def test_permission_save(self):
first_list = [Permissions.PERMISSION_MANAGE_CRISIS, Permissions.PERMISSION_MANAGE_COD]
second_list = [Permissions.PERMISSION_VIEW_REQUEST_DATA, Permissions.PERMISSION_MANAGE_CRISIS, Permissions.PERMISSION_MANAGE_COD]
permissions = Permissions('tester')
permissions.set_permissions(
{'user': '******'},
first_list
)
loaded_list1 = permissions.get_permission_list()
assert first_list == loaded_list1
permissions.set_permissions(
{'user': '******'},
second_list
)
loaded_list2 = permissions.get_permission_list()
assert second_list == loaded_list2
try:
permissions.set_permissions(
{'user': '******'},
second_list
)
assert False
except NotAuthorized as e:
assert True
class PermissionController(dashboard_controller.DashboardController):
def permission(self, id):
context = {
'model': model,
'session': model.Session,
'user': c.user,
'auth_user_obj': c.userobj,
'for_view': True,
'with_related': True
}
try:
check_access('manage_permissions', context, {})
except Exception, ex:
abort(404, 'page not found')
if request.method == 'POST':
data = clean_dict(
dict_fns.unflatten(
tuplize_dict(
parse_params(request.params,
ignore_keys=CACHE_PARAMETERS))))
if data.get('update_permissions', '') == 'update':
permissions = Permissions(id)
perm_list = [
p for p in Permissions.ALL_PERMISSIONS if p in data
]
permissions.set_permissions({'user': c.userobj.id}, perm_list)
redirect(
h.url_for(
controller=
'ckanext.hdx_users.controllers.permission_controller:PermissionController',
action='permission',
id=id))
perm_obj = Permissions(id)
crt_perm = perm_obj.get_permission_list()
perm_list = []
for key, value in ph.Permissions.ALL_PERMISSIONS_LABELS_DICT.items():
_p = {
'key': key,
'label': value,
'checked': True if key in crt_perm else False
}
perm_list.append(_p)
data_dict = {
'id': id,
'user_obj': c.userobj,
'include_datasets': True,
'include_num_followers': True
}
extra_vars = self._extra_template_variables(context, data_dict)
extra_vars['permissions'] = perm_list
return base.render('user/permission.html', extra_vars=extra_vars)
def page_create(context, data_dict):
'''
Only sysadmins are allowed to call this action
'''
username_or_id = context.get('user')
result = Permissions(username_or_id).has_permission(Permissions.PERMISSION_MANAGE_CRISIS)
return {'success': result}
def setup_class(cls):
super(TestCod, cls).setup_class()
context_sysadmin = {
'model': model,
'session': model.Session,
'user': '******'
}
factories.User(name='editor_user', email='*****@*****.**')
cls._get_action('organization_member_create')(context_sysadmin, {
'id': 'hdx-test-org',
'username': '******',
'role': 'editor'
})
factories.User(name='cod_user', email='*****@*****.**')
cls._get_action('organization_member_create')(context_sysadmin, {
'id': 'hdx-test-org',
'username': '******',
'role': 'editor'
})
Permissions('cod_user').set_permissions(
context_sysadmin, [Permissions.PERMISSION_MANAGE_COD])
def hdx_request_data_admin_list(context, data_dict):
username_or_id = context.get('user')
result = Permissions(username_or_id).has_permission(
Permissions.PERMISSION_VIEW_REQUEST_DATA)
return {'success': result}
def hdx_carousel_update(context, data_dict):
username_or_id = context.get('user')
result = Permissions(username_or_id).has_permission(
Permissions.PERMISSION_MANAGE_CAROUSEL)
return {'success': result}
def hdx_quick_links_update(context, data_dict):
username_or_id = context.get('user')
result = Permissions(username_or_id).has_permission(Permissions.PERMISSION_MANAGE_QUICK_LINKS)
return {'success': result}