
   155 '''
       
   156 
       
   157     def test_user_w(self):
       
   158         self.rs.set(user='users/w/key')
       
   159         self.check_level('read', repo='toto')
       
   160         # deny takes effect here
       
   161         self.check_level('deny', repo='no')
       
   162         self.check_level('write', repo='other')
       
   163 
       
   164 if __name__ == '__main__':
       
   165     from unittest import main
       
   166     main()