def test_resources_with_possible_perms(self, db_session):
self.set_up_user_group_and_perms(db_session)
resource = ResourceTestobjB(resource_id=3,
resource_name="other",
owner_user_id=self.user.id)
self.user.resources.append(resource)
resource_g = ResourceTestobjB(resource_id=4,
resource_name="group owned")
self.group.resources.append(resource_g)
db_session.flush()
perms = UserService.resources_with_possible_perms(
self.user, db_session=db_session)
second = [
PermissionTuple(self.user, "foo_perm", "user", None, self.resource,
False, True),
PermissionTuple(self.user, "group_perm", "group", self.group,
self.resource, False, True),
PermissionTuple(self.user, "test_perm2", "user", None,
self.resource, False, True),
PermissionTuple(self.user, ALL_PERMISSIONS, "user", None, resource,
True, True),
PermissionTuple(self.user, ALL_PERMISSIONS, "group", self.group,
resource_g, True, True),
]
check_one_in_other(perms, second)
def test_resource_users_limited_group_ownage(self, db_session):
self.maxDiff = 9999
self.set_up_user_group_and_perms(db_session)
resource = TestResourceB(resource_id=99,
resource_name='other',
owner_user_id=self.user2.id)
group3 = add_group(db_session, 'group 3')
user2_permission = UserResourcePermission(
perm_name='foo_perm',
user_id=self.user2.id,
)
group3_permission = GroupResourcePermission(perm_name='group_perm',
group_id=group3.id)
resource.group_permissions.append(group3_permission)
resource.user_permissions.append(user2_permission)
group3.users.append(self.user3)
self.user.resources.append(resource)
self.group2.resources.append(resource)
db_session.flush()
perms = resource.users_for_perm('__any_permission__',
db_session=db_session)
second = [
PermissionTuple(self.user2, 'foo_perm', 'user', None, resource,
False, True),
PermissionTuple(self.user, ALL_PERMISSIONS, 'user', None, resource,
True, True),
PermissionTuple(self.user4, ALL_PERMISSIONS, 'group', self.group2,
resource, True, True),
PermissionTuple(self.user3, 'group_perm', 'group', group3,
resource, False, True)
]
check_one_in_other(perms, second)
def test_resource_users_for_any_perm_excluding_group_perms(self, db_session):
self.maxDiff = 99999
self.set_up_user_group_and_perms(db_session)
user6 = add_user(db_session, 6, "user 6")
user7 = add_user(db_session, 7, "user 7")
perm2 = GroupResourcePermission(
perm_name="group_perm2", resource_id=self.resource.resource_id
)
self.group.resource_permissions.append(perm2)
self.group.users.append(user6)
self.group.users.append(user7)
perms = ResourceService.users_for_perm(
self.resource,
"__any_permission__",
limit_group_permissions=True,
skip_group_perms=True,
db_session=db_session,
)
second = [
PermissionTuple(
self.user, "test_perm2", "user", None, self.resource, False, True
),
PermissionTuple(
self.user, "foo_perm", "user", None, self.resource, False, True
),
]
check_one_in_other(perms, second)
def test_resource_groups_for_any_perm_additional_users(self, db_session):
self.maxDiff = 99999
self.set_up_user_group_and_perms(db_session)
user6 = add_user(db_session, 6, 'user 6')
user7 = add_user(db_session, 7, 'user 7')
perm2 = GroupResourcePermission(perm_name='group_perm2',
resource_id=self.resource.resource_id)
self.group.resource_permissions.append(perm2)
self.group.users.append(user6)
self.group.users.append(user7)
perms = self.resource.groups_for_perm('__any_permission__',
db_session=db_session)
second = [
PermissionTuple(self.user, 'group_perm', 'group', self.group,
self.resource, False, True),
PermissionTuple(user6, 'group_perm', 'group', self.group,
self.resource, False, True),
PermissionTuple(user7, 'group_perm', 'group', self.group,
self.resource, False, True),
PermissionTuple(self.user, 'group_perm2', 'group', self.group,
self.resource, False, True),
PermissionTuple(user6, 'group_perm2', 'group', self.group,
self.resource, False, True),
PermissionTuple(user7, 'group_perm2', 'group', self.group,
self.resource, False, True),
PermissionTuple(self.user4, 'group_perm', 'group', self.group2,
self.resource, False, True),
]
check_one_in_other(perms, second)
def test_resources_with_possible_perms(self, db_session):
self.set_up_user_group_and_perms(db_session)
resource = TestResourceB(
resource_id=3, resource_name="other", owner_user_id=self.user.id
)
self.user.resources.append(resource)
resource_g = TestResourceB(resource_id=4, resource_name="group owned")
self.group.resources.append(resource_g)
db_session.flush()
perms = UserService.resources_with_possible_perms(
self.user, db_session=db_session
)
second = [
PermissionTuple(
self.user, "foo_perm", "user", None, self.resource, False, True
),
PermissionTuple(
self.user, "group_perm", "group", self.group, self.resource, False, True
),
PermissionTuple(
self.user, "test_perm2", "user", None, self.resource, False, True
),
PermissionTuple(
self.user, ALL_PERMISSIONS, "user", None, resource, True, True
),
PermissionTuple(
self.user, ALL_PERMISSIONS, "group", self.group, resource_g, True, True
),
]
check_one_in_other(perms, second)
def test_resource_users_for_any_perm_excluding_group_perms(
self, db_session):
self.maxDiff = 99999
self.set_up_user_group_and_perms(db_session)
user6 = add_user(db_session, 6, "user 6")
user7 = add_user(db_session, 7, "user 7")
perm2 = GroupResourcePermission(perm_name="group_perm2",
resource_id=self.resource.resource_id)
self.group.resource_permissions.append(perm2)
self.group.users.append(user6)
self.group.users.append(user7)
perms = ResourceService.users_for_perm(
self.resource,
"__any_permission__",
limit_group_permissions=True,
skip_group_perms=True,
db_session=db_session,
)
second = [
PermissionTuple(self.user, "test_perm2", "user", None,
self.resource, False, True),
PermissionTuple(self.user, "foo_perm", "user", None, self.resource,
False, True),
]
check_one_in_other(perms, second)
def test_resource_groups_for_any_perm_just_group_perms_limited_empty_group(
self, db_session):
self.maxDiff = 99999
self.set_up_user_group_and_perms(db_session)
user6 = add_user(db_session, 6, "user 6")
user7 = add_user(db_session, 7, "user 7")
perm2 = GroupResourcePermission(perm_name="group_perm2",
resource_id=self.resource.resource_id)
self.group.resource_permissions.append(perm2)
self.group.users.append(user6)
self.group.users.append(user7)
group3 = add_group(db_session, "Empty group")
perm3 = GroupResourcePermission(perm_name="group_permx",
resource_id=self.resource.resource_id)
group3.resource_permissions.append(perm3)
perms = ResourceService.groups_for_perm(
self.resource,
"__any_permission__",
limit_group_permissions=True,
db_session=db_session,
)
second = [
PermissionTuple(None, "group_perm", "group", self.group,
self.resource, False, True),
PermissionTuple(None, "group_perm2", "group", self.group,
self.resource, False, True),
PermissionTuple(None, "group_perm", "group", self.group2,
self.resource, False, True),
PermissionTuple(None, "group_permx", "group", group3,
self.resource, False, True),
]
check_one_in_other(perms, second)
def test_resource_groups_for_any_perm_just_group_perms_limited_empty_group(
self, db_session):
self.maxDiff = 99999
self.set_up_user_group_and_perms(db_session)
user6 = add_user(db_session, 6, 'user 6')
user7 = add_user(db_session, 7, 'user 7')
perm2 = GroupResourcePermission(perm_name='group_perm2',
resource_id=self.resource.resource_id)
self.group.resource_permissions.append(perm2)
self.group.users.append(user6)
self.group.users.append(user7)
group3 = add_group(db_session, 'Empty group')
perm3 = GroupResourcePermission(perm_name='group_permx',
resource_id=self.resource.resource_id)
group3.resource_permissions.append(perm3)
perms = self.resource.groups_for_perm('__any_permission__',
limit_group_permissions=True,
db_session=db_session)
second = [
PermissionTuple(None, 'group_perm', 'group', self.group,
self.resource, False, True),
PermissionTuple(None, 'group_perm2', 'group', self.group,
self.resource, False, True),
PermissionTuple(None, 'group_perm', 'group', self.group2,
self.resource, False, True),
PermissionTuple(None, 'group_permx', 'group', group3,
self.resource, False, True)
]
check_one_in_other(perms, second)
def test_resource_users_limited_group_ownage(self, db_session):
self.maxDiff = 9999
self.set_up_user_group_and_perms(db_session)
resource = TestResourceB(resource_id=99,
resource_name='other',
owner_user_id=self.user2.id)
group3 = add_group(db_session, 'group 3')
user2_permission = UserResourcePermission(
perm_name='foo_perm',
user_id=self.user2.id,
)
group3_permission = GroupResourcePermission(
perm_name='group_perm',
group_id=group3.id
)
resource.group_permissions.append(group3_permission)
resource.user_permissions.append(user2_permission)
group3.users.append(self.user3)
self.user.resources.append(resource)
self.group2.resources.append(resource)
db_session.flush()
perms = resource.users_for_perm('__any_permission__',
db_session=db_session)
second = [
PermissionTuple(self.user2, 'foo_perm', 'user', None, resource,
False, True),
PermissionTuple(self.user, ALL_PERMISSIONS, 'user', None, resource,
True, True),
PermissionTuple(self.user4, ALL_PERMISSIONS, 'group', self.group2,
resource, True, True),
PermissionTuple(self.user3, 'group_perm', 'group', group3,
resource, False, True)
]
check_one_in_other(perms, second)
def test_resource_groups_for_any_perm_just_group_perms_limited(self,
db_session):
self.maxDiff = 99999
self.set_up_user_group_and_perms(db_session)
user6 = add_user(db_session, 6, 'user 6')
user7 = add_user(db_session, 7, 'user 7')
perm2 = GroupResourcePermission(
perm_name='group_perm2',
resource_id=self.resource.resource_id
)
self.group.resource_permissions.append(perm2)
self.group.users.append(user6)
self.group.users.append(user7)
perms = self.resource.groups_for_perm(
'__any_permission__', limit_group_permissions=True,
db_session=db_session)
second = [
PermissionTuple(None, 'group_perm', 'group', self.group,
self.resource, False, True),
PermissionTuple(None, 'group_perm2', 'group', self.group,
self.resource, False, True),
PermissionTuple(None, 'group_perm', 'group', self.group2,
self.resource, False, True),
]
check_one_in_other(perms, second)
def test_resource_users_for_any_perm(self, db_session):
self.maxDiff = 99999
self.set_up_user_group_and_perms(db_session)
perms = ResourceService.users_for_perm(
self.resource, "__any_permission__", db_session=db_session
)
second = [
PermissionTuple(
self.user, "group_perm", "group", self.group, self.resource, False, True
),
PermissionTuple(
self.user, "test_perm2", "user", None, self.resource, False, True
),
PermissionTuple(
self.user, "foo_perm", "user", None, self.resource, False, True
),
PermissionTuple(
self.user4,
"group_perm",
"group",
self.group2,
self.resource,
False,
True,
),
]
check_one_in_other(perms, second)
def test_resource_users_for_any_perm(self, db_session):
self.maxDiff = 99999
self.set_up_user_group_and_perms(db_session)
perms = ResourceService.users_for_perm(self.resource,
"__any_permission__",
db_session=db_session)
second = [
PermissionTuple(self.user, "group_perm", "group", self.group,
self.resource, False, True),
PermissionTuple(self.user, "test_perm2", "user", None,
self.resource, False, True),
PermissionTuple(self.user, "foo_perm", "user", None, self.resource,
False, True),
PermissionTuple(
self.user4,
"group_perm",
"group",
self.group2,
self.resource,
False,
True,
),
]
check_one_in_other(perms, second)
def test_resource_users_limited_group_ownage(self, db_session):
self.maxDiff = 9999
self.set_up_user_group_and_perms(db_session)
resource = ResourceTestobjB(resource_id=99,
resource_name="other",
owner_user_id=self.user2.id)
group3 = add_group(db_session, "group 3")
user2_permission = UserResourcePermission(perm_name="foo_perm",
user_id=self.user2.id)
group3_permission = GroupResourcePermission(perm_name="group_perm",
group_id=group3.id)
resource.group_permissions.append(group3_permission)
resource.user_permissions.append(user2_permission)
group3.users.append(self.user3)
self.user.resources.append(resource)
self.group2.resources.append(resource)
db_session.flush()
perms = ResourceService.users_for_perm(resource,
"__any_permission__",
db_session=db_session)
second = [
PermissionTuple(self.user2, "foo_perm", "user", None, resource,
False, True),
PermissionTuple(self.user, ALL_PERMISSIONS, "user", None, resource,
True, True),
PermissionTuple(self.user4, ALL_PERMISSIONS, "group", self.group2,
resource, True, True),
PermissionTuple(self.user3, "group_perm", "group", group3,
resource, False, True),
]
check_one_in_other(perms, second)
def test_resources_with_possible_perms(self, db_session):
self.set_up_user_group_and_perms(db_session)
perms = self.group.resources_with_possible_perms()
second = [PermissionTuple(None, 'group_perm', 'group', self.group,
self.resource, False, True),
]
check_one_in_other(perms, second)
def test_resource_users_for_perm(self, db_session):
self.set_up_user_group_and_perms(db_session)
perms = self.resource.users_for_perm(
'foo_perm', db_session=db_session)
second = [PermissionTuple(self.user, 'foo_perm', 'user', None,
self.resource, False, True)]
check_one_in_other(perms, second)
def test_resources_with_possible_perms(self, db_session):
self.set_up_user_group_and_perms(db_session)
perms = GroupService.resources_with_possible_perms(self.group)
second = [
PermissionTuple(None, "group_perm", "group", self.group,
self.resource, False, True)
]
check_one_in_other(perms, second)
def test_resources_with_possible_perms(self, db_session):
self.set_up_user_group_and_perms(db_session)
perms = self.group.resources_with_possible_perms()
second = [
PermissionTuple(None, 'group_perm', 'group', self.group,
self.resource, False, True),
]
check_one_in_other(perms, second)
def test_resource_users_for_perm(self, db_session):
self.set_up_user_group_and_perms(db_session)
perms = self.resource.users_for_perm('foo_perm', db_session=db_session)
second = [
PermissionTuple(self.user, 'foo_perm', 'user', None, self.resource,
False, True)
]
check_one_in_other(perms, second)
def test_user_permissions(self, db_session):
created_user = add_user(db_session)
permissions = created_user.permissions
expected = [
PermissionTuple(created_user, 'alter_users', 'user', None, None,
False, True),
PermissionTuple(created_user, 'root', 'user', None, None, False,
True)]
check_one_in_other(permissions, expected)
def test_resources_with_possible_perms(self, db_session):
self.set_up_user_group_and_perms(db_session)
perms = GroupService.resources_with_possible_perms(self.group)
second = [
PermissionTuple(
None, "group_perm", "group", self.group, self.resource, False, True
)
]
check_one_in_other(perms, second)
def test_user_permissions(self, db_session):
created_user = add_user(db_session)
permissions = UserService.permissions(created_user, db_session=db_session)
expected = [
PermissionTuple(
created_user, "alter_users", "user", None, None, False, True
),
PermissionTuple(created_user, "root", "user", None, None, False, True),
]
check_one_in_other(permissions, expected)
def test_user_permissions(self, db_session):
created_user = add_user(db_session)
permissions = created_user.permissions
expected = [
PermissionTuple(created_user, 'alter_users', 'user', None, None,
False, True),
PermissionTuple(created_user, 'root', 'user', None, None, False,
True)
]
check_one_in_other(permissions, expected)
def test_resources_with_direct_group_perms(self, db_session):
self.set_up_user_group_and_perms(db_session)
# test_perm1 from group perms should be ignored
perms = self.resource.group_perms_for_user(
self.user, db_session=db_session)
second = [
PermissionTuple(self.user, 'group_perm', 'group', self.group,
self.resource, False, True)]
check_one_in_other(perms, second)
def test_resources_with_direct_group_perms(self, db_session):
self.set_up_user_group_and_perms(db_session)
# test_perm1 from group perms should be ignored
perms = self.resource.group_perms_for_user(self.user,
db_session=db_session)
second = [
PermissionTuple(self.user, 'group_perm', 'group', self.group,
self.resource, False, True)
]
check_one_in_other(perms, second)
def test_user_permissions(self, db_session):
created_user = add_user(db_session)
permissions = UserService.permissions(created_user,
db_session=db_session)
expected = [
PermissionTuple(created_user, "alter_users", "user", None, None,
False, True),
PermissionTuple(created_user, "root", "user", None, None, False,
True),
]
check_one_in_other(permissions, expected)
def test_resource_users_for_perm(self, db_session):
self.set_up_user_group_and_perms(db_session)
perms = ResourceService.users_for_perm(self.resource,
"foo_perm",
db_session=db_session)
second = [
PermissionTuple(self.user, "foo_perm", "user", None, self.resource,
False, True)
]
check_one_in_other(perms, second)
def test_resource_users_limited_group_other_user_3(self, db_session):
self.maxDiff = 9999
self.set_up_user_group_and_perms(db_session)
perms = self.resource2.users_for_perm('__any_permission__',
user_ids=[self.user3.id],
db_session=db_session)
second = [
PermissionTuple(self.user3, 'test_perm', 'user', None,
self.resource2, False, True)
]
check_one_in_other(perms, second)
def test_resource_users_limited_group_other_user_3(self, db_session):
self.maxDiff = 9999
self.set_up_user_group_and_perms(db_session)
perms = self.resource2.users_for_perm('__any_permission__',
user_ids=[self.user3.id],
db_session=db_session)
second = [
PermissionTuple(self.user3, 'test_perm', 'user', None,
self.resource2, False, True)
]
check_one_in_other(perms, second)
def test_resource_users_for_any_perm_resource_2(self, db_session):
self.set_up_user_group_and_perms(db_session)
perms = self.resource2.users_for_perm(
'__any_permission__', db_session=db_session)
second = [
PermissionTuple(self.user2, 'foo_perm', 'user', None,
self.resource2, False, True),
PermissionTuple(self.user3, 'test_perm', 'user', None,
self.resource2, False, True),
]
check_one_in_other(perms, second)
def test_resource_users_for_any_perm_resource_2(self, db_session):
self.set_up_user_group_and_perms(db_session)
perms = self.resource2.users_for_perm('__any_permission__',
db_session=db_session)
second = [
PermissionTuple(self.user2, 'foo_perm', 'user', None,
self.resource2, False, True),
PermissionTuple(self.user3, 'test_perm', 'user', None,
self.resource2, False, True),
]
check_one_in_other(perms, second)
def test_resource_users_for_perm(self, db_session):
self.set_up_user_group_and_perms(db_session)
perms = ResourceService.users_for_perm(
self.resource, "foo_perm", db_session=db_session
)
second = [
PermissionTuple(
self.user, "foo_perm", "user", None, self.resource, False, True
)
]
check_one_in_other(perms, second)
def test_resources_with_user_perms(self, db_session):
self.maxDiff = 9999
self.set_up_user_group_and_perms(db_session)
perms = self.resource.perms_for_user(
self.user, db_session=db_session)
second = [PermissionTuple(self.user, 'foo_perm', 'user', None,
self.resource, False, True),
PermissionTuple(self.user, 'group_perm', 'group',
self.group, self.resource, False, True),
PermissionTuple(self.user, 'test_perm2', 'user', None,
self.resource, False, True)]
check_one_in_other(perms, second)
def test_resource_users_limited_group_other_user_4(self, db_session):
self.maxDiff = 9999
self.set_up_user_group_and_perms(db_session)
perms = self.resource.users_for_perm('__any_permission__',
user_ids=[self.user4.id],
group_ids=[self.group2.id],
db_session=db_session)
second = [
PermissionTuple(self.user4, 'group_perm', 'group', self.group2,
self.resource, False, True)
]
check_one_in_other(perms, second)
def test_resource_users_limited_group_other_user_4(self, db_session):
self.maxDiff = 9999
self.set_up_user_group_and_perms(db_session)
perms = self.resource.users_for_perm('__any_permission__',
user_ids=[self.user4.id],
group_ids=[self.group2.id],
db_session=db_session)
second = [
PermissionTuple(self.user4, 'group_perm', 'group', self.group2,
self.resource, False, True)
]
check_one_in_other(perms, second)
def test_resource_groups_for_any_perm_additional_users(self, db_session):
self.maxDiff = 99999
self.set_up_user_group_and_perms(db_session)
user6 = add_user(db_session, 6, "user 6")
user7 = add_user(db_session, 7, "user 7")
perm2 = GroupResourcePermission(
perm_name="group_perm2", resource_id=self.resource.resource_id
)
self.group.resource_permissions.append(perm2)
self.group.users.append(user6)
self.group.users.append(user7)
perms = ResourceService.groups_for_perm(
self.resource, "__any_permission__", db_session=db_session
)
second = [
PermissionTuple(
self.user, "group_perm", "group", self.group, self.resource, False, True
),
PermissionTuple(
user6, "group_perm", "group", self.group, self.resource, False, True
),
PermissionTuple(
user7, "group_perm", "group", self.group, self.resource, False, True
),
PermissionTuple(
self.user,
"group_perm2",
"group",
self.group,
self.resource,
False,
True,
),
PermissionTuple(
user6, "group_perm2", "group", self.group, self.resource, False, True
),
PermissionTuple(
user7, "group_perm2", "group", self.group, self.resource, False, True
),
PermissionTuple(
self.user4,
"group_perm",
"group",
self.group2,
self.resource,
False,
True,
),
]
check_one_in_other(perms, second)
def test_resources_with_user_perms(self, db_session):
self.maxDiff = 9999
self.set_up_user_group_and_perms(db_session)
perms = self.resource.perms_for_user(self.user, db_session=db_session)
second = [
PermissionTuple(self.user, 'foo_perm', 'user', None, self.resource,
False, True),
PermissionTuple(self.user, 'group_perm', 'group', self.group,
self.resource, False, True),
PermissionTuple(self.user, 'test_perm2', 'user', None,
self.resource, False, True)
]
check_one_in_other(perms, second)
def test_resources_with_direct_user_perms(self, db_session):
self.set_up_user_group_and_perms(db_session)
# test_perm1 from group perms should be ignored
perms = ResourceService.direct_perms_for_user(self.resource,
self.user,
db_session=db_session)
second = [
PermissionTuple(self.user, "foo_perm", "user", None, self.resource,
False, True),
PermissionTuple(self.user, "test_perm2", "user", None,
self.resource, False, True),
]
check_one_in_other(perms, second)
def test_resource_users_limited_group_other_user_3(self, db_session):
self.maxDiff = 9999
self.set_up_user_group_and_perms(db_session)
perms = ResourceService.users_for_perm(
self.resource2,
"__any_permission__",
user_ids=[self.user3.id],
db_session=db_session,
)
second = [
PermissionTuple(self.user3, "test_perm", "user", None,
self.resource2, False, True)
]
check_one_in_other(perms, second)
def test_resource_users_limited_group_other_user_3(self, db_session):
self.maxDiff = 9999
self.set_up_user_group_and_perms(db_session)
perms = ResourceService.users_for_perm(
self.resource2,
"__any_permission__",
user_ids=[self.user3.id],
db_session=db_session,
)
second = [
PermissionTuple(
self.user3, "test_perm", "user", None, self.resource2, False, True
)
]
check_one_in_other(perms, second)
def test_resources_with_direct_user_perms(self, db_session):
self.set_up_user_group_and_perms(db_session)
# test_perm1 from group perms should be ignored
perms = ResourceService.direct_perms_for_user(
self.resource, self.user, db_session=db_session
)
second = [
PermissionTuple(
self.user, "foo_perm", "user", None, self.resource, False, True
),
PermissionTuple(
self.user, "test_perm2", "user", None, self.resource, False, True
),
]
check_one_in_other(perms, second)
def test_resource_groups_for_any_perm_additional_users(self, db_session):
self.maxDiff = 99999
self.set_up_user_group_and_perms(db_session)
user6 = add_user(db_session, 6, "user 6")
user7 = add_user(db_session, 7, "user 7")
perm2 = GroupResourcePermission(perm_name="group_perm2",
resource_id=self.resource.resource_id)
self.group.resource_permissions.append(perm2)
self.group.users.append(user6)
self.group.users.append(user7)
perms = ResourceService.groups_for_perm(self.resource,
"__any_permission__",
db_session=db_session)
second = [
PermissionTuple(self.user, "group_perm", "group", self.group,
self.resource, False, True),
PermissionTuple(user6, "group_perm", "group", self.group,
self.resource, False, True),
PermissionTuple(user7, "group_perm", "group", self.group,
self.resource, False, True),
PermissionTuple(
self.user,
"group_perm2",
"group",
self.group,
self.resource,
False,
True,
),
PermissionTuple(user6, "group_perm2", "group", self.group,
self.resource, False, True),
PermissionTuple(user7, "group_perm2", "group", self.group,
self.resource, False, True),
PermissionTuple(
self.user4,
"group_perm",
"group",
self.group2,
self.resource,
False,
True,
),
]
check_one_in_other(perms, second)
def test_resources_with_possible_perms_group2(self, db_session):
self.set_up_user_group_and_perms(db_session)
resource3 = add_resource_b(db_session, 3, "other resource")
self.group2.resources.append(resource3)
group_permission2 = GroupResourcePermission(perm_name="group_perm2",
group_id=self.group2.id)
self.resource2.group_permissions.append(group_permission2)
perms = GroupService.resources_with_possible_perms(self.group2)
second = [
PermissionTuple(None, "group_perm", "group", self.group2,
self.resource, False, True),
PermissionTuple(None, "group_perm2", "group", self.group2,
self.resource2, False, True),
PermissionTuple(None, ALL_PERMISSIONS, "group", self.group2,
resource3, True, True),
]
check_one_in_other(perms, second)
def test_resource_groups_for_any_perm_just_group_perms_limited_empty_group(
self, db_session
):
self.maxDiff = 99999
self.set_up_user_group_and_perms(db_session)
user6 = add_user(db_session, 6, "user 6")
user7 = add_user(db_session, 7, "user 7")
perm2 = GroupResourcePermission(
perm_name="group_perm2", resource_id=self.resource.resource_id
)
self.group.resource_permissions.append(perm2)
self.group.users.append(user6)
self.group.users.append(user7)
group3 = add_group(db_session, "Empty group")
perm3 = GroupResourcePermission(
perm_name="group_permx", resource_id=self.resource.resource_id
)
group3.resource_permissions.append(perm3)
perms = ResourceService.groups_for_perm(
self.resource,
"__any_permission__",
limit_group_permissions=True,
db_session=db_session,
)
second = [
PermissionTuple(
None, "group_perm", "group", self.group, self.resource, False, True
),
PermissionTuple(
None, "group_perm2", "group", self.group, self.resource, False, True
),
PermissionTuple(
None, "group_perm", "group", self.group2, self.resource, False, True
),
PermissionTuple(
None, "group_permx", "group", group3, self.resource, False, True
),
]
check_one_in_other(perms, second)
def test_resources_with_possible_perms_group2(self, db_session):
self.set_up_user_group_and_perms(db_session)
resource3 = add_resource_b(db_session, 3, 'other resource')
self.group2.resources.append(resource3)
group_permission2 = GroupResourcePermission(
perm_name='group_perm2',
group_id=self.group2.id,
)
self.resource2.group_permissions.append(group_permission2)
perms = self.group2.resources_with_possible_perms()
second = [PermissionTuple(None, 'group_perm', 'group', self.group2,
self.resource, False, True),
PermissionTuple(None, 'group_perm2', 'group', self.group2,
self.resource2, False, True),
PermissionTuple(None, ALL_PERMISSIONS, 'group', self.group2,
resource3, True, True),
]
check_one_in_other(perms, second)
def test_resources_with_possible_perms_group2(self, db_session):
self.set_up_user_group_and_perms(db_session)
resource3 = add_resource_b(db_session, 3, 'other resource')
self.group2.resources.append(resource3)
group_permission2 = GroupResourcePermission(
perm_name='group_perm2',
group_id=self.group2.id,
)
self.resource2.group_permissions.append(group_permission2)
perms = self.group2.resources_with_possible_perms()
second = [
PermissionTuple(None, 'group_perm', 'group', self.group2,
self.resource, False, True),
PermissionTuple(None, 'group_perm2', 'group', self.group2,
self.resource2, False, True),
PermissionTuple(None, ALL_PERMISSIONS, 'group', self.group2,
resource3, True, True),
]
check_one_in_other(perms, second)
def test_resource_users_for_any_perm_limited_group_perms_empty_group(
self, db_session):
self.maxDiff = 99999
self.set_up_user_group_and_perms(db_session)
user6 = add_user(db_session, 6, 'user 6')
user7 = add_user(db_session, 7, 'user 7')
perm2 = GroupResourcePermission(
perm_name='group_perm2',
resource_id=self.resource.resource_id
)
self.group.resource_permissions.append(perm2)
self.group.users.append(user6)
self.group.users.append(user7)
group3 = add_group(db_session, 'Empty group')
perm3 = GroupResourcePermission(
perm_name='group_permx',
resource_id=self.resource.resource_id
)
group3.resource_permissions.append(perm3)
perms = self.resource.users_for_perm(
'__any_permission__', limit_group_permissions=True,
db_session=db_session)
second = [
PermissionTuple(None, 'group_perm', 'group', self.group,
self.resource, False, True),
PermissionTuple(None, 'group_perm2', 'group', self.group,
self.resource, False, True),
PermissionTuple(self.user, 'test_perm2', 'user', None,
self.resource, False, True),
PermissionTuple(self.user, 'foo_perm', 'user', None,
self.resource, False, True),
PermissionTuple(None, 'group_perm', 'group', self.group2,
self.resource, False, True),
PermissionTuple(None, 'group_permx', 'group', group3,
self.resource, False, True),
]
check_one_in_other(perms, second)
def test_resource_users_limited_group_ownage(self, db_session):
self.maxDiff = 9999
self.set_up_user_group_and_perms(db_session)
resource = TestResourceB(
resource_id=99, resource_name="other", owner_user_id=self.user2.id
)
group3 = add_group(db_session, "group 3")
user2_permission = UserResourcePermission(
perm_name="foo_perm", user_id=self.user2.id
)
group3_permission = GroupResourcePermission(
perm_name="group_perm", group_id=group3.id
)
resource.group_permissions.append(group3_permission)
resource.user_permissions.append(user2_permission)
group3.users.append(self.user3)
self.user.resources.append(resource)
self.group2.resources.append(resource)
db_session.flush()
perms = ResourceService.users_for_perm(
resource, "__any_permission__", db_session=db_session
)
second = [
PermissionTuple(
self.user2, "foo_perm", "user", None, resource, False, True
),
PermissionTuple(
self.user, ALL_PERMISSIONS, "user", None, resource, True, True
),
PermissionTuple(
self.user4, ALL_PERMISSIONS, "group", self.group2, resource, True, True
),
PermissionTuple(
self.user3, "group_perm", "group", group3, resource, False, True
),
]
check_one_in_other(perms, second)
def test_resource_users_limited_group_other_user_4(self, db_session):
self.maxDiff = 9999
self.set_up_user_group_and_perms(db_session)
perms = ResourceService.users_for_perm(
self.resource,
"__any_permission__",
user_ids=[self.user4.id],
group_ids=[self.group2.id],
db_session=db_session,
)
second = [
PermissionTuple(
self.user4,
"group_perm",
"group",
self.group2,
self.resource,
False,
True,
)
]
check_one_in_other(perms, second)
def test_resource_users_for_any_perm_excluding_group_perms(
self, db_session):
self.maxDiff = 99999
self.set_up_user_group_and_perms(db_session)
user6 = add_user(db_session, 6, 'user 6')
user7 = add_user(db_session, 7, 'user 7')
perm2 = GroupResourcePermission(perm_name='group_perm2',
resource_id=self.resource.resource_id)
self.group.resource_permissions.append(perm2)
self.group.users.append(user6)
self.group.users.append(user7)
perms = self.resource.users_for_perm('__any_permission__',
limit_group_permissions=True,
skip_group_perms=True,
db_session=db_session)
second = [
PermissionTuple(self.user, 'test_perm2', 'user', None,
self.resource, False, True),
PermissionTuple(self.user, 'foo_perm', 'user', None, self.resource,
False, True)
]
check_one_in_other(perms, second)
def test_resources_with_possible_perms_group2(self, db_session):
self.set_up_user_group_and_perms(db_session)
resource3 = add_resource_b(db_session, 3, "other resource")
self.group2.resources.append(resource3)
group_permission2 = GroupResourcePermission(
perm_name="group_perm2", group_id=self.group2.id
)
self.resource2.group_permissions.append(group_permission2)
perms = GroupService.resources_with_possible_perms(self.group2)
second = [
PermissionTuple(
None, "group_perm", "group", self.group2, self.resource, False, True
),
PermissionTuple(
None, "group_perm2", "group", self.group2, self.resource2, False, True
),
PermissionTuple(
None, ALL_PERMISSIONS, "group", self.group2, resource3, True, True
),
]
check_one_in_other(perms, second)
def test_resource_users_limited_group_other_user_4(self, db_session):
self.maxDiff = 9999
self.set_up_user_group_and_perms(db_session)
perms = ResourceService.users_for_perm(
self.resource,
"__any_permission__",
user_ids=[self.user4.id],
group_ids=[self.group2.id],
db_session=db_session,
)
second = [
PermissionTuple(
self.user4,
"group_perm",
"group",
self.group2,
self.resource,
False,
True,
)
]
check_one_in_other(perms, second)
def test_resources_with_possible_perms(self, db_session):
self.set_up_user_group_and_perms(db_session)
resource = TestResourceB(resource_id=3,
resource_name='other',
owner_user_id=self.user.id)
self.user.resources.append(resource)
resource_g = TestResourceB(resource_id=4, resource_name='group owned')
self.group.resources.append(resource_g)
db_session.flush()
perms = self.user.resources_with_possible_perms()
second = [
PermissionTuple(self.user, 'foo_perm', 'user', None, self.resource,
False, True),
PermissionTuple(self.user, 'group_perm', 'group', self.group,
self.resource, False, True),
PermissionTuple(self.user, 'test_perm2', 'user', None,
self.resource, False, True),
PermissionTuple(self.user, ALL_PERMISSIONS, 'user', None, resource,
True, True),
PermissionTuple(self.user, ALL_PERMISSIONS, 'group', self.group,
resource_g, True, True),
]
check_one_in_other(perms, second)
def test_resources_with_possible_perms(self, db_session):
self.set_up_user_group_and_perms(db_session)
resource = TestResourceB(resource_id=3,
resource_name='other',
owner_user_id=self.user.id)
self.user.resources.append(resource)
resource_g = TestResourceB(resource_id=4,
resource_name='group owned')
self.group.resources.append(resource_g)
db_session.flush()
perms = self.user.resources_with_possible_perms()
second = [PermissionTuple(self.user, 'foo_perm', 'user', None,
self.resource, False, True),
PermissionTuple(self.user, 'group_perm', 'group',
self.group, self.resource, False, True),
PermissionTuple(self.user, 'test_perm2', 'user', None,
self.resource, False, True),
PermissionTuple(self.user, ALL_PERMISSIONS, 'user', None,
resource, True, True),
PermissionTuple(self.user, ALL_PERMISSIONS, 'group',
self.group, resource_g, True, True),
]
check_one_in_other(perms, second)
def test_resource_users_for_any_perm_excluding_group_perms(
self, db_session):
self.maxDiff = 99999
self.set_up_user_group_and_perms(db_session)
user6 = add_user(db_session, 6, 'user 6')
user7 = add_user(db_session, 7, 'user 7')
perm2 = GroupResourcePermission(
perm_name='group_perm2',
resource_id=self.resource.resource_id
)
self.group.resource_permissions.append(perm2)
self.group.users.append(user6)
self.group.users.append(user7)
perms = self.resource.users_for_perm(
'__any_permission__', limit_group_permissions=True,
skip_group_perms=True, db_session=db_session)
second = [
PermissionTuple(self.user, 'test_perm2', 'user', None,
self.resource, False, True),
PermissionTuple(self.user, 'foo_perm', 'user', None,
self.resource, False, True)
]
check_one_in_other(perms, second)
