def test_permission_save(self): first_list = [Permissions.PERMISSION_MANAGE_CRISIS, Permissions.PERMISSION_MANAGE_COD] second_list = [Permissions.PERMISSION_VIEW_REQUEST_DATA, Permissions.PERMISSION_MANAGE_CRISIS, Permissions.PERMISSION_MANAGE_COD] permissions = Permissions('tester') permissions.set_permissions( {'user': '******'}, first_list ) loaded_list1 = permissions.get_permission_list() assert first_list == loaded_list1 permissions.set_permissions( {'user': '******'}, second_list ) loaded_list2 = permissions.get_permission_list() assert second_list == loaded_list2 try: permissions.set_permissions( {'user': '******'}, second_list ) assert False except NotAuthorized as e: assert True
class PermissionController(dashboard_controller.DashboardController): def permission(self, id): context = { 'model': model, 'session': model.Session, 'user': c.user, 'auth_user_obj': c.userobj, 'for_view': True, 'with_related': True } try: check_access('manage_permissions', context, {}) except Exception, ex: abort(404, 'page not found') if request.method == 'POST': data = clean_dict( dict_fns.unflatten( tuplize_dict( parse_params(request.params, ignore_keys=CACHE_PARAMETERS)))) if data.get('update_permissions', '') == 'update': permissions = Permissions(id) perm_list = [ p for p in Permissions.ALL_PERMISSIONS if p in data ] permissions.set_permissions({'user': c.userobj.id}, perm_list) redirect( h.url_for( controller= 'ckanext.hdx_users.controllers.permission_controller:PermissionController', action='permission', id=id)) perm_obj = Permissions(id) crt_perm = perm_obj.get_permission_list() perm_list = [] for key, value in ph.Permissions.ALL_PERMISSIONS_LABELS_DICT.items(): _p = { 'key': key, 'label': value, 'checked': True if key in crt_perm else False } perm_list.append(_p) data_dict = { 'id': id, 'user_obj': c.userobj, 'include_datasets': True, 'include_num_followers': True } extra_vars = self._extra_template_variables(context, data_dict) extra_vars['permissions'] = perm_list return base.render('user/permission.html', extra_vars=extra_vars)
def page_create(context, data_dict): ''' Only sysadmins are allowed to call this action ''' username_or_id = context.get('user') result = Permissions(username_or_id).has_permission(Permissions.PERMISSION_MANAGE_CRISIS) return {'success': result}
def setup_class(cls): super(TestCod, cls).setup_class() context_sysadmin = { 'model': model, 'session': model.Session, 'user': '******' } factories.User(name='editor_user', email='*****@*****.**') cls._get_action('organization_member_create')(context_sysadmin, { 'id': 'hdx-test-org', 'username': '******', 'role': 'editor' }) factories.User(name='cod_user', email='*****@*****.**') cls._get_action('organization_member_create')(context_sysadmin, { 'id': 'hdx-test-org', 'username': '******', 'role': 'editor' }) Permissions('cod_user').set_permissions( context_sysadmin, [Permissions.PERMISSION_MANAGE_COD])
def hdx_request_data_admin_list(context, data_dict): username_or_id = context.get('user') result = Permissions(username_or_id).has_permission( Permissions.PERMISSION_VIEW_REQUEST_DATA) return {'success': result}
def hdx_carousel_update(context, data_dict): username_or_id = context.get('user') result = Permissions(username_or_id).has_permission( Permissions.PERMISSION_MANAGE_CAROUSEL) return {'success': result}
def hdx_quick_links_update(context, data_dict): username_or_id = context.get('user') result = Permissions(username_or_id).has_permission(Permissions.PERMISSION_MANAGE_QUICK_LINKS) return {'success': result}