def wrapped(*args, **kwargs): # pylint: disable=missing-docstring
user = getattr(request.authorization, "username", None)
target = getattr(g, "username", None)
checker = PermissionsChecker()
# pylint: disable=undefined-variable
checker.check_permission(
PERMISSIONS.get(permission.get("permission")), user, target, getattr(g, "tournament_id", None)
)
return func(*args, **kwargs)
def test_superuser(self):
"""check if a user is an organiser"""
self.assertFalse(Account.query.\
filter_by(username=self.acc_1).first().is_superuser)
checker = PermissionsChecker()
Account.query.filter_by(username=self.acc_1).first().is_superuser = True
self.injector.inject(self.tourn_1)
self.assertTrue(checker.check_permission(
'enter_score',
self.acc_1,
None,
self.tourn_1))
def all_tournaments_with_permission(action, username):
"""Find all tournaments where user has action. Returns list"""
all_tournaments = TournamentDAO.query.\
filter(TournamentDAO.date >= date.today()).\
order_by(TournamentDAO.date.asc()).all()
checker = PermissionsChecker()
modifiable_tournaments = []
for tourn in all_tournaments:
try:
if checker.check_permission(action, username, None, tourn.name):
modifiable_tournaments.append(tourn.name)
except PermissionDeniedException:
pass
return modifiable_tournaments
def test_is_organiser(self):
"""check if a user is an organiser"""
checker = PermissionsChecker()
self.injector.inject(self.tourn_1)
creator = '{}_creator'.format(self.tourn_1)
options = [None, 'ranking_test', 'not_a_tournament', '', 'lisa', \
'not_a_person', 'superman', 'permission_test', self.tourn_1, \
creator]
self.assertTrue(checker.is_organiser(creator, self.tourn_1))
for user in options:
for tourn in options:
if user == creator and tourn == self.tourn_1:
self.assertTrue(checker.is_organiser(user, tourn))
else:
self.assertFalse(checker.is_organiser(user, tourn))
def test_remove_permissions(self):
"""Test that users can have their permissions removed"""
checker = PermissionsChecker()
self.injector.inject(self.tourn_1)
player = '{}_player_1'.format(self.tourn_1)
tourn_prot_obj = Tournament(self.tourn_1).get_dao().protected_object
checker.add_permission(player, 'modify_application', tourn_prot_obj)
prot_objs = ProtectedObject.query.count()
prot_obj_actions = ProtObjAction.query.count()
prot_obj_perms = ProtObjPerm.query.count()
acc_perms = AccountProtectedObjectPerm.query.count()
checker.remove_permission(player, 'modify_application', tourn_prot_obj)
compare(prot_objs, ProtectedObject.query.count())
compare(prot_obj_actions, ProtObjAction.query.count())
compare(prot_obj_perms, ProtObjPerm.query.count())
# the one account should now have lost it's permissions
compare(acc_perms - 1, AccountProtectedObjectPerm.query.count())
def test_check_permissions(self):
"""Test the entrypoint method"""
checker = PermissionsChecker()
self.injector.inject(self.tourn_1, num_players=2)
t_player_1 = '{}_player_1'.format(self.tourn_1)
# player for themselves
self.assertTrue(checker.check_permission(
'enter_score',
t_player_1,
t_player_1,
self.tourn_1))
# player for random user
self.assertRaises(PermissionDeniedException,
checker.check_permission,
'enter_score',
t_player_1,
self.acc_1,
self.tourn_1)
# player who is not superuser
self.assertRaises(PermissionDeniedException,
checker.check_permission,
'enter_score',
t_player_1,
None,
self.tourn_1)
# random user
self.assertRaises(PermissionDeniedException,
checker.check_permission,
'enter_score',
self.acc_1,
None,
self.tourn_1)
