def test_valid_with_group_object_permission(self): """It should update permissions on an object. """ group = factories.GroupFactory(workspace_id=self.workspace.id) group.user_set.add(self.users['MEMBER']) resource = self.factory(workspace=self.workspace, object_permissions_enabled=True) resource.assign_perm(group, 'change_datastore_access') did = helpers.to_global_id('DatastoreType', resource.pk) oid = helpers.to_global_id('GroupType', group.pk) privileges = [ 'view_datastore', 'change_datastore', 'change_datastore_access', ] response = self.execute(variables={'id': did, 'objectId': oid, 'privileges': privileges}) response = response['data'][self.operation] self.assertOk(response) for privilege in privileges: self.assertTrue(self.users['MEMBER'].has_perm(privilege, resource)) self.assertInstanceCreated( audit.Activity, verb='updated access privileges to', **serializers.get_audit_kwargs(resource), )
def test_remove_revoked_user_from_groups(self): """It should remove a User from all workspace groups when membership is revoked. """ user = factories.UserFactory() workspace = factories.WorkspaceFactory(name='Metameta') workspace.grant_membership(user, models.Membership.READONLY) group = factories.GroupFactory(workspace_id=workspace.id) group.user_set.add(user) self.assertTrue(user.groups.filter(name=group.name).exists()) workspace.revoke_membership(user) self.assertFalse(user.groups.filter(name=group.name).exists())
def setUp(cls): super().setUp() cls.datastore = factories.DatastoreFactory(workspace=cls.workspace) cls.global_id = helpers.to_global_id('DatastoreType', cls.datastore.pk) cls.group = factories.GroupFactory(workspace_id=cls.workspace.id) cls.attributes = { 'content_type': cls.datastore.content_type, 'workspace': cls.workspace, } cls.customfields = [ factories.CustomFieldFactory( field_name='Steward', field_type=models.CustomField.USER, validators={}, **cls.attributes, ), factories.CustomFieldFactory( field_name='Product Area', field_type=models.CustomField.TEXT, validators={}, **cls.attributes, ), factories.CustomFieldFactory( field_name='Department', field_type=models.CustomField.ENUM, validators={ 'choices': ['Data Engineering', 'Product', 'Design'] }, **cls.attributes, ), factories.CustomFieldFactory( field_name='Team', field_type=models.CustomField.GROUP, **cls.attributes, ), ] cls.datastore.custom_properties = { cls.customfields[0].pk: cls.user.pk, cls.customfields[2].pk: 'Design', cls.customfields[3].pk: cls.group.pk, } cls.datastore.save()
def setUpTestData(cls): cls.current_user = factories.UserFactory() cls.workspace = factories.WorkspaceFactory(creator=cls.current_user) cls.workspace.grant_membership(cls.current_user, auth.Membership.OWNER) cls.group = factories.GroupFactory(workspace_id=cls.workspace.id) cls.datastore = factories.DatastoreFactory(workspace=cls.workspace) cls.attributes = { 'content_type': cls.datastore.content_type, 'workspace': cls.workspace, } cls.customfields = [ factories.CustomFieldFactory( field_name='Steward', field_type=models.CustomField.USER, validators={}, **cls.attributes, ), factories.CustomFieldFactory( field_name='Product Area', field_type=models.CustomField.TEXT, validators={}, **cls.attributes, ), factories.CustomFieldFactory( field_name='Department', field_type=models.CustomField.ENUM, validators={ 'choices': ['Data Engineering', 'Product', 'Design'] }, **cls.attributes, ), factories.CustomFieldFactory( field_name='Team', field_type=models.CustomField.GROUP, **cls.attributes, ), ] cls.request = collections.namedtuple( 'Request', ['user', 'workspace'], )(user=cls.current_user, workspace=cls.workspace)
def test_group_is_in_workspace(self): """It should NOT be able to create the resource. """ outsider_group = factories.GroupFactory() serializer = self.serializer_class( instance=self.datastore, data={ 'properties': { self.customfields[2].pk: 'test', self.customfields[3].pk: outsider_group.pk, } }, partial=True, ) self.assertFalse(serializer.is_valid()) self.assertSerializerErrorsEqual(serializer, [{ 'resource': 'CustomField', 'field': 'properties', 'code': 'invalid' }])
def setUp(self): super().setUp() self.group = factories.GroupFactory(workspace_id=self.workspace.id) self.other_group = factories.GroupFactory(workspace_id=self.workspace.id) self.outside_group = factories.GroupFactory(workspace_id=self.other_workspace.id)
def test_with_valid_group(self): """It should create the asset owner when the user has the proper permissions. """ self.execute_success_test_case('GroupType', factories.GroupFactory(workspace=self.workspace))