def load_usergroups(self, usersgroupsauthorisor): dbusers = self._storage_engine.session.query(AuthoriseUser) for dbuser in dbusers: user = User(dbuser.name) dbuserroles = self._storage_engine.session.query(UserRole).filter( UserRole.user == dbuser.name) for dbuserrole in dbuserroles: user.add_role(dbuserrole.role) dbusergroups = self._storage_engine.session.query( UserGroup).filter(UserGroup.user == dbuser.name) for dbusergroup in dbusergroups: user.add_group(dbusergroup.group) usersgroupsauthorisor.users[user.userid] = user groups = self._storage_engine.session.query(AuthoriseGroup) for dbgroup in groups: group = Group(dbgroup.name) groupusers = self._storage_engine.session.query(GroupUser).filter( GroupUser.group == dbgroup.name) for dbgroupuser in groupusers: group.add_user(dbgroupuser.user) groupgroups = self._storage_engine.session.query( GroupGroup).filter(GroupGroup.group == dbgroup.name) for dbgroupgroup in groupgroups: group.add_group(dbgroupgroup.subgroup) grouproles = self._storage_engine.session.query(GroupRole).filter( GroupRole.group == dbgroup.name) for dbgrouprole in grouproles: group.add_role(dbgrouprole.role) usersgroupsauthorisor.groups[group.groupid] = group self._combine_users_and_groups(usersgroupsauthorisor)
def test_authorisable(self): authorisable = Authorisable("testid") self.assertEqual("testid", authorisable._id) self.assertEqual([], authorisable.roles) self.assertEqual([], authorisable.groups) self.assertEqual([], authorisable.available_roles()) self.assertFalse(authorisable.has_role("user")) self.assertFalse(authorisable.has_role("admin")) self.assertFalse(authorisable.has_group("sysadmin")) self.assertEqual([], authorisable.roles) authorisable.add_role("user") self.assertEqual(['user'], authorisable.roles) authorisable.add_role("user") self.assertEqual(['user'], authorisable.roles) self.assertTrue(authorisable.has_role("user")) group = Group("sysadmin") group.roles.append("admin") self.assertEqual([], authorisable.groups) authorisable.add_group(group) self.assertEqual([group], authorisable.groups) authorisable.add_group(group) self.assertEqual([group], authorisable.groups) self.assertTrue(authorisable.has_group("sysadmin")) self.assertTrue(authorisable.has_role("admin")) self.assertEqual(['user', 'admin'], authorisable.available_roles()) group2 = Group("root") self.assertFalse(authorisable.has_group("root")) group.add_group(group2) self.assertTrue(authorisable.has_group("root"))