Redmine 3.4.4

test/extra/redmine_pm/repository_git_test_pm.rb

@@ -0,0 +1,97 @@
+# Redmine - project management software
+# Copyright (C) 2006-2017  Jean-Philippe Lang
+#
+# This program is free software; you can redistribute it and/or
+# modify it under the terms of the GNU General Public License
+# as published by the Free Software Foundation; either version 2
+# of the License, or (at your option) any later version.
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA  02110-1301, USA.
+
+require File.expand_path('../test_case', __FILE__)
+require 'tmpdir'
+
+class RedminePmTest::RepositoryGitTest < RedminePmTest::TestCase
+  fixtures :projects, :users, :members, :roles, :member_roles
+
+  GIT_BIN = Redmine::Configuration['scm_git_command'] || "git"
+
+  def test_anonymous_read_on_public_repo_with_permission_should_succeed
+    assert_success "ls-remote", git_url
+  end
+
+  def test_anonymous_read_on_public_repo_without_permission_should_fail
+    Role.anonymous.remove_permission! :browse_repository
+    assert_failure "ls-remote", git_url
+  end
+
+  def test_invalid_credentials_should_fail
+    Project.find(1).update_attribute :is_public, false
+    with_credentials "dlopper", "foo" do
+      assert_success "ls-remote", git_url
+    end
+    with_credentials "dlopper", "wrong" do
+      assert_failure "ls-remote", git_url
+    end
+  end
+
+  def test_clone
+    Dir.mktmpdir do |dir|
+      Dir.chdir(dir) do
+        assert_success "clone", git_url
+      end
+    end
+  end
+
+  def test_write_commands
+    Role.find(2).add_permission! :commit_access
+    filename = random_filename
+
+    Dir.mktmpdir do |dir|
+      assert_success "clone", git_url, dir
+      Dir.chdir(dir) do
+        f = File.new(File.join(dir, filename), "w")
+        f.write "test file content"
+        f.close
+
+        with_credentials "dlopper", "foo" do
+          assert_success "add", filename
+          assert_success "commit -a --message Committing_a_file"
+          assert_success "push", git_url, "--all"
+        end
+      end
+    end
+
+    Dir.mktmpdir do |dir|
+      assert_success "clone", git_url, dir
+      Dir.chdir(dir) do
+        assert File.exists?(File.join(dir, "#{filename}"))
+      end
+    end
+  end
+
+  protected
+
+  def execute(*args)
+    a = [GIT_BIN]
+    super a, *args
+  end
+
+  def git_url(path=nil)
+    host = ENV['REDMINE_TEST_DAV_SERVER'] || '127.0.0.1'
+    credentials = nil
+    if username && password
+      credentials = "#{username}:#{password}"
+    end
+    url = "http://#{credentials}@#{host}/git/ecookbook"
+    url << "/#{path}" if path
+    url
+  end
+end

test/extra/redmine_pm/repository_subversion_test_pm.rb

@@ -0,0 +1,332 @@
+# Redmine - project management software
+# Copyright (C) 2006-2017  Jean-Philippe Lang
+#
+# This program is free software; you can redistribute it and/or
+# modify it under the terms of the GNU General Public License
+# as published by the Free Software Foundation; either version 2
+# of the License, or (at your option) any later version.
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA  02110-1301, USA.
+
+require File.expand_path('../test_case', __FILE__)
+require 'tmpdir'
+
+class RedminePmTest::RepositorySubversionTest < RedminePmTest::TestCase
+  fixtures :projects, :users, :members, :roles, :member_roles, :auth_sources, :enabled_modules
+
+  SVN_BIN = Redmine::Configuration['scm_subversion_command'] || "svn"
+
+  def test_anonymous_read_on_public_repo_with_permission_should_succeed
+    assert_success "ls", svn_url
+  end
+
+  def test_anonymous_read_on_public_repo_with_anonymous_group_permission_should_succeed
+    Role.anonymous.remove_permission! :browse_repository
+    Member.create!(:project_id => 1, :principal => Group.anonymous, :role_ids => [2])
+    assert_success "ls", svn_url
+  end
+
+  def test_anonymous_read_on_public_repo_without_permission_should_fail
+    Role.anonymous.remove_permission! :browse_repository
+    assert_failure "ls", svn_url
+  end
+
+  def test_anonymous_read_on_public_project_with_module_disabled_should_fail
+    Project.find(1).disable_module! :repository
+    assert_failure "ls", svn_url
+  end
+
+  def test_anonymous_read_on_private_repo_should_fail
+    Project.find(1).update_attribute :is_public, false
+    assert_failure "ls", svn_url
+  end
+
+  def test_anonymous_commit_on_public_repo_should_fail
+    Role.anonymous.add_permission! :commit_access
+    assert_failure "mkdir --message Creating_a_directory", svn_url(random_filename)
+  end
+
+  def test_anonymous_commit_on_private_repo_should_fail
+    Role.anonymous.add_permission! :commit_access
+    Project.find(1).update_attribute :is_public, false
+    assert_failure "mkdir --message Creating_a_directory", svn_url(random_filename)
+  end
+
+  def test_non_member_read_on_public_repo_with_permission_should_succeed
+    Role.anonymous.remove_permission! :browse_repository
+    with_credentials "miscuser8", "foo" do
+      assert_success "ls", svn_url
+    end
+  end
+
+  def test_non_member_read_on_public_repo_with_non_member_group_permission_should_succeed
+    Role.anonymous.remove_permission! :browse_repository
+    Role.non_member.remove_permission! :browse_repository
+    Member.create!(:project_id => 1, :principal => Group.non_member, :role_ids => [2])
+    with_credentials "miscuser8", "foo" do
+      assert_success "ls", svn_url
+    end
+  end
+
+  def test_non_member_read_on_public_repo_without_permission_should_fail
+    Role.anonymous.remove_permission! :browse_repository
+    Role.non_member.remove_permission! :browse_repository
+    with_credentials "miscuser8", "foo" do
+      assert_failure "ls", svn_url
+    end
+  end
+
+  def test_non_member_read_on_private_repo_should_fail
+    Project.find(1).update_attribute :is_public, false
+    with_credentials "miscuser8", "foo" do
+      assert_failure "ls", svn_url
+    end
+  end
+
+  def test_non_member_commit_on_public_repo_should_fail
+    Role.non_member.add_permission! :commit_access
+    assert_failure "mkdir --message Creating_a_directory", svn_url(random_filename)
+  end
+
+  def test_non_member_commit_on_private_repo_should_fail
+    Role.non_member.add_permission! :commit_access
+    Project.find(1).update_attribute :is_public, false
+    assert_failure "mkdir --message Creating_a_directory", svn_url(random_filename)
+  end
+
+  def test_member_read_on_public_repo_with_permission_should_succeed
+    Role.anonymous.remove_permission! :browse_repository
+    Role.non_member.remove_permission! :browse_repository
+    with_credentials "dlopper", "foo" do
+      assert_success "ls", svn_url
+    end
+  end
+
+  def test_member_read_on_public_repo_without_permission_should_fail
+    Role.anonymous.remove_permission! :browse_repository
+    Role.non_member.remove_permission! :browse_repository
+    Role.find(2).remove_permission! :browse_repository
+    with_credentials "dlopper", "foo" do
+      assert_failure "ls", svn_url
+    end
+  end
+
+  def test_member_read_on_private_repo_with_permission_should_succeed
+    Project.find(1).update_attribute :is_public, false
+    with_credentials "dlopper", "foo" do
+      assert_success "ls", svn_url
+    end
+  end
+
+  def test_member_read_on_private_repo_without_permission_should_fail
+    Role.find(2).remove_permission! :browse_repository
+    Project.find(1).update_attribute :is_public, false
+    with_credentials "dlopper", "foo" do
+      assert_failure "ls", svn_url
+    end
+  end
+
+  def test_member_read_on_private_repo_with_module_disabled_should_fail
+    Role.find(2).add_permission! :browse_repository
+    Project.find(1).update_attribute :is_public, false
+    Project.find(1).disable_module! :repository
+    with_credentials "dlopper", "foo" do
+      assert_failure "ls", svn_url
+    end
+  end
+
+  def test_member_commit_on_public_repo_with_permission_should_succeed
+    Role.find(2).add_permission! :commit_access
+    with_credentials "dlopper", "foo" do
+      assert_success "mkdir --message Creating_a_directory", svn_url(random_filename)
+    end
+  end
+
+  def test_member_commit_on_public_repo_without_permission_should_fail
+    Role.find(2).remove_permission! :commit_access
+    with_credentials "dlopper", "foo" do
+      assert_failure "mkdir --message Creating_a_directory", svn_url(random_filename)
+    end
+  end
+
+  def test_member_commit_on_private_repo_with_permission_should_succeed
+    Role.find(2).add_permission! :commit_access
+    Project.find(1).update_attribute :is_public, false
+    with_credentials "dlopper", "foo" do
+      assert_success "mkdir --message Creating_a_directory", svn_url(random_filename)
+    end
+  end
+
+  def test_member_commit_on_private_repo_without_permission_should_fail
+    Role.find(2).remove_permission! :commit_access
+    Project.find(1).update_attribute :is_public, false
+    with_credentials "dlopper", "foo" do
+      assert_failure "mkdir --message Creating_a_directory", svn_url(random_filename)
+    end
+  end
+
+  def test_member_commit_on_private_repo_with_module_disabled_should_fail
+    Role.find(2).add_permission! :commit_access
+    Project.find(1).update_attribute :is_public, false
+    Project.find(1).disable_module! :repository
+    with_credentials "dlopper", "foo" do
+      assert_failure "mkdir --message Creating_a_directory", svn_url(random_filename)
+    end
+  end
+
+  def test_invalid_credentials_should_fail
+    Project.find(1).update_attribute :is_public, false
+    with_credentials "dlopper", "foo" do
+      assert_success "ls", svn_url
+    end
+    with_credentials "dlopper", "wrong" do
+      assert_failure "ls", svn_url
+    end
+  end
+
+  def test_anonymous_read_should_fail_with_login_required
+    assert_success "ls", svn_url
+    with_settings :login_required => '1' do
+      assert_failure "ls", svn_url
+    end
+  end
+
+  def test_authenticated_read_should_succeed_with_login_required
+    with_settings :login_required => '1' do
+      with_credentials "miscuser8", "foo" do
+        assert_success "ls", svn_url
+      end
+    end
+  end
+
+  def test_read_on_archived_projects_should_fail
+    Project.find(1).update_attribute :status, Project::STATUS_ARCHIVED
+    assert_failure "ls", svn_url
+  end
+
+  def test_read_on_archived_private_projects_should_fail
+    Project.find(1).update_attribute :status, Project::STATUS_ARCHIVED
+    Project.find(1).update_attribute :is_public, false
+    with_credentials "dlopper", "foo" do
+      assert_failure "ls", svn_url
+    end
+  end
+
+  def test_read_on_closed_projects_should_succeed
+    Project.find(1).update_attribute :status, Project::STATUS_CLOSED
+    assert_success "ls", svn_url
+  end
+
+  def test_read_on_closed_private_projects_should_succeed
+    Project.find(1).update_attribute :status, Project::STATUS_CLOSED
+    Project.find(1).update_attribute :is_public, false
+    with_credentials "dlopper", "foo" do
+      assert_success "ls", svn_url
+    end
+  end
+
+  def test_commit_on_closed_projects_should_fail
+    Project.find(1).update_attribute :status, Project::STATUS_CLOSED
+    Role.find(2).add_permission! :commit_access
+    with_credentials "dlopper", "foo" do
+      assert_failure "mkdir --message Creating_a_directory", svn_url(random_filename)
+    end
+  end
+
+  def test_commit_on_closed_private_projects_should_fail
+    Project.find(1).update_attribute :status, Project::STATUS_CLOSED
+    Project.find(1).update_attribute :is_public, false
+    Role.find(2).add_permission! :commit_access
+    with_credentials "dlopper", "foo" do
+      assert_failure "mkdir --message Creating_a_directory", svn_url(random_filename)
+    end
+  end
+
+  if ldap_configured?
+    def test_user_with_ldap_auth_source_should_authenticate_with_ldap_credentials
+      ldap_user = User.new(:mail => 'example1@redmine.org', :firstname => 'LDAP', :lastname => 'user', :auth_source_id => 1)
+      ldap_user.login = 'example1'
+      ldap_user.save!
+  
+      with_settings :login_required => '1' do
+        with_credentials "example1", "123456" do
+          assert_success "ls", svn_url
+        end
+      end
+  
+      with_settings :login_required => '1' do
+        with_credentials "example1", "wrong" do
+          assert_failure "ls", svn_url
+        end
+      end
+    end
+  end
+
+  def test_checkout
+    Dir.mktmpdir do |dir|
+      assert_success "checkout", svn_url, dir
+    end
+  end
+
+  def test_read_commands
+    assert_success "info", svn_url
+    assert_success "ls", svn_url
+    assert_success "log", svn_url
+  end
+
+  def test_write_commands
+    Role.find(2).add_permission! :commit_access
+    filename = random_filename
+
+    Dir.mktmpdir do |dir|
+      assert_success "checkout", svn_url, dir
+      Dir.chdir(dir) do
+        # creates a file in the working copy
+        f = File.new(File.join(dir, filename), "w")
+        f.write "test file content"
+        f.close
+
+        assert_success "add", filename
+        with_credentials "dlopper", "foo" do
+          assert_success "commit --message Committing_a_file"
+          assert_success "copy   --message Copying_a_file", svn_url(filename), svn_url("#{filename}_copy")
+          assert_success "delete --message Deleting_a_file", svn_url(filename)
+          assert_success "mkdir  --message Creating_a_directory", svn_url("#{filename}_dir")
+        end
+        assert_success "update"
+
+        # checks that the working copy was updated
+        assert File.exists?(File.join(dir, "#{filename}_copy"))
+        assert File.directory?(File.join(dir, "#{filename}_dir"))
+      end
+    end
+  end
+
+  def test_read_invalid_repo_should_fail
+    assert_failure "ls", svn_url("invalid")
+  end
+
+  protected
+
+  def execute(*args)
+    a = [SVN_BIN, "--no-auth-cache --non-interactive"]
+    a << "--username #{username}" if username
+    a << "--password #{password}" if password
+
+    super a, *args
+  end
+
+  def svn_url(path=nil)
+    host = ENV['REDMINE_TEST_DAV_SERVER'] || '127.0.0.1'
+    url = "http://#{host}/svn/ecookbook"
+    url << "/#{path}" if path
+    url
+  end
+end

test/extra/redmine_pm/test_case.rb

@@ -0,0 +1,82 @@
+# Redmine - project management software
+# Copyright (C) 2006-2017  Jean-Philippe Lang
+#
+# This program is free software; you can redistribute it and/or
+# modify it under the terms of the GNU General Public License
+# as published by the Free Software Foundation; either version 2
+# of the License, or (at your option) any later version.
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA  02110-1301, USA.
+
+require File.expand_path('../../../test_helper', __FILE__)
+
+module RedminePmTest
+  class TestCase < ActiveSupport::TestCase
+    attr_reader :command, :response, :status, :username, :password
+    
+    # Cannot use transactional fixtures here: database
+    # will be accessed from Redmine.pm with its own connection
+    self.use_transactional_fixtures = false
+  
+    def test_dummy
+    end
+  
+    protected
+  
+    def assert_response(expected, msg=nil)
+      case expected
+      when :success
+        assert_equal 0, status,
+          (msg || "The command failed (exit: #{status}):\n  #{command}\nOutput was:\n#{formatted_response}")
+      when :failure
+        assert_not_equal 0, status,
+          (msg || "The command succeed (exit: #{status}):\n  #{command}\nOutput was:\n#{formatted_response}")
+      else
+        assert_equal expected, status, msg
+      end
+    end
+  
+    def assert_success(*args)
+      execute *args
+      assert_response :success
+    end
+  
+    def assert_failure(*args)
+      execute *args
+      assert_response :failure
+    end
+    
+    def with_credentials(username, password)
+      old_username, old_password = @username, @password
+      @username, @password = username, password
+      yield if block_given?
+    ensure
+      @username, @password = old_username, old_password
+    end
+    
+    def execute(*args)
+      @command = args.join(' ')
+      @status = nil
+      IO.popen("#{command} 2>&1") do |io|
+        io.set_encoding("ASCII-8BIT") if io.respond_to?(:set_encoding)
+        @response = io.read
+      end
+      @status = $?.exitstatus
+    end
+  
+    def formatted_response
+      "#{'='*40}\n#{response}#{'='*40}"
+    end
+  
+    def random_filename
+      Redmine::Utils.random_hex(16)
+    end
+  end
+end