def test_edit_default_project_permissions(flask_server, user): with flask_server.app.app_context(): project_id = projects.create_project("Example Project", "", user.id).id object_permissions.set_default_permissions_for_project( creator_id=user.id, project_id=project_id, permissions=object_permissions.Permissions.WRITE) assert object_permissions.get_default_permissions_for_projects( creator_id=user.id).get( project_id) == object_permissions.Permissions.WRITE session = requests.session() assert session.get(flask_server.base_url + 'users/{}/autologin'.format(user.id)).status_code == 200 r = session.get(flask_server.base_url + 'users/{}/preferences'.format(user.id)) assert r.status_code == 200 document = BeautifulSoup(r.content, 'html.parser') default_permissions_form = document.find(attrs={ 'name': 'edit_user_permissions', 'value': 'edit_user_permissions' }).find_parent('form') data = {} project_field_name = None for hidden_field in default_permissions_form.find_all( 'input', {'type': 'hidden'}): data[hidden_field['name']] = hidden_field['value'] if hidden_field['name'].endswith( 'project_id') and hidden_field['value'] == str(project_id): # the associated radio button is the first radio button in the same table row project_field_name = hidden_field.find_parent('tr').find( 'input', {'type': 'radio'})['name'] for radio_button in default_permissions_form.find_all( 'input', {'type': 'radio'}): if radio_button.has_attr( 'checked') and not radio_button.has_attr('disabled'): data[radio_button['name']] = radio_button['value'] assert project_field_name is not None assert data[project_field_name] == 'write' data[project_field_name] = 'read' data['edit_user_permissions'] = 'edit_user_permissions' assert session.post(flask_server.base_url + 'users/{}/preferences'.format(user.id), data=data).status_code == 200 with flask_server.app.app_context(): assert object_permissions.get_default_permissions_for_projects( creator_id=user.id).get( project_id) == object_permissions.Permissions.READ
def test_default_permissions_for_projects(users, independent_action): user, creator = users project_id = sampledb.logic.projects.create_project( "Example Project", "", creator.id).id assert object_permissions.get_default_permissions_for_projects( creator_id=creator.id) == {} object = sampledb.logic.objects.create_object( user_id=creator.id, action_id=independent_action.id, data={'name': { '_type': 'text', 'text': 'Name' }}) assert object_permissions.get_object_permissions_for_projects( object_id=object.id) == {} object_permissions.set_default_permissions_for_project( creator_id=creator.id, project_id=project_id, permissions=Permissions.READ) assert object_permissions.get_default_permissions_for_projects( creator_id=creator.id) == { project_id: Permissions.READ } object = sampledb.logic.objects.create_object( user_id=creator.id, action_id=independent_action.id, data={'name': { '_type': 'text', 'text': 'Name' }}) assert object_permissions.get_object_permissions_for_projects( object_id=object.id) == { project_id: Permissions.READ } # the default permissions are only used when creating a new object. object_permissions.set_default_permissions_for_project( creator_id=creator.id, project_id=project_id, permissions=Permissions.WRITE) assert object_permissions.get_default_permissions_for_projects( creator_id=creator.id) == { project_id: Permissions.WRITE } assert object_permissions.get_object_permissions_for_projects( object_id=object.id) == { project_id: Permissions.READ }
def test_add_default_project_permissions(flask_server, user): with flask_server.app.app_context(): project_id = projects.create_project("Example Project", "", user.id).id session = requests.session() assert session.get(flask_server.base_url + 'users/{}/autologin'.format(user.id)).status_code == 200 r = session.get(flask_server.base_url + 'users/{}/preferences'.format(user.id)) assert r.status_code == 200 document = BeautifulSoup(r.content, 'html.parser') default_permissions_form = document.find(attrs={ 'name': 'add_project_permissions', 'value': 'add_project_permissions' }).find_parent('form') data = {} for hidden_field in default_permissions_form.find_all( 'input', {'type': 'hidden'}): data[hidden_field['name']] = hidden_field['value'] data['project_id'] = str(project_id) data['permissions'] = 'read' data['add_project_permissions'] = 'add_project_permissions' assert session.post(flask_server.base_url + 'users/{}/preferences'.format(user.id), data=data).status_code == 200 with flask_server.app.app_context(): assert object_permissions.get_default_permissions_for_projects( creator_id=user.id).get( project_id) == object_permissions.Permissions.READ