You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.

59 lines
2.1 KiB

8 years ago
  1. # -*- coding: utf-8 -*-
  2. # Copyright (C) 2015 Akretion (<http://www.akretion.com>)
  3. # @author: Florian da Costa
  4. # License AGPL-3.0 or later (http://www.gnu.org/licenses/agpl.html).
  5. import base64
  6. from openerp.tests.common import TransactionCase
  7. from openerp.exceptions import Warning as UserError
  8. class TestExportSqlQuery(TransactionCase):
  9. def setUp(self):
  10. super(TestExportSqlQuery, self).setUp()
  11. self.sql_export_obj = self.env['sql.export']
  12. self.wizard_obj = self.env['sql.file.wizard']
  13. self.sql_report_demo = self.env.ref('sql_export.sql_export_partner')
  14. def test_sql_query(self):
  15. wizard = self.wizard_obj.create({
  16. 'sql_export_id': self.sql_report_demo.id,
  17. })
  18. wizard.export_sql()
  19. export = base64.b64decode(wizard.binary_file)
  20. self.assertEqual(export.split(';')[0], 'name')
  21. self.assertTrue(len(export.split(';')) > 6)
  22. def test_prohibited_queries(self):
  23. prohibited_queries = [
  24. "upDaTe res_partner SET name = 'test' WHERE id = 1",
  25. "DELETE FROM sql_export WHERE name = 'test';",
  26. " DELETE FROM sql_export WHERE name = 'test' ;",
  27. """DELETE
  28. FROM
  29. sql_export
  30. WHERE name = 'test'
  31. """,
  32. "SELECT id FROM sql_export;DELETE FROM sql_export",
  33. ]
  34. for query in prohibited_queries:
  35. with self.assertRaises(UserError):
  36. sql_export = self.sql_export_obj.create({
  37. 'name': 'test_prohibited',
  38. 'query': query})
  39. sql_export.button_validate_sql_expression()
  40. def test_authorized_queries(self):
  41. authorized_queries = [
  42. "SELECT create_date FROM res_partner",
  43. ]
  44. for query in authorized_queries:
  45. sql_export = self.sql_export_obj.create({
  46. 'name': 'test_authorized',
  47. 'query': query})
  48. sql_export.button_validate_sql_expression()
  49. self.assertEqual(
  50. sql_export.state, 'sql_valid',
  51. "%s is a valid request" % (query))