def test_remove_all(self): original = invert_permissions_matrix({"alexis": PERMISSIONS_SET}) specified = {"alexis": ["-ALL"]} result = merge_permissions(original, specified) result = invert_permissions_matrix(result) self.assertDictEqual(result, {})
def test_remove_all(self): original = invert_permissions_matrix({ "alexis": PERMISSIONS_SET }) specified = { "alexis": ["-ALL"] } result = merge_permissions(original, specified) result = invert_permissions_matrix(result) self.assertDictEqual(result, {})
def test_add_all(self): original = invert_permissions_matrix( {"alexis": ["create_record", "read_permissions"]}) specified = {"remy": ["ALL"]} result = merge_permissions(original, specified) result = invert_permissions_matrix(result) self.assertDictEqual( result, { "alexis": ["create_record", "read_permissions"], "remy": sorted(PERMISSIONS_SET) })
def test_add_all(self): original = invert_permissions_matrix({ "alexis": ["create_record", "read_permissions"] }) specified = { "remy": ["ALL"] } result = merge_permissions(original, specified) result = invert_permissions_matrix(result) self.assertDictEqual(result, { "alexis": ["create_record", "read_permissions"], "remy": sorted(PERMISSIONS_SET) })
def get_model(request): """Retrieves the full model, definition and records.""" model_id = request.matchdict['model_id'] try: definition = request.db.get_model_definition(model_id) except ModelNotFound: request.errors.add('path', model_id, "model not found") request.errors.status = "404 Not Found" return if "read_all_records" not in request.permissions: records = request.db.get_records_with_authors(model_id) records = [ r["record"] for r in records if set(request.principals).intersection(r["authors"]) ] else: records = request.db.get_records(model_id) permissions = request.db.get_model_permissions(model_id) return { 'definition': definition, 'records': records, 'permissions': invert_permissions_matrix(permissions) }
def test_remove(self): original = invert_permissions_matrix( {"alexis": ["create_record", "read_permissions"]}) specified = {"alexis": ["-read_permissions"]} result = merge_permissions(original, specified) self.assertNotIn('alexis', result['read_permissions']) self.assertIn('alexis', result['create_record'])
def test_remove_not_present(self): original = invert_permissions_matrix( {"alexis": ["create_record", "read_permissions"]}) specified = {"alexis": ["-update_permissions"]} result = merge_permissions(original, specified) self.assertEqual(result['create_record'], ['alexis']) self.assertEqual(result['read_permissions'], ['alexis'])
def put_permissions(request): """Update a model permissions.""" model_id = request.matchdict['model_id'] definition = request.db.get_model_definition(model_id) permissions = merge_permissions({}, request.data_clean) request.db.put_model(definition, permissions, model_id) return invert_permissions_matrix(permissions)
def put_permissions(request): """Update a model permissions.""" model_id = request.matchdict['model_id'] definition = request.db.get_model_definition(model_id) permissions = merge_permissions({}, request.data_clean) request.db.put_model(definition, permissions, model_id) return invert_permissions_matrix(permissions)
def get_permissions(request): """Retrieves a model permissions.""" model_id = request.matchdict['model_id'] try: permissions = request.db.get_model_permissions(model_id) return invert_permissions_matrix(permissions) except ModelNotFound: request.errors.add('path', model_id, "model not found") request.errors.status = "404 Not Found"
def get_permissions(request): """Retrieves a model permissions.""" model_id = request.matchdict['model_id'] try: permissions = request.db.get_model_permissions(model_id) return invert_permissions_matrix(permissions) except ModelNotFound: request.errors.add('path', model_id, "model not found") request.errors.status = "404 Not Found"
def test_put_model_definition_with_permissions(self): model = MODEL_DEFINITION.copy() model['permissions'] = {'Everyone': ['ALL']} self.app.put_json('/models/test', model, headers=self.headers) permissions = self.db.get_model_permissions("test") self.assertEquals(invert_permissions_matrix(permissions), {self.credentials['id']: MODEL_PERMISSIONS, u'system.Everyone': MODEL_PERMISSIONS})
def test_remove_not_present(self): original = invert_permissions_matrix({ "alexis": ["create_record", "read_permissions"] }) specified = { "alexis": ["-update_permissions"] } result = merge_permissions(original, specified) self.assertEqual(result['create_record'], ['alexis']) self.assertEqual(result['read_permissions'], ['alexis'])
def test_remove(self): original = invert_permissions_matrix({ "alexis": ["create_record", "read_permissions"] }) specified = { "alexis": ["-read_permissions"] } result = merge_permissions(original, specified) self.assertNotIn('alexis', result['read_permissions']) self.assertIn('alexis', result['create_record'])
def test_put_model_definition_with_permissions(self): model = MODEL_DEFINITION.copy() model['permissions'] = {'Everyone': ['ALL']} self.app.put_json('/models/test', model, headers=self.headers) permissions = self.db.get_model_permissions("test") self.assertEquals( invert_permissions_matrix(permissions), { self.credentials['id']: MODEL_PERMISSIONS, u'system.Everyone': MODEL_PERMISSIONS })
def test_post_model_definition_with_permissions(self): model = MODEL_DEFINITION.copy() model['permissions'] = {"Everyone": ["ALL"]} resp = self.app.post_json('/models', model, headers=self.headers) model_id = resp.json['id'] definition = self.db.get_model_definition(model_id) self.assertEquals(definition, MODEL_DEFINITION['definition']) permissions = self.db.get_model_permissions(model_id) self.assertEquals(invert_permissions_matrix(permissions), {self.credentials['id']: MODEL_PERMISSIONS, u'system.Everyone': MODEL_PERMISSIONS})
def test_post_model_definition_with_permissions(self): model = MODEL_DEFINITION.copy() model['permissions'] = {"Everyone": ["ALL"]} resp = self.app.post_json('/models', model, headers=self.headers) model_id = resp.json['id'] definition = self.db.get_model_definition(model_id) self.assertEquals(definition, MODEL_DEFINITION['definition']) permissions = self.db.get_model_permissions(model_id) self.assertEquals( invert_permissions_matrix(permissions), { self.credentials['id']: MODEL_PERMISSIONS, u'system.Everyone': MODEL_PERMISSIONS })
def delete_model(request): """Deletes a model and its records.""" model_id = request.matchdict['model_id'] try: model = request.db.delete_model(model_id) except ModelNotFound: request.errors.status = "404 Not Found" request.errors.add('path', model_id, "model not found") return request.notify('ModelDeleted', model_id) model["permissions"] = invert_permissions_matrix(model["permissions"]) return model
def delete_model(request): """Deletes a model and its records.""" model_id = request.matchdict['model_id'] try: model = request.db.delete_model(model_id) except ModelNotFound: request.errors.status = "404 Not Found" request.errors.add('path', model_id, "model not found") return request.notify('ModelDeleted', model_id) model["permissions"] = invert_permissions_matrix(model["permissions"]) return model
def test_invert_permissions_matrix(self): model_permissions = { 'read_permissions': ['admin', 'alexis'], 'update_definition': ['admin'], 'read_all_records': ['admin', 'remy'], 'update_my_record': ['admin'], } credentials_ids_permissions = { 'admin': ['read_all_records', 'read_permissions', 'update_definition', 'update_my_record'], 'alexis': ['read_permissions'], 'remy': ['read_all_records'] } self.assertDictEqual(invert_permissions_matrix(model_permissions), credentials_ids_permissions)
def test_invert_permissions_matrix(self): model_permissions = { 'read_permissions': ['admin', 'alexis'], 'update_definition': ['admin'], 'read_all_records': ['admin', 'remy'], 'update_my_record': ['admin'], } credentials_ids_permissions = { 'admin': [ 'read_all_records', 'read_permissions', 'update_definition', 'update_my_record' ], 'alexis': ['read_permissions'], 'remy': ['read_all_records'] } self.assertDictEqual(invert_permissions_matrix(model_permissions), credentials_ids_permissions)
def put_definition(request): """Create or update a model definition.""" model_id = request.matchdict['model_id'] try: permissions = request.db.get_model_permissions(model_id) permissions = invert_permissions_matrix(permissions) except ModelNotFound: permissions = {} model = { 'permissions': permissions, 'definition': request.data_clean, 'records': [] # Won't erase existing records } request.data_clean = model handle_put_model(request, create=(not permissions)) return model['definition']
def get_model(request): """Retrieves the full model, definition and records.""" model_id = request.matchdict["model_id"] try: definition = request.db.get_model_definition(model_id) except ModelNotFound: request.errors.add("path", model_id, "model not found") request.errors.status = "404 Not Found" return if "read_all_records" not in request.permissions: records = request.db.get_records_with_authors(model_id) records = [r["record"] for r in records if set(request.principals).intersection(r["authors"])] else: records = request.db.get_records(model_id) permissions = request.db.get_model_permissions(model_id) return {"definition": definition, "records": records, "permissions": invert_permissions_matrix(permissions)}
def put_definition(request): """Create or update a model definition.""" model_id = request.matchdict["model_id"] try: permissions = request.db.get_model_permissions(model_id) permissions = invert_permissions_matrix(permissions) except ModelNotFound: permissions = {} model = { "permissions": permissions, "definition": request.data_clean, "records": [], # Won't erase existing records } request.data_clean = model handle_put_model(request, create=(not permissions)) return model["definition"]