def test_package_read_is_not_allowed_if_user_is_anonymous_and_package_private(
self):
package = Package.query.join(Publisher) \
.filter(Package.name == 'test_package',
Publisher.name == self.publisher2.name).one()
allowed = is_authorize(None, package, 'Package::Read')
self.assertFalse(allowed)
def check_is_authorized(action, publisher, package=None, user_id=None):
entity_str, action_str = action.split("::")
if entity_str == 'Package':
publisher_name, package_name = publisher, package
instance = Package.get_by_publisher(publisher_name, package_name)
elif entity_str == 'Publisher':
publisher_name = publisher
instance = Publisher.query.filter_by(name=publisher_name).one()
else:
raise InvalidUsage("{e} is not a valid one".format(e=entity_str), 401)
return is_authorize(user_id, instance, action)
def test_publisher_add_member_is_authorize_if_user_is_owner(self):
allowed = is_authorize(11, self.publisher, 'Publisher::AddMember')
self.assertTrue(allowed)
def test_publisher_delete_is_not_allowed_if_user_is_anonymous(self):
allowed = is_authorize(None, self.publisher1, 'Publisher::Delete')
self.assertFalse(allowed)
def test_publisher_delete_is_not_allowed_if_user_is_member(self):
allowed = is_authorize(11, self.publisher1, 'Publisher::Delete')
self.assertFalse(allowed)
def test_publisher_delete_is_authorize_if_user_is_sysadmin(self):
allowed = is_authorize(12, self.publisher, 'Publisher::Delete')
self.assertTrue(allowed)
def test_publisher_delete_is_authorize_if_user_is_owner(self):
allowed = is_authorize(11, self.publisher, 'Publisher::Delete')
self.assertTrue(allowed)
def test_publisher_read_is_not_allowed_if_user_is_anonymous_and_package_private(
self):
allowed = is_authorize(None, self.publisher2, 'Publisher::Read')
self.assertFalse(allowed)
def test_publisher_read_is_authorize_if_user_is_anonymous(self):
allowed = is_authorize(None, self.publisher, 'Publisher::Read')
self.assertTrue(allowed)
def test_publisher_read_is_authorize_if_user_is_member(self):
allowed = is_authorize(11, self.publisher1, 'Publisher::Read')
self.assertTrue(allowed)
def test_publisher_create_is_not_allowed_if_user_is_logged_in(self):
package = Package.query.join(Publisher) \
.filter(Package.name == 'test_package',
Publisher.name == self.publisher1.name).one()
allowed = is_authorize(13, package, 'Publisher::Create')
self.assertTrue(allowed)
def test_package_add_member_is_not_allowed_if_user_is_anonymous(self):
package = Package.query.join(Publisher) \
.filter(Package.name == 'test_package',
Publisher.name == self.publisher1.name).one()
allowed = is_authorize(None, package, 'Package::Delete')
self.assertFalse(allowed)
def test_package_add_member_is_authorize_if_user_is_member(self):
package = Package.query.join(Publisher) \
.filter(Package.name == 'test_package',
Publisher.name == self.publisher1.name).one()
allowed = is_authorize(11, package, 'Package::Delete')
self.assertTrue(allowed)
def test_package_delete_is_authorize_if_user_is_sysadmin(self):
package = Package.query.join(Publisher) \
.filter(Package.name == 'test_package',
Publisher.name == self.publisher.name).one()
allowed = is_authorize(12, package, 'Package::Purge')
self.assertTrue(allowed)
def test_package_read_is_authorize_if_user_is_owner(self):
package = Package.query.join(Publisher)\
.filter(Package.name == 'test_package',
Publisher.name == self.publisher.name).one()
allowed = is_authorize(11, package, 'Package::Read')
self.assertTrue(allowed)
def test_publisher_add_member_is_not_allowed_if_user_is_anonymous(self):
allowed = is_authorize(None, self.publisher1, 'Publisher::AddMember')
self.assertFalse(allowed)
