def test_partial_acl_to_multiple(self, partial_count): audit_count = 3 with factories.single_commit(): program = factories.ProgramFactory() for i in range(audit_count): audit = factories.AuditFactory(program=program) factories.RelationshipFactory( source=program if i % 2 == 0 else audit, destination=program if i % 2 == 1 else audit, ) propagated_roles = { "Program Managers", "Program Readers", "Program Editors" } acl_ids = [ acl.id for acl in program._access_control_list if acl.ac_role.name in propagated_roles ] propagate_acl_ids = acl_ids[:partial_count] propagation._handle_acl_step(propagate_acl_ids, self.user_id) self.assertEqual( all_models.AccessControlList.query.filter( all_models.AccessControlList.parent_id.isnot(None)).count(), partial_count * 3 * 2)
def test_single_acl(self, rel_order): """Test propagation for a single relationship with {}. Test propagation of program role to audit through a relationship with both options for source and destination. """ with factories.single_commit(): person = factories.PersonFactory() audit = factories.AuditFactory() rel_data = { rel_order[0]: audit, rel_order[1]: audit.program, } factories.RelationshipFactory(**rel_data) audit.program.add_person_with_role( person, self.roles["Program"]["Program Editors"], ) acl_entries = [acl.id for acl in audit.program._access_control_list] self.assertEqual(all_models.AccessControlList.query.count(), 7) propagation._handle_acl_step(acl_entries, self.user_id) db.session.commit() self.assertEqual(all_models.AccessControlList.query.count(), 13)
def test_single_acl(self, rel_order): """Test propagation for a single relationship with {}. Test propagation of program role to audit through a relationship with both options for source and destination. """ with factories.single_commit(): person = factories.PersonFactory() audit = factories.AuditFactory() rel_data = { rel_order[0]: audit, rel_order[1]: audit.program, } factories.RelationshipFactory(**rel_data) audit.program.add_person_with_role( person, self.roles["Program"]["Program Editors"], ) acl_entries = [acl.id for acl in audit.program._access_control_list] self.assertEqual(all_models.AccessControlList.query.count(), 7) propagation._handle_acl_step(acl_entries, self.user_id) db.session.commit() self.assertEqual(all_models.AccessControlList.query.count(), 13)
def test_multi_acl_to_multiple(self): """Test multiple ACL propagation to multiple children.""" audit_count = 3 with factories.single_commit(): program = factories.ProgramFactory() for i in range(audit_count): audit = factories.AuditFactory(program=program) factories.RelationshipFactory( source=program if i % 2 == 0 else audit, destination=program if i % 2 == 1 else audit, ) acl_ids = [acl.id for acl in program._access_control_list] self.assertEqual( all_models.AccessControlList.query.count(), 11 # 5 program roles, 6 audit roles ) propagation._handle_acl_step(acl_ids, self.user_id) self.assertEqual( all_models.AccessControlList.query.count(), 11 + 3 * 3 * 2 # 11 previous roles # 3 audits # 3 program propagated roles # 2 propagations per audit (audit + relationship) )
def test_partial_acl_to_multiple(self, partial_count): audit_count = 3 with factories.single_commit(): program = factories.ProgramFactory() for i in range(audit_count): audit = factories.AuditFactory(program=program) factories.RelationshipFactory( source=program if i % 2 == 0 else audit, destination=program if i % 2 == 1 else audit, ) propagated_roles = { "Program Managers", "Program Readers", "Program Editors" } acl_ids = [acl.id for acl in program._access_control_list if acl.ac_role.name in propagated_roles] propagate_acl_ids = acl_ids[:partial_count] propagation._handle_acl_step(propagate_acl_ids, self.user_id) self.assertEqual( all_models.AccessControlList.query.filter( all_models.AccessControlList.parent_id.isnot(None) ).count(), partial_count * 3 * 2 )
def test_multi_acl_to_multiple(self): """Test multiple ACL propagation to multiple children.""" audit_count = 3 with factories.single_commit(): program = factories.ProgramFactory() for i in range(audit_count): audit = factories.AuditFactory(program=program) factories.RelationshipFactory( source=program if i % 2 == 0 else audit, destination=program if i % 2 == 1 else audit, ) acl_ids = [acl.id for acl in program._access_control_list] self.assertEqual( all_models.AccessControlList.query.count(), 11 # 5 program roles, 6 audit roles ) propagation._handle_acl_step(acl_ids, self.user_id) self.assertEqual( all_models.AccessControlList.query.count(), 11 + 3 * 3 * 2 # 11 previous roles # 3 audits # 3 program propagated roles # 2 propagations per audit (audit + relationship) )
def test_single_acl_to_multiple(self, count): """Test propagation of single ACL entry to multiple children.""" with factories.single_commit(): person = factories.PersonFactory() program = factories.ProgramFactory() for i in range(count): audit = factories.AuditFactory(program=program) factories.RelationshipFactory( source=program if i % 2 == 0 else audit, destination=program if i % 2 == 1 else audit, ) acl_entry = factories.AccessControlListFactory( ac_role=self.roles["Program"]["Program Editors"], object=program, person=person, ) self.assertEqual(all_models.AccessControlList.query.count(), 1) child_ids = propagation._handle_acl_step([acl_entry.id]) self.assertEqual( all_models.AccessControlList.query.count(), # 1 original ACL entry, 2*count for objects+relationships 1 + count * 2 ) self.assertEqual( db.session.execute(child_ids.alias("counts").count()).scalar(), count, )
def test_single_acl_to_multiple(self, count): """Test propagation of single ACL entry to multiple children.""" with factories.single_commit(): person = factories.PersonFactory() program = factories.ProgramFactory() for i in range(count): audit = factories.AuditFactory(program=program) factories.RelationshipFactory( source=program if i % 2 == 0 else audit, destination=program if i % 2 == 1 else audit, ) acl_entry = factories.AccessControlListFactory( ac_role=self.roles["Program"]["Program Editors"], object=program, person=person, ) self.assertEqual(all_models.AccessControlList.query.count(), 1) child_ids = propagation._handle_acl_step([acl_entry.id]) self.assertEqual( all_models.AccessControlList.query.count(), # 1 original ACL entry, 2*count for objects+relationships 1 + count * 2) self.assertEqual( db.session.execute(child_ids.alias("counts").count()).scalar(), count, )
def test_partial_acl_to_multiple(self, partial_count): """Test propagating only a few acl entries to multiple objects.""" audit_count = 3 people_count = 4 program_roles = ["Program Editors", "Program Readers"] with factories.single_commit(): people = [factories.PersonFactory() for _ in range(people_count)] program = factories.ProgramFactory() for i in range(audit_count): audit = factories.AuditFactory(program=program) factories.RelationshipFactory( source=program if i % 2 == 0 else audit, destination=program if i % 2 == 1 else audit, ) acl_ids = [] for person in people: for role_name in program_roles: acl_ids.append( factories.AccessControlListFactory( ac_role=self.roles["Program"][role_name], object=program, person=person, ).id, ) self.assertEqual(all_models.AccessControlList.query.count(), people_count * len(program_roles)) propagate_acl_ids = acl_ids[:partial_count] child_ids = propagation._handle_acl_step(propagate_acl_ids) self.assertEqual( all_models.AccessControlList.query.count(), len(acl_ids) + len(propagate_acl_ids) * audit_count * 2) self.assertEqual( db.session.execute(child_ids.alias("counts").count()).scalar(), audit_count * len(propagate_acl_ids))
def test_single_acl_to_multiple(self, count): """Test propagation of single ACL entry to multiple children.""" with factories.single_commit(): program = factories.ProgramFactory() for i in range(count): audit = factories.AuditFactory(program=program) factories.RelationshipFactory( source=program if i % 2 == 0 else audit, destination=program if i % 2 == 1 else audit, ) acl_id = program.acr_name_acl_map["Program Editors"].id child_ids = propagation._handle_acl_step([acl_id], self.user_id) self.assertEqual( all_models.AccessControlList.query.filter( all_models.AccessControlList.parent_id.isnot(None) ).count(), count * 2 ) self.assertEqual( db.session.execute(child_ids.alias("counts").count()).scalar(), count, )
def test_single_acl_to_multiple(self, count): """Test propagation of single ACL entry to multiple children.""" with factories.single_commit(): program = factories.ProgramFactory() for i in range(count): audit = factories.AuditFactory(program=program) factories.RelationshipFactory( source=program if i % 2 == 0 else audit, destination=program if i % 2 == 1 else audit, ) acl_id = program.acr_name_acl_map["Program Editors"].id child_ids = propagation._handle_acl_step([acl_id], self.user_id) self.assertEqual( all_models.AccessControlList.query.filter( all_models.AccessControlList.parent_id.isnot(None) ).count(), count * 2 ) self.assertEqual( db.session.execute(child_ids.alias("counts").count()).scalar(), count, )
def test_single_acl(self, rel_order): """Test propagation for a single relationship with {}. Test propagation of program role to audit through a relationship with both options for source and destination. """ with factories.single_commit(): person = factories.PersonFactory() audit = factories.AuditFactory() rel_data = { rel_order[0]: audit, rel_order[1]: audit.program, } factories.RelationshipFactory(**rel_data) acl_entry = factories.AccessControlListFactory( ac_role=self.roles["Program"]["Program Editors"], object=audit.program, person=person, ) self.assertEqual(all_models.AccessControlList.query.count(), 1) propagation._handle_acl_step([acl_entry.id]) db.session.commit() self.assertEqual(all_models.AccessControlList.query.count(), 3)
def test_single_acl(self, rel_order): """Test propagation for a single relationship with {}. Test propagation of program role to audit through a relationship with both options for source and destination. """ with factories.single_commit(): person = factories.PersonFactory() audit = factories.AuditFactory() rel_data = { rel_order[0]: audit, rel_order[1]: audit.program, } factories.RelationshipFactory(**rel_data) acl_entry = factories.AccessControlListFactory( ac_role=self.roles["Program"]["Program Editors"], object=audit.program, person=person, ) self.assertEqual(all_models.AccessControlList.query.count(), 1) propagation._handle_acl_step([acl_entry.id]) db.session.commit() self.assertEqual(all_models.AccessControlList.query.count(), 3)
def test_partial_acl_to_multiple(self, partial_count): """Test propagating only a few acl entries to multiple objects.""" audit_count = 3 people_count = 4 program_roles = ["Program Editors", "Program Readers"] with factories.single_commit(): people = [factories.PersonFactory() for _ in range(people_count)] program = factories.ProgramFactory() for i in range(audit_count): audit = factories.AuditFactory(program=program) factories.RelationshipFactory( source=program if i % 2 == 0 else audit, destination=program if i % 2 == 1 else audit, ) acl_ids = [] for person in people: for role_name in program_roles: acl_ids.append( factories.AccessControlListFactory( ac_role=self.roles["Program"][role_name], object=program, person=person, ).id, ) self.assertEqual( all_models.AccessControlList.query.count(), people_count * len(program_roles) ) propagate_acl_ids = acl_ids[:partial_count] child_ids = propagation._handle_acl_step(propagate_acl_ids) self.assertEqual( all_models.AccessControlList.query.count(), len(acl_ids) + len(propagate_acl_ids) * audit_count * 2 ) self.assertEqual( db.session.execute(child_ids.alias("counts").count()).scalar(), audit_count * len(propagate_acl_ids) )