def test_admin_has_permission(self):
""" Admins always have permission """
access = IAccessBackend(None)
access.is_admin = lambda x: True
with patch.object(pypicloud.access, 'unauthenticated_userid') as userid:
userid.return_value = 'abc'
self.assertTrue(access.has_permission('p1', 'write'))
def test_group_permissions(self):
""" 'group:name' specifier gets turned into 'group' """
access = IAccessBackend(None)
with patch.object(access, 'group_permissions') as grp:
perms = access.principal_permissions('p1', 'group:brotatos')
grp.assert_called_with('p1', 'brotatos')
self.assertEqual(perms, grp())
def test_authenticated_permissions(self):
""" Authenticated gets converted to 'authenticated' """
access = IAccessBackend(None)
with patch.object(access, 'group_permissions') as grp:
perms = access.principal_permissions('p1', Authenticated)
grp.assert_called_with('p1', 'authenticated')
self.assertEqual(perms, grp())
def test_everyone_permissions(self):
""" Everyone gets converted to 'everyone' """
access = IAccessBackend(None)
with patch.object(access, 'group_permissions') as grp:
perms = access.principal_permissions('p1', Everyone)
grp.assert_called_with('p1', 'everyone')
self.assertEqual(perms, grp())
def setUp(self):
super(TestBaseBackend, self).setUp()
self.backend = IAccessBackend(self.request)
patch.object(self.backend, 'verify_user').start()
patch.object(self.backend, 'groups').start()
patch.object(self.backend, 'is_admin').start()
patch.object(self.backend, 'group_permissions').start()
patch.object(self.backend, 'user_permissions').start()
self.request.access = self.backend
def test_admin_principal(self):
""" Admin user has the 'admin' principal """
access = IAccessBackend(None)
access.is_admin = lambda x: True
with patch.object(access, 'groups') as groups:
groups.return_value = ['brotatos']
principals = access.user_principals('abc')
self.assertItemsEqual(principals, [Everyone, Authenticated, 'admin',
'group:brotatos', 'user:abc'])
def test_load(self):
""" Base backend has no default implementation for load() """
access = IAccessBackend(None)
with self.assertRaises(TypeError):
access.load({})
def test_admin_has_permission(self):
""" Admins always have permission """
self.request.userid = 'abc'
access = IAccessBackend(self.request)
access.is_admin = lambda x: True
self.assertTrue(access.has_permission('p1', 'write'))
def test_admin_permissions(self):
""" Admins always have read/write permissions """
access = IAccessBackend(None)
perms = access.principal_permissions('p1', 'admin')
self.assertEqual(perms, ['read', 'write'])
