~launchpad-pqm/launchpad/devel : contents of lib/lp/app/webservice/tests/test

~launchpad-pqm/launchpad/devel : (revision 13543.4.6)

# Copyright 2011 Canonical Ltd.  This software is licensed under the
# GNU Affero General Public License version 3 (see the file LICENSE).

"""Tests for the webservice marshallers."""

__metaclass__ = type

import transaction

from canonical.launchpad.testing.pages import (
    LaunchpadWebServiceCaller,
    webservice_for_person,
    )
from canonical.launchpad.webapp.servers import WebServiceTestRequest
from canonical.testing.layers import DatabaseFunctionalLayer
from lp.app.webservice.marshallers import TextFieldMarshaller
from lp.testing import (
    logout,
    person_logged_in,
    TestCaseWithFactory,
    )


def ws_url(bug):
    url = "/bugs/%d" % bug.id
    return url


class TestTextFieldMarshaller(TestCaseWithFactory):

    layer = DatabaseFunctionalLayer

    def test_unmarshall_obfuscated(self):
        # Data is obfuscated if the user is anonynous.
        marshaller = TextFieldMarshaller(None, WebServiceTestRequest())
        result = marshaller.unmarshall(None, u"foo@example.com")
        self.assertEqual(u"<email address hidden>", result)

    def test_unmarshall_not_obfuscated(self):
        # Data is not obfuccated if the user is authenticated.
        marshaller = TextFieldMarshaller(None, WebServiceTestRequest())
        with person_logged_in(self.factory.makePerson()):
            result = marshaller.unmarshall(None, u"foo@example.com")
        self.assertEqual(u"foo@example.com", result)


class TestWebServiceObfuscation(TestCaseWithFactory):
    """Integration test for obfuscation marshaller.

    Not using WebServiceTestCase because that assumes too much about users
    """

    layer = DatabaseFunctionalLayer

    email_address = "joe@example.com"
    email_address_obfuscated = "<email address hidden>"
    email_address_obfuscated_escaped = "&lt;email address hidden&gt;"
    bug_title = "Title with address %s in it"
    bug_description = "Description with address %s in it"

    def _makeBug(self):
        """Create a bug with an email address in title and description."""
        bug = self.factory.makeBug(
            title=self.bug_title % self.email_address,
            description=self.bug_description % self.email_address)
        transaction.commit()
        return bug

    def test_email_address_obfuscated(self):
        # Email addresses are obfuscated for anonymous users.
        bug = self._makeBug()
        logout()
        webservice = LaunchpadWebServiceCaller()
        result = webservice(ws_url(bug)).jsonBody()
        self.assertEqual(
            self.bug_title % self.email_address_obfuscated,
            result['title'])
        self.assertEqual(
            self.bug_description % self.email_address_obfuscated,
            result['description'])

    def test_email_address_not_obfuscated(self):
        # Email addresses are not obfuscated for authenticated users.
        bug = self._makeBug()
        user = self.factory.makePerson()
        webservice = webservice_for_person(user)
        result = webservice(ws_url(bug)).jsonBody()
        self.assertEqual(self.bug_title % self.email_address, result['title'])
        self.assertEqual(
            self.bug_description % self.email_address, result['description'])

    def test_xhtml_email_address_not_obfuscated(self):
        # Email addresses are not obfuscated for authenticated users.
        bug = self._makeBug()
        user = self.factory.makePerson()
        webservice = webservice_for_person(user)
        result = webservice(
            ws_url(bug), headers={'Accept': 'application/xhtml+xml'})
        self.assertIn(self.email_address, result.body)
        self.assertNotIn(
            self.email_address_obfuscated_escaped, result.body)

    def test_xhtml_email_address_obfuscated(self):
        # Email addresses are obfuscated in the XML representation for
        # anonymous users.
        bug = self._makeBug()
        logout()
        webservice = LaunchpadWebServiceCaller()
        result = webservice(
            ws_url(bug), headers={'Accept': 'application/xhtml+xml'})
        self.assertNotIn(self.email_address, result.body)
        self.assertIn(self.email_address_obfuscated_escaped, result.body)

    def test_etags_differ_for_anon_and_non_anon_represetations(self):
        # When a webservice client retrieves data anonymously, this
        # data should not be used in later write requests, if the
        # text fields contain obfuscated email addresses. The etag
        # for a GET request is calculated after the email address
        # obfuscation and thus differs from the etag returned for
        # not obfuscated data, so clients usings etags to check if the
        # cached data is up to date will not use the obfuscated data
        # in PATCH or PUT requests.
        bug = self._makeBug()
        user = self.factory.makePerson()
        webservice = webservice_for_person(user)
        etag_logged_in = webservice(ws_url(bug)).getheader('etag')
        logout()
        webservice = LaunchpadWebServiceCaller()
        etag_logged_out = webservice(ws_url(bug)).getheader('etag')
        self.assertNotEqual(etag_logged_in, etag_logged_out)

13405.9.1 by Henning Eggers Restored r13373.	1	# Copyright 2011 Canonical Ltd. This software is licensed under the
	2	# GNU Affero General Public License version 3 (see the file LICENSE).
	3
	4	"""Tests for the webservice marshallers."""
	5
	6	__metaclass__ = type
	7
	8	import transaction
	9
	10	from canonical.launchpad.testing.pages import (
	11	LaunchpadWebServiceCaller,
	12	webservice_for_person,
	13	)
	14	from canonical.launchpad.webapp.servers import WebServiceTestRequest
	15	from canonical.testing.layers import DatabaseFunctionalLayer
	16	from lp.app.webservice.marshallers import TextFieldMarshaller
13303.11.21 by Aaron Bentley Fix failing tests.	17	from lp.testing import (
	18	logout,
	19	person_logged_in,
	20	TestCaseWithFactory,
	21	)
13405.9.1 by Henning Eggers Restored r13373.	22
	23
	24	def ws_url(bug):
	25	url = "/bugs/%d" % bug.id
	26	return url
	27
	28
	29	class TestTextFieldMarshaller(TestCaseWithFactory):
	30
	31	layer = DatabaseFunctionalLayer
	32
	33	def test_unmarshall_obfuscated(self):
13303.11.21 by Aaron Bentley Fix failing tests.	34	# Data is obfuscated if the user is anonynous.
13303.11.21 by Aaron Bentley Fix failing tests.	35	marshaller = TextFieldMarshaller(None, WebServiceTestRequest())
13405.9.1 by Henning Eggers Restored r13373.	36	result = marshaller.unmarshall(None, u"foo@example.com")
	37	self.assertEqual(u"<email address hidden>", result)
	38
	39	def test_unmarshall_not_obfuscated(self):
13303.11.21 by Aaron Bentley Fix failing tests.	40	# Data is not obfuccated if the user is authenticated.
	41	marshaller = TextFieldMarshaller(None, WebServiceTestRequest())
	42	with person_logged_in(self.factory.makePerson()):
	43	result = marshaller.unmarshall(None, u"foo@example.com")
13405.9.1 by Henning Eggers Restored r13373.	44	self.assertEqual(u"foo@example.com", result)
	45
	46
	47	class TestWebServiceObfuscation(TestCaseWithFactory):
	48	"""Integration test for obfuscation marshaller.
	49
	50	Not using WebServiceTestCase because that assumes too much about users
	51	"""
	52
	53	layer = DatabaseFunctionalLayer
	54
	55	email_address = "joe@example.com"
	56	email_address_obfuscated = "<email address hidden>"
	57	email_address_obfuscated_escaped = "<email address hidden>"
	58	bug_title = "Title with address %s in it"
	59	bug_description = "Description with address %s in it"
	60
	61	def _makeBug(self):
	62	"""Create a bug with an email address in title and description."""
	63	bug = self.factory.makeBug(
	64	title=self.bug_title % self.email_address,
	65	description=self.bug_description % self.email_address)
	66	transaction.commit()
	67	return bug
	68
	69	def test_email_address_obfuscated(self):
	70	# Email addresses are obfuscated for anonymous users.
	71	bug = self._makeBug()
	72	logout()
	73	webservice = LaunchpadWebServiceCaller()
	74	result = webservice(ws_url(bug)).jsonBody()
	75	self.assertEqual(
	76	self.bug_title % self.email_address_obfuscated,
	77	result['title'])
	78	self.assertEqual(
	79	self.bug_description % self.email_address_obfuscated,
	80	result['description'])
	81
	82	def test_email_address_not_obfuscated(self):
	83	# Email addresses are not obfuscated for authenticated users.
	84	bug = self._makeBug()
	85	user = self.factory.makePerson()
	86	webservice = webservice_for_person(user)
	87	result = webservice(ws_url(bug)).jsonBody()
	88	self.assertEqual(self.bug_title % self.email_address, result['title'])
	89	self.assertEqual(
	90	self.bug_description % self.email_address, result['description'])
	91
	92	def test_xhtml_email_address_not_obfuscated(self):
	93	# Email addresses are not obfuscated for authenticated users.
	94	bug = self._makeBug()
	95	user = self.factory.makePerson()
	96	webservice = webservice_for_person(user)
	97	result = webservice(
	98	ws_url(bug), headers={'Accept': 'application/xhtml+xml'})
	99	self.assertIn(self.email_address, result.body)
	100	self.assertNotIn(
	101	self.email_address_obfuscated_escaped, result.body)
	102
	103	def test_xhtml_email_address_obfuscated(self):
	104	# Email addresses are obfuscated in the XML representation for
	105	# anonymous users.
	106	bug = self._makeBug()
	107	logout()
108	webservice = LaunchpadWebServiceCaller()
109	result = webservice(
110	ws_url(bug), headers={'Accept': 'application/xhtml+xml'})
111	self.assertNotIn(self.email_address, result.body)
112	self.assertIn(self.email_address_obfuscated_escaped, result.body)
113
114	def test_etags_differ_for_anon_and_non_anon_represetations(self):
115	# When a webservice client retrieves data anonymously, this
116	# data should not be used in later write requests, if the
117	# text fields contain obfuscated email addresses. The etag
118	# for a GET request is calculated after the email address
119	# obfuscation and thus differs from the etag returned for
120	# not obfuscated data, so clients usings etags to check if the
121	# cached data is up to date will not use the obfuscated data
122	# in PATCH or PUT requests.
123	bug = self._makeBug()
124	user = self.factory.makePerson()
125	webservice = webservice_for_person(user)
126	etag_logged_in = webservice(ws_url(bug)).getheader('etag')
127	logout()
128	webservice = LaunchpadWebServiceCaller()
129	etag_logged_out = webservice(ws_url(bug)).getheader('etag')
130	self.assertNotEqual(etag_logged_in, etag_logged_out)