def test_has_perm_admin(self):
"""Test that an admin user can execute."""
user = Mock(spec=User, admin=True)
req = Mock(user=user)
accessPerm = GroupAccessPermission()
result = accessPerm.has_permission(request=req, view=None)
self.assertTrue(result)
def test_no_perm_not_admin_get_others_groups(self):
"""Test that a user cannot obtain the list of groups another user is a member of."""
access = {
"group": {
"read": [],
"write": []
},
"role": {
"read": [],
"write": []
},
"policy": {
"read": [],
"write": []
},
}
identity_header = {"identity": {"user": {"username": "******"}}}
user = Mock(spec=User,
admin=False,
access=access,
username="******")
req = Mock(user=user,
method="GET",
query_params={"username": "******"})
accessPerm = GroupAccessPermission()
result = accessPerm.has_permission(request=req, view=None)
self.assertFalse(result)
def test_no_perm_not_admin_get_others_groups(self):
"""Test that a user cannot obtain the list of groups another user is a member of."""
access = {
'group': {
'read': [],
'write': []
},
'role': {
'read': [],
'write': []
},
'policy': {
'read': [],
'write': []
}
}
identity_header = {
'identity': {
'user': {
'username': '******'
}
}
}
user = Mock(spec=User, admin=False, access=access, identity_header=identity_header)
req = Mock(user=user, method='GET', query_params={'username': '******'})
accessPerm = GroupAccessPermission()
result = accessPerm.has_permission(request=req, view=None)
self.assertFalse(result)
def test_has_perm_not_admin_post(self):
"""Test that a user with read access cannot execute a POST."""
access = {
"group": {
"read": ["*"],
"write": []
},
"role": {
"read": [],
"write": []
},
"policy": {
"read": [],
"write": []
},
}
user = Mock(spec=User, admin=False, access=access, identity_header={})
req = Mock(user=user, method="POST")
accessPerm = GroupAccessPermission()
result = accessPerm.has_permission(request=req, view=None)
self.assertFalse(result)
def test_has_perm_not_admin_post(self):
"""Test that a user with read access cannot execute a POST."""
access = {
'group': {
'read': ['*'],
'write': []
},
'role': {
'read': [],
'write': []
},
'policy': {
'read': [],
'write': []
}
}
user = Mock(spec=User, admin=False, access=access, identity_header={})
req = Mock(user=user, method='POST')
accessPerm = GroupAccessPermission()
result = accessPerm.has_permission(request=req, view=None)
self.assertFalse(result)