class RightsTest(TestCase):
def setUp(self):
self.logger = getLogger()
self.rights = Rights()
self.data_types = ['profile', 'group', 'role']
# This should be in a filldb script
referenced_rights = {
'1234',
'1235',
'1236',
'1237',
'1238',
'1239',
'1240',
'1241',
'2344',
'2345',
'2346',
'2347',
'2348',
'2349',
'4210',
'4211'
}
for x in referenced_rights:
self.rights.add(x, 'desc test rule')
# delete everything before starting
self.rights.delete_group('group_test1')
self.rights.delete_group('group_test2')
self.rights.delete_user('jharris')
self.rights.delete_profile('profile_test1')
self.rights.delete_profile('profile_test2')
self.rights.delete_role('role_test1bis')
def tests(self):
# Test creation of groups
rights = {
'1234': {'desc': 'test right in group', 'checksum': 15},
'1235': {'desc': 'test right in group', 'checksum': 8},
'1236': {'desc': 'test right in group', 'checksum': 12},
'1237': {'desc': 'test right in group', 'checksum': 1},
'1238': {'desc': 'test right in group', 'checksum': 15},
'1239': {'desc': 'test right in group', 'checksum': 15},
'1240': {'desc': 'test right in group', 'checksum': 8},
'1241': {'desc': 'test right in group', 'checksum': 8}
}
rights_scnd = {
'2344': {'desc': 'test right in group', 'checksum': 15},
'2345': {'desc': 'test right in group', 'checksum': 8},
'2346': {'desc': 'test right in group', 'checksum': 12},
'2347': {'desc': 'test right in group', 'checksum': 1},
'2348': {'desc': 'test right in group', 'checksum': 15},
'2349': {'desc': 'test right in group', 'checksum': 15},
'4210': {'desc': 'test right in group', 'checksum': 8},
'4211': {'desc': 'test right in group', 'checksum': 8}
}
# basic group creation
self.rights.create_group('group_test1', rights)
self.rights.create_group('group_test2', rights_scnd)
# basic profile creation
self.rights.create_profile('profile_test1', ['group_test1'])
self.rights.create_profile('profile_test2', ['group_test2'])
# create new role and assign it to the user
self.rights.create_role('role_test1bis', 'profile_test1')
self.rights.create_user('jharris', 'role_test1bis')
# Basic check
self.assertEqual(
self.rights.check_rights(
'jharris', '1237', 1), True)
self.assertEqual(
self.rights.check_rights(
'jharris', '1237', 12), False)
# Add permissions to the rights
self.rights.add_right('group_test1', 'group', '1237', 12)
self.assertEqual(
self.rights.check_rights(
'jharris', '1237', 12), True)
# Test right deletion
self.rights.remove_right('group_test1', 'group', '1237', 8)
self.assertEqual(
self.rights.check_rights(
'jharris', '1237', 12), False)
# Add it back
self.rights.add_right('group_test1', 'group', '1237', 12)
# Test remove_entity
self.rights.remove_group_profile('profile_test1', 'group_test1')
self.assertEqual(
self.rights.check_rights(
'jharris', '1237', 12), False)
# Add it back
self.rights.add_group_profile('profile_test1', 'group_test1')
self.assertEqual(
self.rights.check_rights(
'jharris', '1237', 12), True)
# Test removing the profile
self.rights.remove_profile('role_test1bis', None, 'profile_test1')
self.assertEqual(
self.rights.check_rights(
'jharris', '1237', 12), False)
# Add it back
self.rights.add_profile('role_test1bis', None, 'profile_test1')
self.assertEqual(
self.rights.check_rights(
'jharris', '1237', 12), True)
# Remove the profile to add it to the role
self.rights.remove_profile('role_test1bis', None, 'profile_test1')
self.assertEqual(
self.rights.check_rights(
'jharris', '1237', 12), False)
# Add the group to the role
self.rights.add_group_role('role_test1bis', 'group_test1')
self.assertEqual(
self.rights.check_rights(
'jharris', '1237', 12), True)
# Remove it
self.rights.remove_group_role('role_test1bis', 'group_test1')
self.assertEqual(
self.rights.check_rights(
'jharris', '1237', 12), False)
# Add the specific right to the user
self.rights.add_right('jharris', 'user', '1237', 12)
self.assertEqual(
self.rights.check_rights(
'jharris', '1237', 12), True)
# Change the checksum
self.rights.remove_right('jharris', 'user', '1237', 4)
self.assertEqual(
self.rights.check_rights(
'jharris', '1237', 12), False)
self.assertEqual(
self.rights.check_rights(
'jharris', '1237', 8), True)
# Add a right on the same action to different fields
# and check that it is summed correctly
self.rights.remove_right('jharris', 'user', '1237', 8)
self.rights.remove_right('group_test1', 'user', '1237', 12)
self.rights.add_right('jharris', 'user', '1237', 2)
self.rights.add_right('role_test1bis', 'user', '1237', 4)
self.rights.add_right('group_test2', 'user', '1237', 8)
self.rights.add_group_user('jharris', 'group_test2')
self.rights.add_group_role('role_test1bis', 'group_test1')
self.rights.add_profile('role_test1bis', None, 'profile_test1')
self.rights.add_group_profile('role_test1bis', 'group_test1')
self.assertEqual(
self.rights.get_user_rights('jharris')['1237']['checksum'],
15)
# Change entity name
self.assertTrue('group_test2' in self.rights.get_user('jharris')['group'])
self.assertTrue(
'group_test2' == self.rights.get_group('group_test2')['crecord_name']
)
self.assertTrue(
self.rights.update_entity_name('group_test2', 'group', 'name_changed')
)
self.assertTrue('group_test2' in self.rights.get_user('jharris')['group'])
self.assertTrue(
'name_changed' == self.rights.get_group('group_test2')['crecord_name']
)
class RightsTest(TestCase):
def setUp(self):
self.logger = getLogger()
self.rights = Rights()
self.data_types = ['profile', 'group', 'role']
# This should be in a filldb script
referenced_rights = {
'1234',
'1235',
'1236',
'1237',
'1238',
'1239',
'1240',
'1241',
'2344',
'2345',
'2346',
'2347',
'2348',
'2349',
'4210',
'4211'
}
for x in referenced_rights:
self.rights.add(x, 'desc test rule')
# delete everything before starting
self.rights.delete_group('group_test1')
self.rights.delete_group('group_test2')
self.rights.delete_user('jharris')
self.rights.delete_profile('profile_test1')
self.rights.delete_profile('profile_test2')
self.rights.delete_role('role_test1bis')
def tearDown(self):
pass
# TODO: cleanup the mess in default_rights
def tests(self):
# Test creation of groups
rights = {
'1234': {'desc': 'test right in group', 'checksum': 15},
'1235': {'desc': 'test right in group', 'checksum': 8},
'1236': {'desc': 'test right in group', 'checksum': 12},
'1237': {'desc': 'test right in group', 'checksum': 1},
'1238': {'desc': 'test right in group', 'checksum': 15},
'1239': {'desc': 'test right in group', 'checksum': 15},
'1240': {'desc': 'test right in group', 'checksum': 8},
'1241': {'desc': 'test right in group', 'checksum': 8}
}
rights_scnd = {
'2344': {'desc': 'test right in group', 'checksum': 15},
'2345': {'desc': 'test right in group', 'checksum': 8},
'2346': {'desc': 'test right in group', 'checksum': 12},
'2347': {'desc': 'test right in group', 'checksum': 1},
'2348': {'desc': 'test right in group', 'checksum': 15},
'2349': {'desc': 'test right in group', 'checksum': 15},
'4210': {'desc': 'test right in group', 'checksum': 8},
'4211': {'desc': 'test right in group', 'checksum': 8}
}
# basic group creation
self.rights.create_group('group_test1', rights)
self.rights.create_group('group_test2', rights_scnd)
# basic profile creation
self.rights.create_profile('profile_test1', ['group_test1'])
self.rights.create_profile('profile_test2', ['group_test2'])
# create new role and assign it to the user
self.rights.create_role('role_test1bis', 'profile_test1')
self.rights.create_user('jharris', 'role_test1bis')
# Basic check
self.assertEqual(
self.rights.check_rights(
'jharris', '1237', 1), True)
self.assertEqual(
self.rights.check_rights(
'jharris', '1237', 12), False)
# Add permissions to the rights
self.rights.add_right('group_test1', 'group', '1237', 12)
self.assertEqual(
self.rights.check_rights(
'jharris', '1237', 12), True)
# Test right deletion
self.rights.remove_right('group_test1', 'group', '1237', 8)
self.assertEqual(
self.rights.check_rights(
'jharris', '1237', 12), False)
# Add it back
self.rights.add_right('group_test1', 'group', '1237', 12)
# Test remove_entity
self.rights.remove_group_profile('profile_test1', 'group_test1')
self.assertEqual(
self.rights.check_rights(
'jharris', '1237', 12), False)
# Add it back
self.rights.add_group_profile('profile_test1', 'group_test1')
self.assertEqual(
self.rights.check_rights(
'jharris', '1237', 12), True)
# Test removing the profile
self.rights.remove_profile('role_test1bis', None, 'profile_test1')
self.assertEqual(
self.rights.check_rights(
'jharris', '1237', 12), False)
# Add it back
self.rights.add_profile('role_test1bis', None, 'profile_test1')
self.assertEqual(
self.rights.check_rights(
'jharris', '1237', 12), True)
# Remove the profile to add it to the role
self.rights.remove_profile('role_test1bis', None, 'profile_test1')
self.assertEqual(
self.rights.check_rights(
'jharris', '1237', 12), False)
# Add the group to the role
self.rights.add_group_role('role_test1bis', 'group_test1')
self.assertEqual(
self.rights.check_rights(
'jharris', '1237', 12), True)
# Remove it
self.rights.remove_group_role('role_test1bis', 'group_test1')
self.assertEqual(
self.rights.check_rights(
'jharris', '1237', 12), False)
# Add the specific right to the user
self.rights.add_right('jharris', 'user', '1237', 12)
self.assertEqual(
self.rights.check_rights(
'jharris', '1237', 12), True)
# Change the checksum
self.rights.remove_right('jharris', 'user', '1237', 4)
self.assertEqual(
self.rights.check_rights(
'jharris', '1237', 12), False)
self.assertEqual(
self.rights.check_rights(
'jharris', '1237', 8), True)
# Add a right on the same action to different fields
# and check that it is summed correctly
self.rights.remove_right('jharris', 'user', '1237', 8)
self.rights.remove_right('group_test1', 'user', '1237', 12)
self.rights.add_right('jharris', 'user', '1237', 2)
self.rights.add_right('role_test1bis', 'user', '1237', 4)
self.rights.add_right('group_test2', 'user', '1237', 8)
self.rights.add_group_user('jharris', 'group_test2')
self.rights.add_group_role('role_test1bis', 'group_test1')
self.rights.add_profile('role_test1bis', None, 'profile_test1')
self.rights.add_group_profile('role_test1bis', 'group_test1')
# Change entity name
self.assertTrue('group_test2' in self.rights.get_user('jharris')['group'])
self.assertTrue(
'group_test2' == self.rights.get_group('group_test2')['crecord_name']
)
self.assertTrue(
self.rights.update_entity_name('group_test2', 'group', 'name_changed')
)
self.assertTrue('group_test2' in self.rights.get_user('jharris')['group'])
self.assertTrue(
'name_changed' == self.rights.get_group('group_test2')['crecord_name']
)
# Update fields
uid = 'my_user'
urole = 'admin'
values = {
'_id': uid,
'contact': {
'address': '',
'name': 'Administrator'
},
'external': False,
'mail': '*****@*****.**',
'shadowpasswd': 'DEADBEEF',
'ui_language': 'fr',
}
user = self.rights.create_user(
uid, urole,
contact=None,
rights=None,
groups=None
)
self.assertEqual(user['crecord_name'], uid)
self.rights.update_fields(uid, 'user', values)
r = self.rights.user_storage._backend.find({'_id': uid})
self.assertTrue(r.count() > 0)
content = list(r.limit(1))[0]
self.assertEqual(content['crecord_name'], uid)
self.assertEqual(content['ui_language'], 'fr')
self.assertEqual(content['mail'], '*****@*****.**')
class RightsTest(TestCase):
def setUp(self):
self.logger = getLogger()
self.rights = Rights()
self.data_types = ['profile', 'group', 'role']
# This should be in a filldb script
referenced_rights = {
'1234', '1235', '1236', '1237', '1238', '1239', '1240', '1241',
'2344', '2345', '2346', '2347', '2348', '2349', '4210', '4211'
}
for x in referenced_rights:
self.rights.add(x, 'desc test rule')
# delete everything before starting
self.rights.delete_group('group_test1')
self.rights.delete_group('group_test2')
self.rights.delete_user('jharris')
self.rights.delete_profile('profile_test1')
self.rights.delete_profile('profile_test2')
self.rights.delete_role('role_test1bis')
def tearDown(self):
pass
# TODO: cleanup the mess in default_rights
def tests(self):
# Test creation of groups
rights = {
'1234': {
'desc': 'test right in group',
'checksum': 15
},
'1235': {
'desc': 'test right in group',
'checksum': 8
},
'1236': {
'desc': 'test right in group',
'checksum': 12
},
'1237': {
'desc': 'test right in group',
'checksum': 1
},
'1238': {
'desc': 'test right in group',
'checksum': 15
},
'1239': {
'desc': 'test right in group',
'checksum': 15
},
'1240': {
'desc': 'test right in group',
'checksum': 8
},
'1241': {
'desc': 'test right in group',
'checksum': 8
}
}
rights_scnd = {
'2344': {
'desc': 'test right in group',
'checksum': 15
},
'2345': {
'desc': 'test right in group',
'checksum': 8
},
'2346': {
'desc': 'test right in group',
'checksum': 12
},
'2347': {
'desc': 'test right in group',
'checksum': 1
},
'2348': {
'desc': 'test right in group',
'checksum': 15
},
'2349': {
'desc': 'test right in group',
'checksum': 15
},
'4210': {
'desc': 'test right in group',
'checksum': 8
},
'4211': {
'desc': 'test right in group',
'checksum': 8
}
}
# basic group creation
self.rights.create_group('group_test1', rights)
self.rights.create_group('group_test2', rights_scnd)
# basic profile creation
self.rights.create_profile('profile_test1', ['group_test1'])
self.rights.create_profile('profile_test2', ['group_test2'])
# create new role and assign it to the user
self.rights.create_role('role_test1bis', 'profile_test1')
self.rights.create_user('jharris', 'role_test1bis')
# Basic check
self.assertEqual(self.rights.check_rights('jharris', '1237', 1), True)
self.assertEqual(self.rights.check_rights('jharris', '1237', 12),
False)
# Add permissions to the rights
self.rights.add_right('group_test1', 'group', '1237', 12)
self.assertEqual(self.rights.check_rights('jharris', '1237', 12), True)
# Test right deletion
self.rights.remove_right('group_test1', 'group', '1237', 8)
self.assertEqual(self.rights.check_rights('jharris', '1237', 12),
False)
# Add it back
self.rights.add_right('group_test1', 'group', '1237', 12)
# Test remove_entity
self.rights.remove_group_profile('profile_test1', 'group_test1')
self.assertEqual(self.rights.check_rights('jharris', '1237', 12),
False)
# Add it back
self.rights.add_group_profile('profile_test1', 'group_test1')
self.assertEqual(self.rights.check_rights('jharris', '1237', 12), True)
# Test removing the profile
self.rights.remove_profile('role_test1bis', None, 'profile_test1')
self.assertEqual(self.rights.check_rights('jharris', '1237', 12),
False)
# Add it back
self.rights.add_profile('role_test1bis', None, 'profile_test1')
self.assertEqual(self.rights.check_rights('jharris', '1237', 12), True)
# Remove the profile to add it to the role
self.rights.remove_profile('role_test1bis', None, 'profile_test1')
self.assertEqual(self.rights.check_rights('jharris', '1237', 12),
False)
# Add the group to the role
self.rights.add_group_role('role_test1bis', 'group_test1')
self.assertEqual(self.rights.check_rights('jharris', '1237', 12), True)
# Remove it
self.rights.remove_group_role('role_test1bis', 'group_test1')
self.assertEqual(self.rights.check_rights('jharris', '1237', 12),
False)
# Add the specific right to the user
self.rights.add_right('jharris', 'user', '1237', 12)
self.assertEqual(self.rights.check_rights('jharris', '1237', 12), True)
# Change the checksum
self.rights.remove_right('jharris', 'user', '1237', 4)
self.assertEqual(self.rights.check_rights('jharris', '1237', 12),
False)
self.assertEqual(self.rights.check_rights('jharris', '1237', 8), True)
# Add a right on the same action to different fields
# and check that it is summed correctly
self.rights.remove_right('jharris', 'user', '1237', 8)
self.rights.remove_right('group_test1', 'user', '1237', 12)
self.rights.add_right('jharris', 'user', '1237', 2)
self.rights.add_right('role_test1bis', 'user', '1237', 4)
self.rights.add_right('group_test2', 'user', '1237', 8)
self.rights.add_group_user('jharris', 'group_test2')
self.rights.add_group_role('role_test1bis', 'group_test1')
self.rights.add_profile('role_test1bis', None, 'profile_test1')
self.rights.add_group_profile('role_test1bis', 'group_test1')
# Change entity name
self.assertTrue(
'group_test2' in self.rights.get_user('jharris')['group'])
self.assertTrue('group_test2' == self.rights.get_group('group_test2')
['crecord_name'])
self.assertTrue(
self.rights.update_entity_name('group_test2', 'group',
'name_changed'))
self.assertTrue(
'group_test2' in self.rights.get_user('jharris')['group'])
self.assertTrue('name_changed' == self.rights.get_group('group_test2')
['crecord_name'])
# Update fields
uid = 'my_user'
urole = 'admin'
values = {
'_id': uid,
'contact': {
'address': '',
'name': 'Administrator'
},
'external': False,
'mail': '*****@*****.**',
'shadowpasswd': 'DEADBEEF',
'ui_language': 'fr',
}
user = self.rights.create_user(uid,
urole,
contact=None,
rights=None,
groups=None)
self.assertEqual(user['crecord_name'], uid)
self.rights.update_fields(uid, 'user', values)
r = self.rights.user_storage._backend.find({'_id': uid})
self.assertTrue(r.count() > 0)
content = list(r.limit(1))[0]
self.assertEqual(content['crecord_name'], uid)
self.assertEqual(content['ui_language'], 'fr')
self.assertEqual(content['mail'], '*****@*****.**')
