def revokePermissionOnContext(context, request): """ Revoke user permission on context """ permission = request.matchdict.get('permission', None) if permission not in DEFAULT_CONTEXT_PERMISSIONS.keys(): raise InvalidPermission("There's not any permission named '%s'" % permission) subscription = context.subscription if subscription is None: raise ObjectNotFound('{} is not susbcribed to {}'.format(request.actor, context['hash'])) code = 200 if permission in subscription.get('_vetos', []): code = 200 # Alredy vetted else: # We have the permission, let's delete it subscription = request.actor.revokePermission( subscription, permission, permanent=request.params.get('permanent', DEFAULT_CONTEXT_PERMISSIONS_PERMANENCY)) code = 201 handler = JSONResourceEntity(request, subscription, status_code=code) return handler.buildResponse()
def grantPermissionOnContext(context, request): """ Grant user permission on context """ permission = request.matchdict.get('permission', None) if permission not in DEFAULT_CONTEXT_PERMISSIONS.keys(): raise InvalidPermission("There's not any permission named '%s'" % permission) subscription = context.subscription if subscription is None: raise ObjectNotFound('{} is not susbcribed to {}'.format(request.actor, context['hash'])) if permission in subscription.get('_grants', []): # Already have the permission grant code = 200 else: # Assign the permission code = 201 subscription = request.actor.grantPermission( subscription, permission, permanent=request.params.get('permanent', DEFAULT_CONTEXT_PERMISSIONS_PERMANENCY)) handler = JSONResourceEntity(request, subscription, status_code=code) return handler.buildResponse()
def test_context_informs_all_permissions(self): """ doctest .. http:get:: /contexts/{hash} """ from hashlib import sha1 from .mockers import create_context from max import DEFAULT_CONTEXT_PERMISSIONS url_hash = sha1(create_context['url']).hexdigest() self.create_context(create_context) res = self.testapp.get('/contexts/%s' % url_hash, "", oauth2Header(test_manager), status=200) result = json.loads(res.text) self.assertEqual(result.get('hash', None), url_hash) self.assertItemsEqual(result['permissions'].keys(), DEFAULT_CONTEXT_PERMISSIONS.keys())