def test_visible_to_administrator(self):
# Launchpad administrators often have a need to see private
# Launchpad things in order to fix up fubars by users.
branch = self.factory.makeBranch(
information_type=InformationType.USERDATA)
naked_branch = removeSecurityProxy(branch)
admin = getUtility(ILaunchpadCelebrities).admin.teamowner
access = AccessBranch(naked_branch)
self.assertTrue(access.checkAuthenticated(IPersonRoles(admin)))
def test_visible_to_administrator(self):
# Launchpad administrators often have a need to see private
# Launchpad things in order to fix up fubars by users.
branch = self.factory.makeBranch(
information_type=InformationType.USERDATA)
naked_branch = removeSecurityProxy(branch)
admin = getUtility(ILaunchpadCelebrities).admin.teamowner
access = AccessBranch(naked_branch)
self.assertTrue(access.checkAuthenticated(IPersonRoles(admin)))
def test_visible_to_owner(self):
# The owners of a branch always have visibility of their own branches.
owner = self.factory.makePerson()
branch = self.factory.makeBranch(
owner=owner, information_type=InformationType.USERDATA)
naked_branch = removeSecurityProxy(branch)
clear_cache() # Clear authorization cache for check_permission.
access = AccessBranch(naked_branch)
self.assertFalse(access.checkUnauthenticated())
self.assertTrue(access.checkAuthenticated(IPersonRoles(owner)))
self.assertFalse(check_permission('launchpad.View', branch))
def test_visible_to_owner(self):
# The owners of a branch always have visibility of their own branches.
owner = self.factory.makePerson()
branch = self.factory.makeBranch(
owner=owner, information_type=InformationType.USERDATA)
naked_branch = removeSecurityProxy(branch)
clear_cache() # Clear authorization cache for check_permission.
access = AccessBranch(naked_branch)
self.assertFalse(access.checkUnauthenticated())
self.assertTrue(
access.checkAuthenticated(IPersonRoles(owner)))
self.assertFalse(check_permission('launchpad.View', branch))
def test_branch_access(self):
# Accessing any attributes of the Branch content class through the
# IBranch interface is configured to require the launchpad.View
# permission. The AccessBranch authorization class is used to
# authorize users for the combination of the launchpad.View permission
# and the IBranch interface.
branch = self.factory.makeBranch()
naked_branch = removeSecurityProxy(branch)
self.assertTrue(
isinstance(
getAdapter(branch, IAuthorization, name='launchpad.View'),
AccessBranch))
access = AccessBranch(naked_branch)
self.assertTrue(access.checkUnauthenticated())
person = self.factory.makePerson()
self.assertTrue(access.checkAuthenticated(IPersonRoles(person)))
def test_branch_access(self):
# Accessing any attributes of the Branch content class through the
# IBranch interface is configured to require the launchpad.View
# permission. The AccessBranch authorization class is used to
# authorize users for the combination of the launchpad.View permission
# and the IBranch interface.
branch = self.factory.makeBranch()
naked_branch = removeSecurityProxy(branch)
self.assertTrue(
isinstance(
getAdapter(branch, IAuthorization, name='launchpad.View'),
AccessBranch))
access = AccessBranch(naked_branch)
self.assertTrue(access.checkUnauthenticated())
person = self.factory.makePerson()
self.assertTrue(
access.checkAuthenticated(IPersonRoles(person)))
def test_visible_to_subscribers(self):
# Branches that are not public are viewable by members of the
# visibility_team and to subscribers.
branch = self.factory.makeBranch(
information_type=InformationType.USERDATA)
naked_branch = removeSecurityProxy(branch)
person = self.factory.makePerson()
teamowner = self.factory.makePerson()
team = self.factory.makeTeam(
membership_policy=TeamMembershipPolicy.MODERATED,
owner=teamowner,
members=[person])
# Not visible to an unsubscribed person.
access = AccessBranch(naked_branch)
self.assertFalse(access.checkAuthenticated(IPersonRoles(person)))
# Subscribing the team to the branch will allow access to the branch.
naked_branch.subscribe(team,
BranchSubscriptionNotificationLevel.NOEMAIL,
BranchSubscriptionDiffSize.NODIFF,
CodeReviewNotificationLevel.NOEMAIL, teamowner)
self.assertTrue(access.checkAuthenticated(IPersonRoles(person)))
def test_visible_to_subscribers(self):
# Branches that are not public are viewable by members of the
# visibility_team and to subscribers.
branch = self.factory.makeBranch(
information_type=InformationType.USERDATA)
naked_branch = removeSecurityProxy(branch)
person = self.factory.makePerson()
teamowner = self.factory.makePerson()
team = self.factory.makeTeam(
membership_policy=TeamMembershipPolicy.MODERATED,
owner=teamowner, members=[person])
# Not visible to an unsubscribed person.
access = AccessBranch(naked_branch)
self.assertFalse(access.checkAuthenticated(IPersonRoles(person)))
# Subscribing the team to the branch will allow access to the branch.
naked_branch.subscribe(
team,
BranchSubscriptionNotificationLevel.NOEMAIL,
BranchSubscriptionDiffSize.NODIFF,
CodeReviewNotificationLevel.NOEMAIL, teamowner)
self.assertTrue(access.checkAuthenticated(IPersonRoles(person)))
