def test_basic_update(self, test_data): """ @feature: Permissions @test: try to update entity first with relevant permissionn @assert: entity is removed """ entity = test_data() created = ApiCrud.record_create_recursive(entity) created = test_data._meta.change_for_update(created) user_definition = User() user_created = ApiCrud.record_create_recursive(user_definition) # user doesn't yet have relevant permission, action should fail with self.assertRaises(Exception): ApiCrud.record_update(created, user_definition) perm = ApiCrud.record_resolve( test_data._meta.api_class.permissions.update ) add_permission_to_user(user_created, perm) # user should have the relevant permission, action should updated = ApiCrud.record_update(created, user_definition) del created["updated_at"] del updated["updated_at"] self.assertIntersects(created, updated)
def test_basic_update(self, test_data): """ @feature: Permissions @test: try to update entity first with relevant permissionn @assert: entity is removed """ entity = test_data() created = ApiCrud.record_create_recursive(entity) created = test_data._meta.change_for_update(created) user_definition = User() user_created = ApiCrud.record_create_recursive(user_definition) # user doesn't yet have relevant permission, action should fail with self.assertRaises(Exception): ApiCrud.record_update(created, user_definition) perm = ApiCrud.record_resolve( test_data._meta.api_class.permissions.update) add_permission_to_user(user_created, perm) # user should have the relevant permission, action should updated = ApiCrud.record_update(created, user_definition) del created["updated_at"] del updated["updated_at"] self.assertIntersects(created, updated)
def test_basic_remove(self, test_data): """ @feature: Permissions @test: try to remove entity first with relevant permissionn @assert: entity is removed """ entity = test_data() created = ApiCrud.record_create_recursive(entity) user_definition = User() user_created = ApiCrud.record_create_recursive(user_definition) # user doesn't yet have relevant permission, action should fail with self.assertRaises(Exception): ApiCrud.record_remove(created, user_definition) perm = ApiCrud.record_resolve(test_data._meta.api_class.permissions.remove) add_permission_to_user(user_created, perm) # user should have the relevant permission, action should work ApiCrud.record_remove(created, user_definition) self.assertFalse(ApiCrud.record_exists(created))
def test_basic_create(self, test_data): """ @feature: Permissions @test: try to create entity first with relevant permissionn @assert: entity is created """ entity = test_data() deps = ApiCrud.record_create_dependencies(entity) user_definition = User() user_created = ApiCrud.record_create_recursive(user_definition) # user doesn't yet have relevant permission, action should fail with self.assertRaises(Exception): ApiCrud.record_create(deps, user_definition) perm = ApiCrud.record_resolve(test_data._meta.api_class.permissions.create) add_permission_to_user(user_created, perm) # user should have the relevant permission, action should work created = ApiCrud.record_create(deps, user_definition) self.assertIntersects(deps, created)
def test_basic_remove(self, test_data): """ @feature: Permissions @test: try to remove entity first with relevant permissionn @assert: entity is removed """ entity = test_data() created = ApiCrud.record_create_recursive(entity) user_definition = User() user_created = ApiCrud.record_create_recursive(user_definition) # user doesn't yet have relevant permission, action should fail with self.assertRaises(Exception): ApiCrud.record_remove(created, user_definition) perm = ApiCrud.record_resolve( test_data._meta.api_class.permissions.remove) add_permission_to_user(user_created, perm) # user should have the relevant permission, action should work ApiCrud.record_remove(created, user_definition) self.assertFalse(ApiCrud.record_exists(created))
def test_basic_create(self, test_data): """ @feature: Permissions @test: try to create entity first with relevant permissionn @assert: entity is created """ entity = test_data() deps = ApiCrud.record_create_dependencies(entity) user_definition = User() user_created = ApiCrud.record_create_recursive(user_definition) # user doesn't yet have relevant permission, action should fail with self.assertRaises(Exception): ApiCrud.record_create(deps, user_definition) perm = ApiCrud.record_resolve( test_data._meta.api_class.permissions.create) add_permission_to_user(user_created, perm) # user should have the relevant permission, action should work created = ApiCrud.record_create(deps, user_definition) self.assertIntersects(deps, created)