You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@allura.apache.org by br...@apache.org on 2013/09/12 20:31:46 UTC
[2/2] git commit: [#6613] don't expose TicketMonitoringEmail in API,
and associated TestRestApiBase changes
[#6613] don't expose TicketMonitoringEmail in API, and associated TestRestApiBase changes
Project: http://git-wip-us.apache.org/repos/asf/incubator-allura/repo
Commit: http://git-wip-us.apache.org/repos/asf/incubator-allura/commit/cd1be45d
Tree: http://git-wip-us.apache.org/repos/asf/incubator-allura/tree/cd1be45d
Diff: http://git-wip-us.apache.org/repos/asf/incubator-allura/diff/cd1be45d
Branch: refs/heads/master
Commit: cd1be45da425cc914b50690588585741dad3fd01
Parents: 023a0a3
Author: Dave Brondsema <db...@slashdotmedia.com>
Authored: Thu Sep 12 17:59:12 2013 +0000
Committer: Dave Brondsema <db...@slashdotmedia.com>
Committed: Thu Sep 12 17:59:12 2013 +0000
----------------------------------------------------------------------
.../tests/functional/test_rest_api_tickets.py | 3 +-
AlluraTest/alluratest/controller.py | 34 +++++++++++++-------
.../tests/functional/test_import.py | 8 ++---
.../tests/functional/test_import.py | 10 +++---
.../forgetracker/tests/functional/test_rest.py | 4 +++
ForgeTracker/forgetracker/tracker_main.py | 7 +++-
6 files changed, 44 insertions(+), 22 deletions(-)
----------------------------------------------------------------------
http://git-wip-us.apache.org/repos/asf/incubator-allura/blob/cd1be45d/Allura/allura/tests/functional/test_rest_api_tickets.py
----------------------------------------------------------------------
diff --git a/Allura/allura/tests/functional/test_rest_api_tickets.py b/Allura/allura/tests/functional/test_rest_api_tickets.py
index 11e149f..145e143 100644
--- a/Allura/allura/tests/functional/test_rest_api_tickets.py
+++ b/Allura/allura/tests/functional/test_rest_api_tickets.py
@@ -29,7 +29,8 @@ class TestApiTicket(TestRestApiBase):
def set_api_ticket(self, expire=None):
if not expire:
expire = timedelta(days=1)
- api_ticket = M.ApiTicket(user_id=self.user._id, capabilities={'import': ['Projects','test']},
+ test_admin = M.User.query.get(username='test-admin')
+ api_ticket = M.ApiTicket(user_id=test_admin._id, capabilities={'import': ['Projects','test']},
expires=datetime.utcnow() + expire)
session(api_ticket).flush()
self.set_api_token(api_ticket)
http://git-wip-us.apache.org/repos/asf/incubator-allura/blob/cd1be45d/AlluraTest/alluratest/controller.py
----------------------------------------------------------------------
diff --git a/AlluraTest/alluratest/controller.py b/AlluraTest/alluratest/controller.py
index 7b38700..577088d 100644
--- a/AlluraTest/alluratest/controller.py
+++ b/AlluraTest/alluratest/controller.py
@@ -145,23 +145,35 @@ class TestRestApiBase(TestController):
def setUp(self):
super(TestRestApiBase, self).setUp()
setup_global_objects()
-# h.set_context('test', 'home')
- self.user = M.User.query.get(username='test-admin')
- self.token = M.ApiToken(user_id=self.user._id)
- ming.orm.session(self.token).flush()
+ self._use_token = None
+ self._token_cache = {}
def set_api_token(self, token):
- self.token = token
+ self._use_token = token
+
+ def token(self, username):
+ if self._use_token:
+ return self._use_token
+
+ # only create token once, else ming gets dupe key error
+ if username not in self._token_cache:
+ user = M.User.query.get(username=username)
+ token = M.ApiToken(user_id=user._id)
+ ming.orm.session(token).flush()
+ self._token_cache[username] = token
+
+ return self._token_cache[username]
def _api_getpost(self, method, path, api_key=None, api_timestamp=None, api_signature=None,
- wrap_args=None, **params):
+ wrap_args=None, user='test-admin', **params):
if wrap_args:
params = {wrap_args: params}
params = variabledecode.variable_encode(params, add_repetitions=False)
if api_key: params['api_key'] = api_key
if api_timestamp: params['api_timestamp'] = api_timestamp
if api_signature: params['api_signature'] = api_signature
- params = self.token.sign_request(path, params)
+
+ params = self.token(user).sign_request(path, params)
fn = self.app.post if method=='POST' else self.app.get
@@ -175,9 +187,9 @@ class TestRestApiBase(TestController):
return response
def api_get(self, path, api_key=None, api_timestamp=None, api_signature=None,
- wrap_args=None, **params):
- return self._api_getpost('GET', path, api_key, api_timestamp, api_signature, wrap_args, **params)
+ wrap_args=None, user='test-admin', **params):
+ return self._api_getpost('GET', path, api_key, api_timestamp, api_signature, wrap_args, user, **params)
def api_post(self, path, api_key=None, api_timestamp=None, api_signature=None,
- wrap_args=None, **params):
- return self._api_getpost('POST', path, api_key, api_timestamp, api_signature, wrap_args, **params)
+ wrap_args=None, user='test-admin', **params):
+ return self._api_getpost('POST', path, api_key, api_timestamp, api_signature, wrap_args, user, **params)
http://git-wip-us.apache.org/repos/asf/incubator-allura/blob/cd1be45d/ForgeDiscussion/forgediscussion/tests/functional/test_import.py
----------------------------------------------------------------------
diff --git a/ForgeDiscussion/forgediscussion/tests/functional/test_import.py b/ForgeDiscussion/forgediscussion/tests/functional/test_import.py
index 17d13c7..76d7896 100644
--- a/ForgeDiscussion/forgediscussion/tests/functional/test_import.py
+++ b/ForgeDiscussion/forgediscussion/tests/functional/test_import.py
@@ -57,7 +57,7 @@ class TestImportController(TestRestApiBase):#TestController):
assert not r.json['errors']
def test_import_anon(self):
- api_ticket = M.ApiTicket(user_id=self.user._id, capabilities={'import': ['Projects', 'test']},
+ api_ticket = M.ApiTicket(user_id=c.user._id, capabilities={'import': ['Projects', 'test']},
expires=datetime.utcnow() + timedelta(days=1))
ming.orm.session(api_ticket).flush()
self.set_api_token(api_ticket)
@@ -76,7 +76,7 @@ class TestImportController(TestRestApiBase):#TestController):
assert 'Anonymous' in str(r)
def test_import_map(self):
- api_ticket = M.ApiTicket(user_id=self.user._id, capabilities={'import': ['Projects', 'test']},
+ api_ticket = M.ApiTicket(user_id=c.user._id, capabilities={'import': ['Projects', 'test']},
expires=datetime.utcnow() + timedelta(days=1))
ming.orm.session(api_ticket).flush()
self.set_api_token(api_ticket)
@@ -97,7 +97,7 @@ class TestImportController(TestRestApiBase):#TestController):
assert 'Anonymous' not in str(r)
def test_import_create(self):
- api_ticket = M.ApiTicket(user_id=self.user._id, capabilities={'import': ['Projects', 'test']},
+ api_ticket = M.ApiTicket(user_id=c.user._id, capabilities={'import': ['Projects', 'test']},
expires=datetime.utcnow() + timedelta(days=1))
ming.orm.session(api_ticket).flush()
self.set_api_token(api_ticket)
@@ -117,7 +117,7 @@ class TestImportController(TestRestApiBase):#TestController):
assert 'test-rick446' in str(r)
def set_api_ticket(self, caps={'import': ['Projects', 'test']}):
- api_ticket = M.ApiTicket(user_id=self.user._id, capabilities=caps,
+ api_ticket = M.ApiTicket(user_id=c.user._id, capabilities=caps,
expires=datetime.utcnow() + timedelta(days=1))
ming.orm.session(api_ticket).flush()
self.set_api_token(api_ticket)
http://git-wip-us.apache.org/repos/asf/incubator-allura/blob/cd1be45d/ForgeTracker/forgetracker/tests/functional/test_import.py
----------------------------------------------------------------------
diff --git a/ForgeTracker/forgetracker/tests/functional/test_import.py b/ForgeTracker/forgetracker/tests/functional/test_import.py
index f876b93..8192115 100644
--- a/ForgeTracker/forgetracker/tests/functional/test_import.py
+++ b/ForgeTracker/forgetracker/tests/functional/test_import.py
@@ -46,7 +46,7 @@ class TestImportController(TestRestApiBase):
return resp.follow()
def set_api_ticket(self, caps={'import': ['Projects','test']}):
- api_ticket = M.ApiTicket(user_id=self.user._id, capabilities=caps,
+ api_ticket = M.ApiTicket(user_id=c.user._id, capabilities=caps,
expires=datetime.utcnow() + timedelta(days=1))
ming.orm.session(api_ticket).flush()
self.set_api_token(api_ticket)
@@ -107,7 +107,7 @@ class TestImportController(TestRestApiBase):
'/admin/bugs/set_custom_fields',
params=variable_encode(params))
here_dir = os.path.dirname(__file__)
- api_ticket = M.ApiTicket(user_id=self.user._id, capabilities={'import': ['Projects','test']},
+ api_ticket = M.ApiTicket(user_id=c.user._id, capabilities={'import': ['Projects','test']},
expires=datetime.utcnow() + timedelta(days=1))
ming.orm.session(api_ticket).flush()
self.set_api_token(api_ticket)
@@ -129,7 +129,7 @@ class TestImportController(TestRestApiBase):
@td.with_tracker
def test_import(self):
here_dir = os.path.dirname(__file__)
- api_ticket = M.ApiTicket(user_id=self.user._id, capabilities={'import': ['Projects','test']},
+ api_ticket = M.ApiTicket(user_id=c.user._id, capabilities={'import': ['Projects','test']},
expires=datetime.utcnow() + timedelta(days=1))
ming.orm.session(api_ticket).flush()
self.set_api_token(api_ticket)
@@ -184,7 +184,7 @@ class TestImportController(TestRestApiBase):
@td.with_tracker
def test_links(self):
- api_ticket = M.ApiTicket(user_id=self.user._id, capabilities={'import': ['Projects','test']},
+ api_ticket = M.ApiTicket(user_id=c.user._id, capabilities={'import': ['Projects','test']},
expires=datetime.utcnow() + timedelta(days=1))
ming.orm.session(api_ticket).flush()
self.set_api_token(api_ticket)
@@ -207,7 +207,7 @@ class TestImportController(TestRestApiBase):
@td.with_tracker
def test_slug(self):
- api_ticket = M.ApiTicket(user_id=self.user._id, capabilities={'import': ['Projects','test']},
+ api_ticket = M.ApiTicket(user_id=c.user._id, capabilities={'import': ['Projects','test']},
expires=datetime.utcnow() + timedelta(days=1))
ming.orm.session(api_ticket).flush()
self.set_api_token(api_ticket)
http://git-wip-us.apache.org/repos/asf/incubator-allura/blob/cd1be45d/ForgeTracker/forgetracker/tests/functional/test_rest.py
----------------------------------------------------------------------
diff --git a/ForgeTracker/forgetracker/tests/functional/test_rest.py b/ForgeTracker/forgetracker/tests/functional/test_rest.py
index df0a422..b687efb 100644
--- a/ForgeTracker/forgetracker/tests/functional/test_rest.py
+++ b/ForgeTracker/forgetracker/tests/functional/test_rest.py
@@ -96,6 +96,10 @@ class TestRestUpdateTicket(TestTrackerApiBase):
assert tickets.json['milestones'][0]['name'] == '1.0'
assert tickets.json['milestones'][1]['name'] == '2.0'
+ def test_ticket_index_noauth(self):
+ tickets = self.api_get('/rest/p/test/bugs', user='*anonymous')
+ assert 'TicketMonitoringEmail' not in tickets.json['tracker_config']['options']
+
def test_update_ticket(self):
args = dict(self.ticket_args, summary='test update ticket', labels='',
assigned_to=self.ticket_args['assigned_to_id'] or '')
http://git-wip-us.apache.org/repos/asf/incubator-allura/blob/cd1be45d/ForgeTracker/forgetracker/tracker_main.py
----------------------------------------------------------------------
diff --git a/ForgeTracker/forgetracker/tracker_main.py b/ForgeTracker/forgetracker/tracker_main.py
index bc66e6c..28bd4aa 100644
--- a/ForgeTracker/forgetracker/tracker_main.py
+++ b/ForgeTracker/forgetracker/tracker_main.py
@@ -1583,7 +1583,12 @@ class RootRestController(BaseController):
limit=int(limit), page=int(page))
results['tickets'] = [dict(ticket_num=t.ticket_num, summary=t.summary)
for t in results['tickets']]
- results['tracker_config'] = c.app.config
+ results['tracker_config'] = c.app.config.__json__()
+ if not has_access(c.app, 'admin', c.user):
+ try:
+ del results['tracker_config']['options']['TicketMonitoringEmail']
+ except KeyError:
+ pass
results['milestones'] = c.app.milestones
results['saved_bins'] = c.app.bins
results.pop('q', None)