Useful for replacing setup_helper. This API should be considered EXPERIMENTAL
and may change.
Signed-off-by: Sunil Mohan Adapa <sunil@medhas.org>
Reviewed-by: James Valleroy <jvalleroy@mailbox.org>
This is help in eliminating the module level package_conflicts declarations.
Signed-off-by: Sunil Mohan Adapa <sunil@medhas.org>
Reviewed-by: James Valleroy <jvalleroy@mailbox.org>
Like the earlier API, accept old_version as parameter. A base implementation,
simply call setup on all components.
Signed-off-by: Sunil Mohan Adapa <sunil@medhas.org>
Reviewed-by: James Valleroy <jvalleroy@mailbox.org>
This allows app initialization to happen without Django being configured.
Tests:
- Update unit tests.
- Visit /app, /system and /help pages. All the icons are listed properly.
Signed-off-by: Sunil Mohan Adapa <sunil@medhas.org>
Reviewed-by: James Valleroy <jvalleroy@mailbox.org>
Time to delay after app is enabled, before checking
diagnosics. Default value is 0 (no delay).
Signed-off-by: James Valleroy <jvalleroy@mailbox.org>
Reviewed-by: Sunil Mohan Adapa <sunil@medhas.org>
Signed-off-by: James Valleroy <jvalleroy@mailbox.org>
[sunil: Use the verb 'assert' instead of 'confirm']
[sunil: More documentation for base app tests class]
Signed-off-by: Sunil Mohan Adapa <sunil@medhas.org>
Reviewed-by: Sunil Mohan Adapa <sunil@medhas.org>
This is an improvement over !2069, which solved #2094.
Tests:
- Install an app. Success result is shown.
- Install an app and kill the apt-get process in the middle. Error result is
shown.
- Click install on an app (email_server). Close the window without seeing the
result. Access the app page (like email_server/my_aliases) as a non-admin user.
No success/file message is shown. The page is shown properly. Access the page as
admin, success message is shown.
- Access an uninstalled/installed app page as anonymous user. User is redirected
to login page.
- Access an uninstalled/installed app page as non-admin user. Forbidden page is
shown.
- Access an uninstalled app page meant for non-admin users (such as
email_server/my_aliases) as non-admin user. Forbidden page is shown.
- Access an installed app page as admin. Success.
- Access an installed app page meant for non-admin users (such as
email_server/my_aliases) as admin. Success.
Signed-off-by: Sunil Mohan Adapa <sunil@medhas.org>
Reviewed-by: Fioddor Superconcentrado <fioddor@gmail.com>
Functions needed to spot and remove installed conflicting packages
before installation of apps.
- Remove all packages in a single operation as this way apt can search for
solutions to conflicts more easily.
- Use type hints rather than a lot of type checking. Type hints shall later be
enforced using offline checking (with mypy) or at runtime (with enforce, etc.).
Signed-off-by: Fioddor Superconcentrado <fioddor@gmail.com>
[sunil: Run single remove operation on all packages]
[sunil: Use type hints instead of extensive type checking]
[sunil: Trim down the test case as it would only succeed after install]
Reviewed-by: Sunil Mohan Adapa <sunil@medhas.org>
package
- The method to check if we are running inside a container is not being called.
Call it.
- Also fix the assumption that tests and freedombox service run on the same
machine. Be conservative and assume running in container if we can't determine
the accurate state.
Signed-off-by: Sunil Mohan Adapa <sunil@medhas.org>
Reviewed-by: Fioddor Superconcentrado <fioddor@gmail.com>
Signed-off-by: Fioddor Superconcentrado <fioddor@gmail.com>
[sunil: Minor refactoring, relax a test to make it work on CI]
[sunil: Run tests only when systemd, ip commands are available]
Signed-off-by: Sunil Mohan Adapa <sunil@medhas.org>
Reviewed-by: Sunil Mohan Adapa <sunil@medhas.org>
Django has updated the is_safe_url() method that we based our implementation on.
It is now called url_has_allowed_host_and_scheme(). Our implementation remains
simple as we don't allow any hostname or scheme to be set.
Signed-off-by: Sunil Mohan Adapa <sunil@medhas.org>
Reviewed-by: James Valleroy <jvalleroy@mailbox.org>
- In Django 2.2 django.conf.urls.url() is an alias to django.urls.re_path().
- In Django 4.0, url() function will be removed. On Django 3.2, it throws a
warning that this function will be removed in future.
Tests:
- Run unit tests with Django 3.2 and Django 2.2.
- With Django 3.2 there are no warnings when running unit tests and when running
FreedomBox Service.
- Visit a few affected apps with both Django versions.
Signed-off-by: Sunil Mohan Adapa <sunil@medhas.org>
Reviewed-by: James Valleroy <jvalleroy@mailbox.org>
- Done automatically by running isort . in top level directory.
Signed-off-by: Sunil Mohan Adapa <sunil@medhas.org>
Reviewed-by: James Valleroy <jvalleroy@mailbox.org>
- ugettext functions will be removed in Django 4.0. Each use emits a warning
when running with Django 3.2. Since we have warnings enabled in developer mode,
we see quite a few messages because of this.
- ugettext is already a simple alias of gettext. So, no regressions are
expected.
Tests:
- Accessing an affected app in UI with Django 3.2 and Django 2.2 works fine.
- Using Django 3.2 there are no warnings related to removal of ugettext
functions.
- Ran regular unit tests.
Signed-off-by: Sunil Mohan Adapa <sunil@medhas.org>
Reviewed-by: James Valleroy <jvalleroy@mailbox.org>
- Set default SSH and Samba port for testing a container.
- Set default URL for running functional tests from within container.
- Update instructions.
Closes: #2015.
Signed-off-by: James Valleroy <jvalleroy@mailbox.org>
Reviewed-by: Fioddor Superconcentrado <fioddor@gmail.com>
- Make the code work outside backups module.
- Move code to main.js so that any app can use this functionality.
- Make the code work for multiple such form fields in the same page.
- Use only pure JS, don't use jQuery.
- Add event handlers only after DOM content is loaded to avoid race conditions.
Tests performed:
- Checking the select-all button checks all options.
- De-checking the select-all button de-checks all options.
- De-checking one option when everything is checked, de-checks the select-all
button.
- Checking the last option when everything else is checked, checks the
select-all button.
- When loading a schedule page with all options checked, select-all button is
checked.
- When loading a schedule page with some option unchecked, select-all button is
unchecked.
Signed-off-by: Sunil Mohan Adapa <sunil@medhas.org>
Reviewed-by: James Valleroy <jvalleroy@mailbox.org>
- Do not require a user password when creating a user. Generate a password
if not provided.
- Before creating a user, delete previous user with the same name.
- Delete user: Do not skip if the user doesn't exist. It avoids the
situation that some @when tests may silently skip.
- Update openvpn and deluge functional tests assuming passwords were not
under the tests.
Tests performed:
- users, openvpn and deluge app functional tests pass.
Signed-off-by: Veiko Aasa <veiko17@disroot.org>
Reviewed-by: James Valleroy <jvalleroy@mailbox.org>
- On Debian 10, pin pytest-bdd version to 3.2.1, this is the latest
version that supports pytest 3.10.1.
- Install wheel and pytest-xdist packages from the Debian repos.
- Add git as a dependency for functional tests.
- Fix regexp when getting Gecko version from the Github api, for some
reason after colon, sometimes there is a space and sometimes not.
Tests performed on Debian stable, testing and unstable:
- Installing dependencies with the install.sh script succeeds.
- No regressions when running tests.
Signed-off-by: Veiko Aasa <veiko17@disroot.org>
- Each app does not have to call the validator by itself.
Signed-off-by: Sunil Mohan Adapa <sunil@medhas.org>
Reviewed-by: Veiko Aasa <veiko17@disroot.org>
- So that with a component at hand, it's app can be easily retrieved.
- Don't create circular dependencies.
Signed-off-by: Sunil Mohan Adapa <sunil@medhas.org>
Reviewed-by: Veiko Aasa <veiko17@disroot.org>
Add tests to check that usage of Deluge is only permitted to users in
the group 'bit-torrent'.
Signed-off-by: Joseph Nuthalapati <njoseph@riseup.net>
Reviewed-by: Veiko Aasa <veiko17@disroot.org>
Closes: #1818. The new navbar collapse handles items better without a scrollbar.
- Switch dependency to newer bootstrap4 library.
- Bootstrap 4 has 5 grid levels instead of 4. Adjust all classes accordingly to
retain current semantics.
- Update for newer markup for dropdowns.
- Replace use for labels with badges. Labels have been removed. Use
badge-secondary instead of label-default.
- Replace use of btn-xs with btn-sm. Size is roughly the same.
- Accommodate removal of form-horizontal.
- .hidden* and .visible* classes have been removed. Use alternate utilities.
- Replace use of table-condensed with table-sm.
- Update progress bar background styling. .progress-bar-* have been replaced
with bg-*.
- Drop support for IE9 and below. Bootstrap 4 does not support those browsers.
- Use the new simplified markup for navs, navbar and navbar-toggler. Accommodate
removal of .navbar-fixed-top.
- Update the JSXC page too.
- Update all values that are using rem units. The base font size is now 1rem =
16px instead of 1rem = 10px. This the default for bootstrap 4.
- A button inside a dropdown menu is natively supported by bootstrap 4. Remove
custom styling done earlier.
- Drop use of removed class thumbnail.
- Override colors for buttons and warnings to keep the old style.
- Use new markup for close buttons inside alerts.
- Use .collapse.show instead of .collapse.in as per bootstrap 4 styling.
Signed-off-by: Sunil Mohan Adapa <sunil@medhas.org>
Reviewed-by: Veiko Aasa <veiko17@disroot.org>
Closes: #1981
Closes also most of threads in !1952.
Signed-off-by: Fioddor Superconcentrado <fioddor@gmail.com>
Reviewed-by: James Valleroy <jvalleroy@mailbox.org>
A new function called `user_group_view` has been added to
restrict access to only users in the groups "vpn" and "admin".
Some changes are made in AdminRequiredMiddleware to handle this.
Signed-off-by: Joseph Nuthalapati <njoseph@riseup.net>
Reviewed-by: James Valleroy <jvalleroy@mailbox.org>
This is the first functional test which tests the permissions of a
non-administrator user in a group.
Some changes had to be made in the form shown in users module for this
to work. The id of each checkbox in the "Permissions" section is now
predictable based on the name of the group. For example, the id of the
checkbox for the group "vpn" is `id_group_vpn`. Changes are also made in
`CheckboxSelectMultipleReadOnly` form class for consistency, though it
is not being used by this functional test.
Some utility functions for functional tests have been moved out of users
module to be usable by other app modules for testing group permissions.
One additional utility function to skip creating user if it already
exists has been added. Not using this function wouldn't break the test
but using it saves some time.
Changed password format string to use `S` instead of `w` to support
special characters in password.
Signed-off-by: Joseph Nuthalapati <njoseph@riseup.net>
Reviewed-by: James Valleroy <jvalleroy@mailbox.org>
- Set domain name during app setup
- Improve tests for settings. Prefer to call functions in plinth which invoke
actions than test actions directly.
- Also, '$wgServer' is not a domain name since it also includes the protocol.
- Add domain selection form. Make server url a text input field.
- Added a functional test to set the value of server url to the value provided
by FREEDOMBOX_URL before doing running any other tests.
- Make server url setting a pre-requisite.
Signed-off-by: Joseph Nuthalapati <njoseph@riseup.net>
[sunil: Squash commits as they were fixing themselves]
[sunil: Simplify configuration reading]
[sunil: Use 'server_url' terminology consistently]
[sunil: cosmetic: Minor styling]
[sunil: Update test_settings.py to use fixture pattern]
[sunil: Remove seemingly incorrectly used aria-describedby attribute]
[sunil: Don't rely solely on env variable value in functional tests]
[sunil: Fix issue with http/https mismatch when checking site availability]
Signed-off-by: Sunil Mohan Adapa <sunil@medhas.org>
Reviewed-by: Sunil Mohan Adapa <sunil@medhas.org>
This change prevents the plinth user to become a superuser without
knowing an admin password.
Users module and action script:
- User credentials are now required for the subcommands: create-user,
set-user-password, add-user-to-group (if the group is admin),
remove-user-from-group (if the group is admin), set-user-status,
remove-user (if the removed user is the last admin user.
Note: the web UI doesn't allow to delete last admin user).
- subcommand remove-users requires authentication if the user is last
admin user. Password must be provided through standard input.
- subcommand remove-group: do not allow to remove group 'admin'
- User credentials must be provided using the argument
--auth-user and a passsword must be provided through standard input.
- If there are no users in the admin group, no admin password is
required and if the --auth-user argument is required, it can be an
empty string.
Users web UI:
- An admin needs to enter current password to create and edit a user
and to change user's password.
- Show more detailed error text on exceptions when submitting forms.
- Show page title on the edit and create user pages.
Users unit and functional tests:
- Added a configuration parameters to the pytest configuration file
to set current admin user/password.
- Added a configuration parameter 'ssh_port' to the functional tests.
You can overwrite this with the FREEDOMBOX_SSH_PORT environment
variable. Modified HACKING.md accordingly.
- Added an unit test:
- test changing the password as a non-admin user.
- test invalid admin password input.
- test that removing the admin group fails.
- Capture stdout and stderr in the unit tests when calling an action
script to be able to see more info on exceptions.
- Added functional tests for setting ssh keys and changing passwords
for admin and non-admin users.
- Added a functional test for setting a user as active/inactive.
Changes during review [sunil]:
- Move uncommon functional step definitions to users module from global. This is
keep the common functional step definitions to minimal level and promote when
needed.
- Minor styling changes, flake8 fixes.
- Don't require pampy module when running non-admin tests. This allows tests to
be run from outside the container on the host machine without python3-pam
installed.
- Call the confirm password field 'Authorization Password'. This avoid confusion
with a very common field 'Confirm Password' which essentially means retype
your password to ensure you didn't get it wrong. Add label explaining why the
field exists.
- Don't hard-code /tmp path in test_actions.py. Use tmp_path_factory fixture
provided by pytest.
- Remove unused _get_password_hash() from actions/users.
- Undo splitting ldapgid output before parsing. It does not seem correct and
could introduce problems when field values contain spaces.
Tests performed:
- No failed unit tests (run with and without sudo).
- All 'users' functional tests pass.
- Creating an admin user during the first boot wizard succeeds.
- Creating a user using the web UI with an empty or wrong admin
password fails and with the correct admin password succeeds.
- Editing a user using the web UI with an empty or wrong admin
password fails and with the correct admin password succeeds.
- Changing user's password using the web UI with an empty or wrong
admin password fails and with the correct admin password succeeds.
- Above mentioned user action script commands can't be run without
correct credentials.
- Adding the daemon user to the freedombox-share group succeeds when
installing certain apps (deluge, mldonkey, syncthing, transmission).
Signed-off-by: Veiko Aasa <veiko17@disroot.org>
[sunil: Move uncommon functional step definitions to users module from global]
[sunil: Minor styling changes, flake8 fixes]
[sunil: Don't require pampy module when running non-admin tests]
[sunil: Call the confirm password field 'Authorization Password']
[sunil: Don't hard-code /tmp path in test_actions.py]
[sunil: Remove unused _get_password_hash() from actions/users]
[sunil: Undo splitting ldapgid output before parsing]
Signed-off-by: Sunil Mohan Adapa <sunil@medhas.org>
Reviewed-by: Sunil Mohan Adapa <sunil@medhas.org>
Closes: #1855.
Tests:
- On unstable, first boot step is not shown. Backports are not
enabled.
- On testing, tested enabling backports at first boot step. Backports
are enabled.
- On testing, tested not enabling backports. Backports are not enabled
and can be activated later.
- On testing, confirmed that functional tests can click through the
first boot step.
- On stable with backports, first boot step is not shown. Backports
are enabled.
- On stable, tested enabling backports at first boot step. Backports
are enabled.
- On stable, tested not enabling backports. Backports are not enabled
and can be activated later.
Signed-off-by: James Valleroy <jvalleroy@mailbox.org>
[sunil: Avoid two different i18n strings with almost same content]
[sunil: Use box_name instead of hardcoded FreedomBox name]
[sunil: Use consistent terminology 'activate' instead of 'enable']
[sunil: Rename the wizard, form, view, url for consistency with existing code]
Signed-off-by: Sunil Mohan Adapa <sunil@medhas.org>
Reviewed-by: Sunil Mohan Adapa <sunil@medhas.org>
Reviewed-by: James Valleroy <jvalleroy@mailbox.org>
