def doTestFor(self, dirDict, requestingUser): # changing acl should work on 'all' but not on 'write' dirDict['all'].setPermissionsAssertAllowed(requestingUser, self.alice, Actions.READ) self.assert_(dirDict['all'].isAllowed(self.alice, Action.READ)) def changeAclWrite(): dirDict['write'].setPermissionsAssertAllowed(requestingUser, self.alice, Actions.READ) self.assertRaises(PermissionDenied, changeAclWrite) # inserting an object should work on 'write' but not on 'read' m = Member(name='writeGood') m.saveAssertAllowed(requestingUser, checkFolders=[dirDict['write']]) m.folders = [dirDict['write']] m.save() self.assert_(Member.objects.filter(name='writeGood', folders=dirDict['write']).exists()) def insertObjectRead(): m = Member(name='writeBad') m.saveAssertAllowed(requestingUser, checkFolders=[dirDict['read']]) m.folders = [dirDict['read']] m.save() self.assertRaises(PermissionDenied, insertObjectRead) # reading an object should work on 'read' but not on 'none' self.assert_(Member.allowed(requestingUser).filter(folders=dirDict['read']).exists()) self.assertFalse(Member.allowed(requestingUser).filter(folders=dirDict['none']).exists())
def test_insertObject(self): # admin, alice and bob have write privileges m = Member(name='byAdmin') m.saveAssertAllowed(self.admin, checkFolders=[self.f1]) m.folders = [self.f1] m.save() self.assert_(Member.objects.filter(name='byAdmin', folders=self.f1).exists()) m = Member(name='byAlice') m.saveAssertAllowed(self.alice, checkFolders=[self.f1]) m.folders = [self.f1] m.save() self.assert_(Member.objects.filter(name='byAlice', folders=self.f1).exists()) m = Member(name='byBob') m.saveAssertAllowed(self.bob, checkFolders=[self.f1]) m.folders = [self.f1] m.save() self.assert_(Member.objects.filter(name='byBob', folders=self.f1).exists()) # clara only has read privileges, denied def byClara(): m = Member(name='byClara') m.saveAssertAllowed(self.clara, checkFolders=[self.f1]) m.folders = [self.f1] m.save() self.assertRaises(PermissionDenied, byClara)
def insertObjectRead(): m = Member(name='writeBad') m.saveAssertAllowed(requestingUser, checkFolders=[dirDict['read']]) m.folders = [dirDict['read']] m.save()
def byClara(): m = Member(name='byClara') m.saveAssertAllowed(self.clara, checkFolders=[self.f1]) m.folders = [self.f1] m.save()