Skip to content
Toggle navigation
P
Projects
G
Groups
S
Snippets
Help
Gelencsér Szabolcs
/
circlestack
This project
Loading...
Sign in
Toggle navigation
Go to a project
Project
Repository
Issues
0
Merge Requests
0
Pipelines
Wiki
Snippets
Members
Activity
Graph
Charts
Create a new issue
Jobs
Commits
Issue Boards
Files
Commits
Branches
Tags
Contributors
Graph
Compare
Charts
Commit
6dfa952b
authored
Mar 12, 2014
by
Őry Máté
Browse files
Options
Browse Files
Download
Email Patches
Plain Diff
dashboard: add test_renew_post_by_anon_w_expired_key
parent
1825ccc2
Show whitespace changes
Inline
Side-by-side
Showing
3 changed files
with
65 additions
and
6 deletions
+65
-6
circle/dashboard/fixtures/test-vm-fixture.json
+29
-0
circle/dashboard/tests/test_views.py
+16
-4
circle/dashboard/views.py
+20
-2
No files found.
circle/dashboard/fixtures/test-vm-fixture.json
View file @
6dfa952b
...
...
@@ -1372,6 +1372,35 @@
}
},
{
"pk"
:
12
,
"model"
:
"vm.instance"
,
"fields"
:
{
"destroyed"
:
null
,
"disks"
:
[],
"boot_menu"
:
false
,
"owner"
:
1
,
"time_of_delete"
:
null
,
"max_ram_size"
:
200
,
"pw"
:
"ads"
,
"time_of_suspend"
:
null
,
"ram_size"
:
200
,
"priority"
:
4
,
"active_since"
:
null
,
"template"
:
null
,
"access_method"
:
"nx"
,
"lease"
:
1
,
"node"
:
null
,
"description"
:
""
,
"arch"
:
"x86_64"
,
"name"
:
"vanneve"
,
"created"
:
"2013-09-16T09:05:59.991Z"
,
"raw_data"
:
""
,
"vnc_port"
:
1235
,
"num_cores"
:
2
,
"modified"
:
"2013-10-14T07:27:38.192Z"
}
},
{
"pk"
:
1
,
"model"
:
"firewall.domain"
,
"fields"
:
{
...
...
circle/dashboard/tests/test_views.py
View file @
6dfa952b
...
...
@@ -2,6 +2,7 @@ from django.test import TestCase
from
django.test.client
import
Client
from
django.contrib.auth.models
import
User
,
Group
from
django.core.exceptions
import
SuspiciousOperation
from
django.core.urlresolvers
import
reverse
from
vm.models
import
Instance
,
InstanceTemplate
,
Lease
,
Node
from
..models
import
Profile
...
...
@@ -385,23 +386,21 @@ class RenewViewTest(LoginMixin, TestCase):
def
test_renew_get_by_nonowner_w_key
(
self
):
key
=
VmRenewView
.
get_token_url
(
Instance
.
objects
.
get
(
pk
=
1
),
self
.
u2
)
c
=
Client
()
self
.
login
(
c
,
'user2'
)
response
=
c
.
get
(
key
)
self
.
assertEquals
(
response
.
status_code
,
200
)
def
test_renew_post_by_
nonowner
_w_key
(
self
):
def
test_renew_post_by_
anon
_w_key
(
self
):
key
=
VmRenewView
.
get_token_url
(
Instance
.
objects
.
get
(
pk
=
1
),
self
.
u2
)
ct
=
Instance
.
objects
.
get
(
pk
=
1
)
.
activity_log
.
\
filter
(
activity_code__endswith
=
'renew'
)
.
count
()
c
=
Client
()
self
.
login
(
c
,
'user2'
)
response
=
c
.
post
(
key
)
self
.
assertEquals
(
response
.
status_code
,
302
)
ct2
=
Instance
.
objects
.
get
(
pk
=
1
)
.
activity_log
.
\
filter
(
activity_code__endswith
=
'renew'
)
.
count
()
self
.
assertEquals
(
ct
+
1
,
ct2
)
def
test_renew_post_by_
nonowner
_w_invalid_key
(
self
):
def
test_renew_post_by_
anon
_w_invalid_key
(
self
):
class
Mockinst
(
object
):
pk
=
2
key
=
VmRenewView
.
get_token_url
(
Mockinst
(),
self
.
u2
)
...
...
@@ -414,3 +413,16 @@ class RenewViewTest(LoginMixin, TestCase):
ct2
=
Instance
.
objects
.
get
(
pk
=
1
)
.
activity_log
.
\
filter
(
activity_code__endswith
=
'renew'
)
.
count
()
self
.
assertEquals
(
ct
,
ct2
)
def
test_renew_post_by_anon_w_expired_key
(
self
):
key
=
reverse
(
VmRenewView
.
url_name
,
args
=
(
12
,
'WzEyLDFd:1WLbSi:2zIb8SUNAIRIOMTmSmKSSit2gpY'
))
ct
=
Instance
.
objects
.
get
(
pk
=
12
)
.
activity_log
.
\
filter
(
activity_code__endswith
=
'renew'
)
.
count
()
c
=
Client
()
self
.
login
(
c
,
'user2'
)
response
=
c
.
post
(
key
)
self
.
assertEquals
(
response
.
status_code
,
403
)
ct2
=
Instance
.
objects
.
get
(
pk
=
12
)
.
activity_log
.
\
filter
(
activity_code__endswith
=
'renew'
)
.
count
()
self
.
assertEquals
(
ct
,
ct2
)
circle/dashboard/views.py
View file @
6dfa952b
...
...
@@ -1602,13 +1602,31 @@ class AbstractVmFunctionView(AccessMixin, View):
self
.
get_context
(
instance
))
def
post
(
self
,
request
,
pk
,
key
=
None
,
*
args
,
**
kwargs
):
class
LoginNeeded
(
Exception
):
pass
pk
=
int
(
pk
)
instance
=
get_object_or_404
(
Instance
,
pk
=
pk
)
if
key
:
try
:
if
not
request
.
user
.
is_authenticated
()
and
key
:
try
:
user
=
self
.
validate_key
(
pk
,
key
)
except
signing
.
SignatureExpired
:
messages
.
error
(
request
,
_
(
'The token has expired, please log in.'
))
raise
LoginNeeded
()
self
.
key
=
key
else
:
user
=
request
.
user
self
.
check_acl
(
instance
,
user
)
self
.
check_acl
(
instance
,
request
.
user
)
except
LoginNeeded
:
return
redirect_to_login
(
request
.
get_full_path
(),
self
.
get_login_url
(),
self
.
get_redirect_field_name
())
except
SuspiciousOperation
as
e
:
messages
.
error
(
request
,
_
(
'This token is invalid.'
))
logger
.
warning
(
'This token
%
s is invalid.
%
s'
,
key
,
unicode
(
e
))
raise
PermissionDenied
()
if
self
.
do_action
(
instance
,
user
):
messages
.
success
(
request
,
self
.
success_message
)
...
...
Write
Preview
Markdown
is supported
0%
Try again
or
attach a new file
Attach a file
Cancel
You are about to add
0
people
to the discussion. Proceed with caution.
Finish editing this message first!
Cancel
Please
register
or
sign in
to comment