def test_resources_with_perm_type_other_found(self, db_session): created_user = add_user(db_session) resource = add_resource(db_session, 1, 'test_resource') resource2 = add_resource_b(db_session, 2, 'test_resource') resource3 = add_resource(db_session, 3, 'test_resource') resource4 = add_resource_b(db_session, 4, 'test_resource') db_session.flush() permission = UserResourcePermission(perm_name='test_perm', user_id=created_user.id, resource_id=resource.resource_id) resource.user_permissions.append(permission) permission2 = UserResourcePermission(perm_name='test_perm', user_id=created_user.id, resource_id=resource2.resource_id) resource2.user_permissions.append(permission2) permission3 = UserResourcePermission(perm_name='test_perm', user_id=created_user.id, resource_id=resource3.resource_id) resource3.user_permissions.append(permission3) permission4 = UserResourcePermission(perm_name='test_perm', user_id=created_user.id, resource_id=resource4.resource_id) resource4.user_permissions.append(permission4) db_session.flush() resources = created_user.resources_with_perms( ['test_perm'], resource_types=['test_resource_b'], db_session=db_session).all() assert len(resources) == 2
def test_resources_ids_with_perm(self, db_session): created_user = add_user(db_session) resource1 = add_resource(db_session, 1, "test_resource1") resource2 = add_resource(db_session, 2, "test_resource2") resource3 = add_resource(db_session, 3, "test_resource3") permission1 = UserResourcePermission( perm_name="test_perm", user_id=created_user.id, resource_id=resource1.resource_id, ) permission2 = UserResourcePermission( perm_name="test_perm", user_id=created_user.id, resource_id=resource2.resource_id, ) permission3 = UserResourcePermission( perm_name="test_perm", user_id=created_user.id, resource_id=resource3.resource_id, ) resource1.user_permissions.append(permission1) resource2.user_permissions.append(permission2) resource3.user_permissions.append(permission3) db_session.flush() resources = UserService.resources_with_perms( created_user, ["test_perm"], resource_ids=[1, 3], db_session=db_session).all() assert resources == [resource1, resource3]
def test_multiple_resources_with_perm(self, db_session): created_user = add_user(db_session) resource = add_resource(db_session, 1, 'test_resource') permission = UserResourcePermission(perm_name='test_perm', user_id=created_user.id, resource_id=resource.resource_id) resource.user_permissions.append(permission) resource2 = add_resource(db_session, 2, 'test_resource2') permission2 = UserResourcePermission(perm_name='test_perm', user_id=created_user.id, resource_id=resource2.resource_id) resource2.user_permissions.append(permission2) resources = created_user.resources_with_perms( ['test_perm'], db_session=db_session).all() assert resources == [resource, resource2]
def test_resource_users_limited_group_ownage(self, db_session): self.maxDiff = 9999 self.set_up_user_group_and_perms(db_session) resource = TestResourceB(resource_id=99, resource_name='other', owner_user_id=self.user2.id) group3 = add_group(db_session, 'group 3') user2_permission = UserResourcePermission( perm_name='foo_perm', user_id=self.user2.id, ) group3_permission = GroupResourcePermission(perm_name='group_perm', group_id=group3.id) resource.group_permissions.append(group3_permission) resource.user_permissions.append(user2_permission) group3.users.append(self.user3) self.user.resources.append(resource) self.group2.resources.append(resource) db_session.flush() perms = resource.users_for_perm('__any_permission__', db_session=db_session) second = [ PermissionTuple(self.user2, 'foo_perm', 'user', None, resource, False, True), PermissionTuple(self.user, ALL_PERMISSIONS, 'user', None, resource, True, True), PermissionTuple(self.user4, ALL_PERMISSIONS, 'group', self.group2, resource, True, True), PermissionTuple(self.user3, 'group_perm', 'group', group3, resource, False, True) ] check_one_in_other(perms, second)
def test_resource_users_limited_group_ownage(self, db_session): self.maxDiff = 9999 self.set_up_user_group_and_perms(db_session) resource = ResourceTestobjB(resource_id=99, resource_name="other", owner_user_id=self.user2.id) group3 = add_group(db_session, "group 3") user2_permission = UserResourcePermission(perm_name="foo_perm", user_id=self.user2.id) group3_permission = GroupResourcePermission(perm_name="group_perm", group_id=group3.id) resource.group_permissions.append(group3_permission) resource.user_permissions.append(user2_permission) group3.users.append(self.user3) self.user.resources.append(resource) self.group2.resources.append(resource) db_session.flush() perms = ResourceService.users_for_perm(resource, "__any_permission__", db_session=db_session) second = [ PermissionTuple(self.user2, "foo_perm", "user", None, resource, False, True), PermissionTuple(self.user, ALL_PERMISSIONS, "user", None, resource, True, True), PermissionTuple(self.user4, ALL_PERMISSIONS, "group", self.group2, resource, True, True), PermissionTuple(self.user3, "group_perm", "group", group3, resource, False, True), ] check_one_in_other(perms, second)
def test_resources_with_wrong_perm(self, db_session): created_user = add_user(db_session) resource = add_resource(db_session, 1, 'test_resource') permission = UserResourcePermission(perm_name='test_perm_bad', user_id=created_user.id, resource_id=resource.resource_id) with pytest.raises(AssertionError): resource.user_permissions.append(permission)
def test_multiple_resources_with_perm(self, db_session): created_user = add_user(db_session) resource = add_resource(db_session, 1, "test_resource") permission = UserResourcePermission( perm_name="test_perm", user_id=created_user.id, resource_id=resource.resource_id, ) resource.user_permissions.append(permission) resource2 = add_resource(db_session, 2, "test_resource2") permission2 = UserResourcePermission( perm_name="test_perm", user_id=created_user.id, resource_id=resource2.resource_id, ) resource2.user_permissions.append(permission2) resources = UserService.resources_with_perms( created_user, ["test_perm"], db_session=db_session).all() assert resources == [resource, resource2]
def test_resources_with_perm(self, db_session): created_user = add_user(db_session) resource = add_resource(db_session, 1, 'test_resource') permission = UserResourcePermission(perm_name='test_perm', user_id=created_user.id, resource_id=resource.resource_id) resource.user_permissions.append(permission) db_session.flush() resources = created_user.resources_with_perms( ['test_perm'], db_session=db_session).all() assert resources[0] == resource
def test_resources_with_perm(self, db_session): created_user = add_user(db_session) resource = add_resource(db_session, 1, "test_resource") permission = UserResourcePermission( perm_name="test_perm", user_id=created_user.id, resource_id=resource.resource_id, ) resource.user_permissions.append(permission) db_session.flush() resources = UserService.resources_with_perms( created_user, ["test_perm"], db_session=db_session).all() assert resources[0] == resource
def test_resources_with_perm_type_other_found(self, db_session): created_user = add_user(db_session) resource = add_resource(db_session, 1, "test_resource") resource2 = add_resource_b(db_session, 2, "test_resource") resource3 = add_resource(db_session, 3, "test_resource") resource4 = add_resource_b(db_session, 4, "test_resource") db_session.flush() permission = UserResourcePermission( perm_name="test_perm", user_id=created_user.id, resource_id=resource.resource_id, ) resource.user_permissions.append(permission) permission2 = UserResourcePermission( perm_name="test_perm", user_id=created_user.id, resource_id=resource2.resource_id, ) resource2.user_permissions.append(permission2) permission3 = UserResourcePermission( perm_name="test_perm", user_id=created_user.id, resource_id=resource3.resource_id, ) resource3.user_permissions.append(permission3) permission4 = UserResourcePermission( perm_name="test_perm", user_id=created_user.id, resource_id=resource4.resource_id, ) resource4.user_permissions.append(permission4) db_session.flush() resources = UserService.resources_with_perms( created_user, ["test_perm"], resource_types=["test_resource_b"], db_session=db_session, ).all() assert len(resources) == 2
def test_resources_ids_with_perm(self, db_session): created_user = add_user(db_session) resource1 = add_resource(db_session, 1, 'test_resource1') resource2 = add_resource(db_session, 2, 'test_resource2') resource3 = add_resource(db_session, 3, 'test_resource3') permission1 = UserResourcePermission(perm_name='test_perm', user_id=created_user.id, resource_id=resource1.resource_id) permission2 = UserResourcePermission(perm_name='test_perm', user_id=created_user.id, resource_id=resource2.resource_id) permission3 = UserResourcePermission(perm_name='test_perm', user_id=created_user.id, resource_id=resource3.resource_id) resource1.user_permissions.append(permission1) resource2.user_permissions.append(permission2) resource3.user_permissions.append(permission3) db_session.flush() resources = created_user.resources_with_perms( ['test_perm'], resource_ids=[1, 3], db_session=db_session).all() assert resources == [resource1, resource3]
def test_get_resource_permission(self, db_session): created_user = add_user(db_session) resource = add_resource(db_session, 1, 'test_resource') permission = UserResourcePermission(perm_name='test_perm', user_id=created_user.id, resource_id=resource.resource_id) resource.user_permissions.append(permission) db_session.flush() perm = UserResourcePermissionService.get( user_id=created_user.id, resource_id=resource.resource_id, perm_name='test_perm', db_session=db_session) assert perm.perm_name == 'test_perm' assert perm.resource_id == resource.resource_id assert perm.user_id == created_user.id
def test_mixed_perms(self, db_session): created_user = add_user(db_session) resource = add_resource(db_session, 1, 'test_resource') permission = UserResourcePermission(perm_name='test_perm', user_id=created_user.id, resource_id=resource.resource_id) resource.user_permissions.append(permission) resource2 = add_resource(db_session, 2, 'test_resource') created_user.resources.append(resource2) resource3 = add_resource(db_session, 3, 'test_resource') resource4 = add_resource_b(db_session, 4, 'test_resource') db_session.flush() resources = created_user.resources_with_perms( ['test_perm'], db_session=db_session).all() found_ids = [r.resource_id for r in resources] assert sorted(found_ids) == [1, 2]
def test_mixed_perms(self, db_session): created_user = add_user(db_session) resource = add_resource(db_session, 1, "test_resource") permission = UserResourcePermission( perm_name="test_perm", user_id=created_user.id, resource_id=resource.resource_id, ) resource.user_permissions.append(permission) resource2 = add_resource(db_session, 2, "test_resource") created_user.resources.append(resource2) add_resource(db_session, 3, "test_resource") add_resource_b(db_session, 4, "test_resource") db_session.flush() resources = UserService.resources_with_perms( created_user, ["test_perm"], db_session=db_session).all() found_ids = [r.resource_id for r in resources] assert sorted(found_ids) == [1, 2]
def set_up_user_group_and_perms(self, db_session): """ perm map: username: first_user : root, alter_users res_perms: r1:g1:foo_perm, r1:g1:test_perm2 foouser: user_perms : custom res_perms: r2:foo_perm baruser: user_perms : root, alter_users res_perms: r2:test_perm bazuser: user_perms : root, alter_users res_perms: r1:g2:group_perm """ created_user = add_user(db_session, user_name="first_user") created_user2 = add_user(db_session, user_name="foouser", email="new_email", perms=["custom"]) created_user3 = add_user(db_session, user_name="baruser", email="new_email2") created_user4 = add_user(db_session, user_name="bazuser", email="new_email3") resource = add_resource(db_session, 1, "test_resource") resource2 = add_resource_b(db_session, 2, "other_resource") group = add_group(db_session) group2 = add_group(db_session, group_name="group2") group.users.append(created_user) group2.users.append(created_user4) group_permission = GroupResourcePermission(perm_name="group_perm", group_id=group.id) group_permission2 = GroupResourcePermission(perm_name="group_perm", group_id=group2.id) user_permission = UserResourcePermission(perm_name="test_perm2", user_id=created_user.id) user_permission2 = UserResourcePermission(perm_name="foo_perm", user_id=created_user.id) user2_permission = UserResourcePermission(perm_name="foo_perm", user_id=created_user2.id) user3_permission = UserResourcePermission(perm_name="test_perm", user_id=created_user3.id) resource.group_permissions.append(group_permission) resource.group_permissions.append(group_permission2) resource.user_permissions.append(user_permission) resource.user_permissions.append(user_permission2) resource2.user_permissions.append(user2_permission) resource2.user_permissions.append(user3_permission) db_session.flush() self.resource = resource self.resource2 = resource2 self.user = created_user self.user2 = created_user2 self.user3 = created_user3 self.user4 = created_user4 self.group = group self.group2 = group2
def set_up_user_group_and_perms(self, db_session): """ perm map: username: first_user : root, alter_users res_perms: r1:g1:foo_perm, r1:g1:test_perm2 foouser: user_perms : custom res_perms: r2:foo_perm baruser: user_perms : root, alter_users res_perms: r2:test_perm bazuser: user_perms : root, alter_users res_perms: r1:g2:group_perm """ created_user = add_user(db_session, user_name="first_user") created_user2 = add_user(db_session, user_name='foouser', email='new_email', perms=['custom']) created_user3 = add_user(db_session, user_name='baruser', email='new_email2') created_user4 = add_user(db_session, user_name='bazuser', email='new_email3') resource = add_resource(db_session, 1, 'test_resource') resource2 = add_resource_b(db_session, 2, 'other_resource') group = add_group(db_session, ) group2 = add_group(db_session, group_name='group2') group.users.append(created_user) group2.users.append(created_user4) group_permission = GroupResourcePermission( perm_name='group_perm', group_id=group.id, ) group_permission2 = GroupResourcePermission( perm_name='group_perm', group_id=group2.id, ) user_permission = UserResourcePermission( perm_name='test_perm2', user_id=created_user.id, ) user_permission2 = UserResourcePermission( perm_name='foo_perm', user_id=created_user.id, ) user2_permission = UserResourcePermission( perm_name='foo_perm', user_id=created_user2.id, ) user3_permission = UserResourcePermission( perm_name='test_perm', user_id=created_user3.id, ) resource.group_permissions.append(group_permission) resource.group_permissions.append(group_permission2) resource.user_permissions.append(user_permission) resource.user_permissions.append(user_permission2) resource2.user_permissions.append(user2_permission) resource2.user_permissions.append(user3_permission) db_session.flush() self.resource = resource self.resource2 = resource2 self.user = created_user self.user2 = created_user2 self.user3 = created_user3 self.user4 = created_user4 self.group = group self.group2 = group2