async def test_select(): assert SQLQueryInfo.parse_select('aa') == {'aa'} assert SQLQueryInfo.parse_select('aa,') == {'aa'} assert SQLQueryInfo.parse_select('aa,bbb') == {'aa', 'bbb'} assert SQLQueryInfo.parse_select('aa, bbb') == {'aa', 'bbb'} assert SQLQueryInfo.parse_select('aa, \nbbb') == {'aa', 'bbb'} assert SQLQueryInfo.parse_select('*') == ALL_COLUMNS try: SQLQueryInfo.parse_select(',') assert False except Exception as e: assert isinstance(e, InvalidParams) try: SQLQueryInfo.parse_select(',,,') assert False except Exception as e: assert isinstance(e, InvalidParams) sqi = SQLQueryInfo() try: sqi.set_select([1, 2, '3']) assert False except Exception as e: assert isinstance(e, AssertionError) try: sqi.set_select(None) assert False except Exception as e: assert isinstance(e, InvalidParams) assert sqi.set_select(ALL_COLUMNS) is None assert sqi.set_select(['1', '2', '3']) is None assert sqi.set_select({'1', '2', '3'}) is None
def test_query_condition_clear_by_check(): """ 查询权限被检查机制清空的情况 :return: """ sqi = SQLQueryInfo() sqi.select = sqi.parse_select('username, nickname, password') sqi.parse_then_add_condition('phone', '=', 'b') sqi.parse_then_add_condition('phone', '>', '100') # # 所有查询条件都被权限机制清空 with pytest.raises(PermissionDenied) as excinfo: sqi.check_query_permission_full(None, 'user', ab, None, ignore_error=True) assert sqi.conditions == [] sqi = SQLQueryInfo() sqi.select = sqi.parse_select('username, nickname, password') sqi.parse_then_add_condition('phone', '=', 'b') sqi.parse_then_add_condition('username', '=', 'b') sqi.check_query_permission_full(None, 'user', ab, None, ignore_error=True) with pytest.raises(PermissionDenied) as excinfo: sqi = SQLQueryInfo() sqi.select = sqi.parse_select('username, nickname, password') sqi.parse_then_add_condition('phone', '=', 'b') sqi.parse_then_add_condition('username', '=', 'b') sqi.check_query_permission_full(None, 'user', ab, None, ignore_error=False)
def test_query_add_func(): ab1 = Ability({}, based_on=ab) def func1(ability: Ability, user, query: 'SQLQueryInfo', view: "AbstractSQLView"): query.add_condition('nickname', '=', 'aa') ab1.add_query_condition('user', func=func1) sqi = SQLQueryInfo() sqi.select = sqi.parse_select('username, nickname, password') sqi.parse_then_add_condition('username', '=', 'b') sqi.check_query_permission_full(None, 'user', ab1, None) assert sqi.conditions == [['username', SQL_OP.EQ, 'b'], ['nickname', SQL_OP.EQ, 'aa'],] ab2 = Ability({}, based_on=ab) def func2(ability: Ability, user, query: 'SQLQueryInfo'): query.add_condition('nickname', '=', 'aa') ab2.add_query_condition('user', func=func2) sqi = SQLQueryInfo() sqi.select = sqi.parse_select('username, nickname, password') sqi.parse_then_add_condition('username', '=', 'b') sqi.check_query_permission_full(None, 'user', ab2, None) assert sqi.conditions == [['username', SQL_OP.EQ, 'b'], ['nickname', SQL_OP.EQ, 'aa'],]
def test_query_ex_filter(): sqi = SQLQueryInfo() sqi.select = sqi.parse_select('username, nickname, password') sqi.parse_then_add_condition('username', 'like', 'b') sqi.parse_then_add_condition('nickname', 'like', 'b') sqi.check_query_permission_full(None, 'user', ab, None) assert sqi.conditions == [['nickname', SQL_OP.LIKE, 'b']]
def test_query_condition_add2(): """ 测试添加多个条件 """ ab2 = Ability({}, based_on=ab) ab2.add_query_condition('user', [ ['username', 'like', '1%'], ['nickname', 'like', '1%'], ]) sqi = SQLQueryInfo() sqi.select = sqi.parse_select('username, nickname, password') sqi.parse_then_add_condition('username', '=', 'b') sqi.check_query_permission_full(None, 'user', ab2, None) assert sqi.conditions == [['username', SQL_OP.EQ, 'b'], ['username', SQL_OP.LIKE, '1%'], ['nickname', SQL_OP.LIKE, '1%']]
def test_query_condition_add1(): """ 测试添加单个条件 :return: """ ab1 = Ability({}, based_on=ab) ab1.add_query_condition('user', ['phone', '>=', '123456']) sqi = SQLQueryInfo() sqi.select = sqi.parse_select('username, nickname, password') sqi.parse_then_add_condition('username', '=', 'b') assert sqi.conditions[-1] == ['username', SQL_OP.EQ, 'b'] sqi.check_query_permission_full(None, 'user', ab1, None) assert sqi.conditions[-1] == ['phone', SQL_OP.GE, '123456']