Exemple #1
0
def test_query_condition_clear_by_check():
    """
    查询权限被检查机制清空的情况
    :return:
    """
    sqi = SQLQueryInfo()
    sqi.select = sqi.parse_select('username, nickname, password')
    sqi.parse_then_add_condition('phone', '=', 'b')
    sqi.parse_then_add_condition('phone', '>', '100')

    # # 所有查询条件都被权限机制清空
    with pytest.raises(PermissionDenied) as excinfo:
        sqi.check_query_permission_full(None, 'user', ab, None, ignore_error=True)

    assert sqi.conditions == []

    sqi = SQLQueryInfo()
    sqi.select = sqi.parse_select('username, nickname, password')
    sqi.parse_then_add_condition('phone', '=', 'b')
    sqi.parse_then_add_condition('username', '=', 'b')
    sqi.check_query_permission_full(None, 'user', ab, None, ignore_error=True)

    with pytest.raises(PermissionDenied) as excinfo:
        sqi = SQLQueryInfo()
        sqi.select = sqi.parse_select('username, nickname, password')
        sqi.parse_then_add_condition('phone', '=', 'b')
        sqi.parse_then_add_condition('username', '=', 'b')
        sqi.check_query_permission_full(None, 'user', ab, None, ignore_error=False)
Exemple #2
0
def test_query_add_func():
    ab1 = Ability({}, based_on=ab)

    def func1(ability: Ability, user, query: 'SQLQueryInfo', view: "AbstractSQLView"):
        query.add_condition('nickname', '=', 'aa')

    ab1.add_query_condition('user', func=func1)

    sqi = SQLQueryInfo()
    sqi.select = sqi.parse_select('username, nickname, password')
    sqi.parse_then_add_condition('username', '=', 'b')
    sqi.check_query_permission_full(None, 'user', ab1, None)
    assert sqi.conditions == [['username', SQL_OP.EQ, 'b'], ['nickname', SQL_OP.EQ, 'aa'],]

    ab2 = Ability({}, based_on=ab)

    def func2(ability: Ability, user, query: 'SQLQueryInfo'):
        query.add_condition('nickname', '=', 'aa')

    ab2.add_query_condition('user', func=func2)

    sqi = SQLQueryInfo()
    sqi.select = sqi.parse_select('username, nickname, password')
    sqi.parse_then_add_condition('username', '=', 'b')
    sqi.check_query_permission_full(None, 'user', ab2, None)
    assert sqi.conditions == [['username', SQL_OP.EQ, 'b'], ['nickname', SQL_OP.EQ, 'aa'],]
Exemple #3
0
def test_query_ex_filter():
    sqi = SQLQueryInfo()
    sqi.select = sqi.parse_select('username, nickname, password')
    sqi.parse_then_add_condition('username', 'like', 'b')
    sqi.parse_then_add_condition('nickname', 'like', 'b')
    sqi.check_query_permission_full(None, 'user', ab, None)
    assert sqi.conditions == [['nickname', SQL_OP.LIKE, 'b']]
Exemple #4
0
def test_query_condition_add2():
    """
    测试添加多个条件
    """
    ab2 = Ability({}, based_on=ab)
    ab2.add_query_condition('user', [
        ['username', 'like', '1%'],
        ['nickname', 'like', '1%'],
    ])

    sqi = SQLQueryInfo()
    sqi.select = sqi.parse_select('username, nickname, password')
    sqi.parse_then_add_condition('username', '=', 'b')
    sqi.check_query_permission_full(None, 'user', ab2, None)
    assert sqi.conditions == [['username', SQL_OP.EQ, 'b'], ['username', SQL_OP.LIKE, '1%'], ['nickname', SQL_OP.LIKE, '1%']]
Exemple #5
0
def test_query_condition_add1():
    """
    测试添加单个条件
    :return:
    """
    ab1 = Ability({}, based_on=ab)
    ab1.add_query_condition('user', ['phone', '>=', '123456'])

    sqi = SQLQueryInfo()
    sqi.select = sqi.parse_select('username, nickname, password')
    sqi.parse_then_add_condition('username', '=', 'b')

    assert sqi.conditions[-1] == ['username', SQL_OP.EQ, 'b']
    sqi.check_query_permission_full(None, 'user', ab1, None)
    assert sqi.conditions[-1] == ['phone', SQL_OP.GE, '123456']