def has_roles(self, allowed=None, required=None): """checks the provided arguments against the roles assigned""" if not allowed and not required: return True allowed = split_and_extend(allowed) required = split_and_extend(required) logger.debug( "%(self)s.has_roles(allowed=%(allowed)s, required=%(required)s)" % locals()) if allowed: # Ask the database if the user has any of the allowed roles. For # smaller numbers of roles this is very slightly slower with # SQLite in :memory: but is a good amount faster over the network # or with large role sets. return bool( User.query.filter( User.roles.any( Role.name.in_(allowed)) ).filter(User.id == self.id).count()) if required: # Ask the database for all roles matching ``required``. In order # for this to return True is the number of entries found must # be equal to len(required). count = Role.query.filter( Role.name.in_(required)).filter(User.id == self.id).count() return count == len(required)
def test_split_and_extend(self): self.assertSetEqual(split_and_extend(["a.b.c.d"]), set(["a", "a.b", "a.b.c", "a.b.c.d"])) self.assertIsNone(split_and_extend(None))
def test_split_and_extend(self): self.assertSetEqual( split_and_extend(["a.b.c.d"]), set(["a", "a.b", "a.b.c", "a.b.c.d"])) self.assertIsNone(split_and_extend(None))