[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
SF.net SVN: ledger-smb:[6680] trunk
- Subject: SF.net SVN: ledger-smb:[6680] trunk
- From: ..hidden..
- Date: Tue, 28 Jan 2014 09:39:43 +0000
Revision: 6680
http://sourceforge.net/p/ledger-smb/code/6680
Author: einhverfr
Date: 2014-01-28 09:39:42 +0000 (Tue, 28 Jan 2014)
Log Message:
-----------
Adding tests for financial_reports role's read permissions, removing some other tests for removed old code.
Modified Paths:
--------------
trunk/LedgerSMB/Database.pm
trunk/sql/modules/test/Roles.sql
trunk/t/04-template-handling.t
trunk/t/43-dbtest.t
Modified: trunk/LedgerSMB/Database.pm
===================================================================
--- trunk/LedgerSMB/Database.pm 2014-01-28 09:05:58 UTC (rev 6679)
+++ trunk/LedgerSMB/Database.pm 2014-01-28 09:39:42 UTC (rev 6680)
@@ -565,7 +565,7 @@
# The statement below is likely to fail, because
# the language already exists. Unfortunately, it's an error.
# If it had been a notice,
- $self->dbh->do("CREATE LANGAGE plpgsql");
+ $self->dbh->do("CREATE LANGUAGE plpgsql");
$self->dbh->commit;
$self->exec_script(
{
Modified: trunk/sql/modules/test/Roles.sql
===================================================================
--- trunk/sql/modules/test/Roles.sql 2014-01-28 09:05:58 UTC (rev 6679)
+++ trunk/sql/modules/test/Roles.sql 2014-01-28 09:39:42 UTC (rev 6680)
@@ -122,6 +122,12 @@
FROM unnest(array['gl'::text, 'acc_trans', 'account_checkpoint', 'ar', 'ap',
'entity', 'entity_credit_account'])t;
+INSERT INTO test_result(test_name, success)
+SELECT 'financial_reports can read ' || t,
+ test__has_select_permission('financial_reports', t)
+FROM unnest(array['gl'::text, 'acc_trans', 'account_checkpoint', 'ar', 'ap',
+ 'entity', 'entity_credit_account', 'cash_impact'])t;
+
-- TEST RESULTS
SELECT test_name, success FROM test_result;
Modified: trunk/t/04-template-handling.t
===================================================================
--- trunk/t/04-template-handling.t 2014-01-28 09:05:58 UTC (rev 6679)
+++ trunk/t/04-template-handling.t 2014-01-28 09:39:42 UTC (rev 6680)
@@ -49,205 +49,7 @@
$expStackTrace = 1;
}
-# AM->check_template_name checks
-# check_template operates by calling $form->error if the checks fail
-$form = new Form;
-$myconfig = {'templates' => 'test'};
-for my $ext ('css', 'tex', 'txt', 'html', 'xml') {
- $form->{file} = "test/apples.${ext}";
- @r = trap{AM->check_template_name($myconfig, $form)};
- ok(!defined $trap->die,
- "AM, check_template_name: Template directory, ${ext}");
-}
-$form->{file} = 'test2/apples.txt';
-@r = trap{AM->check_template_name($myconfig, $form)};
-if ( $expStackTrace == 0 )
-{
- is($trap->die, "Error: Not in a whitelisted directory: test2/apples.txt\n",
- 'AM, check_template_name: Invalid directory, non-css denial');
-}
-else
-{
- my $trapmsg="";
- if ($trap->die =~/(Error: Not in a whitelisted directory: test2\/apples.txt\n).*/)
- {
- $trapmsg = $1;
- }
- is($trapmsg, "Error: Not in a whitelisted directory: test2/apples.txt\n",
- 'AM, check_template_name: Invalid directory, non-css denial');
-}
-$form->{file} = 'test/apples.exe';
-@r = trap{AM->check_template_name($myconfig, $form)};
-if ( $expStackTrace == 0 )
-{
- is($trap->die, "Error: Error: File is of type that is not allowed.\n",
- 'AM, check_template_name: Disallowed type denial');
-}
-else
-{
- my $trapmsg="";
- if ($trap->die =~/(Error: Error: File is of type that is not allowed.\n).*/)
- {
- $trapmsg = $1;
- }
- is($trapmsg, "Error: Error: File is of type that is not allowed.\n",
- 'AM, check_template_name: Disallowed type denial');
-}
-# adjusting backuppath to avoid triggering directory traversal detection
-$temp = ${LedgerSMB::Sysconfig::backuppath};
-${LedgerSMB::Sysconfig::backuppath} = "foo";
-$form->{file} = "${LedgerSMB::Sysconfig::backuppath}/apples.txt";
-@r = trap{AM->check_template_name($myconfig, $form)};
-if ( $expStackTrace == 0 )
-{
- is($trap->die, "Error: Not allowed to access foo/ with this method\n",
- 'AM, check_template_name: Backup path denial');
-}
-else
-{
- my $trapmsg="";
- if ($trap->die =~/(Error: Not allowed to access foo\/ with this method\n).*/)
- {
- $trapmsg = $1;
- }
- is($trapmsg, "Error: Not allowed to access foo/ with this method\n",
- 'AM, check_template_name: Backup path denial');
-}
-${LedgerSMB::Sysconfig::backuppath} = $temp;
-
-$form->{file} = "css/../apples.txt";
-@r = trap{AM->check_template_name($myconfig, $form)};
-if ( $expStackTrace == 0 )
-{
- is($trap->die, "Error: Directory transversal not allowed.\n",
- 'AM, check_template_name: Directory transversal denial 1');
-}
-else
-{
- my $trapmsg="";
- if ($trap->die =~/(Error: Directory transversal not allowed.\n).*/)
- {
- $trapmsg = $1;
- }
- is($trapmsg, "Error: Directory transversal not allowed.\n",
- 'AM, check_template_name: Directory transversal denial 1');
-}
-$form->{file} = "/tmp/apples.txt";
-@r = trap{AM->check_template_name($myconfig, $form)};
-if ( $expStackTrace == 0 )
-{
- is($trap->die, "Error: Not in a whitelisted directory: /tmp/apples.txt\n",
- 'AM, check_template_name: Directory transversal denial 2');
-}
-else
-{
- my $trapmsg="";
- if ($trap->die =~/(Error: Directory transversal not allowed.\n).*/)
- {
- $trapmsg = $1;
- }
- is($trapmsg, "Error: Directory transversal not allowed.\n",
- 'AM, check_template_name: Directory transversal denial 2');
-}
-$form->{file} = "test/apples.txt:evil";
-@r = trap{AM->check_template_name($myconfig, $form)};
-if ( $expStackTrace == 0 )
-{
- is($trap->die, "Error: Directory transversal not allowed.\n",
- 'AM, check_template_name: Directory transversal denial 3');
-}
-else
-{
- my $trapmsg="";
- if ($trap->die =~/(Error: Directory transversal not allowed.\n).*/)
- {
- $trapmsg = $1;
- }
- is($trapmsg, "Error: Directory transversal not allowed.\n",
- 'AM, check_template_name: Directory transversal denial 3');
-}
-$form->{file} = "c:\\evil.txt";
-@r = trap{AM->check_template_name($myconfig, $form)};
-if ( $expStackTrace == 0 )
-{
- is($trap->die, "Error: Directory transversal not allowed.\n",
- 'AM, check_template_name: Directory transversal denial 4');
-}
-else
-{
- my $trapmsg="";
- if ($trap->die =~/(Error: Directory transversal not allowed.\n).*/)
- {
- $trapmsg = $1;
- }
- is($trapmsg, "Error: Directory transversal not allowed.\n",
- 'AM, check_template_name: Directory transversal denial 4');
-}
-
-# AM->load_template checks
-# load_template takes its file name from form
-$form = new Form;
-$myconfig = {'templates' => 't/data'};
-$form->{file} = 't/data/04-not-there.txt';
-@r = trap{AM->load_template($myconfig, $form)};
-if ( $expStackTrace == 0 )
-{
- is($trap->die, 'Error: Template not found: t/data/04-not-there.txt
-');
-}
-else
-{
- my $trapmsg="";
- if ($trap->die =~/(Error: t\/data\/04-not-there.txt : No such file or directory\n).*/)
- {
- $trapmsg = $1;
- }
- is($trapmsg, "Error: t/data/04-not-there.txt : No such file or directory\n",
- 'AM, load_template: Die on non-existent file');
-}
-$form->{file} = 't/data/04-template.html';
-AM->load_template($myconfig, $form);
-is($form->{body}, "I am a template.\nLook at me <?lsmb login ?>.\n",
- 'AM, load_template: Read existing file');
-
-# AM->save_template checks
-$form = new Form;
-$myconfig = {'templates' => 't/var/not here'};
-$form->{body} = "I am a template.\nLook at me.\n";
-$form->{file} = "$myconfig->{templates}/test.txt";
-@r = trap{AM->save_template($myconfig, $form)};
-if ( $expStackTrace == 0 )
-{
- is($trap->die,
- "Error: t/var/not here/test.txt : No such file or directory\n",
- 'AM, save_template: Die on unwritable file');
-}
-else
-{
- my $trapmsg="";
- if ($trap->die =~/(Error: t\/var\/not here\/test.txt : No such file or directory\n).*/)
- {
- $trapmsg = $1;
- }
- is($trapmsg,
- "Error: t/var/not here/test.txt : No such file or directory\n",
- 'AM, save_template: Die on unwritable file');
-}
-$myconfig = {'templates' => 't/var'};
-$form->{body} = "I am a template.\nLook at me.";
-$form->{file} = "$myconfig->{templates}/04-template-save-test-$$.txt";
-ok(!-e $form->{file}, 'AM, save_template: Environment clean');
-AM->save_template($myconfig, $form);
-ok(-e $form->{file}, 'AM, save_template: File created');
-open($FH, '<', $form->{file});
-@r = <$FH>;
-close($FH);
-chomp(@r);
-is(join("\n", @r), $form->{body}, 'AM, save_template: Good save');
-is(unlink($form->{file}), 1, 'AM, save_template: removing testfile');
-ok(!-e $form->{file}, 'AM, save_template: testfile removed');
-
######################################
## LedgerSMB::Template::HTML checks ##
######################################
Modified: trunk/t/43-dbtest.t
===================================================================
--- trunk/t/43-dbtest.t 2014-01-28 09:05:58 UTC (rev 6679)
+++ trunk/t/43-dbtest.t 2014-01-28 09:39:42 UTC (rev 6680)
@@ -5,7 +5,7 @@
plan skip_all => 'Skipping all. Told not to test db.';
}
else {
- plan tests => 449;
+ plan tests => 457;
if (defined $ENV{LSMB_NEW_DB}){
$ENV{PGDATABASE} = $ENV{LSMB_NEW_DB};
}
This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site.
------------------------------------------------------------------------------
WatchGuard Dimension instantly turns raw network data into actionable
security intelligence. It gives you real-time visual feedback on key
security issues and trends. Skip the complicated setup - simply import
a virtual appliance and go from zero to informed in seconds.
http://pubads.g.doubleclick.net/gampad/clk?id=123612991&iu=/4140/ostg.clktrk
_______________________________________________
Ledger-smb-commits mailing list
..hidden..
https://lists.sourceforge.net/lists/listinfo/ledger-smb-commits