def setup_permissions():
'''Setup upload permissions if they do not already exist.
'''
uploadrole = u'file-uploader'
existing = model.Session.query(model.RoleAction).filter_by(role=uploadrole).first()
if existing:
return
action = model.RoleAction(role=uploadrole, action=UPLOAD_ACTION,
context=u'')
model.Session.add(action)
visitor_roles = []
logged_in_roles = [uploadrole]
model.setup_user_roles(model.System(), visitor_roles, logged_in_roles, [])
model.Session.commit()
model.Session.remove()
def setup_class(self):
# for the authorization editing tests we set up test data so:
# three users, sysadmin , administrator, and another
# one group, one package
# and administrator is admin on all three
model.repo.init_db()
model.repo.new_revision()
self.sysadmin = 'sysadmin'
sysadmin_user = model.User(name=unicode(self.sysadmin))
self.admin = 'administrator'
admin_user = model.User(name=unicode(self.admin))
self.another = 'another'
another_user = model.User(name=unicode(self.another))
self.group = 'group'
group = model.Group(name=unicode(self.group))
for obj in sysadmin_user, admin_user, another_user, group:
model.Session.add(obj)
model.add_user_to_role(sysadmin_user, model.Role.ADMIN, model.System())
model.repo.commit_and_remove()
model.repo.new_revision()
self.pkg = u'dataset'
pkg = model.Package(name=self.pkg)
model.Session.add(pkg)
admin_user = model.User.by_name(unicode(self.admin))
assert admin_user
# setup all three authorization objects to have logged in and visitor as editors, and the admin as admin
model.setup_user_roles(pkg, ['editor'], ['editor'], [admin_user])
model.setup_user_roles(group, ['editor'], ['editor'], [admin_user])
model.repo.commit_and_remove()
def setup_class(self):
# for the authorization editing tests we set up test data so:
# three users, sysadmin , administrator, and another
# one group, one package
# and administrator is admin on all three
model.repo.init_db()
model.repo.new_revision()
self.sysadmin = 'sysadmin'
sysadmin_user = model.User(name=unicode(self.sysadmin))
self.admin = 'administrator'
admin_user = model.User(name=unicode(self.admin))
self.another = 'another'
another_user = model.User(name=unicode(self.another))
self.group = 'group'
group = model.Group(name=unicode(self.group))
for obj in sysadmin_user, admin_user, another_user, group:
model.Session.add(obj)
model.add_user_to_role(sysadmin_user, model.Role.ADMIN, model.System())
model.repo.commit_and_remove()
model.repo.new_revision()
self.pkg = u'dataset'
pkg = model.Package(name=self.pkg)
model.Session.add(pkg)
admin_user = model.User.by_name(unicode(self.admin))
assert admin_user
# setup all three authorization objects to have logged in and visitor as editors, and the admin as admin
model.setup_user_roles(pkg, ['editor'], ['editor'], [admin_user])
model.setup_user_roles(group, ['editor'], ['editor'], [admin_user])
model.repo.commit_and_remove()
def setup_class(self):
model.Session.remove()
CreateTestData.create()
model.Session.remove()
self.authorizer = authz.Authorizer()
self.admin_role = model.Role.ADMIN
self.editor_role = model.Role.EDITOR
self.reader_role = model.Role.READER
john = model.User(name=u'john')
model.Session.add(john)
# setup annakarenina with default roles
anna = model.Package.by_name(u'annakarenina')
model.clear_user_roles(anna)
annakarenina_creator = model.User(name=u'annakarenina_creator')
model.Session.add(annakarenina_creator)
model.repo.commit_and_remove()
model.setup_default_user_roles(anna, [annakarenina_creator])
model.repo.commit_and_remove()
# setup warandpeace with no roles
war = model.Package.by_name(u'warandpeace')
model.clear_user_roles(war)
# setup restricted package - visitors can't change
restricted = model.Package(name=u'restricted')
vrestricted = model.Package(name=u'vrestricted')
mreditor = model.User(name=u'mreditor')
mrreader = model.User(name=u'mrreader')
self.mrsysadmin = u'mrsysadmin'
mrsysadmin = model.User(name=self.mrsysadmin)
model.repo.new_revision()
model.Session.add_all([restricted,
vrestricted,mreditor,mrreader,mrsysadmin])
model.repo.commit_and_remove()
visitor_roles = []
logged_in_roles = [model.Role.EDITOR, model.Role.READER]
logged_in_roles_v = []
restricted = model.Package.by_name(u'restricted')
vrestricted = model.Package.by_name(u'vrestricted')
model.setup_user_roles(restricted, visitor_roles, logged_in_roles)
model.setup_user_roles(vrestricted, visitor_roles, logged_in_roles_v)
model.repo.commit_and_remove()
mreditor = model.User.by_name(u'mreditor')
model.add_user_to_role(mreditor, model.Role.EDITOR, restricted)
mrsysadmin = model.User.by_name(u'mrsysadmin')
model.add_user_to_role(mrsysadmin, model.Role.ADMIN, model.System())
model.repo.commit_and_remove()
self.mreditor = model.User.by_name(u'mreditor')
self.mrreader = model.User.by_name(u'mrreader')
self.annakarenina_creator = model.User.by_name(u'annakarenina_creator')
self.logged_in = model.User.by_name(model.PSEUDO_USER__LOGGED_IN)
self.visitor = model.User.by_name(model.PSEUDO_USER__VISITOR)
self.john = model.User.by_name(u'john')
self.war = model.Package.by_name(u'warandpeace')
self.anna = model.Package.by_name(u'annakarenina')
self.restricted = model.Package.by_name(u'restricted')
self.vrestricted = model.Package.by_name(u'vrestricted')
def setup_class(self):
model.Session.remove()
CreateTestData.create()
model.Session.remove()
self.authorizer = authz.Authorizer()
self.admin_role = model.Role.ADMIN
self.editor_role = model.Role.EDITOR
self.reader_role = model.Role.READER
john = model.User(name=u'john')
model.Session.add(john)
# setup annakarenina with default roles
anna = model.Package.by_name(u'annakarenina')
model.clear_user_roles(anna)
annakarenina_creator = model.User(name=u'annakarenina_creator')
model.Session.add(annakarenina_creator)
model.repo.commit_and_remove()
model.setup_default_user_roles(anna, [annakarenina_creator])
model.repo.commit_and_remove()
# setup warandpeace with no roles
war = model.Package.by_name(u'warandpeace')
model.clear_user_roles(war)
# setup restricted package - visitors can't change
restricted = model.Package(name=u'restricted')
vrestricted = model.Package(name=u'vrestricted')
mreditor = model.User(name=u'mreditor')
mrreader = model.User(name=u'mrreader')
self.mrsysadmin = u'mrsysadmin'
mrsysadmin = model.User(name=self.mrsysadmin)
model.repo.new_revision()
model.Session.add_all(
[restricted, vrestricted, mreditor, mrreader, mrsysadmin])
model.repo.commit_and_remove()
visitor_roles = []
logged_in_roles = [model.Role.EDITOR, model.Role.READER]
logged_in_roles_v = []
restricted = model.Package.by_name(u'restricted')
vrestricted = model.Package.by_name(u'vrestricted')
model.setup_user_roles(restricted, visitor_roles, logged_in_roles)
model.setup_user_roles(vrestricted, visitor_roles, logged_in_roles_v)
model.repo.commit_and_remove()
mreditor = model.User.by_name(u'mreditor')
model.add_user_to_role(mreditor, model.Role.EDITOR, restricted)
mrsysadmin = model.User.by_name(u'mrsysadmin')
model.add_user_to_role(mrsysadmin, model.Role.ADMIN, model.System())
model.repo.commit_and_remove()
self.mreditor = model.User.by_name(u'mreditor')
self.mrreader = model.User.by_name(u'mrreader')
self.annakarenina_creator = model.User.by_name(u'annakarenina_creator')
self.logged_in = model.User.by_name(model.PSEUDO_USER__LOGGED_IN)
self.visitor = model.User.by_name(model.PSEUDO_USER__VISITOR)
self.john = model.User.by_name(u'john')
self.war = model.Package.by_name(u'warandpeace')
self.anna = model.Package.by_name(u'annakarenina')
self.restricted = model.Package.by_name(u'restricted')
self.vrestricted = model.Package.by_name(u'vrestricted')