def test_noDuplication(self): """ Make sure addDelegate( ) is idempotent """ delegator = yield self.directory.recordWithUID(u"__wsanchez1__") # Delegate users: delegate1 = yield self.directory.recordWithUID(u"__sagen1__") txn = self.store.newTransaction(label="test_noDuplication") yield addDelegate(txn, delegator, delegate1, True) yield txn.commit() txn = self.store.newTransaction(label="test_noDuplication") yield addDelegate(txn, delegator, delegate1, True) yield txn.commit() txn = self.store.newTransaction(label="test_noDuplication") results = ( yield txn._selectDelegatesQuery.on( txn, delegator=delegator.uid.encode("utf-8"), readWrite=1 ) ) yield txn.commit() self.assertEquals([["__sagen1__"]], results) # Delegate groups: group1 = yield self.directory.recordWithUID(u"__top_group_1__") txn = self.store.newTransaction(label="test_noDuplication") yield addDelegate(txn, delegator, group1, True) yield txn.commit() txn = self.store.newTransaction(label="test_noDuplication") yield addDelegate(txn, delegator, group1, True) yield txn.commit() txn = self.store.newTransaction(label="test_noDuplication") results = ( yield txn._selectDelegateGroupsQuery.on( txn, delegator=delegator.uid.encode("utf-8"), readWrite=1 ) ) yield txn.commit() self.assertEquals([["__top_group_1__"]], results)
def test_hideDisabledProxies(self): """ Make sure users that are missing or not enabled for calendaring are removed from the proxyFor list. """ # Check proxies empty right now principal01 = yield self.principalRootResource.principalForUID((yield self.userUIDFromShortName("user01"))) self.assertTrue(len((yield principal01.proxyFor(False))) == 0) self.assertTrue(len((yield principal01.proxyFor(True))) == 0) principal02 = yield self.principalRootResource.principalForUID((yield self.userUIDFromShortName("user02"))) self.assertTrue(len((yield principal02.proxyFor(False))) == 0) self.assertTrue(len((yield principal02.proxyFor(True))) == 0) principal03 = yield self.principalRootResource.principalForUID((yield self.userUIDFromShortName("user03"))) self.assertTrue(len((yield principal03.proxyFor(False))) == 0) self.assertTrue(len((yield principal03.proxyFor(True))) == 0) # Make user01 a read-only proxy for user02 and user03 yield addDelegate(self.transactionUnderTest(), principal02.record, principal01.record, False) yield addDelegate(self.transactionUnderTest(), principal03.record, principal01.record, False) yield self.commit() self.assertTrue(len((yield principal01.proxyFor(False))) == 2) self.assertTrue(len((yield principal01.proxyFor(True))) == 0) # Now disable user02 yield self.changeRecord(principal02.record, self.directory.fieldName.hasCalendars, False) self.assertTrue(len((yield principal01.proxyFor(False))) == 1) self.assertTrue(len((yield principal01.proxyFor(True))) == 0) # Now enable user02 yield self.changeRecord(principal02.record, self.directory.fieldName.hasCalendars, True) self.assertTrue(len((yield principal01.proxyFor(False))) == 2) self.assertTrue(len((yield principal01.proxyFor(True))) == 0) # Now remove user02 yield self.directory.removeRecords((principal02.record.uid,)) self.assertTrue(len((yield principal01.proxyFor(False))) == 1) self.assertTrue(len((yield principal01.proxyFor(True))) == 0)
def _addProxy(self, command, proxyType): record = yield recordForPrincipalID(self.dir, command['Principal']) if record is None: self.respondWithError("Principal not found: %s" % (command['Principal'],)) returnValue(None) proxyRecord = yield recordForPrincipalID(self.dir, command['Proxy']) if proxyRecord is None: self.respondWithError("Proxy not found: %s" % (command['Proxy'],)) returnValue(None) txn = self.store.newTransaction() yield addDelegate(txn, record, proxyRecord, (proxyType == "write")) yield txn.commit() yield self.respondWithProxies(command, record, proxyType)
def _addProxy(self, command, proxyType): record = yield recordForPrincipalID(self.dir, command['Principal']) if record is None: self.respondWithError("Principal not found: %s" % (command['Principal'], )) returnValue(None) proxyRecord = yield recordForPrincipalID(self.dir, command['Proxy']) if proxyRecord is None: self.respondWithError("Proxy not found: %s" % (command['Proxy'], )) returnValue(None) txn = self.store.newTransaction() yield addDelegate(txn, record, proxyRecord, (proxyType == "write")) yield txn.commit() yield self.respondWithProxies(command, record, proxyType)
def migrateDelegatesToStore(service, store): directory = store.directoryService() txn = store.newTransaction(label="migrateDelegatesToStore") for groupName, memberUID in ( yield service.query( "select GROUPNAME, MEMBER from GROUPS" ) ): if "#" not in groupName: continue delegatorUID, groupType = groupName.split("#") delegatorRecord = yield directory.recordWithUID(delegatorUID) if delegatorRecord is None: continue delegateRecord = yield directory.recordWithUID(memberUID) if delegateRecord is None: continue readWrite = (groupType == "calendar-proxy-write") yield addDelegate(txn, delegatorRecord, delegateRecord, readWrite) yield txn.commit()
def test_directDelegation(self): txn = self.store.newTransaction(label="test_directDelegation") delegator = yield self.directory.recordWithUID(u"__wsanchez1__") delegate1 = yield self.directory.recordWithUID(u"__sagen1__") delegate2 = yield self.directory.recordWithUID(u"__cdaboo1__") # Add 1 delegate yield addDelegate(txn, delegator, delegate1, True) delegates = (yield delegatesOf(txn, delegator, True)) self.assertEquals([u"__sagen1__"], [d.uid for d in delegates]) delegators = (yield delegatedTo(txn, delegate1, True)) self.assertEquals([u"__wsanchez1__"], [d.uid for d in delegators]) yield txn.commit() # So delegateService will see the changes txn = self.store.newTransaction(label="test_directDelegation") # The "proxy-write" pseudoGroup will have one member pseudoGroup = yield self.directory.recordWithShortName( DelegateRecordType.writeDelegateGroup, u"__wsanchez1__" ) self.assertEquals(pseudoGroup.uid, u"__wsanchez1__#calendar-proxy-write") self.assertEquals( [r.uid for r in (yield pseudoGroup.members())], [u"__sagen1__"] ) # The "proxy-read" pseudoGroup will have no members pseudoGroup = yield self.directory.recordWithShortName( DelegateRecordType.readDelegateGroup, u"__wsanchez1__" ) self.assertEquals(pseudoGroup.uid, u"__wsanchez1__#calendar-proxy-read") self.assertEquals( [r.uid for r in (yield pseudoGroup.members())], [] ) # The "proxy-write-for" pseudoGroup will have one member pseudoGroup = yield self.directory.recordWithShortName( DelegateRecordType.writeDelegatorGroup, u"__sagen1__" ) self.assertEquals(pseudoGroup.uid, u"__sagen1__#calendar-proxy-write-for") self.assertEquals( [r.uid for r in (yield pseudoGroup.members())], [u"__wsanchez1__"] ) # The "proxy-read-for" pseudoGroup will have no members pseudoGroup = yield self.directory.recordWithShortName( DelegateRecordType.readDelegatorGroup, u"__sagen1__" ) self.assertEquals(pseudoGroup.uid, u"__sagen1__#calendar-proxy-read-for") self.assertEquals( [r.uid for r in (yield pseudoGroup.members())], [] ) # Add another delegate yield addDelegate(txn, delegator, delegate2, True) delegates = (yield delegatesOf(txn, delegator, True)) self.assertEquals( set([u"__sagen1__", u"__cdaboo1__"]), set([d.uid for d in delegates]) ) delegators = (yield delegatedTo(txn, delegate2, True)) self.assertEquals([u"__wsanchez1__"], [d.uid for d in delegators]) # Remove 1 delegate yield removeDelegate(txn, delegator, delegate1, True) delegates = (yield delegatesOf(txn, delegator, True)) self.assertEquals([u"__cdaboo1__"], [d.uid for d in delegates]) delegators = (yield delegatedTo(txn, delegate1, True)) self.assertEquals(0, len(delegators)) # Remove the other delegate yield removeDelegate(txn, delegator, delegate2, True) delegates = (yield delegatesOf(txn, delegator, True)) self.assertEquals(0, len(delegates)) delegators = (yield delegatedTo(txn, delegate2, True)) self.assertEquals(0, len(delegators)) yield txn.commit() # So delegateService will see the changes # Now set delegate assignments by using pseudoGroup.setMembers() pseudoGroup = yield self.directory.recordWithShortName( DelegateRecordType.writeDelegateGroup, u"__wsanchez1__" ) yield pseudoGroup.setMembers([delegate1, delegate2]) # Verify the assignments were made txn = self.store.newTransaction(label="test_directDelegation") delegates = (yield delegatesOf(txn, delegator, True)) self.assertEquals( set([u"__sagen1__", u"__cdaboo1__"]), set([d.uid for d in delegates]) ) yield txn.commit() # Set a different group of assignments: yield pseudoGroup.setMembers([delegate2]) # Verify the assignments were made txn = self.store.newTransaction(label="test_directDelegation") delegates = (yield delegatesOf(txn, delegator, True)) self.assertEquals( set([u"__cdaboo1__"]), set([d.uid for d in delegates]) ) yield txn.commit()
def test_indirectDelegation(self): txn = self.store.newTransaction(label="test_indirectDelegation") delegator = yield self.directory.recordWithUID(u"__wsanchez1__") delegate1 = yield self.directory.recordWithUID(u"__sagen1__") group1 = yield self.directory.recordWithUID(u"__top_group_1__") group2 = yield self.directory.recordWithUID(u"__sub_group_1__") # Add group delegate, but before the group membership has been # pulled in yield addDelegate(txn, delegator, group1, True) # Passing expanded=False will return the group delegates = (yield delegatesOf(txn, delegator, True, expanded=False)) self.assertEquals(1, len(delegates)) self.assertEquals(delegates[0].uid, u"__top_group_1__") # Passing expanded=True will return not the group -- it only returns # non-groups delegates = (yield delegatesOf(txn, delegator, True, expanded=True)) self.assertEquals(0, len(delegates)) # Now refresh the group and there will be 3 delegates (contained # within 2 nested groups) # guid = "49b350c69611477b94d95516b13856ab" yield self.groupCacher.refreshGroup(txn, group1.uid) yield self.groupCacher.refreshGroup(txn, group2.uid) delegates = (yield delegatesOf(txn, delegator, True, expanded=True)) self.assertEquals( set([u"__sagen1__", u"__cdaboo1__", u"__glyph1__"]), set([d.uid for d in delegates]) ) delegators = (yield delegatedTo(txn, delegate1, True)) self.assertEquals([u"__wsanchez1__"], [d.uid for d in delegators]) # Verify we can ask for all delegated-to groups yield addDelegate(txn, delegator, group2, True) groups = (yield txn.allGroupDelegates()) self.assertEquals( set([u'__sub_group_1__', u'__top_group_1__']), set(groups) ) # Delegate to a user who is already indirectly delegated-to yield addDelegate(txn, delegator, delegate1, True) delegates = (yield delegatesOf(txn, delegator, True, expanded=True)) self.assertEquals( set([u"__sagen1__", u"__cdaboo1__", u"__glyph1__"]), set([d.uid for d in delegates]) ) # Add a member to the group; they become a delegate newSet = set() for name in (u"wsanchez1", u"cdaboo1", u"sagen1", u"glyph1", u"dre1"): record = ( yield self.directory.recordWithShortName(RecordType.user, name) ) newSet.add(record.uid) ( groupID, name, _ignore_membershipHash, _ignore_modified, _ignore_extant ) = (yield txn.groupByUID(group1.uid)) _ignore_numAdded, _ignore_numRemoved = ( yield self.groupCacher.synchronizeMembers(txn, groupID, newSet) ) delegates = (yield delegatesOf(txn, delegator, True, expanded=True)) self.assertEquals( set([u"__sagen1__", u"__cdaboo1__", u"__glyph1__", u"__dre1__"]), set([d.uid for d in delegates]) ) # Remove delegate access from the top group yield removeDelegate(txn, delegator, group1, True) delegates = (yield delegatesOf(txn, delegator, True, expanded=True)) self.assertEquals( set([u"__sagen1__", u"__cdaboo1__"]), set([d.uid for d in delegates]) ) # Remove delegate access from the sub group yield removeDelegate(txn, delegator, group2, True) delegates = (yield delegatesOf(txn, delegator, True, expanded=True)) self.assertEquals( set([u"__sagen1__"]), set([d.uid for d in delegates]) ) yield txn.commit()