[ckan-changes] commit/ckan: 2 new changesets
Bitbucket
commits-noreply at bitbucket.org
Fri Aug 5 17:36:54 UTC 2011
2 new changesets in ckan:
http://bitbucket.org/okfn/ckan/changeset/a1b8dd169f4e/
changeset: a1b8dd169f4e
branch: release-v1.4.3
user: dread
date: 2011-08-05 19:35:44
summary: [controllers]: #1265 Fix for /user/edit error conditions.
affected #: 4 files (1.8 KB)
--- a/ckan/controllers/user.py Fri Aug 05 15:38:00 2011 +0100
+++ b/ckan/controllers/user.py Fri Aug 05 18:35:44 2011 +0100
@@ -141,13 +141,18 @@
error_summary = e.error_summary
return self.new(data_dict, errors, error_summary)
- def edit(self, id, data=None, errors=None, error_summary=None):
+ def edit(self, id=None, data=None, errors=None, error_summary=None):
context = {'model': model, 'session': model.Session,
'user': c.user or c.author,
'preview': 'preview' in request.params,
'save': 'save' in request.params,
'schema': self._edit_form_to_db_schema(),
}
+ if id is None:
+ if c.userobj:
+ id = c.userobj.id
+ else:
+ abort(400, _('No user specified'))
data_dict = {'id': id}
if (context['save'] or context['preview']) and not data:
@@ -167,6 +172,8 @@
except NotAuthorized:
abort(401, _('Unauthorized to edit user %s') % '')
+ except NotFound, e:
+ abort(404, _('User not found'))
user_obj = context.get('user_obj')
--- a/ckan/lib/base.py Fri Aug 05 15:38:00 2011 +0100
+++ b/ckan/lib/base.py Fri Aug 05 18:35:44 2011 +0100
@@ -99,6 +99,13 @@
if c.user:
c.user = c.user.decode('utf8')
c.userobj = model.User.by_name(c.user)
+ if c.userobj is None:
+ # This occurs when you are logged in with openid, clean db
+ # and then restart i.e. only really for testers. There is no
+ # user object, so even though repoze thinks you are logged in
+ # and your cookie has ckan_display_name, we need to force user
+ # to login again to get the User object.
+ c.user = None
else:
c.userobj = self._get_user_for_apikey()
if c.userobj is not None:
--- a/ckan/tests/functional/test_package.py Fri Aug 05 15:38:00 2011 +0100
+++ b/ckan/tests/functional/test_package.py Fri Aug 05 18:35:44 2011 +0100
@@ -1646,7 +1646,8 @@
self.assert_not_equal(hash_7, hash_6)
def test_etags_in_response(self):
- c.user = 'test user'
+ c.user = 'annafan'
+ c.userobj = model.User.by_name(u'annafan')
res = self.app.get('/package/annakarenina',
extra_environ={'REMOTE_USER':c.user})
anna_hash = str(PackageController._pkg_cache_key(self.anna))
--- a/ckan/tests/functional/test_user.py Fri Aug 05 15:38:00 2011 +0100
+++ b/ckan/tests/functional/test_user.py Fri Aug 05 18:35:44 2011 +0100
@@ -62,6 +62,10 @@
offset = '/user/'
res = self.app.get(offset, status=302)
+ def test_user_read_me_without_id(self):
+ offset = '/user/me'
+ res = self.app.get(offset, status=302)
+
def test_user_read_without_id_but_logged_in(self):
user = model.User.by_name(u'annafan')
offset = '/user/'
@@ -412,6 +416,30 @@
main_res = self.main_div(res)
assert new_about in main_res, main_res
+ def test_user_edit_no_user(self):
+ offset = url_for(controller='user', action='edit', id=None)
+ res = self.app.get(offset, status=400)
+ assert 'No user specified' in res, res
+
+ def test_user_edit_unknown_user(self):
+ offset = url_for(controller='user', action='edit', id='unknown_person')
+ res = self.app.get(offset, status=404)
+ assert 'User not found' in res, res
+
+ def test_user_edit_not_logged_in(self):
+ # create user
+ username = 'testedit'
+ about = u'Test About'
+ user = model.User.by_name(unicode(username))
+ if not user:
+ model.Session.add(model.User(name=unicode(username), about=about,
+ password='letmein'))
+ model.repo.commit_and_remove()
+ user = model.User.by_name(unicode(username))
+
+ offset = url_for(controller='user', action='edit', id=username)
+ res = self.app.get(offset, status=302)
+
def test_edit_spammer(self):
# create user
username = 'testeditspam'
http://bitbucket.org/okfn/ckan/changeset/eb7eecf83655/
changeset: eb7eecf83655
user: dread
date: 2011-08-05 19:36:08
summary: [merge] from release-v1.4.3.
affected #: 4 files (1.8 KB)
--- a/ckan/controllers/user.py Fri Aug 05 15:39:03 2011 +0100
+++ b/ckan/controllers/user.py Fri Aug 05 18:36:08 2011 +0100
@@ -141,13 +141,18 @@
error_summary = e.error_summary
return self.new(data_dict, errors, error_summary)
- def edit(self, id, data=None, errors=None, error_summary=None):
+ def edit(self, id=None, data=None, errors=None, error_summary=None):
context = {'model': model, 'session': model.Session,
'user': c.user or c.author,
'preview': 'preview' in request.params,
'save': 'save' in request.params,
'schema': self._edit_form_to_db_schema(),
}
+ if id is None:
+ if c.userobj:
+ id = c.userobj.id
+ else:
+ abort(400, _('No user specified'))
data_dict = {'id': id}
if (context['save'] or context['preview']) and not data:
@@ -167,6 +172,8 @@
except NotAuthorized:
abort(401, _('Unauthorized to edit user %s') % '')
+ except NotFound, e:
+ abort(404, _('User not found'))
user_obj = context.get('user_obj')
--- a/ckan/lib/base.py Fri Aug 05 15:39:03 2011 +0100
+++ b/ckan/lib/base.py Fri Aug 05 18:36:08 2011 +0100
@@ -99,6 +99,13 @@
if c.user:
c.user = c.user.decode('utf8')
c.userobj = model.User.by_name(c.user)
+ if c.userobj is None:
+ # This occurs when you are logged in with openid, clean db
+ # and then restart i.e. only really for testers. There is no
+ # user object, so even though repoze thinks you are logged in
+ # and your cookie has ckan_display_name, we need to force user
+ # to login again to get the User object.
+ c.user = None
else:
c.userobj = self._get_user_for_apikey()
if c.userobj is not None:
--- a/ckan/tests/functional/test_package.py Fri Aug 05 15:39:03 2011 +0100
+++ b/ckan/tests/functional/test_package.py Fri Aug 05 18:36:08 2011 +0100
@@ -1646,7 +1646,8 @@
self.assert_not_equal(hash_7, hash_6)
def test_etags_in_response(self):
- c.user = 'test user'
+ c.user = 'annafan'
+ c.userobj = model.User.by_name(u'annafan')
res = self.app.get('/package/annakarenina',
extra_environ={'REMOTE_USER':c.user})
anna_hash = str(PackageController._pkg_cache_key(self.anna))
--- a/ckan/tests/functional/test_user.py Fri Aug 05 15:39:03 2011 +0100
+++ b/ckan/tests/functional/test_user.py Fri Aug 05 18:36:08 2011 +0100
@@ -62,6 +62,10 @@
offset = '/user/'
res = self.app.get(offset, status=302)
+ def test_user_read_me_without_id(self):
+ offset = '/user/me'
+ res = self.app.get(offset, status=302)
+
def test_user_read_without_id_but_logged_in(self):
user = model.User.by_name(u'annafan')
offset = '/user/'
@@ -412,6 +416,30 @@
main_res = self.main_div(res)
assert new_about in main_res, main_res
+ def test_user_edit_no_user(self):
+ offset = url_for(controller='user', action='edit', id=None)
+ res = self.app.get(offset, status=400)
+ assert 'No user specified' in res, res
+
+ def test_user_edit_unknown_user(self):
+ offset = url_for(controller='user', action='edit', id='unknown_person')
+ res = self.app.get(offset, status=404)
+ assert 'User not found' in res, res
+
+ def test_user_edit_not_logged_in(self):
+ # create user
+ username = 'testedit'
+ about = u'Test About'
+ user = model.User.by_name(unicode(username))
+ if not user:
+ model.Session.add(model.User(name=unicode(username), about=about,
+ password='letmein'))
+ model.repo.commit_and_remove()
+ user = model.User.by_name(unicode(username))
+
+ offset = url_for(controller='user', action='edit', id=username)
+ res = self.app.get(offset, status=302)
+
def test_edit_spammer(self):
# create user
username = 'testeditspam'
Repository URL: https://bitbucket.org/okfn/ckan/
--
This is a commit notification from bitbucket.org. You are receiving
this because you have the service enabled, addressing the recipient of
this email.
More information about the ckan-changes
mailing list