Exemple #1
0
 def test_has_role_admin(self):
   auth_testing.mock_is_admin(self, False)
   self.assertFalse(
       acl.has_role('package', 'OWNER', auth_testing.DEFAULT_MOCKED_IDENTITY))
   auth_testing.mock_is_admin(self, True)
   self.assertTrue(
       acl.has_role('package', 'OWNER', auth_testing.DEFAULT_MOCKED_IDENTITY))
Exemple #2
0
 def test_has_role_admin(self):
     auth_testing.mock_is_admin(self, False)
     self.assertFalse(
         acl.has_role('package', 'OWNER',
                      auth_testing.DEFAULT_MOCKED_IDENTITY))
     auth_testing.mock_is_admin(self, True)
     self.assertTrue(
         acl.has_role('package', 'OWNER',
                      auth_testing.DEFAULT_MOCKED_IDENTITY))
Exemple #3
0
  def test_has_role(self):
    acl.PackageACL(
        key=acl.package_acl_key('a', 'OWNER'),
        users=[auth.Identity.from_bytes('user:[email protected]')]).put()
    acl.PackageACL(
        key=acl.package_acl_key('a/b/c', 'OWNER'),
        groups=['mid-group']).put()
    acl.PackageACL(
        key=acl.package_acl_key('a/b/c/d/e', 'OWNER'),
        groups=['leaf-group']).put()

    # Verify get_package_acls works.
    self.assertEqual(
        [('a', 'OWNER'), ('a/b/c', 'OWNER'), ('a/b/c/d/e', 'OWNER')],
        [
          (e.package_path, e.role)
          for e in acl.get_package_acls('a/b/c/d/e/f', 'OWNER')
        ])

    # Mock groups.
    def mocked_is_group_member(group, ident):
      if group == 'mid-group' and ident.name == '*****@*****.**':
        return True
      if group == 'leaf-group' and ident.name == '*****@*****.**':
        return True
      return False
    self.mock(acl.auth, 'is_group_member', mocked_is_group_member)

    # Verify has_role works.
    check = lambda p, i: acl.has_role(p, 'OWNER', auth.Identity.from_bytes(i))
    self.assertTrue(check('a', 'user:[email protected]'))
    self.assertFalse(check('b', 'user:[email protected]'))
    self.assertTrue(check('a/b/c/d/e/f', 'user:[email protected]'))
    self.assertFalse(check('a', 'user:[email protected]'))
    self.assertTrue(check('a/b/c/d/e/f', 'user:[email protected]'))
    self.assertFalse(check('a/b/c/d', 'user:[email protected]'))
    self.assertTrue(check('a/b/c/d/e/f', 'user:[email protected]'))
Exemple #4
0
    def test_has_role(self):
        acl.PackageACL(
            key=acl.package_acl_key('a', 'OWNER'),
            users=[auth.Identity.from_bytes('user:[email protected]')
                   ]).put()
        acl.PackageACL(key=acl.package_acl_key('a/b/c', 'OWNER'),
                       groups=['mid-group']).put()
        acl.PackageACL(key=acl.package_acl_key('a/b/c/d/e', 'OWNER'),
                       groups=['leaf-group']).put()

        # Verify get_package_acls works.
        self.assertEqual(
            [('a', 'OWNER'), ('a/b/c', 'OWNER'), ('a/b/c/d/e', 'OWNER')],
            [(e.package_path, e.role)
             for e in acl.get_package_acls('a/b/c/d/e/f', 'OWNER')])

        # Mock groups.
        def mocked_is_group_member(group, ident):
            if group == 'mid-group' and ident.name == '*****@*****.**':
                return True
            if group == 'leaf-group' and ident.name == '*****@*****.**':
                return True
            return False

        self.mock(acl.auth, 'is_group_member', mocked_is_group_member)

        # Verify has_role works.
        check = lambda p, i: acl.has_role(p, 'OWNER',
                                          auth.Identity.from_bytes(i))
        self.assertTrue(check('a', 'user:[email protected]'))
        self.assertFalse(check('b', 'user:[email protected]'))
        self.assertTrue(check('a/b/c/d/e/f', 'user:[email protected]'))
        self.assertFalse(check('a', 'user:[email protected]'))
        self.assertTrue(check('a/b/c/d/e/f', 'user:[email protected]'))
        self.assertFalse(check('a/b/c/d', 'user:[email protected]'))
        self.assertTrue(check('a/b/c/d/e/f', 'user:[email protected]'))