def test_ssd_enforcement(self): """ Test if SSD is enforced when assigning roles to a user. """ with transaction.atomic(): self.assertRaises(ValidationError, functions.AssignUser, self.user, self.role_ssdfour) self.assertEqual(functions.DeassignUser(self.user, self.role_a), True) self.assertEqual(functions.AssignUser(self.user, self.role_ssdfour), True) with transaction.atomic(): self.assertRaises(ValidationError, functions.AssignUser, self.user, self.role_a)
def test_ssd_when_adding_child_roles(self): """ Test if adding child roles to a RbacRole which would violate a SSD set are detected. """ with transaction.atomic(): self.assertRaises(ValidationError, functions.AddInheritance, self.role_b, self.role_ssdfour) self.assertEqual(functions.DeassignUser(self.user, self.role_a), True) self.assertEqual(functions.AddInheritance(self.role_b, self.role_ssdfour), True) with transaction.atomic(): self.assertRaises(ValidationError, functions.AddInheritance, self.role_b, self.role_c)
def test_ssd_change_cardinality_simple(self): """ Test if changes to the SSD cardinality are handled correctly. """ #cardinality of 3 is invalid, as it affects a UserAssignment ssd_set = RbacSsdSet.objects.get(id=1) ssd_set.cardinality=3 self.assertRaises(ValidationError, ssd_set.save) self.assertEqual(functions.DeassignUser(self.user, self.role_a), True) #the SSD set is valid now ssd_set.save() self.assertRaises(ValidationError, functions.AssignUser, self.user, self.role_a)
def test_user_permission_role_deassign(self): """ Deassign "Role A" and test permissions. """ self.assertTrue(functions.DeassignUser(self.user, self.role_a)) self.assertFalse(self.user.has_perm('tests.opa_testmodel')) self.assertFalse(self.user.has_perm('tests.opb_testmodel')) self.assertTrue(self.user.has_perm('tests.opc_testmodel')) self.assertTrue(self.user.has_perm('tests.opd_testmodel')) self.assertTrue(self.user.has_perm('tests.opssd1_testmodel')) self.assertFalse(self.user.has_perm('tests.opssd2_testmodel')) self.assertTrue(self.user.has_perm('tests.opssd3_testmodel')) self.assertFalse(self.user.has_perm('tests.opssd4_testmodel'))