def test_default_public_permissions(users, independent_action):
    user, creator = users

    assert not object_permissions.default_is_public(creator_id=creator.id)
    object = sampledb.logic.objects.create_object(
        user_id=creator.id,
        action_id=independent_action.id,
        data={'name': {
            '_type': 'text',
            'text': 'Name'
        }})
    assert not object_permissions.object_is_public(object_id=object.id)

    object_permissions.set_default_public(creator_id=creator.id,
                                          is_public=True)
    assert object_permissions.default_is_public(creator_id=creator.id)
    object = sampledb.logic.objects.create_object(
        user_id=creator.id,
        action_id=independent_action.id,
        data={'name': {
            '_type': 'text',
            'text': 'Name'
        }})
    assert object_permissions.object_is_public(object_id=object.id)

    object_permissions.set_default_public(creator_id=creator.id,
                                          is_public=False)
    assert not object_permissions.default_is_public(creator_id=creator.id)
    assert object_permissions.object_is_public(object_id=object.id)
Ejemplo n.º 2
0
def test_get_object_permissions(users, instrument, instrument_action_object):
    user_id = users[0].id
    object_id = instrument_action_object.object_id

    # by default, only the user who created an object has access to it
    assert object_permissions.get_object_permissions_for_users(object_id=object_id) == {
        users[1].id: Permissions.GRANT
    }
    assert not object_permissions.object_is_public(object_id)

    object_permissions.set_object_public(object_id)
    assert object_permissions.get_object_permissions_for_users(object_id=object_id) == {
        users[1].id: Permissions.GRANT
    }
    assert object_permissions.object_is_public(object_id)

    sampledb.db.session.add(UserObjectPermissions(user_id=user_id, object_id=object_id, permissions=Permissions.WRITE))
    sampledb.db.session.commit()
    assert object_permissions.get_object_permissions_for_users(object_id=object_id) == {
        user_id: Permissions.WRITE,
        users[1].id: Permissions.GRANT
    }
    assert object_permissions.object_is_public(object_id)

    instrument.responsible_users.append(users[0])
    sampledb.db.session.add(instrument)
    sampledb.db.session.commit()
    assert object_permissions.get_object_permissions_for_users(object_id=object_id) == {
        user_id: Permissions.GRANT,
        users[1].id: Permissions.GRANT
    }
    assert object_permissions.object_is_public(object_id)
def test_public_objects(independent_action_object):
    object_id = independent_action_object.object_id

    assert not object_permissions.object_is_public(object_id)
    object_permissions.set_object_public(object_id)
    assert object_permissions.object_is_public(object_id)
    object_permissions.set_object_public(object_id, False)
    assert not object_permissions.object_is_public(object_id)
def test_update_object_permissions(users, independent_action_object):
    user_id = users[0].id
    object_id = independent_action_object.object_id

    assert object_permissions.get_user_object_permissions(
        user_id=user_id, object_id=object_id) == Permissions.NONE
    object_permissions.set_user_object_permissions(
        object_id=object_id, user_id=user_id, permissions=Permissions.WRITE)
    assert object_permissions.get_user_object_permissions(
        user_id=user_id, object_id=object_id) == Permissions.WRITE

    object_permissions.set_user_object_permissions(
        object_id=object_id, user_id=user_id, permissions=Permissions.READ)
    assert object_permissions.get_user_object_permissions(
        user_id=user_id, object_id=object_id) == Permissions.READ

    object_permissions.set_user_object_permissions(
        object_id=object_id, user_id=user_id, permissions=Permissions.NONE)
    assert object_permissions.get_user_object_permissions(
        user_id=user_id, object_id=object_id) == Permissions.NONE
    assert object_permissions.get_object_permissions_for_users(
        object_id=object_id) == {
            users[1].id: Permissions.GRANT
        }
    assert not object_permissions.object_is_public(object_id)
Ejemplo n.º 5
0
def test_group_permissions(users, independent_action_object):
    user, creator = users
    object_id = independent_action_object.object_id
    group_id = groups.create_group("Example Group", "", creator.id).id

    assert object_permissions.get_object_permissions_for_users(object_id=object_id) == {
        creator.id: Permissions.GRANT
    }
    assert not object_permissions.object_is_public(object_id)
    assert object_permissions.get_user_object_permissions(object_id=object_id, user_id=user.id) == Permissions.NONE

    object_permissions.set_group_object_permissions(object_id=object_id, group_id=group_id, permissions=Permissions.WRITE)

    assert object_permissions.get_object_permissions_for_users(object_id=object_id) == {
        creator.id: Permissions.GRANT
    }
    assert not object_permissions.object_is_public(object_id)
    assert object_permissions.get_user_object_permissions(object_id=object_id, user_id=user.id) == Permissions.NONE

    groups.add_user_to_group(group_id=group_id, user_id=user.id)

    assert object_permissions.get_object_permissions_for_users(object_id=object_id) == {
        creator.id: Permissions.GRANT,
        user.id: Permissions.WRITE
    }
    assert not object_permissions.object_is_public(object_id)
    assert object_permissions.get_user_object_permissions(object_id=object_id, user_id=user.id) == Permissions.WRITE

    object_permissions.set_user_object_permissions(object_id=object_id, user_id=user.id, permissions=Permissions.READ)

    assert object_permissions.get_object_permissions_for_users(object_id=object_id) == {
        creator.id: Permissions.GRANT,
        user.id: Permissions.WRITE
    }
    assert not object_permissions.object_is_public(object_id)
    assert object_permissions.get_user_object_permissions(object_id=object_id, user_id=user.id) == Permissions.WRITE

    object_permissions.set_group_object_permissions(object_id=object_id, group_id=group_id, permissions=Permissions.READ)
    object_permissions.set_user_object_permissions(object_id=object_id, user_id=user.id, permissions=Permissions.WRITE)

    assert object_permissions.get_object_permissions_for_users(object_id=object_id) == {
        creator.id: Permissions.GRANT,
        user.id: Permissions.WRITE
    }
    assert not object_permissions.object_is_public(object_id)
    assert object_permissions.get_user_object_permissions(object_id=object_id, user_id=user.id) == Permissions.WRITE

    object_permissions.set_user_object_permissions(object_id=object_id, user_id=user.id, permissions=Permissions.READ)
    object_permissions.set_group_object_permissions(object_id=object_id, group_id=group_id, permissions=Permissions.GRANT)
    groups.remove_user_from_group(group_id=group_id, user_id=user.id)

    assert object_permissions.get_object_permissions_for_users(object_id=object_id) == {
        creator.id: Permissions.GRANT,
        user.id: Permissions.READ
    }
    assert not object_permissions.object_is_public(object_id)
    assert object_permissions.get_user_object_permissions(object_id=object_id, user_id=user.id) == Permissions.READ