def main(session, user, container): """Create ROs to test auth policies. Args: session (DBSession): user (User): default user container (ROContainer): top level container Returns: None """ # create another user other = User.create(session, uid='other', name="Other User", email="*****@*****.**") img = Image.open("seeweb/scripts/avatar/sartzet.png") upload_user_avatar(img, other) # user can view RO in container owner by other roa = ROArticle() roa.init(session, dict(owner=other.id, name="other article")) roa.store_description("Title\n=====\n\nLorem Ipsum\nlorem ipsum") roa.add_policy(session, user, Role.view) road = ROArticle() road.init(session, dict(owner=other.id, name="other editable article")) road.store_description("Title\n=====\n\nLorem Ipsum\nlorem ipsum") road.add_policy(session, user, Role.edit) roc = ROContainer() roc.init(session, dict(owner=other.id, name="other project", contents=[roa, road])) ROLink.connect(session, container.id, roc.id, 'contains') # access granted to ROs through their container policy roa = ROArticle() roa.init(session, dict(owner=other.id, name="other 'private' article")) roa.store_description("Title\n=====\n\nLorem Ipsum\nlorem ipsum") roc = ROContainer() roc.init(session, dict(owner=other.id, name="other 'denied' project", contents=[roa])) roc.add_policy(session, user, Role.denied) ROLink.connect(session, container.id, roc.id, 'contains') roc = ROContainer() roc.init(session, dict(owner=other.id, name="other project", contents=[roa])) roc.add_policy(session, user, Role.edit) ROLink.connect(session, container.id, roc.id, 'contains') # public container roa = ROArticle() roa.init(session, dict(owner=other.id, name="other article")) roa.store_description("Title\n=====\n\nLorem Ipsum\nlorem ipsum") road = ROArticle() road.init(session, dict(owner=other.id, name="other denied article")) road.store_description("Title\n=====\n\nLorem Ipsum\nlorem ipsum") road.add_policy(session, user, Role.denied) roc = ROContainer() roc.init(session, dict(owner=other.id, name="other 'public' project", contents=[roa, road])) roc.public = True ROLink.connect(session, container.id, roc.id, 'contains')