def test_evaluate_statements_false_any_deny(self,): policy = AccessPolicy() user = User.objects.create(username="******") statements = [ {"principal": "*", "action": "*", "effect": "deny"}, {"principal": "*", "action": "*", "effect": "allow"}, ] result = policy._evaluate_statements([], FakeRequest(user), None, "create") self.assertFalse(result)
def test_evaluate_statements_true_if_any_allow_and_none_deny(self,): policy = AccessPolicy() user = User.objects.create(username="******") statements = [ {"principal": "*", "action": "create", "effect": "allow"}, {"principal": "*", "action": "take_out_the_trash", "effect": "allow"}, ] result = policy._evaluate_statements( statements, FakeRequest(user), None, "create" ) self.assertTrue(result)