Example #1
0
    def test_acl_applies_group_model_acl_if_group_is_not_None(
            self, pyramid_config, pyramid_request, factories):
        group = factories.Group()
        policy = ACLAuthorizationPolicy()
        pyramid_config.testing_securitypolicy(
            'acct:adminuser@foo', groupids=[security.Authenticated])
        pyramid_config.set_authorization_policy(policy)

        context = GroupUpsertContext(group=group, request=pyramid_request)

        assert context.__acl__() == group.__acl__()
Example #2
0
    def test_acl_applies_group_model_acl_if_group_is_not_None(
        self, pyramid_config, pyramid_request, factories
    ):
        group = factories.Group()
        policy = ACLAuthorizationPolicy()
        pyramid_config.testing_securitypolicy(
            "acct:adminuser@foo", groupids=[security.Authenticated]
        )
        pyramid_config.set_authorization_policy(policy)

        context = GroupUpsertContext(group=group, request=pyramid_request)

        assert context.__acl__() == group.__acl__()
Example #3
0
    def test_acl_denies_root_upsert_if_no_user_role_and_no_group(
            self, pyramid_config, pyramid_request):
        policy = ACLAuthorizationPolicy()
        pyramid_config.testing_securitypolicy(
            'acct:adminuser@foo', groupids=[security.Authenticated])
        pyramid_config.set_authorization_policy(policy)

        context = GroupUpsertContext(group=None, request=pyramid_request)

        assert not pyramid_request.has_permission('upsert', context)
Example #4
0
    def test_acl_applies_root_upsert_to_user_role_when_no_group(
            self, pyramid_config, pyramid_request):
        policy = ACLAuthorizationPolicy()
        pyramid_config.testing_securitypolicy(
            "acct:adminuser@foo", groupids=[security.Authenticated, role.User])
        pyramid_config.set_authorization_policy(policy)

        context = GroupUpsertContext(group=None, request=pyramid_request)

        assert pyramid_request.has_permission("upsert", context)
Example #5
0
    def test_acl_does_not_apply_root_upsert_permission_if_group_is_not_None(
            self, pyramid_config, pyramid_request, factories):
        group = factories.Group()
        policy = ACLAuthorizationPolicy()
        pyramid_config.testing_securitypolicy(
            'acct:adminuser@foo', groupids=[security.Authenticated, role.User])
        pyramid_config.set_authorization_policy(policy)

        context = GroupUpsertContext(group=group, request=pyramid_request)

        # an `upsert` permission could be present in the ACL via the model IF the current
        # user were the creator, but they're not
        assert not pyramid_request.has_permission('upsert', context)