def test_merge_privs():
p = EventPrincipal(read_access=True, permissions={'foo', 'bar'})
p.merge_privs(
EventPrincipal(permissions={'bar', 'foobar'}, full_access=True))
assert p.read_access
assert p.full_access
assert set(p.permissions) == {'foo', 'bar', 'foobar'}
def test_has_management_permission_explicit(explicit):
p = EventPrincipal(full_access=True, permissions=['foo'])
assert p.has_management_permission('foo', explicit=explicit)
assert p.has_management_permission('ANY', explicit=explicit)
assert p.has_management_permission('bar', explicit=explicit) == (not explicit)
assert (EventPrincipal(full_access=True, permissions=[]).has_management_permission('ANY', explicit=explicit) ==
(not explicit))
def test_has_management_role_explicit(explicit):
p = EventPrincipal(full_access=True, roles=['foo'])
assert p.has_management_role('foo', explicit=explicit)
assert p.has_management_role('ANY', explicit=explicit)
assert p.has_management_role('bar', explicit=explicit) == (not explicit)
assert EventPrincipal(full_access=True, roles=[]).has_management_role(
'ANY', explicit=explicit) == (not explicit)
def test_has_management_role_explicit_fail():
p = EventPrincipal(roles=['foo'])
# no role specified
with pytest.raises(ValueError):
p.has_management_role(explicit=True)
with pytest.raises(ValueError):
EventPrincipal.has_management_role(explicit=True)
def test_has_management_permission_explicit_fail():
p = EventPrincipal(permissions=['foo'])
# no permission specified
with pytest.raises(ValueError):
p.has_management_permission(explicit=True)
with pytest.raises(ValueError):
EventPrincipal.has_management_permission(explicit=True)
def process_principal(self, event, principals, legacy_principal, name, color, full_access=None, roles=None):
if isinstance(legacy_principal, basestring):
user = self.all_users_by_email.get(legacy_principal)
principal = user or EmailPrincipal(legacy_principal)
else:
principal = self.convert_principal(legacy_principal)
if principal is None:
self.print_warning(cformat('%%{%s}{}%%{reset}%%{yellow} does not exist:%%{reset} {}' % color)
.format(name, legacy_principal), event_id=event.id)
return
try:
entry = principals[principal]
except KeyError:
entry = EventPrincipal(event_id=event.id, principal=principal, full_access=False, roles=[])
principals[principal] = entry
if full_access:
entry.full_access = True
if roles:
entry.roles = sorted(set(entry.roles) | set(roles))
if not self.quiet:
self.print_msg(cformat(' - %%{%s}[{}]%%{reset} {}' % color).format(name.lower(), principal))
return principal
def process_principal(self,
principals,
legacy_principal,
name,
color,
full_access=None,
roles=None,
read_access=None):
if isinstance(legacy_principal, basestring):
user = self.global_ns.users_by_email.get(legacy_principal)
principal = user or EmailPrincipal(legacy_principal)
else:
principal = self.convert_principal(legacy_principal)
if principal is None:
self.print_warning(
('%%[%s]{}%%[reset]%%[yellow] does not exist:%%[reset] {} ({})'
% color).format(name, legacy_principal,
getattr(legacy_principal, 'id', '-')))
return
try:
entry = principals[principal]
except KeyError:
entry = EventPrincipal(event_id=self.event.id,
principal=principal,
full_access=False,
roles=[])
principals[principal] = entry
if full_access:
entry.full_access = True
if read_access:
entry.read_access = True
if roles:
entry.roles = sorted(set(entry.roles) | set(roles))
if not self.quiet:
self.print_log(' %%[%s][{}]%%[reset] {}' %
color.format(name.lower(), principal))
return principal
def test_has_management_role():
p = EventPrincipal(roles=['foo'])
assert p.has_management_role('ANY')
assert p.has_management_role('foo')
assert not p.has_management_role('bar')
def test_has_management_role_no_access():
p = EventPrincipal(read_access=True, roles=[])
assert not p.has_management_role()
assert not p.has_management_role('foo')
assert not p.has_management_role('ANY')
def test_has_management_role_full_access():
p = EventPrincipal(full_access=True, roles=[])
assert p.has_management_role()
assert p.has_management_role('foo')
assert p.has_management_role('ANY')
def test_has_management_permission():
p = EventPrincipal(permissions=['foo'])
assert p.has_management_permission('ANY')
assert p.has_management_permission('foo')
assert not p.has_management_permission('bar')
def test_has_management_permission_no_access():
p = EventPrincipal(read_access=True, permissions=[])
assert not p.has_management_permission()
assert not p.has_management_permission('foo')
assert not p.has_management_permission('ANY')
