def test_acl(self):
from tipfy.ext.acl import Acl, AclRules
Acl.roles_map = {
'default': [('*', '*', False)],
'reader': [('member', 'read', True)],
'editor': [('member', 'create', True), ('member', 'read', True),
('member', 'update', True)],
'admin': [('member', 'create', True), ('member', 'read', True),
('member', 'update', True), ('member', 'delete', True)],
'superUser': [('*', '*', True)],
}
AclRules.insert_or_update(area='my_area', user='******', roles=['default'
])
AclRules.insert_or_update(area='my_doguma', user='******',
roles=['default', 'reader'])
user_acl = AclRules.get_by_area_and_user('my_area', 'user')
user_acl.rules.append(('UserAdmin', 'read', True))
user_acl.put()
acl = Acl(area='my_area', user='******')
self.assertEqual(acl.has_access(topic='UserAdmin', name='read'), True)
self.assertEqual(acl.has_access(topic='UserAdmin', name='write'), False)
def inner():
try:
docs = self._get_doc_values(self.request)
doc_values = self._flatten_doc_values(docs)
except NotFound:
return Response(status=404)
acls = AclRulesPlus.get_by_area(doc_type)
no_admin = self._has_admin(doc_values) is False
if acls.count() == 0:
if no_admin:
return self._400()
else:
if no_admin and self._members(doc_values) >= self._admins(acls):
return self._400()
for key in doc_values.keys():
AclRules.insert_or_update(doc_type, key, [doc_values[key]])
result = {doc_type: AclRulesPlus.get_by_list(doc_type)}
return render_escaped_json_response(result)
def get_by_area(cls, area):
return AclRules.gql('WHERE area = :1', area)