async def test_filters_is_admin_only(db, wikis, pages, user, other_user,
sections):
# Can see by default
query = Section.filter(wiki_slug=wikis[0].slug,
page_slug=pages[0].slug,
user=user)
visible_sections = (await db.execute(query)).scalars().unique().all()
assert len(visible_sections) == 2
# Can't see is admin only
sections[0].is_admin_only = True
db.add(sections[0])
await db.commit()
visible_sections = (await db.execute(query)).scalars().unique().all()
assert sections[0] not in visible_sections
# Can't see is admin only when another user has access
await sections[0].set_permissions(
schemas.SectionPermission(user=str(other_user.id), level="edit"))
visible_sections = (await db.execute(query)).scalars().unique().all()
assert sections[0] not in visible_sections
# CAN see is admin only when user has access
await sections[0].set_permissions(
schemas.SectionPermission(user=str(user.id), level="edit"))
visible_sections = (await db.execute(query)).scalars().unique().all()
assert sections[0] in visible_sections
async def permissions(db, sections, users):
permissions = [
schemas.SectionPermission(user=u.id, level="edit") for u in users
]
for section in sections:
await section.set_permissions(*permissions)
await db.refresh(section)
return permissions
async def test_set_permissions_maps_users(db, user_id, sections):
admin_only_section = sections[0]
await admin_only_section.set_permissions(
schemas.SectionPermission(user=str(user_id), level="edit"))
await db.refresh(admin_only_section)
assert admin_only_section.permissions
assert len(admin_only_section.permissions) == 1
assert admin_only_section.permissions[
0].level == schemas.PermissionLevel.EDIT
await admin_only_section.set_permissions()
await db.refresh(admin_only_section)
assert not admin_only_section.permissions
async def test_user_informed_of_view_restrictions(db, client, sections,
user_id):
user_included_secret = next(s for s in sections
if s.content == "An earlier section")
async with db.begin_nested():
user_included_secret.is_admin_only = True
db.add(user_included_secret)
await user_included_secret.set_permissions(
schemas.SectionPermission(user=str(user_id), level="edit"))
data = await get_section_list(client)
assert not next(
s for s in data if s["content"] == "A later section")["is_secret"]
assert next(s for s in data
if s["content"] == "An earlier section")["is_secret"]
async def test_user_can_see_sections_and_permissions_for_them(
db, client, user_id, permissions, sections):
async with db.begin_nested():
sections[0].is_admin_only = True
sections[1].is_admin_only = True
db.add(sections[0])
db.add(sections[1])
await sections[0].set_permissions(
schemas.SectionPermission(user=str(user_id), level="edit"))
# This is annoying, but I guess because I mocked the db it's not getting refreshed
await db.refresh(sections[0])
data = await get_section_list(client, 1)
assert data[0]["id"] == str(sections[0].id)
assert data[0]["permissions"] == [{"user": str(user_id), "level": "edit"}]