def test_role_register_conflict(self): import ptah ptah.Role('myrole', 'MyRole1') ptah.Role('myrole', 'MyRole2') self.assertRaises(ConfigurationConflictError, self.init_ptah)
def _make_app(self, request=None): from ptah.manage.manage import PtahManageRoute class Principal(object): id = 'test-user' uri = 'test:user' login = '******' principal = Principal() @ptah.resolver('test') def principalResolver(uri): return principal @ptah.principal_searcher('test') def principalSearcher(term): return (principal, ) cms.ApplicationFactory(TestApp1, '/test1', 'app1', 'Root App 1') cms.ApplicationFactory(TestApp2, '/test2', 'app2', 'Root App 2') self.TestRole = ptah.Role('test', 'Test role') self.init_ptah() if request is None: request = DummyRequest() ptah.auth_service.set_userid(ptah.SUPERUSER_URI) cfg = ptah.get_settings(ptah.CFG_ID_PTAH, self.registry) cfg['managers'] = ('*', ) mr = PtahManageRoute(request) mod = mr['apps'] return mod['app1']
def test_role_roles(self): import ptah role = ptah.Role('myrole', 'MyRole') self.init_ptah() self.assertTrue('myrole' in ptah.get_roles()) self.assertTrue(ptah.get_roles()['myrole'] is role)
def test_role_register(self): role = ptah.Role('myrole', 'MyRole') self.assertTrue(role.id == 'role:myrole') self.assertTrue(role.name == 'myrole') self.assertTrue(role.title == 'MyRole') self.assertTrue(role.description == '') self.assertTrue(str(role) == 'Role<MyRole>') self.assertTrue(repr(role) == 'role:myrole')
def test_role_unset_denied_permission(self): from ptah import DEFAULT_ACL role = ptah.Role('myrole', 'MyRole') role.deny('perm1') self.assertEqual(len(DEFAULT_ACL), 1) role.unset('perm1') self.assertEqual(len(DEFAULT_ACL), 0)
def test_acl_deny(self): role = ptah.Role('test', 'test') pmap = ptah.ACL('map', 'acl map') pmap.deny(role, 'perm1') pmap.deny('role:test', 'perm2') self.assertEqual(len(pmap), 1) self.assertEqual(pmap[0][0], Deny) self.assertEqual(pmap[0][1], 'role:test') self.assertEqual(pmap[0][2], set(('perm2', 'perm1')))
def test_acl_allow_all(self): role = ptah.Role('test', 'test') pmap = ptah.ACL('map', 'acl map') pmap.allow(role, 'perm1') pmap.allow(role, ALL_PERMISSIONS) pmap.allow(role, 'perm2') self.assertEqual(len(pmap), 1) self.assertEqual(pmap[0][0], Allow) self.assertEqual(pmap[0][1], 'role:test') self.assertEqual(pmap[0][2], ALL_PERMISSIONS)
def test_role_deny_permission(self): from ptah import DEFAULT_ACL role = ptah.Role('myrole', 'MyRole') role.deny('perm1', 'perm2') rec = DEFAULT_ACL.get(Deny, role.id) self.assertEqual(rec[0], Deny) self.assertEqual(rec[1], role.id) self.assertTrue('perm1' in rec[2]) self.assertTrue('perm2' in rec[2])
def test_role_allow_permission(self): from ptah import DEFAULT_ACL role = ptah.Role('myrole', 'MyRole') role.allow('perm1', 'perm2') rec = DEFAULT_ACL.get(Allow, role.id) self.assertEqual(rec[0], Allow) self.assertEqual(rec[1], role.id) self.assertTrue('perm1' in rec[2]) self.assertTrue('perm2' in rec[2])
def test_acl_unset_allow(self): role = ptah.Role('test', 'test') pmap = ptah.ACL('map', 'acl map') pmap.allow(role, 'perm1', 'perm2') pmap.allow('role:test2', 'perm1') pmap.unset(None, 'perm1') self.assertEqual(len(pmap), 1) self.assertEqual(pmap[0][0], Allow) self.assertEqual(pmap[0][1], 'role:test') self.assertEqual(pmap[0][2], set(('perm2', )))
def test_acl_unset_role_deny(self): import ptah role = ptah.Role('test', 'test') pmap = ptah.ACL('map', 'acl map') pmap.deny(role, 'perm1', 'perm2') pmap.deny('role:test2', 'perm1') pmap.unset(role.id, 'perm1') self.assertEqual(len(pmap), 2) self.assertEqual(pmap[0][0], Deny) self.assertEqual(pmap[0][1], 'role:test') self.assertEqual(pmap[0][2], set(('perm2', ))) self.assertEqual(pmap[1][0], Deny) self.assertEqual(pmap[1][1], 'role:test2') self.assertEqual(pmap[1][2], set(('perm1', )))
""" theme gallery permissions """ import ptah ptah.Everyone.allow(ptah.cms.View) ptah.Authenticated.allow(ptah.cms.AddContent) Viewer = ptah.Role('viewer', 'Viewer') Viewer.allow(ptah.cms.View) Editor = ptah.Role('editor', 'Editor') Editor.allow(ptah.cms.View, ptah.cms.ModifyContent) Manager = ptah.Role('manager', 'Manager') Manager.allow(ptah.cms.ALL_PERMISSIONS) ptah.Owner.allow(ptah.cms.DeleteContent) # permissions AddTheme = ptah.Permission('ploud:AddTheme', 'Add theme') AddThemeFile = ptah.Permission('ploud:AddFile', 'Add theme file') RetractTheme = ptah.Permission('ploud:RetractTheme', 'Retract theme') ManageGallery = ptah.Permission('ploud:ManageGallery', 'Manage gallery') # Gallery ACL GALLERY_ACL = ptah.ACL('ploud-themegallery', 'Ploud theme gallery ACL') GALLERY_ACL.allow(ptah.Everyone, ptah.cms.View) GALLERY_ACL.allow(ptah.Authenticated, AddTheme) GALLERY_ACL.allow(ptah.Authenticated, ptah.cms.View) GALLERY_ACL.allow(ptah.Owner, AddThemeFile) GALLERY_ACL.allow(ptah.Owner, ptah.cms.ModifyContent) GALLERY_ACL.allow(ptah.Owner, ptah.cms.DeleteContent)