def wrapped(*args, **kwargs): # pylint: disable=missing-docstring
user = getattr(request.authorization, "username", None)
target = getattr(g, "username", None)
checker = PermissionsChecker()
# pylint: disable=undefined-variable
checker.check_permission(
PERMISSIONS.get(permission.get("permission")), user, target, getattr(g, "tournament_id", None)
)
return func(*args, **kwargs)
def test_superuser(self):
"""check if a user is an organiser"""
self.assertFalse(Account.query.\
filter_by(username=self.acc_1).first().is_superuser)
checker = PermissionsChecker()
Account.query.filter_by(username=self.acc_1).first().is_superuser = True
self.injector.inject(self.tourn_1)
self.assertTrue(checker.check_permission(
'enter_score',
self.acc_1,
None,
self.tourn_1))
def all_tournaments_with_permission(action, username):
"""Find all tournaments where user has action. Returns list"""
all_tournaments = TournamentDAO.query.\
filter(TournamentDAO.date >= date.today()).\
order_by(TournamentDAO.date.asc()).all()
checker = PermissionsChecker()
modifiable_tournaments = []
for tourn in all_tournaments:
try:
if checker.check_permission(action, username, None, tourn.name):
modifiable_tournaments.append(tourn.name)
except PermissionDeniedException:
pass
return modifiable_tournaments
def test_check_permissions(self):
"""Test the entrypoint method"""
checker = PermissionsChecker()
self.injector.inject(self.tourn_1, num_players=2)
t_player_1 = '{}_player_1'.format(self.tourn_1)
# player for themselves
self.assertTrue(checker.check_permission(
'enter_score',
t_player_1,
t_player_1,
self.tourn_1))
# player for random user
self.assertRaises(PermissionDeniedException,
checker.check_permission,
'enter_score',
t_player_1,
self.acc_1,
self.tourn_1)
# player who is not superuser
self.assertRaises(PermissionDeniedException,
checker.check_permission,
'enter_score',
t_player_1,
None,
self.tourn_1)
# random user
self.assertRaises(PermissionDeniedException,
checker.check_permission,
'enter_score',
self.acc_1,
None,
self.tourn_1)
