class GroupBasedPermissionsPolicyTest(DBTestCase):
def setUp(self):
super(GroupBasedPermissionsPolicyTest, self).setUp()
self.policy = GroupBasedPermissionsPolicy()
def test_applies_to_all_permissions_in_db(self):
Permission.example(name=u'custom')
assert_contains(u'edit', self.policy.permissions)
assert_contains(u'admin', self.policy.permissions)
assert_contains(u'custom', self.policy.permissions)
def perm(self):
system = MediaCorePermissionSystem(self.pylons_config)
system.policies = [self.policy]
user = DBSession.query(User).filter(User.user_name == u'admin').one()
return UserPermissions(user, system)
def test_can_restrict_queries(self):
query = Media.query
permission = u'view'
perm = self.perm()
assert_true(
self.policy.can_apply_access_restrictions_to_query(
query, permission))
assert_true(
self.policy.access_condition_for_query(query, permission, perm))
def test_can_restrict_query_if_user_does_not_have_the_required_permission(
self):
query = Media.query
permission = u'view'
perm = self.perm()
view_permission = DBSession.query(Permission).filter(
Permission.permission_name == permission).one()
view_permission.groups = []
DBSession.flush()
assert_none(
self.policy.access_condition_for_query(query, permission, perm))
class GroupBasedPermissionsPolicyTest(DBTestCase):
def setUp(self):
super(GroupBasedPermissionsPolicyTest, self).setUp()
self.policy = GroupBasedPermissionsPolicy()
def test_applies_to_all_permissions_in_db(self):
Permission.example(name=u'custom')
assert_contains(u'edit', self.policy.permissions)
assert_contains(u'admin', self.policy.permissions)
assert_contains(u'custom', self.policy.permissions)
def perm(self):
system = MediaCorePermissionSystem(self.pylons_config)
system.policies = [self.policy]
user = DBSession.query(User).filter(User.user_name == u'admin').one()
return UserPermissions(user, system)
def test_can_restrict_queries(self):
query = Media.query
permission = u'view'
perm = self.perm()
assert_true(self.policy.can_apply_access_restrictions_to_query(query, permission))
assert_true(self.policy.access_condition_for_query(query, permission, perm))
def test_can_restrict_query_if_user_does_not_have_the_required_permission(self):
query = Media.query
permission = u'view'
perm = self.perm()
view_permission = DBSession.query(Permission).filter(Permission.permission_name == permission).one()
view_permission.groups = []
DBSession.flush()
assert_none(self.policy.access_condition_for_query(query, permission, perm))
def setUp(self):
super(GroupBasedPermissionsPolicyTest, self).setUp()
self.policy = GroupBasedPermissionsPolicy()
def setUp(self):
super(GroupBasedPermissionsPolicyTest, self).setUp()
self.policy = GroupBasedPermissionsPolicy()
