def test_delete_resource_no_roles(self):
name1, name2 = 'name1', 'name2'
rbac = RBAC()
rbac.create_resource(name1)
rbac.create_resource(name2)
rbac.delete_resource(name2)
self.assertEquals(rbac.registry._resources[name1], set())
self.assertNotIn(name2, rbac.registry._resources)
def test_delete_resource_no_roles(self):
name1, name2 = 'name1', 'name2'
rbac = RBAC()
rbac.create_resource(name1)
rbac.create_resource(name2)
rbac.delete_resource(name2)
self.assertEquals(rbac.registry._resources[name1], set())
self.assertNotIn(name2, rbac.registry._resources)
def test_delete_resource_has_roles(self):
role_id1, role_id2 = 1, 2
role_name1, role_name2 = 'role_name1', 'role_name2'
res_name1, res_name2 = 'res_name1', 'res_name2'
perm_id1, perm_id2 = 11, 22
perm_name1, perm_name2 = 'perm_name1', 'perm_name2'
rbac = RBAC()
rbac.create_role(role_id1, role_name1, None)
rbac.create_role(role_id2, role_name2, None)
rbac.create_resource(res_name1)
rbac.create_resource(res_name2)
rbac.create_permission(perm_id1, perm_name1)
rbac.create_permission(perm_id2, perm_name2)
rbac.create_role_permission_allow(role_id1, perm_id1, res_name1)
rbac.create_role_permission_allow(role_id1, perm_id2, res_name1)
rbac.create_role_permission_allow(role_id2, perm_id1, res_name2)
rbac.create_role_permission_allow(role_id2, perm_id2, res_name2)
self.assertIn((role_id1, perm_id1, res_name1), rbac.registry._allowed)
self.assertIn((role_id1, perm_id2, res_name1), rbac.registry._allowed)
self.assertIn((role_id2, perm_id1, res_name2), rbac.registry._allowed)
self.assertIn((role_id2, perm_id2, res_name2), rbac.registry._allowed)
rbac.delete_resource(res_name1)
self.assertNotIn((role_id1, perm_id1, res_name1),
rbac.registry._allowed)
self.assertNotIn((role_id1, perm_id2, res_name1),
rbac.registry._allowed)
self.assertIn((role_id2, perm_id1, res_name2), rbac.registry._allowed)
self.assertIn((role_id2, perm_id2, res_name2), rbac.registry._allowed)
def test_delete_resource_has_roles(self):
role_id1, role_id2 = 1, 2
role_name1, role_name2 = 'role_name1', 'role_name2'
res_name1, res_name2 = 'res_name1', 'res_name2'
perm_id1, perm_id2 = 11, 22
perm_name1, perm_name2 = 'perm_name1', 'perm_name2'
rbac = RBAC()
rbac.create_role(role_id1, role_name1, None)
rbac.create_role(role_id2, role_name2, None)
rbac.create_resource(res_name1)
rbac.create_resource(res_name2)
rbac.create_permission(perm_id1, perm_name1)
rbac.create_permission(perm_id2, perm_name2)
rbac.create_role_permission_allow(role_id1, perm_id1, res_name1)
rbac.create_role_permission_allow(role_id1, perm_id2, res_name1)
rbac.create_role_permission_allow(role_id2, perm_id1, res_name2)
rbac.create_role_permission_allow(role_id2, perm_id2, res_name2)
self.assertIn((role_id1, perm_id1, res_name1), rbac.registry._allowed)
self.assertIn((role_id1, perm_id2, res_name1), rbac.registry._allowed)
self.assertIn((role_id2, perm_id1, res_name2), rbac.registry._allowed)
self.assertIn((role_id2, perm_id2, res_name2), rbac.registry._allowed)
rbac.delete_resource(res_name1)
self.assertNotIn((role_id1, perm_id1, res_name1), rbac.registry._allowed)
self.assertNotIn((role_id1, perm_id2, res_name1), rbac.registry._allowed)
self.assertIn((role_id2, perm_id1, res_name2), rbac.registry._allowed)
self.assertIn((role_id2, perm_id2, res_name2), rbac.registry._allowed)
