def test_touch(self):
with self.app.test_request_context('/'):
db.initialize()
user = WBUserModel(username='******', password='******')
db.session.add(user)
db.session.commit()
WBSessionModel.session_max_idle_time = 3
session = WBSessionModel(user.id)
db.session.add(session)
db.session.commit()
sleep(1)
self.assertTrue(session.touch())
read_session = WBSessionModel.query.get(session.id)
self.assertTrue(read_session)
self.assertNotEqual(read_session.created, read_session.accessed)
self.assertNotAlmostEqual(read_session.created, arrow.utcnow(), delta=timedelta(seconds=1))
self.assertAlmostEqual(read_session.accessed, arrow.utcnow(), delta=timedelta(seconds=2))
sleep(1)
self.assertTrue(session.touch())
read_session = WBSessionModel.query.get(session.id)
self.assertTrue(read_session)
self.assertNotEqual(read_session.created, read_session.accessed)
self.assertNotAlmostEqual(read_session.created, arrow.utcnow(), delta=timedelta(seconds=1))
self.assertAlmostEqual(read_session.accessed, arrow.utcnow(), delta=timedelta(seconds=2))
sleep(4)
self.assertFalse(session.touch())
read_session = WBSessionModel.query.get(session.id)
self.assertFalse(read_session)
def test_field_limits(self):
"""Test that length limit on username is enforced."""
with self.app.test_request_context('/'):
db.initialize()
long_username = self.str_n(51)
self.assertEqual(len(long_username), 51)
user = WBUserModel(username=long_username, password='******')
db.session.add(user)
if db.engine.name == 'mysql':
self.assertRaises(Warning, db.session.commit)
db.session.rollback()
elif db.engine.name == 'postgresql':
# FIXME: Should be
# self.assertRaises(psycopg2.DataError,
# db.session.commit), but does not work.
self.assertRaises(Exception, db.session.commit)
db.session.rollback()
else:
db.session.commit()
user = WBUserModel.query.order_by(WBUserModel.id).first()
if db.engine.name == 'sqlite':
# sqlite ignore field length.
self.assertEqual(user.username, long_username)
else:
self.assertIsNone(user)
def test_roles(self):
"""Test user role assignment."""
with self.app.test_request_context('/'):
db.initialize()
user = WBUserModel(username='******', password='******')
db.session.add(user)
role_names = ['a', 'b', 'c', 'd']
roles = []
for r in role_names:
role = WBRoleModel(rolename=r)
db.session.add(role)
user.roles.append(role)
roles.append(role)
db.session.commit()
read_user = WBUserModel.query.get(user.id)
self.assertEqual(read_user.roles, roles)
read_user.roles.remove(roles[2])
db.session.add(user)
db.session.commit()
read_user = WBUserModel.query.get(user.id)
self.assertNotIn(roles[2], read_user.roles)
self.assertIn(roles[3], read_user.roles)
role = WBRoleModel(rolename='e')
user.roles.append(role)
db.session.add(user)
db.session.commit()
read_user = WBUserModel.query.get(user.id)
self.assertIn(role, read_user.roles)
def test_field_limits(self):
"""Test that length limit on username is enforced."""
with self.app.test_request_context('/'):
db.initialize()
long_username = self.str_n(51)
self.assertEqual(len(long_username), 51)
user = WBUserModel(username=long_username, password='******')
db.session.add(user)
if db.engine.name == 'mysql':
self.assertRaises(Warning, db.session.commit)
db.session.rollback()
elif db.engine.name == 'postgresql':
# FIXME: Should be
# self.assertRaises(psycopg2.DataError,
# db.session.commit), but does not work.
self.assertRaises(Exception, db.session.commit)
db.session.rollback()
else:
db.session.commit()
user = WBUserModel.query.order_by(WBUserModel.id).first()
if db.engine.name == 'sqlite':
# sqlite ignore field length.
self.assertEqual(user.username, long_username)
else:
self.assertIsNone(user)
def test_roles(self):
"""Test user role assignment."""
with self.app.test_request_context('/'):
db.initialize()
user = WBUserModel(username='******', password='******')
db.session.add(user)
role_names = ['a', 'b', 'c', 'd']
roles = []
for r in role_names:
role = WBRoleModel(rolename=r)
db.session.add(role)
user.roles.append(role)
roles.append(role)
db.session.commit()
read_user = WBUserModel.query.get(user.id)
self.assertEqual(read_user.roles, roles)
read_user.roles.remove(roles[2])
db.session.add(user)
db.session.commit()
read_user = WBUserModel.query.get(user.id)
self.assertNotIn(roles[2], read_user.roles)
self.assertIn(roles[3], read_user.roles)
role = WBRoleModel(rolename='e')
user.roles.append(role)
db.session.add(user)
db.session.commit()
read_user = WBUserModel.query.get(user.id)
self.assertIn(role, read_user.roles)
def setUp(self):
self.resource_name = 'TestResource'
super(ApiAccessTestCase, self).setUp()
with self.app.test_request_context('/'):
db.initialize()
# Create some roles
self.r1 = WBRoleModel(rolename='admin')
db.session.add(self.r1)
self.r2 = WBRoleModel(rolename='manager')
db.session.add(self.r2)
self.r3 = WBRoleModel(rolename='user')
db.session.add(self.r3)
db.session.commit()
# Create some users
self.u1 = WBUserModel(username='******', password='******', roles=[self.r1])
db.session.add(self.u1)
self.u2 = WBUserModel(username='******', password='******', roles=[self.r2])
db.session.add(self.u2)
self.u3 = WBUserModel(username='******', password='******', roles=[self.r3])
db.session.add(self.u3)
db.session.commit()
self.u1 = self.u1.id
self.u2 = self.u2.id
self.u3 = self.u3.id
self.r1 = self.r1.id
self.r2 = self.r2.id
self.r3 = self.r3.id
def test_anonymous_role(self):
"""Verify that the anonymous role is created."""
with self.app.test_request_context('/'):
db.initialize()
role = WBRoleModel.query.filter_by(
rolename=WBRoleModel.anonymous_role_name).first()
self.assertIsNotNone(role)
def setUp(self):
super(RecordAPITestCase, self).setUp()
self.api = Api(self.app)
with self.app.test_request_context('/'):
db.initialize()
# Create some roles
self.r1 = WBRoleModel(rolename='admin')
db.session.add(self.r1)
self.r2 = WBRoleModel(rolename='manager')
db.session.add(self.r2)
self.r3 = WBRoleModel(rolename='user')
db.session.add(self.r3)
db.session.commit()
# Create some users
self.u1 = WBUserModel(username='******',
password='******',
roles=[self.r1])
db.session.add(self.u1)
self.u2 = WBUserModel(username='******',
password='******',
roles=[self.r2])
db.session.add(self.u2)
self.u3 = WBUserModel(username='******',
password='******',
roles=[self.r3])
db.session.add(self.u3)
db.session.commit()
self.u1 = self.u1.id
self.u2 = self.u2.id
self.u3 = self.u3.id
# Create some data
self.d1 = MyTestModel(title='Alice in Wonderland',
author='Lewis Caroll',
owner_id=self.u1)
db.session.add(self.d1)
self.d2 = MyTestModel(title='SpongeBob',
author='Stephen Hillenburg',
owner_id=self.u2)
db.session.add(self.d2)
self.d3 = MyTestModel(title='Où est Charlie?',
author='Martin Handford',
owner_id=self.u3)
db.session.add(self.d3)
db.session.commit()
self.d1 = self.d1.id
self.d2 = self.d2.id
self.d3 = self.d3.id
def test_duplicate(self):
with self.app.test_request_context("/"):
db.initialize()
role1 = WBRoleModel(rolename="a")
db.session.add(role1)
db.session.commit()
ace1 = RecordACLModel(record_type="TestRecordType1", record_id=1, user_role_id=role1.id, permission="read")
ace2 = RecordACLModel(record_type="TestRecordType1", record_id=1, user_role_id=role1.id, permission="read")
db.session.add_all([ace1, ace2])
self.assertRaises(IntegrityError, db.session.commit)
db.session.rollback()
def setUp(self):
super(SessionTestCase, self).setUp()
add_session_management_urls(self.app)
with self.app.test_request_context('/'):
db.initialize()
# Create a user
self.u1 = WBUserModel(username='******', password='******', roles=[])
db.session.add(self.u1)
db.session.commit()
self.u1 = self.u1.id
def setUp(self):
super(SessionTestCase, self).setUp()
add_session_management_urls(self.app)
with self.app.test_request_context('/'):
db.initialize()
# Create a user
self.u1 = WBUserModel(username='******', password='******', roles=[])
db.session.add(self.u1)
db.session.commit()
self.u1 = self.u1.id
def test_creation(self):
with self.app.test_request_context('/'):
db.initialize()
role1 = WBRoleModel(rolename='a')
role2 = WBRoleModel(rolename='b')
db.session.add_all([role1, role2])
db.session.commit()
ace1 = RecordACLModel(record_type='TestRecordType1',
record_id=1,
user_role_id=role1.id,
permission='read')
ace2 = RecordACLModel(record_type='TestRecordType1',
record_id=1,
user_role_id=role1.id,
permission='update')
ace3 = RecordACLModel(record_type='TestRecordType1',
record_id=1,
user_role_id=role1.id,
permission='delete')
ace4 = RecordACLModel(record_type='TestRecordType1',
record_id=1,
user_role_id=role2.id,
permission='read')
ace5 = RecordACLModel(record_type='TestRecordType1',
record_id=1,
user_role_id=role2.id,
permission='update')
ace6 = RecordACLModel(record_type='TestRecordType1',
record_id=1,
user_role_id=role2.id,
permission='delete')
db.session.add_all([ace1, ace2, ace3, ace4, ace5, ace6])
db.session.commit()
ace7 = RecordACLModel(record_type='TestRecordType1',
record_id=1,
user_role_id=role2.id,
permission='transmogrify')
db.session.add(ace7)
if db.engine.name == 'sqlite':
self.assertRaises(IntegrityError, db.session.commit)
db.session.rollback()
elif db.engine.name == 'mysql':
self.assertRaises(Warning, db.session.commit)
db.session.rollback()
else:
db.session.commit
def setUp(self):
super(AuthenticatorTestCase, self).setUp()
add_session_management_urls(self.app)
self.app.add_url_rule('/test', 'test', needs_authenticated_user_function, methods=['GET'])
with self.app.test_request_context('/'):
db.initialize()
# Create a user
self.u1 = WBUserModel(username='******', password='******', roles=[])
db.session.add(self.u1)
db.session.commit()
self.u1 = self.u1.id
def test_unique_name(self):
"""Test that we cannot add two users with the same username."""
with self.app.test_request_context('/'):
db.initialize()
db.session.add(WBUserModel(username='******', password='******'))
db.session.commit()
db.session.add(WBUserModel(username='******', password='******'))
self.assertRaises(IntegrityError, db.session.commit)
db.session.rollback()
# Check that duplicate password do not raise an exception.
db.session.add(WBUserModel(username='******', password='******'))
db.session.commit()
def test_unique_name(self):
"""Test that we cannot add two users with the same username."""
with self.app.test_request_context('/'):
db.initialize()
db.session.add(WBUserModel(username='******', password='******'))
db.session.commit()
db.session.add(WBUserModel(username='******', password='******'))
self.assertRaises(IntegrityError, db.session.commit)
db.session.rollback()
# Check that duplicate password do not raise an exception.
db.session.add(WBUserModel(username='******', password='******'))
db.session.commit()
def test_store_hashed_password(self):
"""Test that the password is stored as a hash."""
with self.app.test_request_context('/'):
password = self.str_n(1024)
self.assertEqual(len(password), 1024)
hashed_password = WBUserModel.hash_password(password)
self.assertEqual(len(hashed_password), 64)
db.initialize()
user = WBUserModel(username='******', password=password)
db.session.add(user)
db.session.commit()
read_user = WBUserModel.query.get(user.id)
self.assertEqual(read_user.id, user.id)
self.assertEqual(read_user.hashed_password, hashed_password)
def test_store_hashed_password(self):
"""Test that the password is stored as a hash."""
with self.app.test_request_context('/'):
password = self.str_n(1024)
self.assertEqual(len(password), 1024)
hashed_password = WBUserModel.hash_password(password)
self.assertEqual(len(hashed_password), 64)
db.initialize()
user = WBUserModel(username='******', password=password)
db.session.add(user)
db.session.commit()
read_user = WBUserModel.query.get(user.id)
self.assertEqual(read_user.id, user.id)
self.assertEqual(read_user.hashed_password, hashed_password)
def test_creation(self):
with self.app.test_request_context('/'):
db.initialize()
user = WBUserModel(username='******', password='******')
db.session.add(user)
db.session.commit()
session = WBSessionModel(user.id)
db.session.add(session)
db.session.commit()
read_session = WBSessionModel.query.get(session.id)
self.assertEqual(read_session.user_id, user.id)
self.assertEqual(len(read_session.session_id), 2*WBSessionModel.session_id_byte_length)
self.assertEqual(len(read_session.secret), 2*WBSessionModel.secret_byte_length)
self.assertEqual(read_session.created, read_session.accessed)
self.assertAlmostEqual(read_session.created, arrow.utcnow(), delta=timedelta(seconds=1))
def setUp(self):
super(AuthenticatorTestCase, self).setUp()
add_session_management_urls(self.app)
self.app.add_url_rule('/test',
'test',
needs_authenticated_user_function,
methods=['GET'])
with self.app.test_request_context('/'):
db.initialize()
# Create a user
self.u1 = WBUserModel(username='******', password='******', roles=[])
db.session.add(self.u1)
db.session.commit()
self.u1 = self.u1.id
def test_duplicate(self):
with self.app.test_request_context('/'):
db.initialize()
role1 = WBRoleModel(rolename='a')
db.session.add(role1)
db.session.commit()
ace1 = RecordACLModel(record_type='TestRecordType1',
record_id=1,
user_role_id=role1.id,
permission='read')
ace2 = RecordACLModel(record_type='TestRecordType1',
record_id=1,
user_role_id=role1.id,
permission='read')
db.session.add_all([ace1, ace2])
self.assertRaises(IntegrityError, db.session.commit)
db.session.rollback()
def test_creation(self):
with self.app.test_request_context('/'):
db.initialize()
user = WBUserModel(username='******', password='******')
db.session.add(user)
db.session.commit()
session = WBSessionModel(user.id)
db.session.add(session)
db.session.commit()
read_session = WBSessionModel.query.get(session.id)
self.assertEqual(read_session.user_id, user.id)
self.assertEqual(len(read_session.session_id),
2 * WBSessionModel.session_id_byte_length)
self.assertEqual(len(read_session.secret),
2 * WBSessionModel.secret_byte_length)
self.assertEqual(read_session.created, read_session.accessed)
self.assertAlmostEqual(read_session.created,
arrow.utcnow(),
delta=timedelta(seconds=1))
def test_touch(self):
with self.app.test_request_context('/'):
db.initialize()
user = WBUserModel(username='******', password='******')
db.session.add(user)
db.session.commit()
WBSessionModel.session_max_idle_time = 3
session = WBSessionModel(user.id)
db.session.add(session)
db.session.commit()
sleep(1)
self.assertTrue(session.touch())
read_session = WBSessionModel.query.get(session.id)
self.assertTrue(read_session)
self.assertNotEqual(read_session.created, read_session.accessed)
self.assertNotAlmostEqual(read_session.created,
arrow.utcnow(),
delta=timedelta(seconds=1))
self.assertAlmostEqual(read_session.accessed,
arrow.utcnow(),
delta=timedelta(seconds=2))
sleep(1)
self.assertTrue(session.touch())
read_session = WBSessionModel.query.get(session.id)
self.assertTrue(read_session)
self.assertNotEqual(read_session.created, read_session.accessed)
self.assertNotAlmostEqual(read_session.created,
arrow.utcnow(),
delta=timedelta(seconds=1))
self.assertAlmostEqual(read_session.accessed,
arrow.utcnow(),
delta=timedelta(seconds=2))
sleep(4)
self.assertFalse(session.touch())
read_session = WBSessionModel.query.get(session.id)
self.assertFalse(read_session)
def setUp(self):
super(RecordAPITestCase, self).setUp()
self.api = Api(self.app)
with self.app.test_request_context("/"):
db.initialize()
# Create some roles
self.r1 = WBRoleModel(rolename="admin")
db.session.add(self.r1)
self.r2 = WBRoleModel(rolename="manager")
db.session.add(self.r2)
self.r3 = WBRoleModel(rolename="user")
db.session.add(self.r3)
db.session.commit()
# Create some users
self.u1 = WBUserModel(username="******", password="******", roles=[self.r1])
db.session.add(self.u1)
self.u2 = WBUserModel(username="******", password="******", roles=[self.r2])
db.session.add(self.u2)
self.u3 = WBUserModel(username="******", password="******", roles=[self.r3])
db.session.add(self.u3)
db.session.commit()
self.u1 = self.u1.id
self.u2 = self.u2.id
self.u3 = self.u3.id
# Create some data
self.d1 = MyTestModel(title="Alice in Wonderland", author="Lewis Caroll", owner_id=self.u1)
db.session.add(self.d1)
self.d2 = MyTestModel(title="SpongeBob", author="Stephen Hillenburg", owner_id=self.u2)
db.session.add(self.d2)
self.d3 = MyTestModel(title="Où est Charlie?", author="Martin Handford", owner_id=self.u3)
db.session.add(self.d3)
db.session.commit()
self.d1 = self.d1.id
self.d2 = self.d2.id
self.d3 = self.d3.id
def test_creation(self):
with self.app.test_request_context("/"):
db.initialize()
role1 = WBRoleModel(rolename="a")
role2 = WBRoleModel(rolename="b")
db.session.add_all([role1, role2])
db.session.commit()
ace1 = RecordACLModel(record_type="TestRecordType1", record_id=1, user_role_id=role1.id, permission="read")
ace2 = RecordACLModel(
record_type="TestRecordType1", record_id=1, user_role_id=role1.id, permission="update"
)
ace3 = RecordACLModel(
record_type="TestRecordType1", record_id=1, user_role_id=role1.id, permission="delete"
)
ace4 = RecordACLModel(record_type="TestRecordType1", record_id=1, user_role_id=role2.id, permission="read")
ace5 = RecordACLModel(
record_type="TestRecordType1", record_id=1, user_role_id=role2.id, permission="update"
)
ace6 = RecordACLModel(
record_type="TestRecordType1", record_id=1, user_role_id=role2.id, permission="delete"
)
db.session.add_all([ace1, ace2, ace3, ace4, ace5, ace6])
db.session.commit()
ace7 = RecordACLModel(
record_type="TestRecordType1", record_id=1, user_role_id=role2.id, permission="transmogrify"
)
db.session.add(ace7)
if db.engine.name == "sqlite":
self.assertRaises(IntegrityError, db.session.commit)
db.session.rollback()
elif db.engine.name == "mysql":
self.assertRaises(Warning, db.session.commit)
db.session.rollback()
else:
db.session.commit
def test_creation_invalid_user_id(self):
with self.app.test_request_context('/'):
db.initialize()
self.assertRaises(ArgumentError, WBSessionModel, 42)
db.session.rollback()
def test_anonymous_role(self):
"""Verify that the anonymous role is created."""
with self.app.test_request_context('/'):
db.initialize()
role = WBRoleModel.query.filter_by(rolename=WBRoleModel.anonymous_role_name).first()
self.assertIsNotNone(role)
def populate_db():
db.initialize()
anonymous_role_id = WBRoleModel.get_anonymous_role_id()
admin_role_id = UserModel.get_admin_role_id()
admin_role = WBRoleModel.query.get(admin_role_id);
user_role_id = UserModel.get_user_role_id()
user_role = WBRoleModel.query.get(user_role_id);
data = {'username': "******", 'password': '******', 'name': "Alice Allard", 'roles': [user_role]}
user = UserModel(**data)
db.session.add(user)
db.session.commit()
alice_id = user.id
data = {'username': "******", 'password': '******', 'name': "Bob Binette", 'roles': [user_role]}
user = UserModel(**data)
db.session.add(user)
db.session.commit()
bob_id = user.id
data = {'username': "******", 'password': '******', 'name': "Charles Charette", 'roles': [admin_role]}
user = UserModel(**data)
db.session.add(user)
db.session.commit()
charles_id = user.id
root_id = FolderNodeModel.get_root_id()
data = {'title': 'usr', 'parent_node_id': root_id, 'owner_id': alice_id}
vs = FolderNodeModel(**data)
db.session.add(vs)
data = {'title': 'var', 'parent_node_id': root_id, 'owner_id': alice_id}
vs = FolderNodeModel(**data)
db.session.add(vs)
db.session.commit()
var_id = vs.id
data = {'title': 'home', 'parent_node_id': root_id, 'owner_id': bob_id}
vs = FolderNodeModel(**data)
db.session.add(vs)
db.session.commit()
home_id = vs.id
data = [
{'record_type': 'ContentNode', 'record_id': home_id, 'user_role_id': anonymous_role_id, 'permission': 'read'},
]
for d in data:
acl = RecordACLModel(**d)
db.session.add(acl)
db.session.commit()
data = {'title': 'Lorem', 'body': 'Lorem ipsum dolor'}
vs = DocumentModel(**data)
db.session.add(vs)
db.session.commit()
data = {'document_id': vs.id, 'parent_node_id': home_id, 'owner_id': alice_id}
doc = DocumentNodeModel(**data)
db.session.add(doc)
db.session.commit()
data = {'title': 'Sit amet', 'body': 'Consectetur adipiscing elit'}
vs = DocumentModel(**data)
db.session.add(vs)
db.session.commit()
data = {'document_id': vs.id, 'parent_node_id': var_id, 'owner_id': alice_id}
doc = DocumentNodeModel(**data)
db.session.add(doc)
db.session.commit()
return 'DB Initialization Done'
def test_creation_invalid_user_id(self):
with self.app.test_request_context('/'):
db.initialize()
self.assertRaises(ArgumentError, WBSessionModel, 42)
db.session.rollback()
def setUp(self):
super(RecordAccessTestCase, self).setUp()
with self.app.test_request_context('/'):
db.initialize()
# Create some roles
self.r1 = WBRoleModel(rolename='admin')
db.session.add(self.r1)
self.r2 = WBRoleModel(rolename='manager')
db.session.add(self.r2)
self.r3 = WBRoleModel(rolename='user')
db.session.add(self.r3)
db.session.commit()
# Create some users
self.u1 = WBUserModel(username='******', password='******', roles=[self.r1])
db.session.add(self.u1)
self.u2 = WBUserModel(username='******', password='******', roles=[self.r2])
db.session.add(self.u2)
self.u3 = WBUserModel(username='******', password='******', roles=[self.r3])
db.session.add(self.u3)
db.session.commit()
self.u1 = self.u1.id
self.u2 = self.u2.id
self.u3 = self.u3.id
self.r1 = self.r1.id
self.r2 = self.r2.id
self.r3 = self.r3.id
# Create some data
self.d1 = MyModel(title='a', owner_id=self.u1)
db.session.add(self.d1)
self.d2 = MyModel(title='a', owner_id=self.u1)
db.session.add(self.d2)
self.d3 = MyModel(title='a', owner_id=self.u2)
db.session.add(self.d3)
self.d4 = MyModel(title='a', owner_id=self.u3)
db.session.add(self.d4)
db.session.commit()
self.d1 = self.d1.id
self.d2 = self.d2.id
self.d3 = self.d3.id
self.d4 = self.d4.id
# Add some access control records
anon = WBRoleModel.get_anonymous_role_id()
db.session.add_all(
make_record_acl(
record_types=['My'],
record_ids=[self.d1, self.d2, self.d3, self.d4],
user_role_ids=[self.r1],
permissions=['read', 'update', 'delete']))
db.session.add_all(
make_record_acl(
record_types=['My'],
record_ids=[self.d1, self.d2, self.d3, self.d4],
user_role_ids=[self.r2],
permissions=['read']))
db.session.add_all(
make_record_acl(record_types=['My'],
record_ids=[self.d3, self.d4],
user_role_ids=[self.r2],
permissions=['update', 'delete']))
db.session.add_all(
make_record_acl(
record_types=['My'],
record_ids=[self.d1, self.d2, self.d3, self.d4],
user_role_ids=[self.r3],
permissions=['read']))
db.session.add_all(
make_record_acl(record_types=['My'],
record_ids=[self.d3, self.d4],
user_role_ids=[anon],
permissions=['read']))
db.session.commit()
def setUp(self):
super(RecordAccessTestCase, self).setUp()
with self.app.test_request_context('/'):
db.initialize()
# Create some roles
self.r1 = WBRoleModel(rolename='admin')
db.session.add(self.r1)
self.r2 = WBRoleModel(rolename='manager')
db.session.add(self.r2)
self.r3 = WBRoleModel(rolename='user')
db.session.add(self.r3)
db.session.commit()
# Create some users
self.u1 = WBUserModel(username='******', password='******', roles=[self.r1])
db.session.add(self.u1)
self.u2 = WBUserModel(username='******', password='******', roles=[self.r2])
db.session.add(self.u2)
self.u3 = WBUserModel(username='******', password='******', roles=[self.r3])
db.session.add(self.u3)
db.session.commit()
self.u1 = self.u1.id
self.u2 = self.u2.id
self.u3 = self.u3.id
self.r1 = self.r1.id
self.r2 = self.r2.id
self.r3 = self.r3.id
# Create some data
self.d1 = MyModel(title='a', owner_id=self.u1)
db.session.add(self.d1)
self.d2 = MyModel(title='a', owner_id=self.u1)
db.session.add(self.d2)
self.d3 = MyModel(title='a', owner_id=self.u2)
db.session.add(self.d3)
self.d4 = MyModel(title='a', owner_id=self.u3)
db.session.add(self.d4)
db.session.commit()
self.d1 = self.d1.id
self.d2 = self.d2.id
self.d3 = self.d3.id
self.d4 = self.d4.id
# Add some access control records
anon = WBRoleModel.get_anonymous_role_id()
db.session.add_all(make_record_acl(record_types=['My'],
record_ids=[self.d1, self.d2, self.d3, self.d4],
user_role_ids=[self.r1],
permissions=['read', 'update', 'delete']))
db.session.add_all(make_record_acl(record_types=['My'],
record_ids=[self.d1, self.d2, self.d3, self.d4],
user_role_ids=[self.r2],
permissions=['read']))
db.session.add_all(make_record_acl(record_types=['My'],
record_ids=[self.d3, self.d4],
user_role_ids=[self.r2],
permissions=['update', 'delete']))
db.session.add_all(make_record_acl(record_types=['My'],
record_ids=[self.d1, self.d2, self.d3, self.d4],
user_role_ids=[self.r3],
permissions=['read']))
db.session.add_all(make_record_acl(record_types=['My'],
record_ids=[self.d3, self.d4],
user_role_ids=[anon],
permissions=['read']))
db.session.commit()
