def default_data(self):
site = get_site_folder(True)
roles = [
r for r in get_roles(self.context, root=site, ignore_groups=True)
if not getattr(DACE_ROLES.get(r, None), 'islocal', False)
]
return {'roles': roles}
def default_data(self):
roles = [r for r in get_roles(self.context)
if not getattr(DACE_ROLES.get(r, None), 'islocal', False)]
return {'roles': roles,
'title': getattr(self.context, 'title', ''),
'description': getattr(self.context, 'description', ''),
'members': getattr(self.context, 'members', ''),
OBJECT_OID: str(get_oid(self.context))}
def test_copy_composite_unique_and_role(self):
container, folder, item = self._create_objects()
system = self.app['principals']['users']['system']
from dace.objectofcollaboration.principal.util import (grant_roles,
get_roles)
grant_roles(system, (('System', folder), ))
roles = get_roles(user=system, obj=folder)
self.assertEqual(roles, ['System'])
folder.composition_u = item
from dace.util import copy
foldercopy = copy(folder, container)
self.assertIs(folder.composition_u, item)
self.assertIs(item.shared2_u, folder)
self.assertIs(foldercopy.composition_u, None)
self.assertTrue(hasattr(foldercopy, '__oid__'))
self.assertEqual(foldercopy.__name__, 'copy_of_folder')
# verify roles weren't copied
roles = get_roles(user=system, obj=foldercopy)
self.assertEqual(roles, [])
foldercopy2 = copy(folder,
container,
composite_properties=True,
roles=True)
self.assertEqual(foldercopy2.__name__, 'copy_of_folder-2')
# no change for folder and item
self.assertIs(folder.composition_u, item)
self.assertIs(item.shared2_u, folder)
# the copy foldercopy2 of folder contains a copy of item
# which is item2 here
self.assertIsNot(foldercopy2.composition_u, None)
item2 = foldercopy2.composition_u
self.assertIsNot(item, item2)
# item2 has the same name of item
self.assertEqual(item2.__name__, 'item')
self.assertTrue(hasattr(item2, '__oid__'))
# and the copied composition item2 point to foldercopy2
self.assertIs(item2.shared2_u, foldercopy2)
# roles should be copied
roles = get_roles(user=system, obj=foldercopy2)
self.assertEqual(roles, ['System'])
def test_copy_composite_unique_and_role(self):
container, folder, item = self._create_objects()
system = self.app['principals']['users']['system']
from dace.objectofcollaboration.principal.util import (
grant_roles, get_roles)
grant_roles(system, (('System', folder),))
roles = get_roles(user=system, obj=folder)
self.assertEqual(roles, ['System'])
folder.composition_u = item
from dace.util import copy
foldercopy = copy(folder, container)
self.assertIs(folder.composition_u, item)
self.assertIs(item.shared2_u, folder)
self.assertIs(foldercopy.composition_u, None)
self.assertTrue(hasattr(foldercopy, '__oid__'))
self.assertEqual(foldercopy.__name__, 'copy_of_folder')
# verify roles weren't copied
roles = get_roles(user=system, obj=foldercopy)
self.assertEqual(roles, [])
foldercopy2 = copy(folder, container, composite_properties=True,
roles=True)
self.assertEqual(foldercopy2.__name__, 'copy_of_folder-2')
# no change for folder and item
self.assertIs(folder.composition_u, item)
self.assertIs(item.shared2_u, folder)
# the copy foldercopy2 of folder contains a copy of item
# which is item2 here
self.assertIsNot(foldercopy2.composition_u, None)
item2 = foldercopy2.composition_u
self.assertIsNot(item, item2)
# item2 has the same name of item
self.assertEqual(item2.__name__, 'item')
self.assertTrue(hasattr(item2, '__oid__'))
# and the copied composition item2 point to foldercopy2
self.assertIs(item2.shared2_u, foldercopy2)
# roles should be copied
roles = get_roles(user=system, obj=foldercopy2)
self.assertEqual(roles, ['System'])
def default_data(self):
roles = [
r for r in get_roles(self.context)
if not getattr(DACE_ROLES.get(r, None), 'islocal', False)
]
return {
'roles': roles,
'title': getattr(self.context, 'title', ''),
'description': getattr(self.context, 'description', ''),
'members': getattr(self.context, 'members', ''),
OBJECT_OID: str(get_oid(self.context))
}
def start(self, context, request, appstruct, **kw):
new_roles = list(appstruct['roles'])
authorized_roles = get_authorized_roles()
new_roles = [r for r in new_roles if r in authorized_roles]
if new_roles:
current_roles = [
r for r in get_roles(context)
if not getattr(DACE_ROLES.get(r, None), 'islocal', False)
]
roles_to_revoke = [r for r in current_roles if r not in new_roles]
roles_to_grant = [r for r in new_roles if r not in current_roles]
revoke_roles(context, roles_to_revoke)
grant_roles(context, roles_to_grant)
context.modified_at = datetime.datetime.now(tz=pytz.UTC)
context.reindex()
request.registry.notify(
ActivityExecuted(self, [context], get_current()))
return {}
def start(self, context, request, appstruct, **kw):
new_roles = list(appstruct['roles'])
authorized_roles = get_authorized_roles()
new_roles = [r for r in new_roles if r in authorized_roles]
if new_roles:
current_roles = [r for r in get_roles(context) if
not getattr(
DACE_ROLES.get(r, None), 'islocal', False)]
roles_to_revoke = [r for r in current_roles
if r not in new_roles]
roles_to_grant = [r for r in new_roles
if r not in current_roles]
revoke_roles(context, roles_to_revoke)
grant_roles(context, roles_to_grant)
context.modified_at = datetime.datetime.now(tz=pytz.UTC)
context.reindex()
request.registry.notify(ActivityExecuted(
self, [context], get_current()))
return {}
def start(self, context, request, appstruct, **kw):
new_roles = list(appstruct['roles'])
site = get_site_folder(True)
if 'global_site' in kw:
site = getSite()
current_roles = [r for r in get_roles(context, root=site,
ignore_groups=True)
if not getattr(DACE_ROLES.get(r, None),
'islocal', False)]
roles_to_revoke = [(r, site) for r in current_roles
if r not in new_roles]
roles_to_grant = [(r, site) for r in new_roles
if r not in current_roles]
revoke_roles(context, roles_to_revoke)
grant_roles(context, roles_to_grant)
if 'Member' in roles_to_grant:
grant_roles(context, ('Member',))
context.reindex()
request.registry.notify(ActivityExecuted(self, [context], get_current()))
return {}
def start(self, context, request, appstruct, **kw):
new_roles = list(appstruct['roles'])
site = get_site_folder(True)
if 'global_site' in kw:
site = getSite()
current_roles = [
r for r in get_roles(context, root=site, ignore_groups=True)
if not getattr(DACE_ROLES.get(r, None), 'islocal', False)
]
roles_to_revoke = [(r, site) for r in current_roles
if r not in new_roles]
roles_to_grant = [(r, site) for r in new_roles
if r not in current_roles]
revoke_roles(context, roles_to_revoke)
grant_roles(context, roles_to_grant)
if 'Member' in roles_to_grant:
grant_roles(context, ('Member', ))
context.reindex()
request.registry.notify(
ActivityExecuted(self, [context], get_current()))
return {}
def test_grantroles(self):
object1, object2 = self._create_objects()
user = self.request.user #Admin
self.assertEqual(len(get_roles(user)), 1)
self.assertTrue(has_any_roles(user, roles=('Admin', )))
grant_roles(user, roles=('Collaborator', ('Owner', object1)))
self.assertTrue(has_any_roles(user, roles=('Collaborator', 'Owner')))
self.assertTrue(has_any_roles(user, roles=('Collaborator', ('Owner', object1))))
self.assertFalse(has_any_roles(user, roles=(('Owner', object2),)))
roles = get_roles(user)
self.assertEqual(len(roles), 3)
self.assertIn('Collaborator',roles)
self.assertIn('Owner',roles)
self.assertIn('Admin',roles)
self.assertTrue(has_all_roles(user, ('Collaborator', 'Owner')))
self.assertFalse(has_all_roles(user, ('Collaborator', 'Owner', 'Other')))
users = get_users_with_role(role=('Owner', object1))
self.assertEqual(len(users), 1)
self.assertIn(self.request.user,users)
users = get_users_with_role(role='Owner')
self.assertEqual(len(users), 1)
self.assertIn(self.request.user,users)
objects = get_objects_with_role(user=self.request.user, role='Owner')
self.assertEqual(len(objects), 1)
self.assertIn(object1,objects)
revoke_roles(user, roles=(('Owner', object1),))
self.assertFalse(has_all_roles(user, ('Collaborator', 'Owner')))
self.assertTrue(has_all_roles(user, ('Collaborator', )))
revoke_roles(user, roles=('Collaborator', ))
self.assertEqual(len(get_roles(user)), 1)
self.request.user = self.users['alice']
user = self.request.user #Alice
roles = get_roles(user)
self.assertEqual(len(roles), 0)
grant_roles(user, roles=('Admin',))
roles = get_roles(user)
self.assertEqual(len(roles), 1)
self.assertIn('Admin',roles)
self.assertTrue(has_any_roles(user, roles=('Collaborator', )))
revoke_roles(user, roles=('Admin', ))
self.assertFalse(has_any_roles(user, roles=('Collaborator', )))
grant_roles(user, roles=('Developer',))
roles = get_roles(user)
self.assertEqual(len(roles), 1)
self.assertIn('Developer',roles)
self.assertTrue(has_any_roles(user, roles=('Collaborator', )))
self.assertFalse(has_any_roles(user, ('Collaborator', ), True)) #exclude superiors
#Anonymous
self.request.user = None
roles = get_roles()
self.assertEqual(len(roles), 1)
self.assertIn('Anonymous',roles)
self.assertFalse(has_any_roles(roles=('Collaborator', 'Owner')))
self.assertTrue(has_any_roles(roles=('Anonymous',)))
def default_data(self):
roles = [
r for r in get_roles(self.context)
if not getattr(DACE_ROLES.get(r, None), 'islocal', False)
]
return {'roles': roles}
def default_data(self):
roles = [r for r in get_roles(self.context)
if not getattr(DACE_ROLES.get(r, None), 'islocal', False)]
return {'roles': roles}
def default_data(self):
site = get_site_folder(True)
roles = [r for r in get_roles(
self.context, root=site, ignore_groups=True)
if not getattr(DACE_ROLES.get(r, None), 'islocal', False)]
return {'roles': roles}
def test_grantroles(self):
object1, object2 = self._create_objects()
user = self.request.user #Admin
self.assertEqual(len(get_roles(user)), 1)
self.assertTrue(has_any_roles(user, roles=('Admin', )))
grant_roles(user, roles=('Collaborator', ('Owner', object1)))
self.assertTrue(has_any_roles(user, roles=('Collaborator', 'Owner')))
self.assertTrue(has_any_roles(user, roles=('Collaborator', ('Owner', object1))))
self.assertFalse(has_any_roles(user, roles=(('Owner', object2),)))
roles = get_roles(user)
self.assertEqual(len(roles), 3)
self.assertIn('Collaborator',roles)
self.assertIn('Owner',roles)
self.assertIn('Admin',roles)
self.assertTrue(has_all_roles(user, ('Collaborator', 'Owner')))
self.assertFalse(has_all_roles(user, ('Collaborator', 'Owner', 'Other')))
users = get_users_with_role(role=('Owner', object1))
self.assertEqual(len(users), 1)
self.assertIn(self.request.user,users)
users = get_users_with_role(role='Owner')
self.assertEqual(len(users), 1)
self.assertIn(self.request.user,users)
objects = get_objects_with_role(user=self.request.user, role='Owner')
self.assertEqual(len(objects), 1)
self.assertIn(object1,objects)
revoke_roles(user, roles=(('Owner', object1),))
self.assertFalse(has_all_roles(user, ('Collaborator', 'Owner')))
self.assertTrue(has_all_roles(user, ('Collaborator', )))
revoke_roles(user, roles=('Collaborator', ))
self.assertEqual(len(get_roles(user)), 1)
self.request.user = self.users['alice']
user = self.request.user #Alice
roles = get_roles(user)
self.assertEqual(len(roles), 0)
grant_roles(user, roles=('Admin',))
roles = get_roles(user)
self.assertEqual(len(roles), 1)
self.assertIn('Admin',roles)
self.assertTrue(has_any_roles(user, roles=('Collaborator', )))
revoke_roles(user, roles=('Admin', ))
self.assertFalse(has_any_roles(user, roles=('Collaborator', )))
grant_roles(user, roles=('Developer',))
roles = get_roles(user)
self.assertEqual(len(roles), 1)
self.assertIn('Developer',roles)
self.assertTrue(has_any_roles(user, roles=('Collaborator', )))
self.assertFalse(has_any_roles(user, ('Collaborator', ), True)) #exclude superiors
#Anonymous
self.request.user = None
roles = get_roles()
self.assertEqual(len(roles), 1)
self.assertIn('Anonymous',roles)
self.assertFalse(has_any_roles(roles=('Collaborator', 'Owner')))
self.assertTrue(has_any_roles(roles=('Anonymous',)))
