def test_get_private_record_without_permission(self):
self.prj.access = "private"
self.prj.save()
restricted_clauses = {
"clause": [
clause("allow", ["project.list"], ["organization/*"]),
clause("allow", ["project.view"], ["project/*/*"]),
]
}
restricted_policy = Policy.objects.create(name="restricted", body=json.dumps(restricted_clauses))
self.user.assign_policies(restricted_policy)
response = self.request(user=self.user)
assert response.status_code == 403
assert response.content["detail"] == PermissionDenied.default_detail
def test_get_private_record_without_permission(self):
self.prj.access = 'private'
self.prj.save()
restricted_clauses = {
'clause': [
clause('allow', ['project.list'], ['organization/*']),
clause('allow', ['project.view'], ['project/*/*'])
]
}
restricted_policy = Policy.objects.create(
name='restricted', body=json.dumps(restricted_clauses))
self.user.assign_policies(restricted_policy)
response = self.request(user=self.user)
assert response.status_code == 403
assert response.content['detail'] == PermissionDenied.default_detail
def test_get_private_record_without_permission(self):
self.prj.access = 'private'
self.prj.save()
restricted_clauses = {
'clause': [
clause('allow', ['project.list'], ['organization/*']),
clause('allow', ['project.view'], ['project/*/*'])
]
}
restricted_policy = Policy.objects.create(
name='restricted',
body=json.dumps(restricted_clauses))
self.user.assign_policies(restricted_policy)
response = self.request(user=self.user)
assert response.status_code == 403
assert response.content['detail'] == PermissionDenied.default_detail
def setUp(self):
"""Set up some policies and users having those policies."""
super().setUp()
clauses = {
"clause": [
{
"effect": "allow",
"object": [
"project/*/*",
"spatial/*/*/*",
"spatial_rel/*/*/*",
"party/*/*/*",
"party_rel/*/*/*",
"tenure_rel/*/*/*",
],
"action": [
"project.*",
"project.*.*",
"spatial.*",
"spatial_rel.*",
"party.*",
"party_rel.*",
"tenure_rel.*",
],
}
]
}
policy = Policy.objects.create(name="basic-test", body=json.dumps(clauses))
self.user = UserFactory.create()
self.user.assign_policies(policy)
restricted_clauses = {
"clause": [
clause("allow", ["project.list"], ["organization/*"]),
clause("allow", ["project.view"], ["project/*/*"]),
]
}
restricted_policy = Policy.objects.create(name="restricted", body=json.dumps(restricted_clauses))
self.restricted_user = UserFactory.create()
self.restricted_user.assign_policies(restricted_policy)
