コード例 #1
0
    def test_resource_groups_for_any_perm_just_group_perms_limited_empty_group(
            self, db_session):
        self.maxDiff = 99999
        self.set_up_user_group_and_perms(db_session)
        user6 = add_user(db_session, 6, "user 6")
        user7 = add_user(db_session, 7, "user 7")
        perm2 = GroupResourcePermission(perm_name="group_perm2",
                                        resource_id=self.resource.resource_id)
        self.group.resource_permissions.append(perm2)
        self.group.users.append(user6)
        self.group.users.append(user7)

        group3 = add_group(db_session, "Empty group")
        perm3 = GroupResourcePermission(perm_name="group_permx",
                                        resource_id=self.resource.resource_id)
        group3.resource_permissions.append(perm3)
        perms = ResourceService.groups_for_perm(
            self.resource,
            "__any_permission__",
            limit_group_permissions=True,
            db_session=db_session,
        )

        second = [
            PermissionTuple(None, "group_perm", "group", self.group,
                            self.resource, False, True),
            PermissionTuple(None, "group_perm2", "group", self.group,
                            self.resource, False, True),
            PermissionTuple(None, "group_perm", "group", self.group2,
                            self.resource, False, True),
            PermissionTuple(None, "group_permx", "group", group3,
                            self.resource, False, True),
        ]

        check_one_in_other(perms, second)
コード例 #2
0
    def test_resource_groups_for_any_perm_just_group_perms_limited(self, db_session):
        self.maxDiff = 99999
        self.set_up_user_group_and_perms(db_session)
        user6 = add_user(db_session, 6, "user 6")
        user7 = add_user(db_session, 7, "user 7")
        perm2 = GroupResourcePermission(
            perm_name="group_perm2", resource_id=self.resource.resource_id
        )
        self.group.resource_permissions.append(perm2)
        self.group.users.append(user6)
        self.group.users.append(user7)
        perms = ResourceService.groups_for_perm(
            self.resource,
            "__any_permission__",
            limit_group_permissions=True,
            db_session=db_session,
        )
        second = [
            PermissionTuple(
                None, "group_perm", "group", self.group, self.resource, False, True
            ),
            PermissionTuple(
                None, "group_perm2", "group", self.group, self.resource, False, True
            ),
            PermissionTuple(
                None, "group_perm", "group", self.group2, self.resource, False, True
            ),
        ]

        check_one_in_other(perms, second)
コード例 #3
0
    def test_resource_groups_for_any_perm_additional_users(self, db_session):
        self.maxDiff = 99999
        self.set_up_user_group_and_perms(db_session)
        user6 = add_user(db_session, 6, "user 6")
        user7 = add_user(db_session, 7, "user 7")
        perm2 = GroupResourcePermission(perm_name="group_perm2",
                                        resource_id=self.resource.resource_id)
        self.group.resource_permissions.append(perm2)
        self.group.users.append(user6)
        self.group.users.append(user7)
        perms = ResourceService.groups_for_perm(self.resource,
                                                "__any_permission__",
                                                db_session=db_session)
        second = [
            PermissionTuple(self.user, "group_perm", "group", self.group,
                            self.resource, False, True),
            PermissionTuple(user6, "group_perm", "group", self.group,
                            self.resource, False, True),
            PermissionTuple(user7, "group_perm", "group", self.group,
                            self.resource, False, True),
            PermissionTuple(
                self.user,
                "group_perm2",
                "group",
                self.group,
                self.resource,
                False,
                True,
            ),
            PermissionTuple(user6, "group_perm2", "group", self.group,
                            self.resource, False, True),
            PermissionTuple(user7, "group_perm2", "group", self.group,
                            self.resource, False, True),
            PermissionTuple(
                self.user4,
                "group_perm",
                "group",
                self.group2,
                self.resource,
                False,
                True,
            ),
        ]

        check_one_in_other(perms, second)
コード例 #4
0
    def groups_for_perm(self, perm_name, group_ids=None,
                        limit_group_permissions=False,
                        db_session=None):
        """

        .. deprecated:: 0.8

        :param perm_name:
        :param group_ids:
        :param limit_group_permissions:
        :param db_session:
        :return:
        """
        db_session = get_db_session(db_session, self)
        return ResourceService.groups_for_perm(
            self, perm_name=perm_name, group_ids=group_ids,
            limit_group_permissions=limit_group_permissions,
            db_session=db_session)
コード例 #5
0
def group_resource_permission_delete(request):
    """
    Removes group permission from specific resource
    """
    form = forms.ReactorForm(request.POST, csrf_context=request)
    form.validate()
    resource = request.context.resource
    group = GroupService.by_id(request.GET.get("group_id"))
    if not group:
        return False

    for perm_name in request.GET.getall("permissions"):
        permission = GroupResourcePermissionService.by_resource_group_and_perm(
            group.id, perm_name, resource.resource_id
        )
        resource.group_permissions.remove(permission)
    DBSession.flush()
    perm_tuples = ResourceService.groups_for_perm(
        resource, ANY_PERMISSION, limit_group_permissions=True, group_ids=[group.id]
    )
    perms = [p.perm_name for p in perm_tuples if p.type == "group"]
    result = {"group": group.get_dict(), "permissions": list(set(perms))}
    return result
コード例 #6
0
def group_resource_permission_create(request):
    """
    Set new permissions for group for a resource
    """
    resource = request.context.resource
    group = GroupService.by_id(request.unsafe_json_body.get("group_id"))
    if not group:
        return False

    for perm_name in request.unsafe_json_body.get("permissions", []):
        permission = GroupResourcePermissionService.by_resource_group_and_perm(
            group.id, perm_name, resource.resource_id
        )
        if not permission:
            permission = GroupResourcePermission(perm_name=perm_name, group_id=group.id)
            resource.group_permissions.append(permission)
    DBSession.flush()
    perm_tuples = ResourceService.groups_for_perm(
        resource, ANY_PERMISSION, limit_group_permissions=True, group_ids=[group.id]
    )
    perms = [p.perm_name for p in perm_tuples if p.type == "group"]
    result = {"group": group.get_dict(), "permissions": list(set(perms))}
    return result