def test_login_not_required(self): @login_not_required def f(): self.executed = True user = mommy.save_one(MainUser, groups=[]) self.assertTrue(has_permission(user, f)) self.assertTrue(has_permission(None, f)) f() self.assertTrue(self.executed)
def test_admin_group(self): @permissions('ADMIN') def adm(): self.executed_adm = True user = mommy.save_one(MainUser) self.assertFalse(has_permission(user, adm)) user = mommy.save_one(MainUser, groups=['MANAGER']) self.assertFalse(has_permission(user, adm)) user = mommy.save_one(MainUser, groups=['ADMIN']) self.assertTrue(has_permission(user, adm)) user = mommy.save_one(MainUser, groups=['ADMIN', 'MANAGER']) self.assertTrue(has_permission(user, adm))
def set_up(self): fcn = self.dependencies['_fcn'] user = self.dependencies['_logged_user'] if not has_permission(user, fcn): if user is None: self.handler.redirect(LOGIN_PATH) else: self.handler.response.write('You have no access permission') return True
def test_white_list_security(self): # Only system adming has permission to not decorated functions def f(): self.executed = True user = mommy.save_one(MainUser) self.assertFalse(has_permission(user, f)) f() self.assertTrue(self.executed)
def test_permission_not_required(self): @permission_not_required def f(): self.executed = True user = mommy.save_one(MainUser) self.assertTrue(has_permission(user, f)) f() self.assertTrue(self.executed)
def set_up(self): fcn = self.dependencies['_fcn'] user = self.dependencies['_logged_user'] if not has_permission(user, fcn): if user is None: self.handler.redirect(self.dependencies['_login_path']) else: self.handler.response.status_int = 403 self.handler.response.write('You have no access permission') return True
def test_google_admin_access(self): # system admins have permission in any function self.testbed.setup_env(USER_IS_ADMIN='1') def f(): self.executed = True @permissions('ADMIN') def adm(): self.executed_adm = True user = mommy.save_one(MainUser) self.assertTrue(has_permission(user, f)) f() self.assertTrue(self.executed) self.assertTrue(has_permission(user, adm)) adm() self.assertTrue(self.executed_adm)