def test_everything(self):
parent_role_key = rbac.register_role("Employee")
role_key = rbac.register_role("Boss", [parent_role_key])
rbac.add_role(self.user_key, role_key)
self.assertEqual(rbac.get_roles(self.user_key), [role_key])
rbac.register_permission("access_acp", "Access the Admin CP")
rbac.register_permission("another_perm", "An abitrary permission")
rbac.allow(role_key, "access_acp")
self.assertEqual(rbac.check_permission_role(role_key, "access_acp"), True)
self.assertEqual(rbac.check_permission_role(role_key, "another_perm"), False)
self.assertEqual(rbac.check_permission(self.user_key, "access_acp"), True)
self.assertEqual(rbac.check_permission(self.user_key, "another_perm"), False)
self.assertRaises(Exception, rbac.check_permission, self.user_key, "__DF_incorrect_perm___")
#Now check the check_permission of multiple perms
rbac.register_permission("troll", "Troll")
rbac.allow(role_key, "troll")
self.assertEqual(rbac.check_permission(self.user_key, ["troll", "access_acp"]), True)
self.assertEqual(rbac.check_permission(self.user_key, ["access_acp", "another_perm"]), False)
#Now test inheritance
rbac.allow(parent_role_key, "another_perm")
self.assertEqual(rbac.check_permission(self.user_key, "another_perm"), True)
#Test the special Super Admin role
super_admin = rbac.default_role("super_admin")
self.assertEqual(super_admin.id(), "super_admin")
new_user = user.UserModel(username="******", email="*****@*****.**")._put()
rbac.add_role(new_user, super_admin)
self.assertEqual(rbac.check_permission(self.user_key, "access_acp"), True)
self.assertEqual(rbac.check_permission(new_user, "another_perm"), True)
def _check_permission(self):
rbac.allow(Data.admin_role, "troll")
#return self.rbac_check_permission(Data.admin, ["joke", "troll"])
return rbac.check_permission(Data.admin, "joke")
