コード例 #1
0
ファイル: _test_authorization.py プロジェクト: stpierre/pulp
 def test_role_permission_delete(self):
     u = self._create_user()
     r = self._create_role()
     s = self._create_resource()
     o = authorization.READ
     n = authorization.operation_to_name(o)
     authorization.add_user_to_role(r['name'], u['login'])
     authorization.grant_permission_to_role(s, r['name'], [n])
     self.assertTrue(authorization.is_authorized(s, u, o))
     authorization.delete_role(r['name'])
     self.assertFalse(authorization.is_authorized(s, u, o))
コード例 #2
0
ファイル: _test_authorization.py プロジェクト: stpierre/pulp
 def test_role_execute(self):
     u1 = self._create_user()
     u2 = self._create_user()
     r = self._create_role()
     s = self._create_resource()
     o = authorization.EXECUTE
     n = authorization.operation_to_name(o)
     authorization.add_user_to_role(r['name'], u1['login'])
     authorization.grant_permission_to_role(s, r['name'], [n])
     self.assertTrue(authorization.is_authorized(s, u1, o))
     self.assertFalse(authorization.is_authorized(s, u2, o))
コード例 #3
0
ファイル: _test_authorization.py プロジェクト: stpierre/pulp
 def test_non_unique_permission_remove(self):
     u = self._create_user()
     r1 = self._create_role()
     r2 = self._create_role()
     s = self._create_resource()
     o = authorization.READ
     n = authorization.operation_to_name(o)
     authorization.add_user_to_role(r1['name'], u['login'])
     authorization.add_user_to_role(r2['name'], u['login'])
     authorization.grant_permission_to_role(s, r1['name'], [n])
     authorization.grant_permission_to_role(s, r2['name'], [n])
     self.assertTrue(authorization.is_authorized(s, u, o))
     authorization.remove_user_from_role(r1['name'], u['login'])
     self.assertTrue(authorization.is_authorized(s, u, o))
コード例 #4
0
ファイル: _test_authorization.py プロジェクト: stpierre/pulp
 def test_role_order_of_permission_grant(self):
     u1 = self._create_user()
     u2 = self._create_user()
     r1 = self._create_role()
     r2 = self._create_role()
     s = self._create_resource()
     o = authorization.READ
     n = authorization.operation_to_name(o)
     # add first, grant second
     authorization.add_user_to_role(r1['name'], u1['name'])
     authorization.grant_permission_to_role(s, r1['name'], [n])
     self.assertTrue(authorization.is_authorized(s, u1, o))
     # grant first, add second
     authorization.grant_permission_to_role(s, r2['name'], [n])
     authorization.add_user_to_role(r2['name'], u2['name'])
     self.assertTrue(authorization.is_authorized(s, u2, o))