def __call__(self): """ access_users and access_roles """ return { 'access_users': get_principals_with_access_content(self.content), 'access_roles': get_roles_with_access_content(self.content), 'portal_type': self.content.portal_type }
def __call__(self): """ access_users and access_roles """ return { 'path': get_content_path(self.content), 'depth': get_content_depth(self.content), 'parent_uuid': getattr( getattr(self.content, '__parent__', None), 'uuid', None), 'access_users': get_principals_with_access_content(self.content), 'access_roles': get_roles_with_access_content(self.content), 'type_name': self.content.type_name }
def __call__(self): """ access_users and access_roles """ return { "path": get_content_path(self.content), "depth": get_content_depth(self.content), "parent_uuid": getattr(getattr(self.content, "__parent__", None), "uuid", None), "access_users": get_principals_with_access_content(self.content), "access_roles": get_roles_with_access_content(self.content), "type_name": self.content.type_name, "tid": self.content.__serial__, "modification_date": json_compatible(self.content.modification_date), }
async def test_set_local_guillotina(container_requester): async with container_requester as requester: response, status = await requester( "POST", "/db/guillotina/@sharing", data=json.dumps({ "prinperm": [{ "principal": "user1", "permission": "guillotina.AccessContent", "setting": "AllowSingle", }] }), ) assert status == 200 response, status = await requester("POST", "/db/guillotina/", data=json.dumps({ "@type": "Item", "id": "testing" })) assert status == 201 response, status = await requester("GET", "/db/guillotina/testing/@sharing") assert len(response["inherit"]) == 1 assert response["inherit"][0]["prinrole"]["root"][ "guillotina.ContainerAdmin"] == "Allow" assert response["inherit"][0]["prinrole"]["root"][ "guillotina.Owner"] == "Allow" assert "Anonymous User" not in response["inherit"][0]["prinrole"] assert (response["inherit"][0]["prinperm"]["user1"] ["guillotina.AccessContent"] == "AllowSingle") # noqa request = utils.get_mocked_request(db=requester.db) root = await utils.get_root(db=requester.db) async with transaction(abort_when_done=True): container = await root.async_get("guillotina") testing_object = await container.async_get("testing") # Check the access users/roles principals = get_principals_with_access_content( testing_object, request) assert principals == ["root"] roles = get_roles_with_access_content(testing_object, request) assert roles == [ "guillotina.Reader", "guillotina.Reviewer", "guillotina.Owner", "guillotina.Editor", "guillotina.ContainerAdmin", ] data = settings_for_object(testing_object) assert "testing" in data[0] # Now we add the user1 with inherit on the container response, status = await requester( "POST", "/db/guillotina/@sharing", data=json.dumps({ "prinperm": [{ "principal": "user1", "permission": "guillotina.AccessContent", "setting": "Allow" }] }), ) root = await utils.get_root(db=requester.db) async with transaction(abort_when_done=True): # need to retreive objs again from db since they changed container = await root.async_get("guillotina") testing_object = await container.async_get("testing") principals = get_principals_with_access_content( testing_object, request) assert len(principals) == 2 assert "user1" in principals # Now we add the user1 with deny on the object response, status = await requester( "POST", "/db/guillotina/testing/@sharing", data=json.dumps({ "prinperm": [{ "principal": "user1", "permission": "guillotina.AccessContent", "setting": "Deny" }] }), ) # need to retreive objs again from db since they changed root = await utils.get_root(db=requester.db) async with transaction(abort_when_done=True): container = await root.async_get("guillotina") testing_object = await container.async_get("testing") principals = get_principals_with_access_content( testing_object, request) assert principals == ["root"]
def get_access_roles(ob): roles = get_roles_with_access_content(ob) return roles
async def test_set_local_guillotina(site_requester): async with await site_requester as requester: response, status = await requester( 'POST', '/db/guillotina/@sharing', data=json.dumps({ 'type': 'AllowSingle', 'prinperm': { 'user1': [ 'guillotina.AccessContent' ] } }) ) assert status == 200 response, status = await requester( 'POST', '/db/guillotina/', data=json.dumps({ '@type': 'Item', 'id': 'testing' }) ) assert status == 201 response, status = await requester( 'GET', '/db/guillotina/testing/@sharing') assert len(response['inherit']) == 1 assert response['inherit'][0]['prinrole']['root']['guillotina.SiteAdmin'] == 'Allow' assert response['inherit'][0]['prinrole']['root']['guillotina.Owner'] == 'Allow' assert 'Anonymous User' not in response['inherit'][0]['prinrole'] assert response['inherit'][0]['prinperm']['user1']['guillotina.AccessContent'] == 'AllowSingle' # noqa request = utils.get_mocked_request(requester.db) root = await utils.get_root(request) site = await root.async_get('guillotina') testing_object = await site.async_get('testing') # Check the access users/roles principals = get_principals_with_access_content(testing_object, request) assert principals == ['root'] roles = get_roles_with_access_content(testing_object, request) assert roles == ['guillotina.SiteAdmin'] # Now we add the user1 with inherit on the site response, status = await requester( 'POST', '/db/guillotina/@sharing', data=json.dumps({ 'type': 'Allow', 'prinperm': { 'user1': [ 'guillotina.AccessContent' ] } }) ) # need to retreive objs again from db since they changed site = await root.async_get('guillotina') testing_object = await site.async_get('testing') principals = get_principals_with_access_content(testing_object, request) assert len(principals) == 2 assert 'user1' in principals # Now we add the user1 with deny on the object response, status = await requester( 'POST', '/db/guillotina/testing/@sharing', data=json.dumps({ 'type': 'Deny', 'prinperm': { 'user1': [ 'guillotina.AccessContent' ] } }) ) # need to retreive objs again from db since they changed site = await root.async_get('guillotina') testing_object = await site.async_get('testing') principals = get_principals_with_access_content(testing_object, request) assert principals == ['root']
async def test_set_local_guillotina(container_requester): async with container_requester as requester: response, status = await requester('POST', '/db/guillotina/@sharing', data=json.dumps({ 'prinperm': [{ 'principal': 'user1', 'permission': 'guillotina.AccessContent', 'setting': 'AllowSingle' }] })) assert status == 200 response, status = await requester('POST', '/db/guillotina/', data=json.dumps({ '@type': 'Item', 'id': 'testing' })) assert status == 201 response, status = await requester('GET', '/db/guillotina/testing/@sharing') assert len(response['inherit']) == 1 assert response['inherit'][0]['prinrole']['root'][ 'guillotina.ContainerAdmin'] == 'Allow' assert response['inherit'][0]['prinrole']['root'][ 'guillotina.Owner'] == 'Allow' assert 'Anonymous User' not in response['inherit'][0]['prinrole'] assert response['inherit'][0]['prinperm']['user1'][ 'guillotina.AccessContent'] == 'AllowSingle' # noqa request = utils.get_mocked_request(requester.db) root = await utils.get_root(request) async with managed_transaction(request=request, abort_when_done=True): container = await root.async_get('guillotina') testing_object = await container.async_get('testing') # Check the access users/roles principals = get_principals_with_access_content( testing_object, request) assert principals == ['root'] roles = get_roles_with_access_content(testing_object, request) assert roles == [ 'guillotina.Reader', 'guillotina.Reviewer', 'guillotina.Owner', 'guillotina.Editor', 'guillotina.ContainerAdmin' ] data = settings_for_object(testing_object) assert 'testing' in data[0] # Now we add the user1 with inherit on the container response, status = await requester('POST', '/db/guillotina/@sharing', data=json.dumps({ 'prinperm': [{ 'principal': 'user1', 'permission': 'guillotina.AccessContent', 'setting': 'Allow' }] })) root = await utils.get_root(request) async with managed_transaction(request=request, abort_when_done=True): # need to retreive objs again from db since they changed container = await root.async_get('guillotina') testing_object = await container.async_get('testing') principals = get_principals_with_access_content( testing_object, request) assert len(principals) == 2 assert 'user1' in principals # Now we add the user1 with deny on the object response, status = await requester('POST', '/db/guillotina/testing/@sharing', data=json.dumps({ 'prinperm': [{ 'principal': 'user1', 'permission': 'guillotina.AccessContent', 'setting': 'Deny' }] })) # need to retreive objs again from db since they changed root = await utils.get_root(request) async with managed_transaction(request=request, abort_when_done=True): container = await root.async_get('guillotina') testing_object = await container.async_get('testing') principals = get_principals_with_access_content( testing_object, request) assert principals == ['root']