def test_get_private_record_without_permission(self):
        self.prj.access = "private"
        self.prj.save()

        restricted_clauses = {
            "clause": [
                clause("allow", ["project.list"], ["organization/*"]),
                clause("allow", ["project.view"], ["project/*/*"]),
            ]
        }
        restricted_policy = Policy.objects.create(name="restricted", body=json.dumps(restricted_clauses))
        self.user.assign_policies(restricted_policy)

        response = self.request(user=self.user)
        assert response.status_code == 403
        assert response.content["detail"] == PermissionDenied.default_detail
Example #2
0
    def test_get_private_record_without_permission(self):
        self.prj.access = 'private'
        self.prj.save()

        restricted_clauses = {
            'clause': [
                clause('allow', ['project.list'], ['organization/*']),
                clause('allow', ['project.view'], ['project/*/*'])
            ]
        }
        restricted_policy = Policy.objects.create(
            name='restricted', body=json.dumps(restricted_clauses))
        self.user.assign_policies(restricted_policy)

        response = self.request(user=self.user)
        assert response.status_code == 403
        assert response.content['detail'] == PermissionDenied.default_detail
    def test_get_private_record_without_permission(self):
        self.prj.access = 'private'
        self.prj.save()

        restricted_clauses = {
            'clause': [
                clause('allow', ['project.list'], ['organization/*']),
                clause('allow', ['project.view'], ['project/*/*'])
            ]
        }
        restricted_policy = Policy.objects.create(
            name='restricted',
            body=json.dumps(restricted_clauses))
        self.user.assign_policies(restricted_policy)

        response = self.request(user=self.user)
        assert response.status_code == 403
        assert response.content['detail'] == PermissionDenied.default_detail
Example #4
0
    def setUp(self):
        """Set up some policies and users having those policies."""

        super().setUp()

        clauses = {
            "clause": [
                {
                    "effect": "allow",
                    "object": [
                        "project/*/*",
                        "spatial/*/*/*",
                        "spatial_rel/*/*/*",
                        "party/*/*/*",
                        "party_rel/*/*/*",
                        "tenure_rel/*/*/*",
                    ],
                    "action": [
                        "project.*",
                        "project.*.*",
                        "spatial.*",
                        "spatial_rel.*",
                        "party.*",
                        "party_rel.*",
                        "tenure_rel.*",
                    ],
                }
            ]
        }
        policy = Policy.objects.create(name="basic-test", body=json.dumps(clauses))
        self.user = UserFactory.create()
        self.user.assign_policies(policy)

        restricted_clauses = {
            "clause": [
                clause("allow", ["project.list"], ["organization/*"]),
                clause("allow", ["project.view"], ["project/*/*"]),
            ]
        }
        restricted_policy = Policy.objects.create(name="restricted", body=json.dumps(restricted_clauses))
        self.restricted_user = UserFactory.create()
        self.restricted_user.assign_policies(restricted_policy)