def test_delete_token(data_fixture):
user = data_fixture.create_user()
token_1 = data_fixture.create_token(user=user)
token_2 = data_fixture.create_token()
handler = TokenHandler()
with pytest.raises(TokenDoesNotBelongToUser):
handler.delete_token(user=user, token=token_2)
handler.update_token_permissions(user, token_1, create=True, read=True,
update=True, delete=True)
handler.delete_token(user=user, token=token_1)
assert Token.objects.all().count() == 1
assert Token.objects.all().first().id == token_2.id
def test_check_table_permissions(data_fixture):
user = data_fixture.create_user()
group = data_fixture.create_group(user=user)
database = data_fixture.create_database_application(group=group)
table_1 = data_fixture.create_database_table(database=database)
table_2 = data_fixture.create_database_table()
handler = TokenHandler()
token = data_fixture.create_token(user=user, group=group)
request = Request(HttpRequest())
request.user_token = token
handler.update_token_permissions(user=user,
token=token,
create=True,
read=True,
update=True,
delete=False)
with pytest.raises(ValueError):
handler.check_table_permissions(None, 'create', table_1, False)
handler.check_table_permissions(Request(HttpRequest()), 'create', table_1,
False)
with pytest.raises(NoPermissionToTable):
handler.check_table_permissions(Request(HttpRequest()), 'create',
table_1, True)
handler.check_table_permissions(token, 'create', table_1, False)
handler.check_table_permissions(token, 'create', table_1, True)
handler.check_table_permissions(token, 'read', table_1, False)
handler.check_table_permissions(token, 'read', table_1, True)
handler.check_table_permissions(token, 'update', table_1, False)
handler.check_table_permissions(token, 'update', table_1, True)
with pytest.raises(NoPermissionToTable):
handler.check_table_permissions(token, 'delete', table_1, False)
with pytest.raises(NoPermissionToTable):
handler.check_table_permissions(token, 'delete', table_1, True)
handler.check_table_permissions(request, 'create', table_1, False)
handler.check_table_permissions(request, 'create', table_1, True)
handler.check_table_permissions(request, 'read', table_1, False)
handler.check_table_permissions(request, 'read', table_1, True)
handler.check_table_permissions(request, 'update', table_1, False)
handler.check_table_permissions(request, 'update', table_1, True)
with pytest.raises(NoPermissionToTable):
handler.check_table_permissions(request, 'delete', table_1, False)
with pytest.raises(NoPermissionToTable):
handler.check_table_permissions(request, 'delete', table_1, True)
with pytest.raises(NoPermissionToTable):
handler.check_table_permissions(token, 'create', table_2, False)
with pytest.raises(NoPermissionToTable):
handler.check_table_permissions(token, 'create', table_2, True)
with pytest.raises(NoPermissionToTable):
handler.check_table_permissions(request, 'create', table_2, False)
with pytest.raises(NoPermissionToTable):
handler.check_table_permissions(request, 'create', table_2, True)
def test_has_table_permission(data_fixture):
user = data_fixture.create_user()
user_2 = data_fixture.create_user()
user_3 = data_fixture.create_user()
group = data_fixture.create_group(user=user)
group_2 = data_fixture.create_group(user=user_2)
group_3 = data_fixture.create_group(users=[user, user_3])
database_1 = data_fixture.create_database_application(group=group)
database_2 = data_fixture.create_database_application(group=group)
database_3 = data_fixture.create_database_application(group=group_2)
database_4 = data_fixture.create_database_application(group=group_3)
table_1 = data_fixture.create_database_table(database=database_1)
table_2 = data_fixture.create_database_table(database=database_1)
table_3 = data_fixture.create_database_table(database=database_2)
table_4 = data_fixture.create_database_table(database=database_3)
table_5 = data_fixture.create_database_table(database=database_4)
handler = TokenHandler()
token_other_group = data_fixture.create_token(user=user)
token = data_fixture.create_token(user=user, group=group)
token_user_3 = data_fixture.create_token(user=user_3, group=group_3)
token_group_3 = data_fixture.create_token(user=user, group=group_3)
# Has access to all tables within the group.
handler.update_token_permissions(user=user,
token=token,
create=True,
read=True,
update=True,
delete=True)
handler.update_token_permissions(user=user,
token=token_other_group,
create=True,
read=True,
update=True,
delete=True)
handler.update_token_permissions(user=user_3,
token=token_user_3,
create=True,
read=True,
update=True,
delete=True)
handler.update_token_permissions(user=user,
token=token_group_3,
create=True,
read=True,
update=True,
delete=True)
assert not handler.has_table_permission(token_other_group, 'create',
table_1)
assert not handler.has_table_permission(token_other_group, 'read', table_1)
assert not handler.has_table_permission(token_other_group, 'update',
table_1)
assert not handler.has_table_permission(token_other_group, 'delete',
table_1)
assert not handler.has_table_permission(token_other_group, 'create',
table_2)
assert not handler.has_table_permission(token_other_group, 'read', table_2)
assert not handler.has_table_permission(token_other_group, 'update',
table_2)
assert not handler.has_table_permission(token_other_group, 'delete',
table_2)
assert not handler.has_table_permission(token_other_group, 'create',
table_3)
assert not handler.has_table_permission(token_other_group, 'read', table_3)
assert not handler.has_table_permission(token_other_group, 'update',
table_3)
assert not handler.has_table_permission(token_other_group, 'delete',
table_3)
assert not handler.has_table_permission(token_other_group, 'create',
table_4)
assert not handler.has_table_permission(token_other_group, 'read', table_4)
assert not handler.has_table_permission(token_other_group, 'update',
table_4)
assert not handler.has_table_permission(token_other_group, 'delete',
table_4)
assert not handler.has_table_permission(token_other_group, 'create',
table_5)
assert not handler.has_table_permission(token_other_group, 'read', table_5)
assert not handler.has_table_permission(token_other_group, 'update',
table_5)
assert not handler.has_table_permission(token_other_group, 'delete',
table_5)
assert not handler.has_table_permission(token_group_3, 'create', table_1)
assert not handler.has_table_permission(token_group_3, 'read', table_1)
assert not handler.has_table_permission(token_group_3, 'update', table_1)
assert not handler.has_table_permission(token_group_3, 'delete', table_1)
assert not handler.has_table_permission(token_group_3, 'create', table_2)
assert not handler.has_table_permission(token_group_3, 'read', table_2)
assert not handler.has_table_permission(token_group_3, 'update', table_2)
assert not handler.has_table_permission(token_group_3, 'delete', table_2)
assert not handler.has_table_permission(token_group_3, 'create', table_3)
assert not handler.has_table_permission(token_group_3, 'read', table_3)
assert not handler.has_table_permission(token_group_3, 'update', table_3)
assert not handler.has_table_permission(token_group_3, 'delete', table_3)
assert not handler.has_table_permission(token_group_3, 'create', table_4)
assert not handler.has_table_permission(token_group_3, 'read', table_4)
assert not handler.has_table_permission(token_group_3, 'update', table_4)
assert not handler.has_table_permission(token_group_3, 'delete', table_4)
assert handler.has_table_permission(token_group_3, 'create', table_5)
assert handler.has_table_permission(token_group_3, 'read', table_5)
assert handler.has_table_permission(token_group_3, 'update', table_5)
assert handler.has_table_permission(token_group_3, 'delete', table_5)
assert not handler.has_table_permission(token_user_3, 'create', table_1)
assert not handler.has_table_permission(token_user_3, 'read', table_1)
assert not handler.has_table_permission(token_user_3, 'update', table_1)
assert not handler.has_table_permission(token_user_3, 'delete', table_1)
assert not handler.has_table_permission(token_user_3, 'create', table_2)
assert not handler.has_table_permission(token_user_3, 'read', table_2)
assert not handler.has_table_permission(token_user_3, 'update', table_2)
assert not handler.has_table_permission(token_user_3, 'delete', table_2)
assert not handler.has_table_permission(token_user_3, 'create', table_3)
assert not handler.has_table_permission(token_user_3, 'read', table_3)
assert not handler.has_table_permission(token_user_3, 'update', table_3)
assert not handler.has_table_permission(token_user_3, 'delete', table_3)
assert not handler.has_table_permission(token_user_3, 'create', table_4)
assert not handler.has_table_permission(token_user_3, 'read', table_4)
assert not handler.has_table_permission(token_user_3, 'update', table_4)
assert not handler.has_table_permission(token_user_3, 'delete', table_4)
assert handler.has_table_permission(token_user_3, 'create', table_5)
assert handler.has_table_permission(token_user_3, 'read', table_5)
assert handler.has_table_permission(token_user_3, 'update', table_5)
assert handler.has_table_permission(token_user_3, 'delete', table_5)
assert not handler.has_table_permission(
token=token, type_name='not_existing', table=table_1)
assert handler.has_table_permission(token, 'create', table_1)
assert handler.has_table_permission(token, 'read', table_1)
assert handler.has_table_permission(token, 'update', table_1)
assert handler.has_table_permission(token, 'delete', table_1)
assert handler.has_table_permission(token, 'create', table_2)
assert handler.has_table_permission(token, 'read', table_2)
assert handler.has_table_permission(token, 'update', table_2)
assert handler.has_table_permission(token, 'delete', table_2)
assert handler.has_table_permission(token, 'create', table_3)
assert handler.has_table_permission(token, 'read', table_3)
assert handler.has_table_permission(token, 'update', table_3)
assert handler.has_table_permission(token, 'delete', table_3)
assert not handler.has_table_permission(token, 'create', table_4)
assert not handler.has_table_permission(token, 'read', table_4)
assert not handler.has_table_permission(token, 'update', table_4)
assert not handler.has_table_permission(token, 'delete', table_4)
assert not handler.has_table_permission(token, 'create', table_5)
assert not handler.has_table_permission(token, 'read', table_5)
assert not handler.has_table_permission(token, 'update', table_5)
assert not handler.has_table_permission(token, 'delete', table_5)
handler.update_token_permissions(user=user,
token=token,
create=False,
read=True,
update=False,
delete=False)
assert not handler.has_table_permission(token, 'create', table_1)
assert handler.has_table_permission(token, 'read', table_1)
assert not handler.has_table_permission(token, 'update', table_1)
assert not handler.has_table_permission(token, 'delete', table_1)
assert not handler.has_table_permission(token, 'create', table_2)
assert handler.has_table_permission(token, 'read', table_2)
assert not handler.has_table_permission(token, 'update', table_2)
assert not handler.has_table_permission(token, 'delete', table_2)
assert not handler.has_table_permission(token, 'create', table_3)
assert handler.has_table_permission(token, 'read', table_3)
assert not handler.has_table_permission(token, 'update', table_3)
assert not handler.has_table_permission(token, 'delete', table_3)
assert not handler.has_table_permission(token, 'create', table_4)
assert not handler.has_table_permission(token, 'read', table_4)
assert not handler.has_table_permission(token, 'update', table_4)
assert not handler.has_table_permission(token, 'delete', table_4)
assert not handler.has_table_permission(token, 'create', table_5)
assert not handler.has_table_permission(token, 'read', table_5)
assert not handler.has_table_permission(token, 'update', table_5)
assert not handler.has_table_permission(token, 'delete', table_5)
handler.update_token_permissions(user=user,
token=token,
create=[database_1],
read=False,
update=False,
delete=False)
assert handler.has_table_permission(token, 'create', table_1)
assert not handler.has_table_permission(token, 'read', table_1)
assert not handler.has_table_permission(token, 'update', table_1)
assert not handler.has_table_permission(token, 'delete', table_1)
assert handler.has_table_permission(token, 'create', table_2)
assert not handler.has_table_permission(token, 'read', table_2)
assert not handler.has_table_permission(token, 'update', table_2)
assert not handler.has_table_permission(token, 'delete', table_2)
assert not handler.has_table_permission(token, 'create', table_3)
assert not handler.has_table_permission(token, 'read', table_3)
assert not handler.has_table_permission(token, 'update', table_3)
assert not handler.has_table_permission(token, 'delete', table_3)
assert not handler.has_table_permission(token, 'create', table_4)
assert not handler.has_table_permission(token, 'read', table_4)
assert not handler.has_table_permission(token, 'update', table_4)
assert not handler.has_table_permission(token, 'delete', table_4)
assert not handler.has_table_permission(token, 'create', table_5)
assert not handler.has_table_permission(token, 'read', table_5)
assert not handler.has_table_permission(token, 'update', table_5)
assert not handler.has_table_permission(token, 'delete', table_5)
handler.update_token_permissions(user=user,
token=token,
create=False,
read=False,
update=[table_3],
delete=False)
assert not handler.has_table_permission(token, 'create', table_1)
assert not handler.has_table_permission(token, 'read', table_1)
assert not handler.has_table_permission(token, 'update', table_1)
assert not handler.has_table_permission(token, 'delete', table_1)
assert not handler.has_table_permission(token, 'create', table_2)
assert not handler.has_table_permission(token, 'read', table_2)
assert not handler.has_table_permission(token, 'update', table_2)
assert not handler.has_table_permission(token, 'delete', table_2)
assert not handler.has_table_permission(token, 'create', table_3)
assert not handler.has_table_permission(token, 'read', table_3)
assert handler.has_table_permission(token, 'update', table_3)
assert not handler.has_table_permission(token, 'delete', table_3)
assert not handler.has_table_permission(token, 'create', table_4)
assert not handler.has_table_permission(token, 'read', table_4)
assert not handler.has_table_permission(token, 'update', table_4)
assert not handler.has_table_permission(token, 'delete', table_4)
assert not handler.has_table_permission(token, 'create', table_5)
assert not handler.has_table_permission(token, 'read', table_5)
assert not handler.has_table_permission(token, 'update', table_5)
assert not handler.has_table_permission(token, 'delete', table_5)
handler.update_token_permissions(user=user,
token=token,
create=True,
read=[database_2],
update=[table_3],
delete=False)
assert handler.has_table_permission(token, 'create', table_1)
assert not handler.has_table_permission(token, 'read', table_1)
assert not handler.has_table_permission(token, 'update', table_1)
assert not handler.has_table_permission(token, 'delete', table_1)
assert handler.has_table_permission(token, 'create', table_2)
assert not handler.has_table_permission(token, 'read', table_2)
assert not handler.has_table_permission(token, 'update', table_2)
assert not handler.has_table_permission(token, 'delete', table_2)
assert handler.has_table_permission(token, 'create', table_3)
assert handler.has_table_permission(token, 'read', table_3)
assert handler.has_table_permission(token, 'update', table_3)
assert not handler.has_table_permission(token, 'delete', table_3)
assert not handler.has_table_permission(token, 'create', table_4)
assert not handler.has_table_permission(token, 'read', table_4)
assert not handler.has_table_permission(token, 'update', table_4)
assert not handler.has_table_permission(token, 'delete', table_4)
assert not handler.has_table_permission(token, 'create', table_5)
assert not handler.has_table_permission(token, 'read', table_5)
assert not handler.has_table_permission(token, 'update', table_5)
assert not handler.has_table_permission(token, 'delete', table_5)
handler.update_token_permissions(user=user,
token=token,
create=False,
read=[database_1],
update=False,
delete=True)
assert not handler.has_table_permission(token, 'create', table_1)
assert handler.has_table_permission(token, 'read', table_1)
assert not handler.has_table_permission(token, 'update', table_1)
assert handler.has_table_permission(token, 'delete', table_1)
assert not handler.has_table_permission(token, 'create', table_2)
assert handler.has_table_permission(token, 'read', table_2)
assert not handler.has_table_permission(token, 'update', table_2)
assert handler.has_table_permission(token, 'delete', table_2)
assert not handler.has_table_permission(token, 'create', table_3)
assert not handler.has_table_permission(token, 'read', table_3)
assert not handler.has_table_permission(token, 'update', table_3)
assert handler.has_table_permission(token, 'delete', table_3)
assert not handler.has_table_permission(token, 'create', table_4)
assert not handler.has_table_permission(token, 'read', table_4)
assert not handler.has_table_permission(token, 'update', table_4)
assert not handler.has_table_permission(token, 'delete', table_4)
assert not handler.has_table_permission(token, 'create', table_5)
assert not handler.has_table_permission(token, 'read', table_5)
assert not handler.has_table_permission(token, 'update', table_5)
assert not handler.has_table_permission(token, 'delete', table_5)
def test_update_token_permission(data_fixture):
user = data_fixture.create_user()
group = data_fixture.create_group(user=user)
database_1 = data_fixture.create_database_application(group=group)
database_2 = data_fixture.create_database_application(group=group)
other_database = data_fixture.create_database_application()
table_1 = data_fixture.create_database_table(database=database_1,
create_table=False)
table_2 = data_fixture.create_database_table(database=database_2,
create_table=False)
other_table = data_fixture.create_database_table(create_table=False)
token_1 = data_fixture.create_token(user=user, group=group)
token_2 = data_fixture.create_token()
handler = TokenHandler()
with pytest.raises(TokenDoesNotBelongToUser):
handler.update_token_permissions(user=user, token=token_2)
with pytest.raises(DatabaseDoesNotBelongToGroup):
handler.update_token_permissions(user=user,
token=token_1,
create=[other_database])
with pytest.raises(TableDoesNotBelongToGroup):
handler.update_token_permissions(user=user,
token=token_1,
create=[other_table])
handler.update_token_permissions(user, token=token_1)
assert TokenPermission.objects.all().count() == 0
handler.update_token_permissions(user,
token=token_1,
create=True,
read=True,
update=True,
delete=True)
assert TokenPermission.objects.all().count() == 4
TokenPermission.objects.get(token=token_1,
type='create',
database__isnull=True,
table__isnull=True)
TokenPermission.objects.get(token=token_1,
type='read',
database__isnull=True,
table__isnull=True)
TokenPermission.objects.get(token=token_1,
type='update',
database__isnull=True,
table__isnull=True)
TokenPermission.objects.get(token=token_1,
type='delete',
database__isnull=True,
table__isnull=True)
handler.update_token_permissions(user,
token=token_1,
create=[database_1],
read=[database_2, table_2],
update=[table_1],
delete=True)
assert TokenPermission.objects.all().count() == 5
permission_2_1 = TokenPermission.objects.get(token=token_1,
type='create',
database_id=database_1.id,
table__isnull=True)
permission_2_2 = TokenPermission.objects.get(token=token_1,
type='read',
database_id=database_2.id,
table__isnull=True)
TokenPermission.objects.get(token=token_1,
type='read',
database__isnull=True,
table_id=table_2.id)
permission_2_4 = TokenPermission.objects.get(token=token_1,
type='update',
database__isnull=True,
table_id=table_1.id)
TokenPermission.objects.get(token=token_1,
type='delete',
database__isnull=True,
table__isnull=True)
handler.update_token_permissions(user,
token=token_1,
create=[database_1, table_2],
read=[database_2],
update=[table_1],
delete=False)
assert TokenPermission.objects.all().count() == 4
permission_3_1 = TokenPermission.objects.get(token=token_1,
type='create',
database_id=database_1.id,
table__isnull=True)
TokenPermission.objects.get(token=token_1,
type='create',
database__isnull=True,
table_id=table_2.id)
permission_3_3 = TokenPermission.objects.get(token=token_1,
type='read',
database_id=database_2.id,
table__isnull=True)
permission_3_4 = TokenPermission.objects.get(token=token_1,
type='update',
database__isnull=True,
table_id=table_1.id)
# Check if the same permissions have not been reinserted.
assert permission_3_1.id == permission_2_1.id
assert permission_3_3.id == permission_2_2.id
assert permission_3_4.id == permission_2_4.id
