class PermissionAdminPanelTestCase(unittest.TestCase): def setUp(self): self.env = EnvironmentStub(default_data=True) self.panel = PermissionAdminPanel(self.env) def tearDown(self): self.env.reset_db() def test_grant_permission_action_already_granted(self): """Warning is added when granting an action that has already been granted. """ req = MockRequest(self.env, method='POST', args={ 'add': True, 'subject': 'anonymous', 'action': 'WIKI_VIEW' }) self.panel.render_admin_panel(req, 'general', 'perm', None) self.assertIn("The user anonymous already has permission WIKI_VIEW.", req.chrome['warnings']) def test_grant_permission_group_already_granted(self): """Warning is added when adding a subject to a group and the subject is already a member of the group. """ PermissionSystem(self.env).grant_permission('user1', 'group1') req = MockRequest(self.env, method='POST', args={ 'add': True, 'subject': 'user1', 'group': 'group1' }) self.panel.render_admin_panel(req, 'general', 'perm', None) self.assertIn("The user user1 is already in the group group1.", req.chrome['warnings'])
def setUp(self): self.env = EnvironmentStub(default_data=True) self.panel = PermissionAdminPanel(self.env)
class PermissionAdminPanelTestCase(unittest.TestCase): def setUp(self): self.env = EnvironmentStub(default_data=True) self.panel = PermissionAdminPanel(self.env) def tearDown(self): self.env.reset_db() def _test_invalid_user(self, subject='', action='', target='', group=''): req = MockRequest(self.env, method='POST', args={ 'add': True, 'subject': subject, 'target': target, 'group': group, 'action': action }) with self.assertRaises(TracError) as cm: self.panel.render_admin_panel(req, 'general', 'perm', None) self.assertEqual( "All upper-cased tokens are reserved for permission " "names.", unicode(cm.exception)) def test_grant_permission_invalid_username(self): self._test_invalid_user(subject='USER', action='WIKI_VIEW') def test_add_subject_to_group_invalid_subject_or_group(self): self._test_invalid_user(subject='user', group='GROUP') self._test_invalid_user(subject='USER', group='group') def test_copy_permissions_invalid_subject_or_target(self): self._test_invalid_user(subject='user1', target='USER2') self._test_invalid_user(subject='USER1', target='user2') def test_grant_permission_action_already_granted(self): """Warning is added when granting an action that has already been granted. """ req = MockRequest(self.env, method='POST', args={ 'add': True, 'subject': 'anonymous', 'action': 'WIKI_VIEW' }) with self.assertRaises(RequestDone): self.panel.render_admin_panel(req, 'general', 'perm', None) self.assertIn("The user anonymous already has permission WIKI_VIEW.", req.chrome['warnings']) def test_grant_permission_group_already_granted(self): """Warning is added when adding a subject to a group and the subject is already a member of the group. """ PermissionSystem(self.env).grant_permission('user1', 'group1') req = MockRequest(self.env, method='POST', args={ 'add': True, 'subject': 'user1', 'group': 'group1' }) with self.assertRaises(RequestDone): self.panel.render_admin_panel(req, 'general', 'perm', None) self.assertIn("The user user1 is already in the group group1.", req.chrome['warnings']) def test_grant_permission_with_permission_grant(self): """User can only grant permissions they possess.""" ps = PermissionSystem(self.env) ps.grant_permission('user1', 'PERMISSION_GRANT') ps.grant_permission('group1', 'WIKI_ADMIN') req = MockRequest(self.env, method='POST', authname='user1', args={ 'add': True, 'subject': 'user2', 'group': 'group1' }) with self.assertRaises(PermissionError) as cm: self.panel.render_admin_panel(req, 'general', 'perm', None) self.assertEqual( "The subject user2 was not added to the group group1 " "because the group has WIKI_ADMIN permission and " "users cannot grant permissions they don't possess.", unicode(cm.exception)) def test_grant_undefined_permission_with_permission_grant(self): """Undefined permission is granted without checking granter.""" ps = PermissionSystem(self.env) ps.grant_permission('user1', 'PERMISSION_GRANT') self.env.db_transaction(""" INSERT INTO permission VALUES ('group1', 'TEST_PERM') """) req = MockRequest(self.env, method='POST', authname='user1', args={ 'add': True, 'subject': 'user2', 'group': 'group1' }) with self.assertRaises(RequestDone): self.panel.render_admin_panel(req, 'general', 'perm', None) self.assertIn('TEST_PERM', ps.get_user_permissions('group1', undefined=True)) self.assertIn('user2', ps.get_groups_dict()['group1']) def test_copy_permissions_to_subject(self): """Copy permissions to subject. Undefined actions are skipped. """ ps = PermissionSystem(self.env) ps.grant_permission('user1', 'WIKI_VIEW') ps.grant_permission('user1', 'TICKET_VIEW') self.env.db_transaction(""" INSERT INTO permission VALUES ('user1', 'TEST_PERM') """) req = MockRequest(self.env, method='POST', args={ 'copy': True, 'subject': 'user1', 'target': 'user2' }) with self.assertRaises(RequestDone): self.panel.render_admin_panel(req, 'general', 'perm', None) self.assertEqual(['TICKET_VIEW', 'WIKI_VIEW'], ps.get_users_dict().get('user2')) self.assertEqual(2, len(req.chrome['notices'])) self.assertIn( "The subject user2 has been granted the permission " "TICKET_VIEW.", req.chrome['notices']) self.assertIn( "The subject user2 has been granted the permission " "WIKI_VIEW.", req.chrome['notices']) self.assertIn(("WARNING", "Skipped granting TEST_PERM to user2: " "permission unavailable."), self.env.log_messages) self.assertIn(("INFO", "Granted permission for TICKET_VIEW to user2"), self.env.log_messages) self.assertIn(("INFO", "Granted permission for TICKET_VIEW to user2"), self.env.log_messages)