nielsperetzke
/
healthchecks
1
0
Fork 0
Code Issues 0 Pull Requests 0 Projects 0 Releases 32 Wiki Activity
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
1621 Commits
2 Branches
15 MiB
Tree: 205f1ccce6
Branches Tags
${ item.name }
Create branch ${ searchTerm }
from '205f1ccce6'
${ noResults }
healthchecks/hc/accounts/tests/test_project.py

262 lines
9.7 KiB
Raw Normal View History

Move project-specific settings to a new "Project Settings" page
6 years ago
Rate limit team invites to 20/day
6 years ago
Move project-specific settings to a new "Project Settings" page
6 years ago
Improved UI to invite users from account's other projects. Fixes #258. The team size limit is applied to the number of distinct users across all projects. Fixes #332.
5 years ago
Rate limit team invites to 20/day
6 years ago
Move project-specific settings to a new "Project Settings" page
6 years ago
Show "Badges" and "Settings" in top navigation. Fixes #234
6 years ago
Move project-specific settings to a new "Project Settings" page
6 years ago
Simplify super() calls in tests
4 years ago
Move project-specific settings to a new "Project Settings" page
6 years ago
Test cases for adding project, removing project and leaving project.
6 years ago
Show "Badges" and "Settings" in top navigation. Fixes #234
6 years ago
Test cases for adding project, removing project and leaving project.
6 years ago
Show "Badges" and "Settings" in top navigation. Fixes #234
6 years ago
Move project-specific settings to a new "Project Settings" page
6 years ago
Add the PROMETHEUS_ENABLED setting
4 years ago
Move project-specific settings to a new "Project Settings" page
6 years ago
Test cases for adding project, removing project and leaving project.
6 years ago
Move project-specific settings to a new "Project Settings" page
6 years ago
Specify the read-write/read-only flag when inviting a team member.
4 years ago
Move project-specific settings to a new "Project Settings" page
6 years ago
Source formatted with Black
6 years ago
Move project-specific settings to a new "Project Settings" page
6 years ago
Specify the read-write/read-only flag when inviting a team member.
4 years ago
Don't create default projects for invited users.
6 years ago
Move project-specific settings to a new "Project Settings" page
6 years ago
In Account Settings > My Projects, indicate read-only memberships as read-only
4 years ago
Django 3.0
5 years ago
Move project-specific settings to a new "Project Settings" page
6 years ago
Specify the read-write/read-only flag when inviting a team member.
4 years ago
Improved UI to invite users from account's other projects. Fixes #258. The team size limit is applied to the number of distinct users across all projects. Fixes #332.
5 years ago
Bugfix: don't allow duplicate team memberships
4 years ago
Handle excessively long email addresses in the team member invite form.
4 years ago
Rate limit team invites to 20/day
6 years ago
Show "Badges" and "Settings" in top navigation. Fixes #234
6 years ago
Move project-specific settings to a new "Project Settings" page
6 years ago
Profile.current_project not used any more, remove last remaining references. cc: #336
5 years ago
Move project-specific settings to a new "Project Settings" page
6 years ago
Show "Badges" and "Settings" in top navigation. Fixes #234
6 years ago
Check membership before removing project member.
6 years ago
Move project-specific settings to a new "Project Settings" page
6 years ago
Fix invite suggestions.
5 years ago
Read-only users cannot change project settings.
4 years ago
Add the PROMETHEUS_ENABLED setting
4 years ago
 
  1. from django.core import mail
  2. 

  3. from django.conf import settings
  4. from django.test.utils import override_settings
  5. from hc.test import BaseTestCase
  6. from hc.accounts.models import Member, Project
  7. from hc.api.models import TokenBucket
  8. 

  9. 

  10. class ProjectTestCase(BaseTestCase):
  11.     def setUp(self):
  12.         super().setUp()
  13. 

  14.         self.url = "/projects/%s/settings/" % self.project.code
  15. 

  16.     def test_it_checks_access(self):
  17.         self.client.login(username="[email protected]", password="password")
  18.         r = self.client.get(self.url)
  19.         self.assertEqual(r.status_code, 404)
  20. 

  21.     def test_it_allows_team_access(self):
  22.         self.client.login(username="[email protected]", password="password")
  23.         r = self.client.get(self.url)
  24.         self.assertContains(r, "Change Project Name")
  25. 

  26.     def test_it_shows_api_keys(self):
  27.         self.project.api_key_readonly = "R" * 32
  28.         self.project.save()
  29. 

  30.         self.client.login(username="[email protected]", password="password")
  31. 

  32.         form = {"show_api_keys": "1"}
  33.         r = self.client.post(self.url, form)
  34.         self.assertEqual(r.status_code, 200)
  35. 

  36.         self.assertContains(r, "X" * 32)
  37.         self.assertContains(r, "R" * 32)
  38.         self.assertContains(r, "Prometheus metrics endpoint")
  39. 

  40.     def test_it_creates_api_key(self):
  41.         self.client.login(username="[email protected]", password="password")
  42. 

  43.         form = {"create_api_keys": "1"}
  44.         r = self.client.post(self.url, form)
  45.         self.assertEqual(r.status_code, 200)
  46. 

  47.         self.project.refresh_from_db()
  48.         api_key = self.project.api_key
  49.         self.assertTrue(len(api_key) > 10)
  50.         self.assertFalse("b'" in api_key)
  51. 

  52.     def test_it_revokes_api_key(self):
  53.         self.project.api_key_readonly = "R" * 32
  54.         self.project.save()
  55. 

  56.         self.client.login(username="[email protected]", password="password")
  57. 

  58.         form = {"revoke_api_keys": "1"}
  59.         r = self.client.post(self.url, form)
  60.         self.assertEqual(r.status_code, 200)
  61. 

  62.         self.project.refresh_from_db()
  63.         self.assertEqual(self.project.api_key, "")
  64.         self.assertEqual(self.project.api_key_readonly, "")
  65. 

  66.     def test_it_adds_team_member(self):
  67.         self.client.login(username="[email protected]", password="password")
  68. 

  69.         form = {"invite_team_member": "1", "email": "[email protected]", "rw": "1"}
  70.         r = self.client.post(self.url, form)
  71.         self.assertEqual(r.status_code, 200)
  72. 

  73.         members = self.project.member_set.all()
  74.         self.assertEqual(members.count(), 2)
  75. 

  76.         member = Member.objects.get(
  77.             project=self.project, user__email="[email protected]"
  78.         )
  79. 

  80.         # The read-write flag should be set
  81.         self.assertTrue(member.rw)
  82. 

  83.         # The new user should not have their own project
  84.         self.assertFalse(member.user.project_set.exists())
  85. 

  86.         # And an email should have been sent
  87.         subj = f"You have been invited to join Alices Project on {settings.SITE_NAME}"
  88.         self.assertHTMLEqual(mail.outbox[0].subject, subj)
  89. 

  90.     def test_it_adds_readonly_team_member(self):
  91.         self.client.login(username="[email protected]", password="password")
  92. 

  93.         form = {"invite_team_member": "1", "email": "[email protected]"}
  94.         r = self.client.post(self.url, form)
  95.         self.assertEqual(r.status_code, 200)
  96. 

  97.         member = Member.objects.get(
  98.             project=self.project, user__email="[email protected]"
  99.         )
  100. 

  101.         # The new user should not have their own project
  102.         self.assertFalse(member.rw)
  103. 

  104.     def test_it_adds_member_from_another_team(self):
  105.         # With team limit at zero, we should not be able to invite any new users
  106.         self.profile.team_limit = 0
  107.         self.profile.save()
  108. 

  109.         # But Charlie will have an existing membership in another Alice's project
  110.         # so Alice *should* be able to invite Charlie:
  111.         p2 = Project.objects.create(owner=self.alice)
  112.         Member.objects.create(user=self.charlie, project=p2)
  113. 

  114.         self.client.login(username="[email protected]", password="password")
  115.         form = {"invite_team_member": "1", "email": "[email protected]"}
  116.         r = self.client.post(self.url, form)
  117.         self.assertEqual(r.status_code, 200)
  118. 

  119.         q = Member.objects.filter(project=self.project, user=self.charlie)
  120.         self.assertEqual(q.count(), 1)
  121. 

  122.         # And this should not have affected the rate limit:
  123.         q = TokenBucket.objects.filter(value="invite-%d" % self.alice.id)
  124.         self.assertFalse(q.exists())
  125. 

  126.     def test_it_rejects_duplicate_membership(self):
  127.         self.client.login(username="[email protected]", password="password")
  128. 

  129.         form = {"invite_team_member": "1", "email": "[email protected]"}
  130.         r = self.client.post(self.url, form)
  131.         self.assertContains(r, "[email protected] is already a member")
  132. 

  133.         # The number of memberships should have not increased
  134.         self.assertEqual(self.project.member_set.count(), 1)
  135. 

  136.     def test_it_rejects_owner_as_a_member(self):
  137.         self.client.login(username="[email protected]", password="password")
  138. 

  139.         form = {"invite_team_member": "1", "email": "[email protected]"}
  140.         r = self.client.post(self.url, form)
  141.         self.assertContains(r, "[email protected] is already a member")
  142. 

  143.         # The number of memberships should have not increased
  144.         self.assertEqual(self.project.member_set.count(), 1)
  145. 

  146.     def test_it_rejects_too_long_email_addresses(self):
  147.         self.client.login(username="[email protected]", password="password")
  148. 

  149.         aaa = "a" * 300
  150.         form = {"invite_team_member": "1", "email": f"frank+{aaa}@example.org"}
  151.         r = self.client.post(self.url, form)
  152.         self.assertEqual(r.status_code, 200)
  153. 

  154.         # No email should have been sent
  155.         self.assertEqual(len(mail.outbox), 0)
  156. 

  157.     @override_settings(SECRET_KEY="test-secret")
  158.     def test_it_rate_limits_invites(self):
  159.         obj = TokenBucket(value="invite-%d" % self.alice.id)
  160.         obj.tokens = 0
  161.         obj.save()
  162. 

  163.         self.client.login(username="[email protected]", password="password")
  164. 

  165.         form = {"invite_team_member": "1", "email": "[email protected]"}
  166.         r = self.client.post(self.url, form)
  167.         self.assertContains(r, "Too Many Requests")
  168. 

  169.         self.assertEqual(len(mail.outbox), 0)
  170. 

  171.     def test_it_requires_owner_to_add_team_member(self):
  172.         self.client.login(username="[email protected]", password="password")
  173. 

  174.         form = {"invite_team_member": "1", "email": "[email protected]"}
  175.         r = self.client.post(self.url, form)
  176.         self.assertEqual(r.status_code, 403)
  177. 

  178.     def test_it_checks_team_size(self):
  179.         self.profile.team_limit = 0
  180.         self.profile.save()
  181. 

  182.         self.client.login(username="[email protected]", password="password")
  183. 

  184.         form = {"invite_team_member": "1", "email": "[email protected]"}
  185.         r = self.client.post(self.url, form)
  186.         self.assertEqual(r.status_code, 403)
  187. 

  188.     def test_it_removes_team_member(self):
  189.         self.client.login(username="[email protected]", password="password")
  190. 

  191.         form = {"remove_team_member": "1", "email": "[email protected]"}
  192.         r = self.client.post(self.url, form)
  193.         self.assertEqual(r.status_code, 200)
  194. 

  195.         self.assertFalse(Member.objects.exists())
  196. 

  197.     def test_it_requires_owner_to_remove_team_member(self):
  198.         self.client.login(username="[email protected]", password="password")
  199. 

  200.         form = {"remove_team_member": "1", "email": "[email protected]"}
  201.         r = self.client.post(self.url, form)
  202.         self.assertEqual(r.status_code, 403)
  203. 

  204.     def test_it_checks_membership_when_removing_team_member(self):
  205.         self.client.login(username="[email protected]", password="password")
  206. 

  207.         url = "/projects/%s/settings/" % self.charlies_project.code
  208.         form = {"remove_team_member": "1", "email": "[email protected]"}
  209.         r = self.client.post(url, form)
  210.         self.assertEqual(r.status_code, 400)
  211. 

  212.     def test_it_sets_project_name(self):
  213.         self.client.login(username="[email protected]", password="password")
  214. 

  215.         form = {"set_project_name": "1", "name": "Alpha Team"}
  216.         r = self.client.post(self.url, form)
  217.         self.assertEqual(r.status_code, 200)
  218. 

  219.         self.project.refresh_from_db()
  220.         self.assertEqual(self.project.name, "Alpha Team")
  221. 

  222.     def test_it_shows_invite_suggestions(self):
  223.         p2 = Project.objects.create(owner=self.alice)
  224. 

  225.         self.client.login(username="[email protected]", password="password")
  226. 

  227.         r = self.client.get("/projects/%s/settings/" % p2.code)
  228.         self.assertContains(r, "Add Users from Other Teams")
  229.         self.assertContains(r, "[email protected]")
  230. 

  231.     def test_it_checks_rw_access_when_updating_project_name(self):
  232.         self.bobs_membership.rw = False
  233.         self.bobs_membership.save()
  234. 

  235.         self.client.login(username="[email protected]", password="password")
  236. 

  237.         form = {"set_project_name": "1", "name": "Alpha Team"}
  238.         r = self.client.post(self.url, form)
  239.         self.assertEqual(r.status_code, 403)
  240. 

  241.     def test_it_hides_actions_for_readonly_users(self):
  242.         self.bobs_membership.rw = False
  243.         self.bobs_membership.save()
  244. 

  245.         self.client.login(username="[email protected]", password="password")
  246. 

  247.         r = self.client.get(self.url)
  248.         self.assertNotContains(r, "#set-project-name-modal", status_code=200)
  249.         self.assertNotContains(r, "Show API Keys")
  250. 

  251.     @override_settings(PROMETHEUS_ENABLED=False)
  252.     def test_it_hides_prometheus_link_if_prometheus_not_enabled(self):
  253.         self.project.api_key_readonly = "R" * 32
  254.         self.project.save()
  255. 

  256.         self.client.login(username="[email protected]", password="password")
  257. 

  258.         form = {"show_api_keys": "1"}
  259.         r = self.client.post(self.url, form)
  260.         self.assertEqual(r.status_code, 200)
  261. 

  262.         self.assertNotContains(r, "Prometheus metrics endpoint")