From 9848514e7d52f62e079b297b1a8aa6fa2aebbf6f Mon Sep 17 00:00:00 2001 From: lian Date: Thu, 19 Jan 2017 14:40:23 +0800 Subject: [PATCH] update test --- seahub/api2/endpoints/user_enabled_modules.py | 4 +-- seahub/api2/views.py | 36 +++++++++---------- tests/api/test_repo_group_folder_perm.py | 6 +++- tests/api/test_repo_user_folder_perm.py | 21 +++++++---- 4 files changed, 40 insertions(+), 27 deletions(-) diff --git a/seahub/api2/endpoints/user_enabled_modules.py b/seahub/api2/endpoints/user_enabled_modules.py index c986e5314b..6808f841c4 100644 --- a/seahub/api2/endpoints/user_enabled_modules.py +++ b/seahub/api2/endpoints/user_enabled_modules.py @@ -31,7 +31,7 @@ class UserEnabledModulesView(APIView): 2. user can add repo """ - if not request.user.permissions.can_add_repo: + if not request.user.permissions.can_add_repo(): error_msg = 'Permission denied.' return api_error(status.HTTP_403_FORBIDDEN, error_msg) @@ -53,7 +53,7 @@ class UserEnabledModulesView(APIView): 2. user can add repo """ - if not request.user.permissions.can_add_repo: + if not request.user.permissions.can_add_repo(): error_msg = 'Permission denied.' return api_error(status.HTTP_403_FORBIDDEN, error_msg) diff --git a/seahub/api2/views.py b/seahub/api2/views.py index 8be984f2aa..61a6c1a40d 100644 --- a/seahub/api2/views.py +++ b/seahub/api2/views.py @@ -4493,11 +4493,6 @@ class RepoUserFolderPerm(APIView): error_msg = 'User %s not found.' % user return api_error(status.HTTP_404_NOT_FOUND, error_msg) - permission = seafile_api.get_folder_user_perm(repo_id, path, user) - if not permission: - error_msg = 'Folder permission not found.' - return api_error(status.HTTP_404_NOT_FOUND, error_msg) - # permission check if is_org_context(request): repo_owner = seafile_api.get_org_repo_owner(repo_id) @@ -4509,6 +4504,11 @@ class RepoUserFolderPerm(APIView): error_msg = 'Permission denied.' return api_error(status.HTTP_403_FORBIDDEN, error_msg) + permission = seafile_api.get_folder_user_perm(repo_id, path, user) + if not permission: + error_msg = 'Folder permission not found.' + return api_error(status.HTTP_404_NOT_FOUND, error_msg) + # modify permission try: seafile_api.set_folder_user_perm(repo_id, path, perm, user) @@ -4561,10 +4561,6 @@ class RepoUserFolderPerm(APIView): error_msg = 'User %s not found.' % user return api_error(status.HTTP_404_NOT_FOUND, error_msg) - permission = seafile_api.get_folder_user_perm(repo_id, path, user) - if not permission: - return Response({'success': True}) - # permission check if is_org_context(request): repo_owner = seafile_api.get_org_repo_owner(repo_id) @@ -4576,6 +4572,10 @@ class RepoUserFolderPerm(APIView): error_msg = 'Permission denied.' return api_error(status.HTTP_403_FORBIDDEN, error_msg) + permission = seafile_api.get_folder_user_perm(repo_id, path, user) + if not permission: + return Response({'success': True}) + # delete permission try: seafile_api.rm_folder_user_perm(repo_id, path, user) @@ -4780,11 +4780,6 @@ class RepoGroupFolderPerm(APIView): error_msg = 'Group %s not found.' % group_id return api_error(status.HTTP_404_NOT_FOUND, error_msg) - permission = seafile_api.get_folder_group_perm(repo_id, path, group_id) - if not permission: - error_msg = 'Folder permission not found.' - return api_error(status.HTTP_404_NOT_FOUND, error_msg) - # permission check if is_org_context(request): repo_owner = seafile_api.get_org_repo_owner(repo_id) @@ -4796,6 +4791,11 @@ class RepoGroupFolderPerm(APIView): error_msg = 'Permission denied.' return api_error(status.HTTP_403_FORBIDDEN, error_msg) + permission = seafile_api.get_folder_group_perm(repo_id, path, group_id) + if not permission: + error_msg = 'Folder permission not found.' + return api_error(status.HTTP_404_NOT_FOUND, error_msg) + # modify permission try: seafile_api.set_folder_group_perm(repo_id, path, perm, group_id) @@ -4847,10 +4847,6 @@ class RepoGroupFolderPerm(APIView): error_msg = 'Group %s not found.' % group_id return api_error(status.HTTP_404_NOT_FOUND, error_msg) - permission = seafile_api.get_folder_group_perm(repo_id, path, group_id) - if not permission: - return Response({'success': True}) - # permission check if is_org_context(request): repo_owner = seafile_api.get_org_repo_owner(repo_id) @@ -4862,6 +4858,10 @@ class RepoGroupFolderPerm(APIView): error_msg = 'Permission denied.' return api_error(status.HTTP_403_FORBIDDEN, error_msg) + permission = seafile_api.get_folder_group_perm(repo_id, path, group_id) + if not permission: + return Response({'success': True}) + # delete permission try: seafile_api.rm_folder_group_perm(repo_id, path, group_id) diff --git a/tests/api/test_repo_group_folder_perm.py b/tests/api/test_repo_group_folder_perm.py index c0e40c3c5a..1c6c313d48 100644 --- a/tests/api/test_repo_group_folder_perm.py +++ b/tests/api/test_repo_group_folder_perm.py @@ -208,6 +208,9 @@ class RepoGroupFolderPermTest(BaseTestCase): self.assertEqual(404, resp.status_code) def test_invalid_group(self): + if not LOCAL_PRO_DEV_ENV: + return + self.login_as(self.user) invalid_group_id = -1 @@ -232,7 +235,8 @@ class RepoGroupFolderPermTest(BaseTestCase): "permission": self.perm_rw } resp = self.client.post(url, data) - self.assertEqual(404, resp.status_code) + json_resp = json.loads(resp.content) + assert invalid_group_id == json_resp['failed'][0]['group_id'] def test_invalid_perm(self): self.login_as(self.user) diff --git a/tests/api/test_repo_user_folder_perm.py b/tests/api/test_repo_user_folder_perm.py index a52d9a4b3d..693b1626d4 100644 --- a/tests/api/test_repo_user_folder_perm.py +++ b/tests/api/test_repo_user_folder_perm.py @@ -175,7 +175,8 @@ class RepoUserFolderPermTest(BaseTestCase): self.login_as(self.admin) url = reverse("api2-repo-user-folder-perm", args=[self.user_repo_id]) - data = 'user_email=%s&folder_path=%s' % (self.admin_email, self.user_folder_path) + data = 'user_email=%s&folder_path=%s&permission=%s' % \ + (self.admin_email, self.user_folder_path, self.perm_rw) resp = self.client.delete(url, data, 'application/x-www-form-urlencoded') self.assertEqual(403, resp.status_code) @@ -196,17 +197,22 @@ class RepoUserFolderPermTest(BaseTestCase): # test modify url = reverse("api2-repo-user-folder-perm", args=[self.user_repo_id]) - data = 'user_email=%s&folder_path=%s&permission=%s' % (self.admin_email, invalid_path, self.perm_rw) + data = 'user_email=%s&folder_path=%s&permission=%s' % \ + (self.admin_email, invalid_path, self.perm_rw) resp = self.client.put(url, data, 'application/x-www-form-urlencoded') self.assertEqual(404, resp.status_code) # test delete url = reverse("api2-repo-user-folder-perm", args=[self.user_repo_id]) - data = 'user_email=%s&folder_path=%s' % (self.admin_email, invalid_path) + data = 'user_email=%s&folder_path=%s&permission=%s' % \ + (self.admin_email, invalid_path, self.perm_rw) resp = self.client.delete(url, data, 'application/x-www-form-urlencoded') self.assertEqual(404, resp.status_code) def test_invalid_user(self): + if not LOCAL_PRO_DEV_ENV: + return + self.login_as(self.user) invalid_user = randstring(6) + '@' + randstring(6) + '.com' @@ -219,17 +225,20 @@ class RepoUserFolderPermTest(BaseTestCase): "permission": self.perm_rw } resp = self.client.post(url, data) - self.assertEqual(404, resp.status_code) + json_resp = json.loads(resp.content) + assert invalid_user == json_resp['failed'][0]['user_email'] # test modify url = reverse("api2-repo-user-folder-perm", args=[self.user_repo_id]) - data = 'user_email=%s&folder_path=%s&permission=%s' % (invalid_user, self.user_folder_path, self.perm_rw) + data = 'user_email=%s&folder_path=%s&permission=%s' % \ + (invalid_user, self.user_folder_path, self.perm_rw) resp = self.client.put(url, data, 'application/x-www-form-urlencoded') self.assertEqual(404, resp.status_code) # test delete url = reverse("api2-repo-user-folder-perm", args=[self.user_repo_id]) - data = 'user_email=%s&folder_path=%s' % (invalid_user, self.user_folder_path) + data = 'user_email=%s&folder_path=%s&permission=%s' % \ + (invalid_user, self.user_folder_path, self.perm_rw) resp = self.client.delete(url, data, 'application/x-www-form-urlencoded') self.assertEqual(404, resp.status_code)