def test_unknown_class_check(article): from authorizeme import Authorization, RuleError authorization = Authorization() with pytest.raises(RuleError): authorization.allows(article.author, 'edit', article)
def authorization(request): configuration_type = request.param from authorizeme import Authorization authz = Authorization() class AppRule(object): def can_add_blog(self, user): return user.is_admin class BlogRule(object): def can_add_article(self, user, obj): return user in obj.writers def can_add_author(self, user, obj): return user.is_admin class ArticleRule(object): def can_read(self, user, obj): return True def can_change(self, user, obj): return obj.author is user def can_rate(self, user, obj): return obj.author is not user if configuration_type == 'declarative': authz.rule(AppRule) authz.rule_for(Article)(ArticleRule) authz.rule_for([BookReview, MovieReview])(ArticleRule) authz.rule_for(Blog)(BlogRule) else: authz.add_rule(AppRule) authz.add_rule(ArticleRule, Article) authz.add_rule(ArticleRule, [BookReview, MovieReview]) authz.add_rule(BlogRule, Blog) return authz