def test_get_action_permissions(users, user_action):
user_id = users[0].id
action_id = user_action.id
# by default, only the user who created an action has access to it
assert action_permissions.get_action_permissions_for_users(
action_id=action_id) == {
users[1].id: Permissions.GRANT
}
assert not action_permissions.action_is_public(action_id)
action_permissions.set_action_public(action_id)
assert action_permissions.get_action_permissions_for_users(
action_id=action_id) == {
users[1].id: Permissions.GRANT
}
assert action_permissions.action_is_public(action_id)
sampledb.db.session.add(
UserActionPermissions(user_id=user_id,
action_id=action_id,
permissions=Permissions.WRITE))
sampledb.db.session.commit()
assert action_permissions.get_action_permissions_for_users(
action_id=action_id) == {
user_id: Permissions.WRITE,
users[1].id: Permissions.GRANT
}
assert action_permissions.action_is_public(action_id)
def test_update_action_permissions(users, user_action):
user_id = users[0].id
action_id = user_action.id
assert action_permissions.get_user_action_permissions(
user_id=user_id, action_id=action_id) == Permissions.NONE
action_permissions.set_user_action_permissions(
action_id=action_id, user_id=user_id, permissions=Permissions.WRITE)
assert action_permissions.get_user_action_permissions(
user_id=user_id, action_id=action_id) == Permissions.WRITE
action_permissions.set_user_action_permissions(
action_id=action_id, user_id=user_id, permissions=Permissions.READ)
assert action_permissions.get_user_action_permissions(
user_id=user_id, action_id=action_id) == Permissions.READ
action_permissions.set_user_action_permissions(
action_id=action_id, user_id=user_id, permissions=Permissions.NONE)
assert action_permissions.get_user_action_permissions(
user_id=user_id, action_id=action_id) == Permissions.NONE
assert action_permissions.get_action_permissions_for_users(
action_id=action_id) == {
users[1].id: Permissions.GRANT
}
assert not action_permissions.action_is_public(action_id)
def test_group_permissions(users, user_action):
user, creator = users
action_id = user_action.id
group_id = groups.create_group("Example Group", "", creator.id).id
assert action_permissions.get_action_permissions_for_users(action_id=action_id) == {
creator.id: Permissions.GRANT
}
assert not action_permissions.action_is_public(action_id)
assert action_permissions.get_user_action_permissions(action_id=action_id, user_id=user.id) == Permissions.NONE
action_permissions.set_group_action_permissions(action_id=action_id, group_id=group_id, permissions=Permissions.WRITE)
assert action_permissions.get_action_permissions_for_users(action_id=action_id) == {
creator.id: Permissions.GRANT
}
assert not action_permissions.action_is_public(action_id)
assert action_permissions.get_user_action_permissions(action_id=action_id, user_id=user.id) == Permissions.NONE
groups.add_user_to_group(group_id=group_id, user_id=user.id)
assert action_permissions.get_action_permissions_for_users(action_id=action_id) == {
creator.id: Permissions.GRANT,
user.id: Permissions.WRITE
}
assert not action_permissions.action_is_public(action_id)
assert action_permissions.get_user_action_permissions(action_id=action_id, user_id=user.id) == Permissions.WRITE
action_permissions.set_user_action_permissions(action_id=action_id, user_id=user.id, permissions=Permissions.READ)
assert action_permissions.get_action_permissions_for_users(action_id=action_id) == {
creator.id: Permissions.GRANT,
user.id: Permissions.WRITE
}
assert not action_permissions.action_is_public(action_id)
assert action_permissions.get_user_action_permissions(action_id=action_id, user_id=user.id) == Permissions.WRITE
action_permissions.set_group_action_permissions(action_id=action_id, group_id=group_id, permissions=Permissions.READ)
action_permissions.set_user_action_permissions(action_id=action_id, user_id=user.id, permissions=Permissions.WRITE)
assert action_permissions.get_action_permissions_for_users(action_id=action_id) == {
creator.id: Permissions.GRANT,
user.id: Permissions.WRITE
}
assert not action_permissions.action_is_public(action_id)
assert action_permissions.get_user_action_permissions(action_id=action_id, user_id=user.id) == Permissions.WRITE
action_permissions.set_user_action_permissions(action_id=action_id, user_id=user.id, permissions=Permissions.READ)
action_permissions.set_group_action_permissions(action_id=action_id, group_id=group_id, permissions=Permissions.GRANT)
groups.remove_user_from_group(group_id=group_id, user_id=user.id)
assert action_permissions.get_action_permissions_for_users(action_id=action_id) == {
creator.id: Permissions.GRANT,
user.id: Permissions.READ
}
assert not action_permissions.action_is_public(action_id)
assert action_permissions.get_user_action_permissions(action_id=action_id, user_id=user.id) == Permissions.READ
def test_public_actions(independent_action, user_action):
# non-user actions will always
action_id = independent_action.id
assert not action_permissions.action_is_public(action_id)
action_permissions.set_action_public(action_id)
assert action_permissions.action_is_public(action_id)
action_permissions.set_action_public(action_id, False)
assert not action_permissions.action_is_public(action_id)
action_id = user_action.id
assert not action_permissions.action_is_public(action_id)
action_permissions.set_action_public(action_id)
assert action_permissions.action_is_public(action_id)
action_permissions.set_action_public(action_id, False)
assert not action_permissions.action_is_public(action_id)
