Exemple #1
0
 def init(cls):
     cls.admin = user.UserModel(username="******", email="*****@*****.**").put(force_validation=False)
     cls.admin_role = rbac.default_role("admin")
     rbac.add_role(cls.admin, cls.admin_role)
     rbac.register_permission("troll", "Trolling")
     rbac.register_permission("joke", "Make joke")
     rbac.register_permission("spam", "Spamming")
     rbac.allow(cls.admin_role, "joke")
Exemple #2
0
    def test_everything(self):
        parent_role_key = rbac.register_role("Employee")
        role_key = rbac.register_role("Boss", [parent_role_key])
        rbac.add_role(self.user_key, role_key)
        self.assertEqual(rbac.get_roles(self.user_key), [role_key])
        rbac.register_permission("access_acp", "Access the Admin CP")
        rbac.register_permission("another_perm", "An abitrary permission")
        rbac.allow(role_key, "access_acp")
        self.assertEqual(rbac.check_permission_role(role_key, "access_acp"), True)
        self.assertEqual(rbac.check_permission_role(role_key, "another_perm"), False)
        self.assertEqual(rbac.check_permission(self.user_key, "access_acp"), True)
        self.assertEqual(rbac.check_permission(self.user_key, "another_perm"), False)
        self.assertRaises(Exception, rbac.check_permission, self.user_key, "__DF_incorrect_perm___")
        #Now check the check_permission of multiple perms
        rbac.register_permission("troll", "Troll")
        rbac.allow(role_key, "troll")
        self.assertEqual(rbac.check_permission(self.user_key, ["troll", "access_acp"]), True)
        self.assertEqual(rbac.check_permission(self.user_key, ["access_acp", "another_perm"]), False)

        #Now test inheritance
        rbac.allow(parent_role_key, "another_perm")
        self.assertEqual(rbac.check_permission(self.user_key, "another_perm"), True)

        #Test the special Super Admin role
        super_admin = rbac.default_role("super_admin")
        self.assertEqual(super_admin.id(), "super_admin")
        new_user = user.UserModel(username="******", email="*****@*****.**")._put()
        rbac.add_role(new_user, super_admin)
        self.assertEqual(rbac.check_permission(self.user_key, "access_acp"), True)
        self.assertEqual(rbac.check_permission(new_user, "another_perm"), True)
Exemple #3
0
 def _check_permission(self):
     rbac.allow(Data.admin_role, "troll")
     #return self.rbac_check_permission(Data.admin, ["joke", "troll"])
     return rbac.check_permission(Data.admin, "joke")