def test_dictionary_defination_usage():
@authorization_method
def authorize(user, abilities):
if user.is_admin:
# self.can_manage(ALL)
abilities.append(MANAGE, ALL)
else:
abilities.append(READ, ALL)
abilities.append(EDIT, Article, author=user)
authorization_target(User)
sally = User(name='sally', admin=False)
billy = User(name='billy', admin=True)
article = Article(author=sally)
# check abilities
assert sally.can(EDIT, article)
billys_article = Article(author=billy)
assert sally.cannot(EDIT, billys_article)
assert billy.can(EDIT, billys_article)
def test_cannot_override():
@authorization_method
def authorize(user, they):
they.can(MANAGE, ALL)
they.cannot(DELETE, Article)
authorization_target(User)
sally = User(name='sally', admin=False)
# test checks againsts a articles in general
assert sally.can(READ, Article)
assert sally.cannot(DELETE, Article)
article = Article(author=sally)
# test checks againsts a specific article
assert sally.can(READ, article)
assert sally.cannot(DELETE, article)
