def test_user_owns_package_as_member(self, mock_users_role): """Test ckanext.userdatasets.logic.auth.auth.user_owns_package_as_member Ensure all the possible combination of parameters always lead to the expected result. """ tests = [{ 'user': SMock(id=444, name='turtle'), 'package': SMock(creator_user_id=444, owner_org='carrot'), 'role': 'member', 'result': True }, { 'user': SMock(id=445, name='turtle'), 'package': SMock(creator_user_id=444, owner_org='carrot'), 'role': 'member', 'result': False }, { 'user': SMock(id=444, name='turtle'), 'package': SMock(creator_user_id=444, owner_org=False), 'role': 'member', 'result': False }, { 'user': SMock(id=444, name='turtle'), 'package': SMock(creator_user_id=444, owner_org='carrot'), 'role': 'editor', 'result': False }] for t in tests: mock_users_role.return_value = t['role'] assert_equal(user_owns_package_as_member(t['user'], t['package']), t['result'])
def test_user_owns_package_as_member(self, mock_users_role): """Test ckanext.userdatasets.logic.auth.auth.user_owns_package_as_member Ensure all the possible combination of parameters always lead to the expected result. """ tests = [ { 'user': SMock(id=444, name='turtle'), 'package': SMock(creator_user_id=444, owner_org='carrot'), 'role': 'member', 'result': True }, { 'user': SMock(id=445, name='turtle'), 'package': SMock(creator_user_id=444, owner_org='carrot'), 'role': 'member', 'result': False }, { 'user': SMock(id=444, name='turtle'), 'package': SMock(creator_user_id=444, owner_org=False), 'role': 'member', 'result': False }, { 'user': SMock(id=444, name='turtle'), 'package': SMock(creator_user_id=444, owner_org='carrot'), 'role': 'editor', 'result': False } ] for t in tests: mock_users_role.return_value = t['role'] assert_equal(user_owns_package_as_member(t['user'], t['package']), t['result'])
def package_update(fb, context, data_dict): user = context['auth_user_obj'] package = get_package_object(context, data_dict) if user_owns_package_as_member(user, package): return {'success': True} return fb(context, data_dict)
def resource_view_create(next_auth, context, data_dict): ''' :param next_auth: :param context: :param data_dict: ''' user = context['auth_user_obj'] # data_dict provides 'resource_id', while get_resource_object expects 'id'. This is # not consistent with the rest of the API - so future proof it by catering for both # cases in case the API is made consistent (one way or the other) later. if data_dict and 'resource_id' in data_dict: dc = { 'id': data_dict['resource_id'], 'resource_id': data_dict['resource_id'] } elif data_dict and 'id' in data_dict: dc = { 'id': data_dict['id'], 'resource_id': data_dict['id'] } else: dc = data_dict resource = get_resource_object(context, dc) if user_owns_package_as_member(user, resource.package): return { 'success': True } elif user_is_member_of_package_org(user, resource.package): return { 'success': False } return next_auth(context, data_dict)
def package_update(context, data_dict): user = context['auth_user_obj'] package = get_package_object(context, data_dict) if user_owns_package_as_member(user, package): return {'success': True} fallback = get_default_auth('update', 'package_update') return fallback(context, data_dict)
def resource_create(fb, context, data_dict): user = context['auth_user_obj'] package = get_package_object(context, data_dict) if user_owns_package_as_member(user, package): return {'success': True} elif user_is_member_of_package_org(user, package): return {'success': False} return fb(context, data_dict)
def resource_view_delete(fb, context, data_dict): user = context['auth_user_obj'] resource_view = get_resource_view_object(context, data_dict) resource = get_resource_object(context, {'id': resource_view.resource_id}) if user_owns_package_as_member(user, resource.resource_group.package): return {'success': True} elif user_is_member_of_package_org(user, resource.resource_group.package): return {'success': False} return fb(context, data_dict)
def resource_create(context, data_dict): user = context['auth_user_obj'] package = get_package_object(context, data_dict) if user_owns_package_as_member(user, package): return {'success': True} elif user_is_member_of_package_org(user, package): return {'success': False} fallback = get_default_auth('create', 'resource_create') return fallback(context, data_dict)
def resource_update(fb, context, data_dict): user = context['auth_user_obj'] resource = get_resource_object(context, data_dict) package = resource.resource_group.package if user_owns_package_as_member(user, package): return {'success': True} elif user_is_member_of_package_org(user, package): return {'success': False} return fb(context, data_dict)
def resource_view_update(context, data_dict): user = context['auth_user_obj'] resource_view = get_resource_view_object(context, data_dict) resource = get_resource_object(context, {'id': resource_view.resource_id}) if user_owns_package_as_member(user, resource.resource_group.package): return {'success': True} elif user_is_member_of_package_org(user, resource.resource_group.package): return {'success': False} fallback = get_default_auth('update', 'resource_view_update') return fallback(context, data_dict)
def resource_view_update(context, data_dict): user = context['auth_user_obj'] resource_view = get_resource_view_object(context, data_dict) resource = get_resource_object(context, {'id': resource_view.resource_id}) if user_owns_package_as_member(user, resource.package): return {'success': True} elif user_is_member_of_package_org(user, resource.package): return {'success': False} fallback = get_default_auth('update', 'resource_view_update') return fallback(context, data_dict)
def package_update(next_auth, context, data_dict): ''' :param next_auth: :param context: :param data_dict: ''' user = context['auth_user_obj'] package = get_package_object(context, data_dict) if user_owns_package_as_member(user, package): return {'success': True} return next_auth(context, data_dict)
def resource_create(context, data_dict): user = context['auth_user_obj'] # ckan.logic.auth._get_object() expects 'id', not 'package_id' as key package_id = data_dict.get('package_id') data_dict.update({'id': package_id}) package = get_package_object(context, data_dict) if user_owns_package_as_member(user, package): return {'success': True} elif user_is_member_of_package_org(user, package): return {'success': False} fallback = get_default_auth('create', 'resource_create') return fallback(context, data_dict)
def resource_view_update(next_auth, context, data_dict): ''' :param next_auth: :param context: :param data_dict: ''' user = context['auth_user_obj'] resource_view = get_resource_view_object(context, data_dict) resource = get_resource_object(context, {'id': resource_view.resource_id}) if user_owns_package_as_member(user, resource.package): return {'success': True} elif user_is_member_of_package_org(user, resource.package): return {'success': False} return next_auth(context, data_dict)
def resource_view_create(context, data_dict): user = context['auth_user_obj'] # data_dict provides 'resource_id', while get_resource_object expects 'id'. This is not consistent with the rest of # the API - so future proof it by catering for both cases in case the API is made consistent (one way or the other) # later. if data_dict and 'resource_id' in data_dict: dc = {'id': data_dict['resource_id'], 'resource_id': data_dict['resource_id']} elif data_dict and 'id' in data_dict: dc = {'id': data_dict['id'], 'resource_id': data_dict['id']} else: dc = data_dict resource = get_resource_object(context, dc) if user_owns_package_as_member(user, resource.resource_group.package): return {'success': True} elif user_is_member_of_package_org(user, resource.resource_group.package): return {'success': False} fallback = get_default_auth('create', 'resource_view_create') return fallback(context, data_dict)
def resource_view_create(context, data_dict): user = context['auth_user_obj'] # data_dict provides 'resource_id', while get_resource_object expects 'id'. This is not consistent with the rest of # the API - so future proof it by catering for both cases in case the API is made consistent (one way or the other) # later. if data_dict and 'resource_id' in data_dict: dc = {'id': data_dict['resource_id'], 'resource_id': data_dict['resource_id']} elif data_dict and 'id' in data_dict: dc = {'id': data_dict['id'], 'resource_id': data_dict['id']} else: dc = data_dict resource = get_resource_object(context, dc) if user_owns_package_as_member(user, resource.package): return {'success': True} elif user_is_member_of_package_org(user, resource.package): return {'success': False} fallback = get_default_auth('create', 'resource_view_create') return fallback(context, data_dict)
def resource_create(next_auth, context, data_dict): ''' :param context: :param data_dict: ''' user = context['auth_user_obj'] package = get_package_object(context, { 'id': data_dict['package_id'] }) if user_owns_package_as_member(user, package): return { 'success': True } elif user_is_member_of_package_org(user, package): return { 'success': False } return next_auth(context, data_dict)
def resource_delete(next_auth, context, data_dict): ''' :param next_auth: :param context: :param data_dict: ''' user = context['auth_user_obj'] resource = get_resource_object(context, data_dict) package = resource.package if user_owns_package_as_member(user, package): return { 'success': True } elif user_is_member_of_package_org(user, package): return { 'success': False } return next_auth(context, data_dict)