You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@allura.apache.org by je...@apache.org on 2015/05/15 12:29:49 UTC

[05/10] allura git commit: [#7633] ticket:768 Add has_access API for ForgeTracker

[#7633] ticket:768 Add has_access API for ForgeTracker


Project: http://git-wip-us.apache.org/repos/asf/allura/repo
Commit: http://git-wip-us.apache.org/repos/asf/allura/commit/d038918d
Tree: http://git-wip-us.apache.org/repos/asf/allura/tree/d038918d
Diff: http://git-wip-us.apache.org/repos/asf/allura/diff/d038918d

Branch: refs/heads/ib/7633
Commit: d038918d3e91bc2dfa6ca4247839d9e2c9574be3
Parents: cdcd3d2
Author: Igor Bondarenko <je...@gmail.com>
Authored: Fri May 15 09:02:30 2015 +0000
Committer: Igor Bondarenko <je...@gmail.com>
Committed: Fri May 15 09:02:30 2015 +0000

----------------------------------------------------------------------
 .../forgetracker/tests/functional/test_rest.py  | 43 ++++++++++++++++++++
 ForgeTracker/forgetracker/tracker_main.py       |  7 +++-
 2 files changed, 48 insertions(+), 2 deletions(-)
----------------------------------------------------------------------


http://git-wip-us.apache.org/repos/asf/allura/blob/d038918d/ForgeTracker/forgetracker/tests/functional/test_rest.py
----------------------------------------------------------------------
diff --git a/ForgeTracker/forgetracker/tests/functional/test_rest.py b/ForgeTracker/forgetracker/tests/functional/test_rest.py
index aa728e1..0932435 100644
--- a/ForgeTracker/forgetracker/tests/functional/test_rest.py
+++ b/ForgeTracker/forgetracker/tests/functional/test_rest.py
@@ -237,3 +237,46 @@ class TestRestSearch(TestTrackerApiBase):
         assert_equal(r.json['tickets'][0]['labels'], ['tiny', 'minor'])
         assert 'description' not in r.json
         assert 'discussion_thread' not in r.json
+
+
+class TestRestHasAccess(TestTrackerApiBase):
+
+    def test_has_access_no_params(self):
+        r = self.api_get('/rest/p/test/bugs/has_access', status=404)
+        r = self.api_get('/rest/p/test/bugs/has_access?user=root', status=404)
+        r = self.api_get('/rest/p/test/bugs/has_access?perm=read', status=404)
+
+    def test_has_access_unknown_params(self):
+        """Unknown user and/or permission always False for has_access API"""
+        r = self.api_get(
+            '/rest/p/test/bugs/has_access?user=babadook&perm=read',
+            user='root')
+        assert_equal(r.status_int, 200)
+        assert_equal(r.json['result'], False)
+        r = self.api_get(
+            '/rest/p/test/bugs/has_access?user=test-user&perm=jump',
+            user='root')
+        assert_equal(r.status_int, 200)
+        assert_equal(r.json['result'], False)
+
+    def test_has_access_not_admin(self):
+        """
+        User which has no 'admin' permission on neighborhood can't use
+        has_access API
+        """
+        self.api_get(
+            '/rest/p/test/bugs/has_access?user=test-admin&perm=admin',
+            user='test-user',
+            status=403)
+
+    def test_has_access(self):
+        r = self.api_get(
+            '/rest/p/test/bugs/has_access?user=test-admin&perm=delete',
+            user='root')
+        assert_equal(r.status_int, 200)
+        assert_equal(r.json['result'], True)
+        r = self.api_get(
+            '/rest/p/test/bugs/has_access?user=test-user&perm=delete',
+            user='root')
+        assert_equal(r.status_int, 200)
+        assert_equal(r.json['result'], False)

http://git-wip-us.apache.org/repos/asf/allura/blob/d038918d/ForgeTracker/forgetracker/tracker_main.py
----------------------------------------------------------------------
diff --git a/ForgeTracker/forgetracker/tracker_main.py b/ForgeTracker/forgetracker/tracker_main.py
index 055116f..07601ae 100644
--- a/ForgeTracker/forgetracker/tracker_main.py
+++ b/ForgeTracker/forgetracker/tracker_main.py
@@ -61,6 +61,7 @@ from allura.controllers import AppDiscussionController, AppDiscussionRestControl
 from allura.controllers import attachments as att
 from allura.controllers import BaseController
 from allura.controllers.feed import FeedArgs, FeedController
+from allura.controllers.rest import AppRestControllerMixin
 
 # Local imports
 from forgetracker import model as TM
@@ -1742,7 +1743,7 @@ class TrackerAdminController(DefaultAdminController):
         redirect(request.referer)
 
 
-class RootRestController(BaseController):
+class RootRestController(BaseController, AppRestControllerMixin):
 
     def __init__(self):
         self._discuss = AppDiscussionRestController()
@@ -1798,7 +1799,9 @@ class RootRestController(BaseController):
 
     @expose()
     def _lookup(self, ticket_num, *remainder):
-        return TicketRestController(ticket_num), remainder
+        if ticket_num.isdigit():
+            return TicketRestController(ticket_num), remainder
+        raise exc.HTTPNotFound
 
 
 class TicketRestController(BaseController):