Эхлэл Бүгдийг харах Тусламж
Нэвтрэх
mirrors
/
Radicale
-ын хуулбар https://github.com/Kozea/Radicale
1
0
Салаа 0
Файлууд Асуудлууд 0 Мэдлэгийн сан
Мод: 3882cf2bc8
Салаанууд Тагууд
Radicale
/
radicale
/
tests
/
test_rights.py

test_rights.py 8.3 KB
Түүх Анхны өгөгдөл

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193 
  1. # This file is part of Radicale Server - Calendar Server
    2. 

  2. # Copyright © 2017-2019 Unrud <unrud@outlook.com>
    3. 

  3. #
    4. 

  4. # This library is free software: you can redistribute it and/or modify
    5. 

  5. # it under the terms of the GNU General Public License as published by
    6. 

  6. # the Free Software Foundation, either version 3 of the License, or
    7. 

  7. # (at your option) any later version.
    8. 

  8. #
    9. 

  9. # This library is distributed in the hope that it will be useful,
    10. 

  10. # but WITHOUT ANY WARRANTY; without even the implied warranty of
    11. 

  11. # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
    12. 

  12. # GNU General Public License for more details.
    13. 

  13. #
    14. 

  14. # You should have received a copy of the GNU General Public License
    15. 

  15. # along with Radicale.  If not, see <http://www.gnu.org/licenses/>.
    16. 

  16. 

  17. """
    18. 

  18. Radicale tests with simple requests and rights.
    19. 

  19. """
    20. 

  20. 

  21. import os
    22. 

  22. import shutil
    23. 

  23. import tempfile
    24. 

  24. 

  25. from radicale import Application, config
    26. 

  26. from radicale.tests import BaseTest
    27. 

  27. from radicale.tests.helpers import get_file_content
    28. 

  28. 

  29. 

  30. class TestBaseRightsRequests(BaseTest):
    31. 

  31.     """Tests basic requests with rights."""
    32. 

  32. 

  33.     def setup(self):
    34. 

  34.         self.configuration = config.load()
    35. 

  35.         self.colpath = tempfile.mkdtemp()
    36. 

  36.         self.configuration.update({
    37. 

  37.             "storage": {"filesystem_folder": self.colpath,
    38. 

  38.                         # Disable syncing to disk for better performance
    39. 

  39.                         "_filesystem_fsync": "False"}},
    40. 

  40.             "test", privileged=True)
    41. 

  41. 

  42.     def teardown(self):
    43. 

  43.         shutil.rmtree(self.colpath)
    44. 

  44. 

  45.     def _test_rights(self, rights_type, user, path, mode, expected_status,
    46. 

  46.                      with_auth=True):
    47. 

  47.         assert mode in ("r", "w")
    48. 

  48.         assert user in ("", "tmp")
    49. 

  49.         htpasswd_file_path = os.path.join(self.colpath, ".htpasswd")
    50. 

  50.         with open(htpasswd_file_path, "w") as f:
    51. 

  51.             f.write("tmp:bepo\nother:bepo")
    52. 

  52.         self.configuration.update({
    53. 

  53.             "rights": {"type": rights_type},
    54. 

  54.             "auth": {"type": "htpasswd" if with_auth else "none",
    55. 

  55.                      "htpasswd_filename": htpasswd_file_path,
    56. 

  56.                      "htpasswd_encryption": "plain"}}, "test")
    57. 

  57.         self.application = Application(self.configuration)
    58. 

  58.         for u in ("tmp", "other"):
    59. 

  59.             # Indirect creation of principal collection
    60. 

  60.             self.propfind("/%s/" % u, login="%s:bepo" % u)
    61. 

  61.         (self.propfind if mode == "r" else self.proppatch)(
    62. 

  62.             path, check=expected_status, login="tmp:bepo" if user else None)
    63. 

  63. 

  64.     def test_owner_only(self):
    65. 

  65.         self._test_rights("owner_only", "", "/", "r", 401)
    66. 

  66.         self._test_rights("owner_only", "", "/", "w", 401)
    67. 

  67.         self._test_rights("owner_only", "", "/tmp/", "r", 401)
    68. 

  68.         self._test_rights("owner_only", "", "/tmp/", "w", 401)
    69. 

  69.         self._test_rights("owner_only", "tmp", "/", "r", 207)
    70. 

  70.         self._test_rights("owner_only", "tmp", "/", "w", 403)
    71. 

  71.         self._test_rights("owner_only", "tmp", "/tmp/", "r", 207)
    72. 

  72.         self._test_rights("owner_only", "tmp", "/tmp/", "w", 207)
    73. 

  73.         self._test_rights("owner_only", "tmp", "/other/", "r", 403)
    74. 

  74.         self._test_rights("owner_only", "tmp", "/other/", "w", 403)
    75. 

  75. 

  76.     def test_owner_only_without_auth(self):
    77. 

  77.         self._test_rights("owner_only", "", "/", "r", 207, False)
    78. 

  78.         self._test_rights("owner_only", "", "/", "w", 401, False)
    79. 

  79.         self._test_rights("owner_only", "", "/tmp/", "r", 207, False)
    80. 

  80.         self._test_rights("owner_only", "", "/tmp/", "w", 207, False)
    81. 

  81. 

  82.     def test_owner_write(self):
    83. 

  83.         self._test_rights("owner_write", "", "/", "r", 401)
    84. 

  84.         self._test_rights("owner_write", "", "/", "w", 401)
    85. 

  85.         self._test_rights("owner_write", "", "/tmp/", "r", 401)
    86. 

  86.         self._test_rights("owner_write", "", "/tmp/", "w", 401)
    87. 

  87.         self._test_rights("owner_write", "tmp", "/", "r", 207)
    88. 

  88.         self._test_rights("owner_write", "tmp", "/", "w", 403)
    89. 

  89.         self._test_rights("owner_write", "tmp", "/tmp/", "r", 207)
    90. 

  90.         self._test_rights("owner_write", "tmp", "/tmp/", "w", 207)
    91. 

  91.         self._test_rights("owner_write", "tmp", "/other/", "r", 207)
    92. 

  92.         self._test_rights("owner_write", "tmp", "/other/", "w", 403)
    93. 

  93. 

  94.     def test_owner_write_without_auth(self):
    95. 

  95.         self._test_rights("owner_write", "", "/", "r", 207, False)
    96. 

  96.         self._test_rights("owner_write", "", "/", "w", 401, False)
    97. 

  97.         self._test_rights("owner_write", "", "/tmp/", "r", 207, False)
    98. 

  98.         self._test_rights("owner_write", "", "/tmp/", "w", 207, False)
    99. 

  99. 

  100.     def test_authenticated(self):
    101. 

  101.         self._test_rights("authenticated", "", "/", "r", 401)
    102. 

  102.         self._test_rights("authenticated", "", "/", "w", 401)
    103. 

  103.         self._test_rights("authenticated", "", "/tmp/", "r", 401)
    104. 

  104.         self._test_rights("authenticated", "", "/tmp/", "w", 401)
    105. 

  105.         self._test_rights("authenticated", "tmp", "/", "r", 207)
    106. 

  106.         self._test_rights("authenticated", "tmp", "/", "w", 207)
    107. 

  107.         self._test_rights("authenticated", "tmp", "/tmp/", "r", 207)
    108. 

  108.         self._test_rights("authenticated", "tmp", "/tmp/", "w", 207)
    109. 

  109.         self._test_rights("authenticated", "tmp", "/other/", "r", 207)
    110. 

  110.         self._test_rights("authenticated", "tmp", "/other/", "w", 207)
    111. 

  111. 

  112.     def test_authenticated_without_auth(self):
    113. 

  113.         self._test_rights("authenticated", "", "/", "r", 207, False)
    114. 

  114.         self._test_rights("authenticated", "", "/", "w", 207, False)
    115. 

  115.         self._test_rights("authenticated", "", "/tmp/", "r", 207, False)
    116. 

  116.         self._test_rights("authenticated", "", "/tmp/", "w", 207, False)
    117. 

  117. 

  118.     def test_from_file(self):
    119. 

  119.         rights_file_path = os.path.join(self.colpath, "rights")
    120. 

  120.         with open(rights_file_path, "w") as f:
    121. 

  121.             f.write("""\
    122. 

  122. [owner]
    123. 

  123. user: .+
    124. 

  124. collection: {user}(/.*)?
    125. 

  125. permissions: RrWw
    126. 

  126. [custom]
    127. 

  127. user: .*
    128. 

  128. collection: custom(/.*)?
    129. 

  129. permissions: Rr""")
    130. 

  130.         self.configuration.update(
    131. 

  131.             {"rights": {"file": rights_file_path}}, "test")
    132. 

  132.         self._test_rights("from_file", "", "/other/", "r", 401)
    133. 

  133.         self._test_rights("from_file", "tmp", "/other/", "r", 403)
    134. 

  134.         self._test_rights("from_file", "", "/custom/sub", "r", 404)
    135. 

  135.         self._test_rights("from_file", "tmp", "/custom/sub", "r", 404)
    136. 

  136.         self._test_rights("from_file", "", "/custom/sub", "w", 401)
    137. 

  137.         self._test_rights("from_file", "tmp", "/custom/sub", "w", 403)
    138. 

  138. 

  139.     def test_from_file_limited_get(self):
    140. 

  140.         rights_file_path = os.path.join(self.colpath, "rights")
    141. 

  141.         with open(rights_file_path, "w") as f:
    142. 

  142.             f.write("""\
    143. 

  143. [write-all]
    144. 

  144. user: tmp
    145. 

  145. collection: .*
    146. 

  146. permissions: RrWw
    147. 

  147. [limited-public]
    148. 

  148. user: .*
    149. 

  149. collection: public/[^/]*
    150. 

  150. permissions: i""")
    151. 

  151.         self.configuration.update(
    152. 

  152.             {"rights": {"type": "from_file",
    153. 

  153.                         "file": rights_file_path}}, "test")
    154. 

  154.         self.application = Application(self.configuration)
    155. 

  155.         self.mkcalendar("/tmp/calendar", login="tmp:bepo")
    156. 

  156.         self.mkcol("/public", login="tmp:bepo")
    157. 

  157.         self.mkcalendar("/public/calendar", login="tmp:bepo")
    158. 

  158.         self.get("/tmp/calendar", check=401)
    159. 

  159.         self.get("/public/", check=401)
    160. 

  160.         self.get("/public/calendar")
    161. 

  161.         self.get("/public/calendar/1.ics", check=401)
    162. 

  162. 

  163.     def test_custom(self):
    164. 

  164.         """Custom rights management."""
    165. 

  165.         self._test_rights("radicale.tests.custom.rights", "", "/", "r", 401)
    166. 

  166.         self._test_rights(
    167. 

  167.             "radicale.tests.custom.rights", "", "/tmp/", "r", 207)
    168. 

  168. 

  169.     def test_collections_and_items(self):
    170. 

  170.         """Test rights for creation of collections, calendars and items.
    171. 

  171. 

  172.         Collections are allowed at "/" and "/.../".
    173. 

  173.         Calendars/Address books are allowed at "/.../.../".
    174. 

  174.         Items are allowed at "/.../.../...".
    175. 

  175. 

  176.         """
    177. 

  177.         self.application = Application(self.configuration)
    178. 

  178.         self.mkcalendar("/", check=401)
    179. 

  179.         self.mkcalendar("/user/", check=401)
    180. 

  180.         self.mkcol("/user/")
    181. 

  181.         self.mkcol("/user/calendar/", check=401)
    182. 

  182.         self.mkcalendar("/user/calendar/")
    183. 

  183.         self.mkcol("/user/calendar/item", check=401)
    184. 

  184.         self.mkcalendar("/user/calendar/item", check=401)
    185. 

  185. 

  186.     def test_put_collections_and_items(self):
    187. 

  187.         """Test rights for creation of calendars and items with PUT."""
    188. 

  188.         self.application = Application(self.configuration)
    189. 

  189.         self.put("/user/", "BEGIN:VCALENDAR\r\nEND:VCALENDAR", check=401)
    190. 

  190.         self.mkcol("/user/")
    191. 

  191.         self.put("/user/calendar/", "BEGIN:VCALENDAR\r\nEND:VCALENDAR")
    192. 

  192.         event1 = get_file_content("event1.ics")
    193. 

  193.         self.put("/user/calendar/event1.ics", event1)
    194.