def test_partial_acl_to_multiple(self, partial_count):
audit_count = 3
with factories.single_commit():
program = factories.ProgramFactory()
for i in range(audit_count):
audit = factories.AuditFactory(program=program)
factories.RelationshipFactory(
source=program if i % 2 == 0 else audit,
destination=program if i % 2 == 1 else audit,
)
propagated_roles = {
"Program Managers", "Program Readers", "Program Editors"
}
acl_ids = [
acl.id for acl in program._access_control_list
if acl.ac_role.name in propagated_roles
]
propagate_acl_ids = acl_ids[:partial_count]
propagation._handle_acl_step(propagate_acl_ids, self.user_id)
self.assertEqual(
all_models.AccessControlList.query.filter(
all_models.AccessControlList.parent_id.isnot(None)).count(),
partial_count * 3 * 2)
def test_single_acl(self, rel_order):
"""Test propagation for a single relationship with {}.
Test propagation of program role to audit through a relationship with both
options for source and destination.
"""
with factories.single_commit():
person = factories.PersonFactory()
audit = factories.AuditFactory()
rel_data = {
rel_order[0]: audit,
rel_order[1]: audit.program,
}
factories.RelationshipFactory(**rel_data)
audit.program.add_person_with_role(
person,
self.roles["Program"]["Program Editors"],
)
acl_entries = [acl.id for acl in audit.program._access_control_list]
self.assertEqual(all_models.AccessControlList.query.count(), 7)
propagation._handle_acl_step(acl_entries, self.user_id)
db.session.commit()
self.assertEqual(all_models.AccessControlList.query.count(), 13)
def test_single_acl(self, rel_order):
"""Test propagation for a single relationship with {}.
Test propagation of program role to audit through a relationship with both
options for source and destination.
"""
with factories.single_commit():
person = factories.PersonFactory()
audit = factories.AuditFactory()
rel_data = {
rel_order[0]: audit,
rel_order[1]: audit.program,
}
factories.RelationshipFactory(**rel_data)
audit.program.add_person_with_role(
person,
self.roles["Program"]["Program Editors"],
)
acl_entries = [acl.id for acl in audit.program._access_control_list]
self.assertEqual(all_models.AccessControlList.query.count(), 7)
propagation._handle_acl_step(acl_entries, self.user_id)
db.session.commit()
self.assertEqual(all_models.AccessControlList.query.count(), 13)
def test_multi_acl_to_multiple(self):
"""Test multiple ACL propagation to multiple children."""
audit_count = 3
with factories.single_commit():
program = factories.ProgramFactory()
for i in range(audit_count):
audit = factories.AuditFactory(program=program)
factories.RelationshipFactory(
source=program if i % 2 == 0 else audit,
destination=program if i % 2 == 1 else audit,
)
acl_ids = [acl.id for acl in program._access_control_list]
self.assertEqual(
all_models.AccessControlList.query.count(),
11 # 5 program roles, 6 audit roles
)
propagation._handle_acl_step(acl_ids, self.user_id)
self.assertEqual(
all_models.AccessControlList.query.count(), 11 + 3 * 3 * 2
# 11 previous roles
# 3 audits
# 3 program propagated roles
# 2 propagations per audit (audit + relationship)
)
def test_partial_acl_to_multiple(self, partial_count):
audit_count = 3
with factories.single_commit():
program = factories.ProgramFactory()
for i in range(audit_count):
audit = factories.AuditFactory(program=program)
factories.RelationshipFactory(
source=program if i % 2 == 0 else audit,
destination=program if i % 2 == 1 else audit,
)
propagated_roles = {
"Program Managers",
"Program Readers",
"Program Editors"
}
acl_ids = [acl.id for acl in program._access_control_list
if acl.ac_role.name in propagated_roles]
propagate_acl_ids = acl_ids[:partial_count]
propagation._handle_acl_step(propagate_acl_ids, self.user_id)
self.assertEqual(
all_models.AccessControlList.query.filter(
all_models.AccessControlList.parent_id.isnot(None)
).count(),
partial_count * 3 * 2
)
def test_multi_acl_to_multiple(self):
"""Test multiple ACL propagation to multiple children."""
audit_count = 3
with factories.single_commit():
program = factories.ProgramFactory()
for i in range(audit_count):
audit = factories.AuditFactory(program=program)
factories.RelationshipFactory(
source=program if i % 2 == 0 else audit,
destination=program if i % 2 == 1 else audit,
)
acl_ids = [acl.id for acl in program._access_control_list]
self.assertEqual(
all_models.AccessControlList.query.count(),
11 # 5 program roles, 6 audit roles
)
propagation._handle_acl_step(acl_ids, self.user_id)
self.assertEqual(
all_models.AccessControlList.query.count(),
11 + 3 * 3 * 2
# 11 previous roles
# 3 audits
# 3 program propagated roles
# 2 propagations per audit (audit + relationship)
)
def test_single_acl_to_multiple(self, count):
"""Test propagation of single ACL entry to multiple children."""
with factories.single_commit():
person = factories.PersonFactory()
program = factories.ProgramFactory()
for i in range(count):
audit = factories.AuditFactory(program=program)
factories.RelationshipFactory(
source=program if i % 2 == 0 else audit,
destination=program if i % 2 == 1 else audit,
)
acl_entry = factories.AccessControlListFactory(
ac_role=self.roles["Program"]["Program Editors"],
object=program,
person=person,
)
self.assertEqual(all_models.AccessControlList.query.count(), 1)
child_ids = propagation._handle_acl_step([acl_entry.id])
self.assertEqual(
all_models.AccessControlList.query.count(),
# 1 original ACL entry, 2*count for objects+relationships
1 + count * 2
)
self.assertEqual(
db.session.execute(child_ids.alias("counts").count()).scalar(),
count,
)
def test_single_acl_to_multiple(self, count):
"""Test propagation of single ACL entry to multiple children."""
with factories.single_commit():
person = factories.PersonFactory()
program = factories.ProgramFactory()
for i in range(count):
audit = factories.AuditFactory(program=program)
factories.RelationshipFactory(
source=program if i % 2 == 0 else audit,
destination=program if i % 2 == 1 else audit,
)
acl_entry = factories.AccessControlListFactory(
ac_role=self.roles["Program"]["Program Editors"],
object=program,
person=person,
)
self.assertEqual(all_models.AccessControlList.query.count(), 1)
child_ids = propagation._handle_acl_step([acl_entry.id])
self.assertEqual(
all_models.AccessControlList.query.count(),
# 1 original ACL entry, 2*count for objects+relationships
1 + count * 2)
self.assertEqual(
db.session.execute(child_ids.alias("counts").count()).scalar(),
count,
)
def test_partial_acl_to_multiple(self, partial_count):
"""Test propagating only a few acl entries to multiple objects."""
audit_count = 3
people_count = 4
program_roles = ["Program Editors", "Program Readers"]
with factories.single_commit():
people = [factories.PersonFactory() for _ in range(people_count)]
program = factories.ProgramFactory()
for i in range(audit_count):
audit = factories.AuditFactory(program=program)
factories.RelationshipFactory(
source=program if i % 2 == 0 else audit,
destination=program if i % 2 == 1 else audit,
)
acl_ids = []
for person in people:
for role_name in program_roles:
acl_ids.append(
factories.AccessControlListFactory(
ac_role=self.roles["Program"][role_name],
object=program,
person=person,
).id, )
self.assertEqual(all_models.AccessControlList.query.count(),
people_count * len(program_roles))
propagate_acl_ids = acl_ids[:partial_count]
child_ids = propagation._handle_acl_step(propagate_acl_ids)
self.assertEqual(
all_models.AccessControlList.query.count(),
len(acl_ids) + len(propagate_acl_ids) * audit_count * 2)
self.assertEqual(
db.session.execute(child_ids.alias("counts").count()).scalar(),
audit_count * len(propagate_acl_ids))
def test_single_acl_to_multiple(self, count):
"""Test propagation of single ACL entry to multiple children."""
with factories.single_commit():
program = factories.ProgramFactory()
for i in range(count):
audit = factories.AuditFactory(program=program)
factories.RelationshipFactory(
source=program if i % 2 == 0 else audit,
destination=program if i % 2 == 1 else audit,
)
acl_id = program.acr_name_acl_map["Program Editors"].id
child_ids = propagation._handle_acl_step([acl_id], self.user_id)
self.assertEqual(
all_models.AccessControlList.query.filter(
all_models.AccessControlList.parent_id.isnot(None)
).count(),
count * 2
)
self.assertEqual(
db.session.execute(child_ids.alias("counts").count()).scalar(),
count,
)
def test_single_acl_to_multiple(self, count):
"""Test propagation of single ACL entry to multiple children."""
with factories.single_commit():
program = factories.ProgramFactory()
for i in range(count):
audit = factories.AuditFactory(program=program)
factories.RelationshipFactory(
source=program if i % 2 == 0 else audit,
destination=program if i % 2 == 1 else audit,
)
acl_id = program.acr_name_acl_map["Program Editors"].id
child_ids = propagation._handle_acl_step([acl_id], self.user_id)
self.assertEqual(
all_models.AccessControlList.query.filter(
all_models.AccessControlList.parent_id.isnot(None)
).count(),
count * 2
)
self.assertEqual(
db.session.execute(child_ids.alias("counts").count()).scalar(),
count,
)
def test_single_acl(self, rel_order):
"""Test propagation for a single relationship with {}.
Test propagation of program role to audit through a relationship with both
options for source and destination.
"""
with factories.single_commit():
person = factories.PersonFactory()
audit = factories.AuditFactory()
rel_data = {
rel_order[0]: audit,
rel_order[1]: audit.program,
}
factories.RelationshipFactory(**rel_data)
acl_entry = factories.AccessControlListFactory(
ac_role=self.roles["Program"]["Program Editors"],
object=audit.program,
person=person,
)
self.assertEqual(all_models.AccessControlList.query.count(), 1)
propagation._handle_acl_step([acl_entry.id])
db.session.commit()
self.assertEqual(all_models.AccessControlList.query.count(), 3)
def test_single_acl(self, rel_order):
"""Test propagation for a single relationship with {}.
Test propagation of program role to audit through a relationship with both
options for source and destination.
"""
with factories.single_commit():
person = factories.PersonFactory()
audit = factories.AuditFactory()
rel_data = {
rel_order[0]: audit,
rel_order[1]: audit.program,
}
factories.RelationshipFactory(**rel_data)
acl_entry = factories.AccessControlListFactory(
ac_role=self.roles["Program"]["Program Editors"],
object=audit.program,
person=person,
)
self.assertEqual(all_models.AccessControlList.query.count(), 1)
propagation._handle_acl_step([acl_entry.id])
db.session.commit()
self.assertEqual(all_models.AccessControlList.query.count(), 3)
def test_partial_acl_to_multiple(self, partial_count):
"""Test propagating only a few acl entries to multiple objects."""
audit_count = 3
people_count = 4
program_roles = ["Program Editors", "Program Readers"]
with factories.single_commit():
people = [factories.PersonFactory() for _ in range(people_count)]
program = factories.ProgramFactory()
for i in range(audit_count):
audit = factories.AuditFactory(program=program)
factories.RelationshipFactory(
source=program if i % 2 == 0 else audit,
destination=program if i % 2 == 1 else audit,
)
acl_ids = []
for person in people:
for role_name in program_roles:
acl_ids.append(
factories.AccessControlListFactory(
ac_role=self.roles["Program"][role_name],
object=program,
person=person,
).id,
)
self.assertEqual(
all_models.AccessControlList.query.count(),
people_count * len(program_roles)
)
propagate_acl_ids = acl_ids[:partial_count]
child_ids = propagation._handle_acl_step(propagate_acl_ids)
self.assertEqual(
all_models.AccessControlList.query.count(),
len(acl_ids) + len(propagate_acl_ids) * audit_count * 2
)
self.assertEqual(
db.session.execute(child_ids.alias("counts").count()).scalar(),
audit_count * len(propagate_acl_ids)
)
