def test_simple(self):
root = get_root()
set_groups('bob', root, ['role:editor'])
self.assertEqual(
list_groups('bob', root), ['role:editor'])
self.assertEqual(
list_groups_raw('bob', root), ['role:editor'])
def test_inherit(self):
from kotti import DBSession
from kotti.resources import get_root
from kotti.resources import Node
from kotti.security import list_groups
from kotti.security import list_groups_raw
from kotti.security import set_groups
root = get_root()
child = root[u'child'] = Node()
DBSession.flush()
self.assertEqual(list_groups('bob', child), [])
set_groups('bob', root, ['role:editor'])
self.assertEqual(list_groups('bob', child), ['role:editor'])
# Groups from the child are added:
set_groups('bob', child, ['group:somegroup'])
self.assertEqual(
set(list_groups('bob', child)),
set(['group:somegroup', 'role:editor'])
)
# We can ask to list only those groups that are defined locally:
self.assertEqual(
list_groups_raw(u'bob', child), set(['group:somegroup']))
def test_simple(self, db_session, root):
from kotti.security import list_groups
from kotti.security import list_groups_raw
from kotti.security import set_groups
set_groups("bob", root, ["role:editor"])
assert list_groups("bob", root) == ["role:editor"]
assert list_groups_raw("bob", root) == {"role:editor"}
def test_overwrite_and_delete(self, db_session, root):
from kotti.resources import get_root
from kotti.security import list_groups
from kotti.security import list_groups_raw
from kotti.security import set_groups
set_groups("bob", root, ["role:editor"])
assert list_groups("bob", root) == ["role:editor"]
assert list_groups_raw("bob", root) == {"role:editor"}
set_groups("bob", root, ["role:admin"])
assert list_groups("bob", root) == ["role:admin"]
assert list_groups_raw("bob", root) == {"role:admin"}
set_groups("bob", root)
assert list_groups("bob", root) == []
assert get_root() is root
def test_simple(self, db_session, root):
from kotti.security import list_groups
from kotti.security import list_groups_raw
from kotti.security import set_groups
set_groups('bob', root, ['role:editor'])
assert list_groups('bob', root) == ['role:editor']
assert list_groups_raw(u'bob', root) == {'role:editor'}
def test_overwrite_and_delete(self, db_session, root):
from kotti.resources import get_root
from kotti.security import list_groups
from kotti.security import list_groups_raw
from kotti.security import set_groups
set_groups('bob', root, ['role:editor'])
assert list_groups('bob', root) == ['role:editor']
assert list_groups_raw(u'bob', root) == set(['role:editor'])
set_groups('bob', root, ['role:admin'])
assert list_groups('bob', root) == ['role:admin']
assert list_groups_raw(u'bob', root) == set(['role:admin'])
set_groups('bob', root)
assert list_groups('bob', root) == []
assert get_root() is root
def test_overwrite_and_delete(self, db_session, root):
from kotti.resources import get_root
from kotti.security import list_groups
from kotti.security import list_groups_raw
from kotti.security import set_groups
set_groups('bob', root, ['role:editor'])
assert list_groups('bob', root) == ['role:editor']
assert list_groups_raw(u'bob', root) == {'role:editor'}
set_groups('bob', root, ['role:admin'])
assert list_groups('bob', root) == ['role:admin']
assert list_groups_raw(u'bob', root) == {'role:admin'}
set_groups('bob', root)
assert list_groups('bob', root) == []
assert get_root() is root
def test_root_default(self):
from kotti.resources import get_root
from kotti.security import list_groups
from kotti.security import list_groups_raw
root = get_root()
self.assertEqual(list_groups('admin', root), ['role:admin'])
self.assertEqual(list_groups_raw(u'admin', root), set([]))
def test_simple(self, db_session, root):
from kotti.security import list_groups
from kotti.security import list_groups_raw
from kotti.security import set_groups
set_groups('bob', root, ['role:editor'])
assert list_groups('bob', root) == ['role:editor']
assert list_groups_raw(u'bob', root) == set(['role:editor'])
def test_root_default(self, db_session):
from kotti.resources import get_root
from kotti.security import list_groups
from kotti.security import list_groups_raw
root = get_root()
assert list_groups('admin', root) == ['role:admin']
assert list_groups_raw(u'admin', root) == set([])
def test_root_default(self):
from kotti.resources import get_root
from kotti.security import list_groups
from kotti.security import list_groups_raw
root = get_root()
self.assertEqual(list_groups('admin', root), ['role:admin'])
self.assertEqual(list_groups_raw(u'admin', root), set([]))
def test_root_default(self, db_session):
from kotti.resources import get_root
from kotti.security import list_groups
from kotti.security import list_groups_raw
root = get_root()
assert list_groups('admin', root) == ['role:admin']
assert list_groups_raw(u'admin', root) == set([])
def test_overwrite_and_delete(self):
from kotti.resources import get_root
from kotti.security import list_groups
from kotti.security import list_groups_raw
from kotti.security import set_groups
root = get_root()
set_groups('bob', root, ['role:editor'])
self.assertEqual(list_groups('bob', root), ['role:editor'])
self.assertEqual(list_groups_raw(u'bob', root), set(['role:editor']))
set_groups('bob', root, ['role:admin'])
self.assertEqual(list_groups('bob', root), ['role:admin'])
self.assertEqual(list_groups_raw(u'bob', root), set(['role:admin']))
set_groups('bob', root)
self.assertEqual(list_groups('bob', root), [])
self.assertTrue(get_root() is root)
def test_simple(self, db_session):
from kotti.resources import get_root
from kotti.security import list_groups
from kotti.security import list_groups_raw
from kotti.security import set_groups
root = get_root()
set_groups('bob', root, ['role:editor'])
assert list_groups('bob', root) == ['role:editor']
assert list_groups_raw(u'bob', root) == set(['role:editor'])
def test_simple(self):
from kotti.resources import get_root
from kotti.security import list_groups
from kotti.security import list_groups_raw
from kotti.security import set_groups
root = get_root()
set_groups('bob', root, ['role:editor'])
self.assertEqual(list_groups('bob', root), ['role:editor'])
self.assertEqual(list_groups_raw(u'bob', root), set(['role:editor']))
def test_simple(self, db_session):
from kotti.resources import get_root
from kotti.security import list_groups
from kotti.security import list_groups_raw
from kotti.security import set_groups
root = get_root()
set_groups('bob', root, ['role:editor'])
assert list_groups('bob', root) == ['role:editor']
assert list_groups_raw(u'bob', root) == set(['role:editor'])
def set_owner(event):
obj, request = event.object, event.request
if request is not None and isinstance(obj, Node) and obj.owner is None:
userid = authenticated_userid(request)
if userid is not None:
# Set owner metadata:
obj.owner = userid
# Add owner role for userid if it's not inherited already:
if u'role:owner' not in list_groups(userid, obj):
groups = list_groups_raw(userid, obj) | set([u'role:owner'])
set_groups(userid, obj, groups)
def set_owner(event):
obj, request = event.object, event.request
if request is not None and isinstance(obj, Node) and obj.owner is None:
userid = authenticated_userid(request)
if userid is not None:
userid = unicode(userid)
# Set owner metadata:
obj.owner = userid
# Add owner role for userid if it's not inherited already:
if u'role:owner' not in list_groups(userid, obj):
groups = list_groups_raw(userid, obj) | set([u'role:owner'])
set_groups(userid, obj, groups)
def test_simple(self):
from kotti.resources import get_root
from kotti.security import list_groups
from kotti.security import list_groups_raw
from kotti.security import set_groups
root = get_root()
set_groups('bob', root, ['role:editor'])
self.assertEqual(
list_groups('bob', root), ['role:editor'])
self.assertEqual(
list_groups_raw(u'bob', root), set(['role:editor']))
def test_overwrite_and_delete(self):
from kotti.resources import get_root
from kotti.security import list_groups
from kotti.security import list_groups_raw
from kotti.security import set_groups
root = get_root()
set_groups('bob', root, ['role:editor'])
self.assertEqual(
list_groups('bob', root), ['role:editor'])
self.assertEqual(
list_groups_raw(u'bob', root), set(['role:editor']))
set_groups('bob', root, ['role:admin'])
self.assertEqual(
list_groups('bob', root), ['role:admin'])
self.assertEqual(
list_groups_raw(u'bob', root), set(['role:admin']))
set_groups('bob', root)
self.assertEqual(
list_groups('bob', root), [])
self.assertTrue(get_root() is root)
def test_owner(self):
session = DBSession()
self.config.testing_securitypolicy(userid=u'bob')
root = get_root()
child = root[u'child'] = Content()
session.flush()
self.assertEqual(child.owner, u'bob')
self.assertEqual(list_groups(u'bob', child), [u'role:owner'])
clear_request_cache()
# The event listener does not set the role again for subitems:
grandchild = child[u'grandchild'] = Content()
session.flush()
self.assertEqual(grandchild.owner, u'bob')
self.assertEqual(list_groups(u'bob', grandchild), [u'role:owner'])
self.assertEqual(len(list_groups_raw(u'bob', grandchild)), 0)
def set_owner(event):
"""Set ``owner`` of the object that triggered the event.
:param event: event that trigerred this handler.
:type event: :class:`ObjectInsert`
"""
obj, request = event.object, event.request
if request is not None and isinstance(obj, Node) and obj.owner is None:
userid = request.authenticated_userid
if userid is not None:
userid = unicode(userid)
# Set owner metadata:
obj.owner = userid
# Add owner role for userid if it's not inherited already:
if u'role:owner' not in list_groups(userid, obj):
groups = list_groups_raw(userid, obj) | set([u'role:owner'])
set_groups(userid, obj, groups)
def set_owner(event):
"""Set ``owner`` of the object that triggered the event.
:param event: event that trigerred this handler.
:type event: :class:`ObjectInsert`
"""
obj, request = event.object, event.request
if request is not None and isinstance(obj, Node) and obj.owner is None:
userid = request.authenticated_userid
if userid is not None:
userid = unicode(userid)
# Set owner metadata:
obj.owner = userid
# Add owner role for userid if it's not inherited already:
if u'role:owner' not in list_groups(userid, obj):
groups = list_groups_raw(userid, obj) | set([u'role:owner'])
set_groups(userid, obj, groups)
def test_inherit(self):
session = DBSession()
root = get_root()
child = root[u'child'] = Node()
session.flush()
self.assertEqual(list_groups('bob', child), [])
set_groups('bob', root, ['role:editor'])
self.assertEqual(list_groups('bob', child), ['role:editor'])
# Groups from the child are added:
set_groups('bob', child, ['group:somegroup'])
self.assertEqual(
set(list_groups('bob', child)),
set(['group:somegroup', 'role:editor']))
# We can ask to list only those groups that are defined locally:
self.assertEqual(list_groups_raw('bob', child), ['group:somegroup'])
def test_inherit(self, db_session, root):
from kotti.resources import Node
from kotti.security import list_groups
from kotti.security import list_groups_raw
from kotti.security import set_groups
child = root["child"] = Node()
db_session.flush()
assert list_groups("bob", child) == []
set_groups("bob", root, ["role:editor"])
assert list_groups("bob", child) == ["role:editor"]
# Groups from the child are added:
set_groups("bob", child, ["group:somegroup"])
assert set(list_groups("bob", child)) == {"group:somegroup", "role:editor"}
# We can ask to list only those groups that are defined locally:
assert list_groups_raw("bob", child) == {"group:somegroup"}
def test_owner(self, root, db_session, events, dummy_request):
from kotti.resources import Content
from kotti.security import list_groups
from kotti.security import list_groups_raw
from kotti.util import clear_cache
child = root[u'child'] = Content()
db_session.flush()
assert child.owner == u'bob'
assert list_groups(u'bob', child) == [u'role:owner']
clear_cache()
# The event listener does not set the role again for subitems:
grandchild = child[u'grandchild'] = Content()
db_session.flush()
assert grandchild.owner == u'bob'
assert list_groups(u'bob', grandchild) == [u'role:owner']
assert len(list_groups_raw(u'bob', grandchild)) == 0
def test_owner(self, root, db_session, events, dummy_request):
from kotti.resources import Content
from kotti.security import list_groups
from kotti.security import list_groups_raw
from kotti.util import clear_cache
child = root['child'] = Content()
db_session.flush()
assert child.owner == 'bob'
assert list_groups('bob', child) == ['role:owner']
clear_cache()
# The event listener does not set the role again for subitems:
grandchild = child['grandchild'] = Content()
db_session.flush()
assert grandchild.owner == 'bob'
assert list_groups('bob', grandchild) == ['role:owner']
assert len(list_groups_raw('bob', grandchild)) == 0
def test_owner(self, root, db_session, events, dummy_request):
from kotti.resources import Content
from kotti.security import list_groups
from kotti.security import list_groups_raw
from kotti.util import clear_cache
with patch('kotti.events.authenticated_userid', return_value='bob'):
child = root[u'child'] = Content()
db_session.flush()
assert child.owner == u'bob'
assert list_groups(u'bob', child) == [u'role:owner']
clear_cache()
# The event listener does not set the role again for subitems:
with patch('kotti.events.authenticated_userid', return_value='bob'):
grandchild = child[u'grandchild'] = Content()
db_session.flush()
assert grandchild.owner == u'bob'
assert list_groups(u'bob', grandchild) == [u'role:owner']
assert len(list_groups_raw(u'bob', grandchild)) == 0
def test_inherit(self, db_session, root):
from kotti.resources import Node
from kotti.security import list_groups
from kotti.security import list_groups_raw
from kotti.security import set_groups
child = root[u'child'] = Node()
db_session.flush()
assert list_groups('bob', child) == []
set_groups('bob', root, ['role:editor'])
assert list_groups('bob', child) == ['role:editor']
# Groups from the child are added:
set_groups('bob', child, ['group:somegroup'])
assert (set(list_groups('bob',
child)) == {'group:somegroup', 'role:editor'})
# We can ask to list only those groups that are defined locally:
assert list_groups_raw(u'bob', child) == {'group:somegroup'}
def test_inherit(self, db_session, root):
from kotti.resources import Node
from kotti.security import list_groups
from kotti.security import list_groups_raw
from kotti.security import set_groups
child = root[u'child'] = Node()
db_session.flush()
assert list_groups('bob', child) == []
set_groups('bob', root, ['role:editor'])
assert list_groups('bob', child) == ['role:editor']
# Groups from the child are added:
set_groups('bob', child, ['group:somegroup'])
assert (
set(list_groups('bob', child)) ==
set(['group:somegroup', 'role:editor'])
)
# We can ask to list only those groups that are defined locally:
assert list_groups_raw(u'bob', child) == set(['group:somegroup'])
def test_owner(self, get_current_request, authenticated_userid):
from kotti import DBSession
from kotti.resources import get_root
from kotti.resources import Content
from kotti.security import list_groups
from kotti.security import list_groups_raw
from kotti.util import clear_cache
get_current_request.return_value = not None
authenticated_userid.return_value = 'bob'
root = get_root()
child = root[u'child'] = Content()
DBSession.flush()
self.assertEqual(child.owner, u'bob')
self.assertEqual(list_groups(u'bob', child), [u'role:owner'])
clear_cache()
# The event listener does not set the role again for subitems:
grandchild = child[u'grandchild'] = Content()
DBSession.flush()
self.assertEqual(grandchild.owner, u'bob')
self.assertEqual(list_groups(u'bob', grandchild), [u'role:owner'])
self.assertEqual(len(list_groups_raw(u'bob', grandchild)), 0)
def test_owner(self):
from kotti import DBSession
from kotti.resources import get_root
from kotti.resources import Content
from kotti.security import list_groups
from kotti.security import list_groups_raw
from kotti.util import clear_cache
session = DBSession()
self.config.testing_securitypolicy(userid='bob')
root = get_root()
child = root[u'child'] = Content()
session.flush()
self.assertEqual(child.owner, u'bob')
self.assertEqual(list_groups(u'bob', child), [u'role:owner'])
clear_cache()
# The event listener does not set the role again for subitems:
grandchild = child[u'grandchild'] = Content()
session.flush()
self.assertEqual(grandchild.owner, u'bob')
self.assertEqual(list_groups(u'bob', grandchild), [u'role:owner'])
self.assertEqual(len(list_groups_raw(u'bob', grandchild)), 0)
def test_owner(self, get_current_request, authenticated_userid):
from kotti import DBSession
from kotti.resources import get_root
from kotti.resources import Content
from kotti.security import list_groups
from kotti.security import list_groups_raw
from kotti.util import clear_cache
get_current_request.return_value = not None
authenticated_userid.return_value = 'bob'
root = get_root()
child = root[u'child'] = Content()
DBSession.flush()
self.assertEqual(child.owner, u'bob')
self.assertEqual(list_groups(u'bob', child), [u'role:owner'])
clear_cache()
# The event listener does not set the role again for subitems:
grandchild = child[u'grandchild'] = Content()
DBSession.flush()
self.assertEqual(grandchild.owner, u'bob')
self.assertEqual(list_groups(u'bob', grandchild), [u'role:owner'])
self.assertEqual(len(list_groups_raw(u'bob', grandchild)), 0)
def test_owner(self, db_session, events, dummy_request):
from kotti import DBSession
from kotti.resources import get_root
from kotti.resources import Content
from kotti.security import list_groups
from kotti.security import list_groups_raw
from kotti.util import clear_cache
root = get_root()
with patch('kotti.events.authenticated_userid', return_value='bob'):
child = root[u'child'] = Content()
DBSession.flush()
assert child.owner == u'bob'
assert list_groups(u'bob', child) == [u'role:owner']
clear_cache()
# The event listener does not set the role again for subitems:
with patch('kotti.events.authenticated_userid', return_value='bob'):
grandchild = child[u'grandchild'] = Content()
DBSession.flush()
assert grandchild.owner == u'bob'
assert list_groups(u'bob', grandchild) == [u'role:owner']
assert len(list_groups_raw(u'bob', grandchild)) == 0
def test_owner(self):
from kotti import DBSession
from kotti.resources import get_root
from kotti.resources import Content
from kotti.security import list_groups
from kotti.security import list_groups_raw
from kotti.util import clear_cache
session = DBSession()
self.config.testing_securitypolicy(userid='bob')
root = get_root()
child = root[u'child'] = Content()
session.flush()
self.assertEqual(child.owner, u'bob')
self.assertEqual(list_groups(u'bob', child), [u'role:owner'])
clear_cache()
# The event listener does not set the role again for subitems:
grandchild = child[u'grandchild'] = Content()
session.flush()
self.assertEqual(grandchild.owner, u'bob')
self.assertEqual(list_groups(u'bob', grandchild), [u'role:owner'])
self.assertEqual(len(list_groups_raw(u'bob', grandchild)), 0)
def test_inherit(self):
from kotti import DBSession
from kotti.resources import get_root
from kotti.resources import Node
from kotti.security import list_groups
from kotti.security import list_groups_raw
from kotti.security import set_groups
root = get_root()
child = root[u'child'] = Node()
DBSession.flush()
self.assertEqual(list_groups('bob', child), [])
set_groups('bob', root, ['role:editor'])
self.assertEqual(list_groups('bob', child), ['role:editor'])
# Groups from the child are added:
set_groups('bob', child, ['group:somegroup'])
self.assertEqual(set(list_groups('bob', child)),
set(['group:somegroup', 'role:editor']))
# We can ask to list only those groups that are defined locally:
self.assertEqual(list_groups_raw(u'bob', child),
set(['group:somegroup']))
def test_not_a_node(self):
from kotti.security import list_groups_raw
assert list_groups_raw("bob", object()) == set()
def test_root_default(self, db_session, root):
from kotti.security import list_groups
from kotti.security import list_groups_raw
assert list_groups("admin", root) == ["role:admin"]
assert list_groups_raw("admin", root) == set([])
def test_not_a_node(self):
from kotti.security import list_groups_raw
self.assertEqual(list_groups_raw(u'bob', object()), set())
def test_root_default(self):
root = get_root()
self.assertEqual(list_groups('admin', root), ['role:admin'])
self.assertEqual(list_groups_raw('admin', root), set([]))
def test_root_default(self, db_session, root):
from kotti.security import list_groups
from kotti.security import list_groups_raw
assert list_groups('admin', root) == ['role:admin']
assert list_groups_raw(u'admin', root) == set([])
def test_not_a_node(self):
from kotti.security import list_groups_raw
self.assertEqual(list_groups_raw(u'bob', object()), set())
def test_not_a_node(self):
from kotti.security import list_groups_raw
assert list_groups_raw(u'bob', object()) == set()