def test_resources_with_perm_type_other_found(self, db_session):
created_user = add_user(db_session)
resource = add_resource(db_session, 1, 'test_resource')
resource2 = add_resource_b(db_session, 2, 'test_resource')
resource3 = add_resource(db_session, 3, 'test_resource')
resource4 = add_resource_b(db_session, 4, 'test_resource')
db_session.flush()
permission = UserResourcePermission(perm_name='test_perm',
user_id=created_user.id,
resource_id=resource.resource_id)
resource.user_permissions.append(permission)
permission2 = UserResourcePermission(perm_name='test_perm',
user_id=created_user.id,
resource_id=resource2.resource_id)
resource2.user_permissions.append(permission2)
permission3 = UserResourcePermission(perm_name='test_perm',
user_id=created_user.id,
resource_id=resource3.resource_id)
resource3.user_permissions.append(permission3)
permission4 = UserResourcePermission(perm_name='test_perm',
user_id=created_user.id,
resource_id=resource4.resource_id)
resource4.user_permissions.append(permission4)
db_session.flush()
resources = created_user.resources_with_perms(
['test_perm'],
resource_types=['test_resource_b'],
db_session=db_session).all()
assert len(resources) == 2
def test_resources_ids_with_perm(self, db_session):
created_user = add_user(db_session)
resource1 = add_resource(db_session, 1, "test_resource1")
resource2 = add_resource(db_session, 2, "test_resource2")
resource3 = add_resource(db_session, 3, "test_resource3")
permission1 = UserResourcePermission(
perm_name="test_perm",
user_id=created_user.id,
resource_id=resource1.resource_id,
)
permission2 = UserResourcePermission(
perm_name="test_perm",
user_id=created_user.id,
resource_id=resource2.resource_id,
)
permission3 = UserResourcePermission(
perm_name="test_perm",
user_id=created_user.id,
resource_id=resource3.resource_id,
)
resource1.user_permissions.append(permission1)
resource2.user_permissions.append(permission2)
resource3.user_permissions.append(permission3)
db_session.flush()
resources = UserService.resources_with_perms(
created_user, ["test_perm"],
resource_ids=[1, 3],
db_session=db_session).all()
assert resources == [resource1, resource3]
def test_multiple_resources_with_perm(self, db_session):
created_user = add_user(db_session)
resource = add_resource(db_session, 1, 'test_resource')
permission = UserResourcePermission(perm_name='test_perm',
user_id=created_user.id,
resource_id=resource.resource_id)
resource.user_permissions.append(permission)
resource2 = add_resource(db_session, 2, 'test_resource2')
permission2 = UserResourcePermission(perm_name='test_perm',
user_id=created_user.id,
resource_id=resource2.resource_id)
resource2.user_permissions.append(permission2)
resources = created_user.resources_with_perms(
['test_perm'], db_session=db_session).all()
assert resources == [resource, resource2]
def test_resource_users_limited_group_ownage(self, db_session):
self.maxDiff = 9999
self.set_up_user_group_and_perms(db_session)
resource = TestResourceB(resource_id=99,
resource_name='other',
owner_user_id=self.user2.id)
group3 = add_group(db_session, 'group 3')
user2_permission = UserResourcePermission(
perm_name='foo_perm',
user_id=self.user2.id,
)
group3_permission = GroupResourcePermission(perm_name='group_perm',
group_id=group3.id)
resource.group_permissions.append(group3_permission)
resource.user_permissions.append(user2_permission)
group3.users.append(self.user3)
self.user.resources.append(resource)
self.group2.resources.append(resource)
db_session.flush()
perms = resource.users_for_perm('__any_permission__',
db_session=db_session)
second = [
PermissionTuple(self.user2, 'foo_perm', 'user', None, resource,
False, True),
PermissionTuple(self.user, ALL_PERMISSIONS, 'user', None, resource,
True, True),
PermissionTuple(self.user4, ALL_PERMISSIONS, 'group', self.group2,
resource, True, True),
PermissionTuple(self.user3, 'group_perm', 'group', group3,
resource, False, True)
]
check_one_in_other(perms, second)
def test_resource_users_limited_group_ownage(self, db_session):
self.maxDiff = 9999
self.set_up_user_group_and_perms(db_session)
resource = ResourceTestobjB(resource_id=99,
resource_name="other",
owner_user_id=self.user2.id)
group3 = add_group(db_session, "group 3")
user2_permission = UserResourcePermission(perm_name="foo_perm",
user_id=self.user2.id)
group3_permission = GroupResourcePermission(perm_name="group_perm",
group_id=group3.id)
resource.group_permissions.append(group3_permission)
resource.user_permissions.append(user2_permission)
group3.users.append(self.user3)
self.user.resources.append(resource)
self.group2.resources.append(resource)
db_session.flush()
perms = ResourceService.users_for_perm(resource,
"__any_permission__",
db_session=db_session)
second = [
PermissionTuple(self.user2, "foo_perm", "user", None, resource,
False, True),
PermissionTuple(self.user, ALL_PERMISSIONS, "user", None, resource,
True, True),
PermissionTuple(self.user4, ALL_PERMISSIONS, "group", self.group2,
resource, True, True),
PermissionTuple(self.user3, "group_perm", "group", group3,
resource, False, True),
]
check_one_in_other(perms, second)
def test_resources_with_wrong_perm(self, db_session):
created_user = add_user(db_session)
resource = add_resource(db_session, 1, 'test_resource')
permission = UserResourcePermission(perm_name='test_perm_bad',
user_id=created_user.id,
resource_id=resource.resource_id)
with pytest.raises(AssertionError):
resource.user_permissions.append(permission)
def test_multiple_resources_with_perm(self, db_session):
created_user = add_user(db_session)
resource = add_resource(db_session, 1, "test_resource")
permission = UserResourcePermission(
perm_name="test_perm",
user_id=created_user.id,
resource_id=resource.resource_id,
)
resource.user_permissions.append(permission)
resource2 = add_resource(db_session, 2, "test_resource2")
permission2 = UserResourcePermission(
perm_name="test_perm",
user_id=created_user.id,
resource_id=resource2.resource_id,
)
resource2.user_permissions.append(permission2)
resources = UserService.resources_with_perms(
created_user, ["test_perm"], db_session=db_session).all()
assert resources == [resource, resource2]
def test_resources_with_perm(self, db_session):
created_user = add_user(db_session)
resource = add_resource(db_session, 1, 'test_resource')
permission = UserResourcePermission(perm_name='test_perm',
user_id=created_user.id,
resource_id=resource.resource_id)
resource.user_permissions.append(permission)
db_session.flush()
resources = created_user.resources_with_perms(
['test_perm'], db_session=db_session).all()
assert resources[0] == resource
def test_resources_with_perm(self, db_session):
created_user = add_user(db_session)
resource = add_resource(db_session, 1, "test_resource")
permission = UserResourcePermission(
perm_name="test_perm",
user_id=created_user.id,
resource_id=resource.resource_id,
)
resource.user_permissions.append(permission)
db_session.flush()
resources = UserService.resources_with_perms(
created_user, ["test_perm"], db_session=db_session).all()
assert resources[0] == resource
def test_resources_with_perm_type_other_found(self, db_session):
created_user = add_user(db_session)
resource = add_resource(db_session, 1, "test_resource")
resource2 = add_resource_b(db_session, 2, "test_resource")
resource3 = add_resource(db_session, 3, "test_resource")
resource4 = add_resource_b(db_session, 4, "test_resource")
db_session.flush()
permission = UserResourcePermission(
perm_name="test_perm",
user_id=created_user.id,
resource_id=resource.resource_id,
)
resource.user_permissions.append(permission)
permission2 = UserResourcePermission(
perm_name="test_perm",
user_id=created_user.id,
resource_id=resource2.resource_id,
)
resource2.user_permissions.append(permission2)
permission3 = UserResourcePermission(
perm_name="test_perm",
user_id=created_user.id,
resource_id=resource3.resource_id,
)
resource3.user_permissions.append(permission3)
permission4 = UserResourcePermission(
perm_name="test_perm",
user_id=created_user.id,
resource_id=resource4.resource_id,
)
resource4.user_permissions.append(permission4)
db_session.flush()
resources = UserService.resources_with_perms(
created_user,
["test_perm"],
resource_types=["test_resource_b"],
db_session=db_session,
).all()
assert len(resources) == 2
def test_resources_ids_with_perm(self, db_session):
created_user = add_user(db_session)
resource1 = add_resource(db_session, 1, 'test_resource1')
resource2 = add_resource(db_session, 2, 'test_resource2')
resource3 = add_resource(db_session, 3, 'test_resource3')
permission1 = UserResourcePermission(perm_name='test_perm',
user_id=created_user.id,
resource_id=resource1.resource_id)
permission2 = UserResourcePermission(perm_name='test_perm',
user_id=created_user.id,
resource_id=resource2.resource_id)
permission3 = UserResourcePermission(perm_name='test_perm',
user_id=created_user.id,
resource_id=resource3.resource_id)
resource1.user_permissions.append(permission1)
resource2.user_permissions.append(permission2)
resource3.user_permissions.append(permission3)
db_session.flush()
resources = created_user.resources_with_perms(
['test_perm'], resource_ids=[1, 3], db_session=db_session).all()
assert resources == [resource1, resource3]
def test_get_resource_permission(self, db_session):
created_user = add_user(db_session)
resource = add_resource(db_session, 1, 'test_resource')
permission = UserResourcePermission(perm_name='test_perm',
user_id=created_user.id,
resource_id=resource.resource_id)
resource.user_permissions.append(permission)
db_session.flush()
perm = UserResourcePermissionService.get(
user_id=created_user.id,
resource_id=resource.resource_id,
perm_name='test_perm',
db_session=db_session)
assert perm.perm_name == 'test_perm'
assert perm.resource_id == resource.resource_id
assert perm.user_id == created_user.id
def test_mixed_perms(self, db_session):
created_user = add_user(db_session)
resource = add_resource(db_session, 1, 'test_resource')
permission = UserResourcePermission(perm_name='test_perm',
user_id=created_user.id,
resource_id=resource.resource_id)
resource.user_permissions.append(permission)
resource2 = add_resource(db_session, 2, 'test_resource')
created_user.resources.append(resource2)
resource3 = add_resource(db_session, 3, 'test_resource')
resource4 = add_resource_b(db_session, 4, 'test_resource')
db_session.flush()
resources = created_user.resources_with_perms(
['test_perm'], db_session=db_session).all()
found_ids = [r.resource_id for r in resources]
assert sorted(found_ids) == [1, 2]
def test_mixed_perms(self, db_session):
created_user = add_user(db_session)
resource = add_resource(db_session, 1, "test_resource")
permission = UserResourcePermission(
perm_name="test_perm",
user_id=created_user.id,
resource_id=resource.resource_id,
)
resource.user_permissions.append(permission)
resource2 = add_resource(db_session, 2, "test_resource")
created_user.resources.append(resource2)
add_resource(db_session, 3, "test_resource")
add_resource_b(db_session, 4, "test_resource")
db_session.flush()
resources = UserService.resources_with_perms(
created_user, ["test_perm"], db_session=db_session).all()
found_ids = [r.resource_id for r in resources]
assert sorted(found_ids) == [1, 2]
def set_up_user_group_and_perms(self, db_session):
"""
perm map:
username:
first_user : root, alter_users
res_perms: r1:g1:foo_perm, r1:g1:test_perm2
foouser:
user_perms : custom
res_perms: r2:foo_perm
baruser:
user_perms : root, alter_users
res_perms: r2:test_perm
bazuser:
user_perms : root, alter_users
res_perms: r1:g2:group_perm
"""
created_user = add_user(db_session, user_name="first_user")
created_user2 = add_user(db_session,
user_name="foouser",
email="new_email",
perms=["custom"])
created_user3 = add_user(db_session,
user_name="baruser",
email="new_email2")
created_user4 = add_user(db_session,
user_name="bazuser",
email="new_email3")
resource = add_resource(db_session, 1, "test_resource")
resource2 = add_resource_b(db_session, 2, "other_resource")
group = add_group(db_session)
group2 = add_group(db_session, group_name="group2")
group.users.append(created_user)
group2.users.append(created_user4)
group_permission = GroupResourcePermission(perm_name="group_perm",
group_id=group.id)
group_permission2 = GroupResourcePermission(perm_name="group_perm",
group_id=group2.id)
user_permission = UserResourcePermission(perm_name="test_perm2",
user_id=created_user.id)
user_permission2 = UserResourcePermission(perm_name="foo_perm",
user_id=created_user.id)
user2_permission = UserResourcePermission(perm_name="foo_perm",
user_id=created_user2.id)
user3_permission = UserResourcePermission(perm_name="test_perm",
user_id=created_user3.id)
resource.group_permissions.append(group_permission)
resource.group_permissions.append(group_permission2)
resource.user_permissions.append(user_permission)
resource.user_permissions.append(user_permission2)
resource2.user_permissions.append(user2_permission)
resource2.user_permissions.append(user3_permission)
db_session.flush()
self.resource = resource
self.resource2 = resource2
self.user = created_user
self.user2 = created_user2
self.user3 = created_user3
self.user4 = created_user4
self.group = group
self.group2 = group2
def set_up_user_group_and_perms(self, db_session):
"""
perm map:
username:
first_user : root, alter_users
res_perms: r1:g1:foo_perm, r1:g1:test_perm2
foouser:
user_perms : custom
res_perms: r2:foo_perm
baruser:
user_perms : root, alter_users
res_perms: r2:test_perm
bazuser:
user_perms : root, alter_users
res_perms: r1:g2:group_perm
"""
created_user = add_user(db_session, user_name="first_user")
created_user2 = add_user(db_session,
user_name='foouser',
email='new_email',
perms=['custom'])
created_user3 = add_user(db_session,
user_name='baruser',
email='new_email2')
created_user4 = add_user(db_session,
user_name='bazuser',
email='new_email3')
resource = add_resource(db_session, 1, 'test_resource')
resource2 = add_resource_b(db_session, 2, 'other_resource')
group = add_group(db_session, )
group2 = add_group(db_session, group_name='group2')
group.users.append(created_user)
group2.users.append(created_user4)
group_permission = GroupResourcePermission(
perm_name='group_perm',
group_id=group.id,
)
group_permission2 = GroupResourcePermission(
perm_name='group_perm',
group_id=group2.id,
)
user_permission = UserResourcePermission(
perm_name='test_perm2',
user_id=created_user.id,
)
user_permission2 = UserResourcePermission(
perm_name='foo_perm',
user_id=created_user.id,
)
user2_permission = UserResourcePermission(
perm_name='foo_perm',
user_id=created_user2.id,
)
user3_permission = UserResourcePermission(
perm_name='test_perm',
user_id=created_user3.id,
)
resource.group_permissions.append(group_permission)
resource.group_permissions.append(group_permission2)
resource.user_permissions.append(user_permission)
resource.user_permissions.append(user_permission2)
resource2.user_permissions.append(user2_permission)
resource2.user_permissions.append(user3_permission)
db_session.flush()
self.resource = resource
self.resource2 = resource2
self.user = created_user
self.user2 = created_user2
self.user3 = created_user3
self.user4 = created_user4
self.group = group
self.group2 = group2
