def test_single_user_superadmin(self):
"""
the superadmin is allowed to receive information of an existing user.
"""
db = self.ccd._db.conn
# user that requests the information. needs ACCESS_READ
valid_sid = self.session.sid
# user to request for information
user_to_request = create_user(db, str(getRandomBytes()))
wg = create_workgroup(db, "newworkgroup", user_to_request.uid, 3)
payload = {"uid": user_to_request.uid}
res = show_user(self.ccd, valid_sid, payload)[0]
try:
self.assertEqual(res["uid"], user_to_request.uid)
self.assertEqual(res["name"], user_to_request.name)
self.assertEqual(res["mail"], user_to_request.mail)
self.assertEqual(res["description"], user_to_request.description)
finally:
user_to_request.delete(db)
wg.delete(db)
def test_project_user_superadmin(self):
"""
using pid instead of uid in payload should return user in
corresponding project
"""
db = self.ccd._db.conn
# user that requests the information. needs ACCESS_READ
valid_sid = self.session.sid
# create users
users = []
for i in range(10):
user = create_user(db, str(getRandomBytes()))
create_workgroup(db, "newworkgroup", user.uid, 3)
users.append(user)
# add users to projects
for u in users:
proj = create_project(db, "test_project_user_superadmin", u, 3)
# set None to request all users
payload = {"pid": proj.pid}
res = show_user(self.ccd, valid_sid, payload)
try:
self.assertUsersInProject(res, users)
finally:
proj.delete(db)
for u in users:
u.delete(db)
def test_all_user_nonsuperadmin(self):
"""
a user is allowed to receive information of a user, if he has
ACCESS_READ in the user2user table.
"""
db = self.ccd._db.conn
# user that requests the information. needs ACCESS_READ
user = create_user(db, str(getRandomBytes()))
wg = create_workgroup(db, "newworkgroup", user.uid, 3)
add_user2user(db, user.uid, 3) # ACCESS_READ
valid_sid = self.ccd._assign_user_a_session(user).sid
# set None to request all users
payload = {"uid": None}
res = show_user(self.ccd, valid_sid, payload)
meta, conn = db
tbl = meta.tables[tbl_users]
with conn.begin():
sel = tbl.select().where(tbl.c.deleted==False)
users = conn.execute(sel).fetchall()
try:
self.assertEqualResolution(res, users)
finally:
user.delete(db)
wg.delete(db)
def test_project_user_superadmin(self):
"""
using pid instead of uid in payload should return user in
corresponding project
"""
db = self.ccd._db.conn
# user that requests the information. needs ACCESS_READ
valid_sid = self.session.sid
# create users
users = []
for i in range(10):
user = create_user(db, str(getRandomBytes()))
create_workgroup(db, "newworkgroup", user.uid, 3)
users.append(user)
# add users to projects
for u in users:
proj = create_project(db, "test_project_user_superadmin", u, 3)
# set None to request all users
payload = {"pid": proj.pid}
res = show_user(self.ccd, valid_sid, payload)
try:
self.assertUsersInProject(res, users)
finally:
proj.delete(db)
for u in users:
u.delete(db)
def test_single_user_nonsuperadmin(self):
"""
a user is allowed to receive information of an arbitrary user, if he
has ACCESS_READ in the user2user table.
"""
db = self.ccd._db.conn
# user that requests the information. needs ACCESS_READ
user = create_user(db, str(getRandomBytes()))
wg = create_workgroup(db, "newworkgroup", user.uid, 3)
add_user2user(db, user.uid, 3) # ACCESS_READ
valid_sid = self.ccd._assign_user_a_session(user).sid
# user to request for information
user_to_request = create_user(db, str(getRandomBytes()))
create_workgroup(db, "newworkgroup", user_to_request.uid, 3)
payload = {"uid": user_to_request.uid}
res = show_user(self.ccd, valid_sid, payload)[0]
try:
self.assertEqual(res["uid"], user_to_request.uid)
self.assertEqual(res["name"], user_to_request.name)
self.assertEqual(res["mail"], user_to_request.mail)
self.assertEqual(res["description"], user_to_request.description)
finally:
user.delete(db)
user_to_request.delete(db)
wg.delete(db)
def test_all_user_nonsuperadmin(self):
"""
a user is allowed to receive information of a user, if he has
ACCESS_READ in the user2user table.
"""
db = self.ccd._db.conn
# user that requests the information. needs ACCESS_READ
user = create_user(db, str(getRandomBytes()))
wg = create_workgroup(db, "newworkgroup", user.uid, 3)
add_user2user(db, user.uid, 3) # ACCESS_READ
valid_sid = self.ccd._assign_user_a_session(user).sid
# set None to request all users
payload = {"uid": None}
res = show_user(self.ccd, valid_sid, payload)
meta, conn = db
tbl = meta.tables[tbl_users]
with conn.begin():
sel = tbl.select().where(tbl.c.deleted == False)
users = conn.execute(sel).fetchall()
try:
self.assertEqualResolution(res, users)
finally:
user.delete(db)
wg.delete(db)
def test_single_user_superadmin(self):
"""
the superadmin is allowed to receive information of an existing user.
"""
db = self.ccd._db.conn
# user that requests the information. needs ACCESS_READ
valid_sid = self.session.sid
# user to request for information
user_to_request = create_user(db, str(getRandomBytes()))
wg = create_workgroup(db, "newworkgroup", user_to_request.uid, 3)
payload = {"uid": user_to_request.uid}
res = show_user(self.ccd, valid_sid, payload)[0]
try:
self.assertEqual(res["uid"], user_to_request.uid)
self.assertEqual(res["name"], user_to_request.name)
self.assertEqual(res["mail"], user_to_request.mail)
self.assertEqual(res["description"], user_to_request.description)
finally:
user_to_request.delete(db)
wg.delete(db)
def test_single_user_nonsuperadmin(self):
"""
a user is allowed to receive information of an arbitrary user, if he
has ACCESS_READ in the user2user table.
"""
db = self.ccd._db.conn
# user that requests the information. needs ACCESS_READ
user = create_user(db, str(getRandomBytes()))
wg = create_workgroup(db, "newworkgroup", user.uid, 3)
add_user2user(db, user.uid, 3) # ACCESS_READ
valid_sid = self.ccd._assign_user_a_session(user).sid
# user to request for information
user_to_request = create_user(db, str(getRandomBytes()))
create_workgroup(db, "newworkgroup", user_to_request.uid, 3)
payload = {"uid": user_to_request.uid}
res = show_user(self.ccd, valid_sid, payload)[0]
try:
self.assertEqual(res["uid"], user_to_request.uid)
self.assertEqual(res["name"], user_to_request.name)
self.assertEqual(res["mail"], user_to_request.mail)
self.assertEqual(res["description"], user_to_request.description)
finally:
user.delete(db)
user_to_request.delete(db)
wg.delete(db)
def test_project_user_owner(self):
"""
the project owner is able to request the users within its project
"""
db = self.ccd._db.conn
users = []
# user that requests the information is creator of the new project
owner = create_user(db, "owner_%s" % str(getRandomBytes()))
create_workgroup(db, "newworkgroup", owner.uid, 3)
creator = create_user(db, "creator_%s" % str(getRandomBytes()))
create_workgroup(db, "newworkgroup", creator.uid, 3)
proj = Project.create_fromname(
db,
"test_project_user_creator",
creator, # creator
owner, # owner
1, # type id
"my project" #description
)
valid_sid = self.ccd._assign_user_a_session(owner).sid
# create users
for i in range(10):
u = create_user(db, str(getRandomBytes()))
create_workgroup(db, "newworkgroup", u.uid, 3)
users.append(u)
# add users to project
for u in users:
create_project(db, "test_project_user_creator", u, 3)
# set None to request all users
payload = {"pid": proj.pid}
res = show_user(self.ccd, valid_sid, payload)
try:
self.assertUsersInProject(res, users)
finally:
proj.delete(db)
for u in users:
u.delete(db)
creator.delete(db)
owner.delete(db)
def test_project_user_owner(self):
"""
the project owner is able to request the users within its project
"""
db = self.ccd._db.conn
users = []
# user that requests the information is creator of the new project
owner = create_user(db, "owner_%s" % str(getRandomBytes()))
create_workgroup(db, "newworkgroup", owner.uid, 3)
creator = create_user(db, "creator_%s" % str(getRandomBytes()))
create_workgroup(db, "newworkgroup", creator.uid, 3)
proj = Project.create_fromname(
db,
"test_project_user_creator",
creator, # creator
owner, # owner
1, # type id
"my project" #description
)
valid_sid = self.ccd._assign_user_a_session(owner).sid
# create users
for i in range(10):
u = create_user(db, str(getRandomBytes()))
create_workgroup(db, "newworkgroup", u.uid, 3)
users.append(u)
# add users to project
for u in users:
create_project(db, "test_project_user_creator", u, 3)
# set None to request all users
payload = {"pid": proj.pid}
res = show_user(self.ccd, valid_sid, payload)
try:
self.assertUsersInProject(res, users)
finally:
proj.delete(db)
for u in users:
u.delete(db)
creator.delete(db)
owner.delete(db)
def test_single_user_itself(self):
"""
showing information of the user itself should work. the user is no
superadmin.
"""
db = self.ccd._db.conn
user = create_user(db, str(getRandomBytes()))
wg = create_workgroup(db, "newworkgroup", user.uid, 3)
valid_sid = self.ccd._assign_user_a_session(user).sid
payload = {"uid": user.uid}
res = show_user(self.ccd, valid_sid, payload)[0]
try:
self.assertEqual(res["uid"], user.uid)
self.assertEqual(res["name"], user.name)
self.assertEqual(res["mail"], user.mail)
self.assertEqual(res["description"], user.description)
finally:
user.delete(db)
wg.delete(db)
def test_single_user_itself(self):
"""
showing information of the user itself should work. the user is no
superadmin.
"""
db = self.ccd._db.conn
user = create_user(db, str(getRandomBytes()))
wg = create_workgroup(db, "newworkgroup", user.uid, 3)
valid_sid = self.ccd._assign_user_a_session(user).sid
payload = {"uid": user.uid}
res = show_user(self.ccd, valid_sid, payload)[0]
try:
self.assertEqual(res["uid"], user.uid)
self.assertEqual(res["name"], user.name)
self.assertEqual(res["mail"], user.mail)
self.assertEqual(res["description"], user.description)
finally:
user.delete(db)
wg.delete(db)
def test_all_user_superadmin(self):
"""
the superadmin is allowed to receive information of all existing user.
"""
db = self.ccd._db.conn
# user that requests the information. needs ACCESS_READ
valid_sid = self.session.sid
# set None to request all users
payload = {"uid": None}
res = show_user(self.ccd, valid_sid, payload)
meta, conn = db
tbl = meta.tables[tbl_users]
with conn.begin():
sel = tbl.select().where(tbl.c.deleted==False)
users = conn.execute(sel).fetchall()
self.assertEqualResolution(res, users)
def test_all_user_superadmin(self):
"""
the superadmin is allowed to receive information of all existing user.
"""
db = self.ccd._db.conn
# user that requests the information. needs ACCESS_READ
valid_sid = self.session.sid
# set None to request all users
payload = {"uid": None}
res = show_user(self.ccd, valid_sid, payload)
meta, conn = db
tbl = meta.tables[tbl_users]
with conn.begin():
sel = tbl.select().where(tbl.c.deleted == False)
users = conn.execute(sel).fetchall()
self.assertEqualResolution(res, users)