Exemplo n.º 1
0
def test_postprocess_acl_inexistant_privilege():
    from ldap2pg.manager import SyncManager, Acl, Grant, UserError

    manager = SyncManager()

    with pytest.raises(UserError):
        manager.postprocess_acl(
            acl=Acl([Grant('inexistant')]),
            schemas=dict(postgres=dict(public=['postgres'])),
        )
Exemplo n.º 2
0
def test_postprocess_grants():
    from ldap2pg.manager import SyncManager, Grant, Acl
    from ldap2pg.privilege import DefAcl

    manager = SyncManager(
        privileges=dict(ro=DefAcl(name='ro')),
        privilege_aliases=dict(ro=['ro']),
    )

    # No owners
    acl = manager.postprocess_acl(Acl(), schemas=dict())
    assert 0 == len(acl)

    acl = Acl([Grant(privilege='ro', dbname=['db'], schema=None)])
    acl = manager.postprocess_acl(
        acl, schemas=dict(db=dict(
            public=['postgres', 'owner'],
            ns=['owner'],
        )),
    )

    # One grant per schema, per owner
    assert 3 == len(acl)
Exemplo n.º 3
0
def test_postprocess_acl_bad_database():
    from ldap2pg.manager import SyncManager, Grant, Acl, UserError
    from ldap2pg.privilege import NspAcl
    from ldap2pg.utils import make_group_map

    privileges = dict(ro=NspAcl(name='ro', inspect='SQL'))
    manager = SyncManager(
        privileges=privileges, privilege_aliases=make_group_map(privileges),
    )

    acl = Acl([Grant('ro', ['inexistantdb'], None, 'alice')])
    schemas = dict(postgres=dict(public=['postgres']))

    with pytest.raises(UserError) as ei:
        manager.postprocess_acl(acl, schemas)
    assert 'inexistantdb' in str(ei.value)