Example #1
0
 def test_simple(self):
     root = get_root()
     set_groups('bob', root, ['role:editor'])
     self.assertEqual(
         list_groups('bob', root), ['role:editor'])
     self.assertEqual(
         list_groups_raw('bob', root), ['role:editor'])
Example #2
0
    def test_inherit(self):
        from kotti import DBSession
        from kotti.resources import get_root
        from kotti.resources import Node
        from kotti.security import list_groups
        from kotti.security import list_groups_raw
        from kotti.security import set_groups

        root = get_root()
        child = root[u'child'] = Node()
        DBSession.flush()

        self.assertEqual(list_groups('bob', child), [])
        set_groups('bob', root, ['role:editor'])
        self.assertEqual(list_groups('bob', child), ['role:editor'])

        # Groups from the child are added:
        set_groups('bob', child, ['group:somegroup'])
        self.assertEqual(
            set(list_groups('bob', child)),
            set(['group:somegroup', 'role:editor'])
            )

        # We can ask to list only those groups that are defined locally:
        self.assertEqual(
            list_groups_raw(u'bob', child), set(['group:somegroup']))
Example #3
0
    def test_simple(self, db_session, root):
        from kotti.security import list_groups
        from kotti.security import list_groups_raw
        from kotti.security import set_groups

        set_groups("bob", root, ["role:editor"])
        assert list_groups("bob", root) == ["role:editor"]
        assert list_groups_raw("bob", root) == {"role:editor"}
Example #4
0
    def test_overwrite_and_delete(self, db_session, root):
        from kotti.resources import get_root
        from kotti.security import list_groups
        from kotti.security import list_groups_raw
        from kotti.security import set_groups

        set_groups("bob", root, ["role:editor"])
        assert list_groups("bob", root) == ["role:editor"]
        assert list_groups_raw("bob", root) == {"role:editor"}

        set_groups("bob", root, ["role:admin"])
        assert list_groups("bob", root) == ["role:admin"]
        assert list_groups_raw("bob", root) == {"role:admin"}

        set_groups("bob", root)
        assert list_groups("bob", root) == []
        assert get_root() is root
Example #5
0
    def test_simple(self, db_session, root):
        from kotti.security import list_groups
        from kotti.security import list_groups_raw
        from kotti.security import set_groups

        set_groups('bob', root, ['role:editor'])
        assert list_groups('bob', root) == ['role:editor']
        assert list_groups_raw(u'bob', root) == {'role:editor'}
    def test_overwrite_and_delete(self, db_session, root):
        from kotti.resources import get_root
        from kotti.security import list_groups
        from kotti.security import list_groups_raw
        from kotti.security import set_groups

        set_groups('bob', root, ['role:editor'])
        assert list_groups('bob', root) == ['role:editor']
        assert list_groups_raw(u'bob', root) == set(['role:editor'])

        set_groups('bob', root, ['role:admin'])
        assert list_groups('bob', root) == ['role:admin']
        assert list_groups_raw(u'bob', root) == set(['role:admin'])

        set_groups('bob', root)
        assert list_groups('bob', root) == []
        assert get_root() is root
Example #7
0
    def test_overwrite_and_delete(self, db_session, root):
        from kotti.resources import get_root
        from kotti.security import list_groups
        from kotti.security import list_groups_raw
        from kotti.security import set_groups

        set_groups('bob', root, ['role:editor'])
        assert list_groups('bob', root) == ['role:editor']
        assert list_groups_raw(u'bob', root) == {'role:editor'}

        set_groups('bob', root, ['role:admin'])
        assert list_groups('bob', root) == ['role:admin']
        assert list_groups_raw(u'bob', root) == {'role:admin'}

        set_groups('bob', root)
        assert list_groups('bob', root) == []
        assert get_root() is root
Example #8
0
    def test_root_default(self):
        from kotti.resources import get_root
        from kotti.security import list_groups
        from kotti.security import list_groups_raw

        root = get_root()
        self.assertEqual(list_groups('admin', root), ['role:admin'])
        self.assertEqual(list_groups_raw(u'admin', root), set([]))
    def test_simple(self, db_session, root):
        from kotti.security import list_groups
        from kotti.security import list_groups_raw
        from kotti.security import set_groups

        set_groups('bob', root, ['role:editor'])
        assert list_groups('bob', root) == ['role:editor']
        assert list_groups_raw(u'bob', root) == set(['role:editor'])
Example #10
0
    def test_root_default(self, db_session):
        from kotti.resources import get_root
        from kotti.security import list_groups
        from kotti.security import list_groups_raw

        root = get_root()
        assert list_groups('admin', root) == ['role:admin']
        assert list_groups_raw(u'admin', root) == set([])
Example #11
0
    def test_root_default(self):
        from kotti.resources import get_root
        from kotti.security import list_groups
        from kotti.security import list_groups_raw

        root = get_root()
        self.assertEqual(list_groups('admin', root), ['role:admin'])
        self.assertEqual(list_groups_raw(u'admin', root), set([]))
Example #12
0
    def test_root_default(self, db_session):
        from kotti.resources import get_root
        from kotti.security import list_groups
        from kotti.security import list_groups_raw

        root = get_root()
        assert list_groups('admin', root) == ['role:admin']
        assert list_groups_raw(u'admin', root) == set([])
Example #13
0
    def test_overwrite_and_delete(self):
        from kotti.resources import get_root
        from kotti.security import list_groups
        from kotti.security import list_groups_raw
        from kotti.security import set_groups

        root = get_root()
        set_groups('bob', root, ['role:editor'])
        self.assertEqual(list_groups('bob', root), ['role:editor'])
        self.assertEqual(list_groups_raw(u'bob', root), set(['role:editor']))

        set_groups('bob', root, ['role:admin'])
        self.assertEqual(list_groups('bob', root), ['role:admin'])
        self.assertEqual(list_groups_raw(u'bob', root), set(['role:admin']))

        set_groups('bob', root)
        self.assertEqual(list_groups('bob', root), [])
        self.assertTrue(get_root() is root)
Example #14
0
    def test_simple(self, db_session):
        from kotti.resources import get_root
        from kotti.security import list_groups
        from kotti.security import list_groups_raw
        from kotti.security import set_groups

        root = get_root()
        set_groups('bob', root, ['role:editor'])
        assert list_groups('bob', root) == ['role:editor']
        assert list_groups_raw(u'bob', root) == set(['role:editor'])
Example #15
0
    def test_simple(self):
        from kotti.resources import get_root
        from kotti.security import list_groups
        from kotti.security import list_groups_raw
        from kotti.security import set_groups

        root = get_root()
        set_groups('bob', root, ['role:editor'])
        self.assertEqual(list_groups('bob', root), ['role:editor'])
        self.assertEqual(list_groups_raw(u'bob', root), set(['role:editor']))
Example #16
0
    def test_simple(self, db_session):
        from kotti.resources import get_root
        from kotti.security import list_groups
        from kotti.security import list_groups_raw
        from kotti.security import set_groups

        root = get_root()
        set_groups('bob', root, ['role:editor'])
        assert list_groups('bob', root) == ['role:editor']
        assert list_groups_raw(u'bob', root) == set(['role:editor'])
Example #17
0
def set_owner(event):
    obj, request = event.object, event.request
    if request is not None and isinstance(obj, Node) and obj.owner is None:
        userid = authenticated_userid(request)
        if userid is not None:
            # Set owner metadata:
            obj.owner = userid
            # Add owner role for userid if it's not inherited already:
            if u'role:owner' not in list_groups(userid, obj):
                groups = list_groups_raw(userid, obj) | set([u'role:owner'])
                set_groups(userid, obj, groups)
Example #18
0
def set_owner(event):
    obj, request = event.object, event.request
    if request is not None and isinstance(obj, Node) and obj.owner is None:
        userid = authenticated_userid(request)
        if userid is not None:
            userid = unicode(userid)
            # Set owner metadata:
            obj.owner = userid
            # Add owner role for userid if it's not inherited already:
            if u'role:owner' not in list_groups(userid, obj):
                groups = list_groups_raw(userid, obj) | set([u'role:owner'])
                set_groups(userid, obj, groups)
Example #19
0
    def test_simple(self):
        from kotti.resources import get_root
        from kotti.security import list_groups
        from kotti.security import list_groups_raw
        from kotti.security import set_groups

        root = get_root()
        set_groups('bob', root, ['role:editor'])
        self.assertEqual(
            list_groups('bob', root), ['role:editor'])
        self.assertEqual(
            list_groups_raw(u'bob', root), set(['role:editor']))
Example #20
0
    def test_overwrite_and_delete(self):
        from kotti.resources import get_root
        from kotti.security import list_groups
        from kotti.security import list_groups_raw
        from kotti.security import set_groups

        root = get_root()
        set_groups('bob', root, ['role:editor'])
        self.assertEqual(
            list_groups('bob', root), ['role:editor'])
        self.assertEqual(
            list_groups_raw(u'bob', root), set(['role:editor']))

        set_groups('bob', root, ['role:admin'])
        self.assertEqual(
            list_groups('bob', root), ['role:admin'])
        self.assertEqual(
            list_groups_raw(u'bob', root), set(['role:admin']))

        set_groups('bob', root)
        self.assertEqual(
            list_groups('bob', root), [])
        self.assertTrue(get_root() is root)
Example #21
0
    def test_owner(self):
        session = DBSession()
        self.config.testing_securitypolicy(userid=u'bob')
        root = get_root()
        child = root[u'child'] = Content()
        session.flush()
        self.assertEqual(child.owner, u'bob')
        self.assertEqual(list_groups(u'bob', child), [u'role:owner'])

        clear_request_cache()
        # The event listener does not set the role again for subitems:
        grandchild = child[u'grandchild'] = Content()
        session.flush()
        self.assertEqual(grandchild.owner, u'bob')
        self.assertEqual(list_groups(u'bob', grandchild), [u'role:owner'])
        self.assertEqual(len(list_groups_raw(u'bob', grandchild)), 0)
Example #22
0
def set_owner(event):
    """Set ``owner`` of the object that triggered the event.

    :param event: event that trigerred this handler.
    :type event: :class:`ObjectInsert`
    """

    obj, request = event.object, event.request
    if request is not None and isinstance(obj, Node) and obj.owner is None:
        userid = request.authenticated_userid
        if userid is not None:
            userid = unicode(userid)
            # Set owner metadata:
            obj.owner = userid
            # Add owner role for userid if it's not inherited already:
            if u'role:owner' not in list_groups(userid, obj):
                groups = list_groups_raw(userid, obj) | set([u'role:owner'])
                set_groups(userid, obj, groups)
Example #23
0
def set_owner(event):
    """Set ``owner`` of the object that triggered the event.

    :param event: event that trigerred this handler.
    :type event: :class:`ObjectInsert`
    """

    obj, request = event.object, event.request
    if request is not None and isinstance(obj, Node) and obj.owner is None:
        userid = request.authenticated_userid
        if userid is not None:
            userid = unicode(userid)
            # Set owner metadata:
            obj.owner = userid
            # Add owner role for userid if it's not inherited already:
            if u'role:owner' not in list_groups(userid, obj):
                groups = list_groups_raw(userid, obj) | set([u'role:owner'])
                set_groups(userid, obj, groups)
Example #24
0
    def test_inherit(self):
        session = DBSession()
        root = get_root()
        child = root[u'child'] = Node()
        session.flush()

        self.assertEqual(list_groups('bob', child), [])
        set_groups('bob', root, ['role:editor'])
        self.assertEqual(list_groups('bob', child), ['role:editor'])

        # Groups from the child are added:
        set_groups('bob', child, ['group:somegroup'])
        self.assertEqual(
            set(list_groups('bob', child)),
            set(['group:somegroup', 'role:editor']))

        # We can ask to list only those groups that are defined locally:
        self.assertEqual(list_groups_raw('bob', child), ['group:somegroup'])
Example #25
0
    def test_inherit(self, db_session, root):
        from kotti.resources import Node
        from kotti.security import list_groups
        from kotti.security import list_groups_raw
        from kotti.security import set_groups

        child = root["child"] = Node()
        db_session.flush()

        assert list_groups("bob", child) == []
        set_groups("bob", root, ["role:editor"])
        assert list_groups("bob", child) == ["role:editor"]

        # Groups from the child are added:
        set_groups("bob", child, ["group:somegroup"])
        assert set(list_groups("bob", child)) == {"group:somegroup", "role:editor"}

        # We can ask to list only those groups that are defined locally:
        assert list_groups_raw("bob", child) == {"group:somegroup"}
Example #26
0
    def test_owner(self, root, db_session, events, dummy_request):
        from kotti.resources import Content
        from kotti.security import list_groups
        from kotti.security import list_groups_raw
        from kotti.util import clear_cache

        child = root[u'child'] = Content()
        db_session.flush()
        assert child.owner == u'bob'
        assert list_groups(u'bob', child) == [u'role:owner']

        clear_cache()

        # The event listener does not set the role again for subitems:
        grandchild = child[u'grandchild'] = Content()
        db_session.flush()
        assert grandchild.owner == u'bob'
        assert list_groups(u'bob', grandchild) == [u'role:owner']
        assert len(list_groups_raw(u'bob', grandchild)) == 0
Example #27
0
    def test_owner(self, root, db_session, events, dummy_request):
        from kotti.resources import Content
        from kotti.security import list_groups
        from kotti.security import list_groups_raw
        from kotti.util import clear_cache

        child = root['child'] = Content()
        db_session.flush()
        assert child.owner == 'bob'
        assert list_groups('bob', child) == ['role:owner']

        clear_cache()

        # The event listener does not set the role again for subitems:
        grandchild = child['grandchild'] = Content()
        db_session.flush()
        assert grandchild.owner == 'bob'
        assert list_groups('bob', grandchild) == ['role:owner']
        assert len(list_groups_raw('bob', grandchild)) == 0
Example #28
0
    def test_owner(self, root, db_session, events, dummy_request):
        from kotti.resources import Content
        from kotti.security import list_groups
        from kotti.security import list_groups_raw
        from kotti.util import clear_cache

        with patch('kotti.events.authenticated_userid', return_value='bob'):
            child = root[u'child'] = Content()
            db_session.flush()
        assert child.owner == u'bob'
        assert list_groups(u'bob', child) == [u'role:owner']

        clear_cache()
        # The event listener does not set the role again for subitems:
        with patch('kotti.events.authenticated_userid', return_value='bob'):
            grandchild = child[u'grandchild'] = Content()
            db_session.flush()
        assert grandchild.owner == u'bob'
        assert list_groups(u'bob', grandchild) == [u'role:owner']
        assert len(list_groups_raw(u'bob', grandchild)) == 0
Example #29
0
    def test_inherit(self, db_session, root):
        from kotti.resources import Node
        from kotti.security import list_groups
        from kotti.security import list_groups_raw
        from kotti.security import set_groups

        child = root[u'child'] = Node()
        db_session.flush()

        assert list_groups('bob', child) == []
        set_groups('bob', root, ['role:editor'])
        assert list_groups('bob', child) == ['role:editor']

        # Groups from the child are added:
        set_groups('bob', child, ['group:somegroup'])
        assert (set(list_groups('bob',
                                child)) == {'group:somegroup', 'role:editor'})

        # We can ask to list only those groups that are defined locally:
        assert list_groups_raw(u'bob', child) == {'group:somegroup'}
Example #30
0
    def test_inherit(self, db_session, root):
        from kotti.resources import Node
        from kotti.security import list_groups
        from kotti.security import list_groups_raw
        from kotti.security import set_groups

        child = root[u'child'] = Node()
        db_session.flush()

        assert list_groups('bob', child) == []
        set_groups('bob', root, ['role:editor'])
        assert list_groups('bob', child) == ['role:editor']

        # Groups from the child are added:
        set_groups('bob', child, ['group:somegroup'])
        assert (
            set(list_groups('bob', child)) ==
            set(['group:somegroup', 'role:editor'])
            )

        # We can ask to list only those groups that are defined locally:
        assert list_groups_raw(u'bob', child) == set(['group:somegroup'])
Example #31
0
    def test_owner(self, get_current_request, authenticated_userid):
        from kotti import DBSession
        from kotti.resources import get_root
        from kotti.resources import Content
        from kotti.security import list_groups
        from kotti.security import list_groups_raw
        from kotti.util import clear_cache

        get_current_request.return_value = not None
        authenticated_userid.return_value = 'bob'
        root = get_root()
        child = root[u'child'] = Content()
        DBSession.flush()
        self.assertEqual(child.owner, u'bob')
        self.assertEqual(list_groups(u'bob', child), [u'role:owner'])

        clear_cache()
        # The event listener does not set the role again for subitems:
        grandchild = child[u'grandchild'] = Content()
        DBSession.flush()
        self.assertEqual(grandchild.owner, u'bob')
        self.assertEqual(list_groups(u'bob', grandchild), [u'role:owner'])
        self.assertEqual(len(list_groups_raw(u'bob', grandchild)), 0)
Example #32
0
    def test_owner(self):
        from kotti import DBSession
        from kotti.resources import get_root
        from kotti.resources import Content
        from kotti.security import list_groups
        from kotti.security import list_groups_raw
        from kotti.util import clear_cache

        session = DBSession()
        self.config.testing_securitypolicy(userid='bob')
        root = get_root()
        child = root[u'child'] = Content()
        session.flush()
        self.assertEqual(child.owner, u'bob')
        self.assertEqual(list_groups(u'bob', child), [u'role:owner'])

        clear_cache()
        # The event listener does not set the role again for subitems:
        grandchild = child[u'grandchild'] = Content()
        session.flush()
        self.assertEqual(grandchild.owner, u'bob')
        self.assertEqual(list_groups(u'bob', grandchild), [u'role:owner'])
        self.assertEqual(len(list_groups_raw(u'bob', grandchild)), 0)
Example #33
0
    def test_owner(self, get_current_request, authenticated_userid):
        from kotti import DBSession
        from kotti.resources import get_root
        from kotti.resources import Content
        from kotti.security import list_groups
        from kotti.security import list_groups_raw
        from kotti.util import clear_cache

        get_current_request.return_value = not None
        authenticated_userid.return_value = 'bob'
        root = get_root()
        child = root[u'child'] = Content()
        DBSession.flush()
        self.assertEqual(child.owner, u'bob')
        self.assertEqual(list_groups(u'bob', child), [u'role:owner'])

        clear_cache()
        # The event listener does not set the role again for subitems:
        grandchild = child[u'grandchild'] = Content()
        DBSession.flush()
        self.assertEqual(grandchild.owner, u'bob')
        self.assertEqual(list_groups(u'bob', grandchild), [u'role:owner'])
        self.assertEqual(len(list_groups_raw(u'bob', grandchild)), 0)
Example #34
0
    def test_owner(self, db_session, events, dummy_request):
        from kotti import DBSession
        from kotti.resources import get_root
        from kotti.resources import Content
        from kotti.security import list_groups
        from kotti.security import list_groups_raw
        from kotti.util import clear_cache

        root = get_root()
        with patch('kotti.events.authenticated_userid', return_value='bob'):
            child = root[u'child'] = Content()
            DBSession.flush()
        assert child.owner == u'bob'
        assert list_groups(u'bob', child) == [u'role:owner']

        clear_cache()
        # The event listener does not set the role again for subitems:
        with patch('kotti.events.authenticated_userid', return_value='bob'):
            grandchild = child[u'grandchild'] = Content()
            DBSession.flush()
        assert grandchild.owner == u'bob'
        assert list_groups(u'bob', grandchild) == [u'role:owner']
        assert len(list_groups_raw(u'bob', grandchild)) == 0
Example #35
0
    def test_owner(self):
        from kotti import DBSession
        from kotti.resources import get_root
        from kotti.resources import Content
        from kotti.security import list_groups
        from kotti.security import list_groups_raw
        from kotti.util import clear_cache

        session = DBSession()
        self.config.testing_securitypolicy(userid='bob')
        root = get_root()
        child = root[u'child'] = Content()
        session.flush()
        self.assertEqual(child.owner, u'bob')
        self.assertEqual(list_groups(u'bob', child), [u'role:owner'])

        clear_cache()
        # The event listener does not set the role again for subitems:
        grandchild = child[u'grandchild'] = Content()
        session.flush()
        self.assertEqual(grandchild.owner, u'bob')
        self.assertEqual(list_groups(u'bob', grandchild), [u'role:owner'])
        self.assertEqual(len(list_groups_raw(u'bob', grandchild)), 0)
Example #36
0
    def test_inherit(self):
        from kotti import DBSession
        from kotti.resources import get_root
        from kotti.resources import Node
        from kotti.security import list_groups
        from kotti.security import list_groups_raw
        from kotti.security import set_groups

        root = get_root()
        child = root[u'child'] = Node()
        DBSession.flush()

        self.assertEqual(list_groups('bob', child), [])
        set_groups('bob', root, ['role:editor'])
        self.assertEqual(list_groups('bob', child), ['role:editor'])

        # Groups from the child are added:
        set_groups('bob', child, ['group:somegroup'])
        self.assertEqual(set(list_groups('bob', child)),
                         set(['group:somegroup', 'role:editor']))

        # We can ask to list only those groups that are defined locally:
        self.assertEqual(list_groups_raw(u'bob', child),
                         set(['group:somegroup']))
Example #37
0
    def test_not_a_node(self):
        from kotti.security import list_groups_raw

        assert list_groups_raw("bob", object()) == set()
Example #38
0
    def test_root_default(self, db_session, root):
        from kotti.security import list_groups
        from kotti.security import list_groups_raw

        assert list_groups("admin", root) == ["role:admin"]
        assert list_groups_raw("admin", root) == set([])
Example #39
0
    def test_not_a_node(self):
        from kotti.security import list_groups_raw

        self.assertEqual(list_groups_raw(u'bob', object()), set())
Example #40
0
 def test_root_default(self):
     root = get_root()
     self.assertEqual(list_groups('admin', root), ['role:admin'])
     self.assertEqual(list_groups_raw('admin', root), set([]))
Example #41
0
    def test_root_default(self, db_session, root):
        from kotti.security import list_groups
        from kotti.security import list_groups_raw

        assert list_groups('admin', root) == ['role:admin']
        assert list_groups_raw(u'admin', root) == set([])
Example #42
0
    def test_not_a_node(self):
        from kotti.security import list_groups_raw

        self.assertEqual(list_groups_raw(u'bob', object()), set())
Example #43
0
    def test_not_a_node(self):
        from kotti.security import list_groups_raw

        assert list_groups_raw(u'bob', object()) == set()