def GetGrrUser(self, args, token=None):
# Everybody can get their own user object.
interface_traits = api_user.ApiGrrUserInterfaceTraits(
search_clients_action_enabled=True)
return api_user.ApiGetOwnGrrUserHandler(
interface_traits=interface_traits)
def testGetGrrUserReturnsRestrictedTraitsForNonAdminUser(self):
error = access_control.UnauthorizedAccess("some error")
self.access_checker_mock.CheckIfUserIsAdmin.side_effect = error
handler = self.router.GetGrrUser(None, context=self.context)
self.assertNotEqual(handler.interface_traits,
api_user.ApiGrrUserInterfaceTraits().EnableAll())
def GetGrrUser(self, args, token=None):
# Everybody can get their own user settings.
interface_traits = api_user.ApiGrrUserInterfaceTraits().EnableAll()
try:
self.access_checker.CheckIfUserIsAdmin(token.username)
except access_control.UnauthorizedAccess:
interface_traits.manage_binaries_nav_item_enabled = False
return api_user.ApiGetOwnGrrUserHandler(interface_traits=interface_traits)
def testRendersTraitsPassedInConstructor(self):
result = self.handler.Handle(
None, context=api_call_context.ApiCallContext(username=u"foo"))
self.assertFalse(result.interface_traits.create_hunt_action_enabled)
handler = user_plugin.ApiGetOwnGrrUserHandler(
interface_traits=user_plugin.ApiGrrUserInterfaceTraits(
create_hunt_action_enabled=True))
result = handler.Handle(
None, context=api_call_context.ApiCallContext(username=u"foo"))
self.assertTrue(result.interface_traits.create_hunt_action_enabled)
def testRendersTraitsPassedInConstructor(self):
result = self.handler.Handle(
None, token=access_control.ACLToken(username="******"))
self.assertFalse(result.interface_traits.create_hunt_action_enabled)
handler = user_plugin.ApiGetOwnGrrUserHandler(
interface_traits=user_plugin.ApiGrrUserInterfaceTraits(
create_hunt_action_enabled=True))
result = handler.Handle(None,
token=access_control.ACLToken(username="******"))
self.assertTrue(result.interface_traits.create_hunt_action_enabled)
def GetGrrUser(self, args, context=None):
# Everybody can get their own user settings.
interface_traits = api_user.ApiGrrUserInterfaceTraits().EnableAll()
try:
# Without access to restricted flows, one can not launch Python hacks and
# binaries. Hence, we don't display the "Manage binaries" page.
self.access_checker.CheckIfHasAccessToRestrictedFlows(
context.username)
except access_control.UnauthorizedAccess:
interface_traits.manage_binaries_nav_item_enabled = False
return api_user.ApiGetOwnGrrUserHandler(
interface_traits=interface_traits)
def GetGrrUser(self, args, context=None):
return api_user.ApiGetOwnGrrUserHandler(
interface_traits=api_user.ApiGrrUserInterfaceTraits().EnableAll())
def testRaisesIfTraitsSetInRequest(self):
user = user_plugin.ApiGrrUser(
interface_traits=user_plugin.ApiGrrUserInterfaceTraits())
with self.assertRaises(ValueError):
self.handler.Handle(
user, context=api_call_context.ApiCallContext(username=u"foo"))
def testGetGrrUserReturnsFullTraitsForAdminUser(self):
handler = self.router.GetGrrUser(None, context=self.context)
self.assertEqual(handler.interface_traits,
api_user.ApiGrrUserInterfaceTraits().EnableAll())
def testRaisesIfTraitsSetInRequest(self):
user = user_plugin.ApiGrrUser(
interface_traits=user_plugin.ApiGrrUserInterfaceTraits())
with self.assertRaises(ValueError):
self.handler.Handle(user,
token=access_control.ACLToken(username=u"foo"))
def GetGrrUser(self, args, context=None):
interface_traits = api_user.ApiGrrUserInterfaceTraits().EnableAll()
interface_traits.hunt_approval_required = False
return api_user.ApiGetOwnGrrUserHandler(
interface_traits=interface_traits)
def testGetGrrUserReturnsFullTraitsForWhenWithRestrictedFlowsAccess(self):
handler = self.router.GetGrrUser(None, context=self.context)
self.assertEqual(handler.interface_traits,
api_user.ApiGrrUserInterfaceTraits().EnableAll())
