def test_delete_object_with_select(self):
# objects associated with root access level
root_level_objects = [
ExemplaryModel(id=1,
string_field='some_string',
integer_field=randrange(100000)),
ExemplaryModel(id=2,
string_field='some_string',
integer_field=randrange(100000)),
ExemplaryModel(id=3,
string_field='some_string',
integer_field=randrange(100000)),
ExemplaryModel(id=4,
string_field='some_string',
integer_field=randrange(100000)),
]
self.session.add_all(root_level_objects)
self.session.commit()
ACL.set_user(ACL.Users.get(username='******'))
# get first object (object with id = 1)
object = self.session.query(ExemplaryModel).get(1)
# delete object and commit changes to database
self.session.delete(object)
self.session.commit()
# create set corresponding to initial list without first object
after_deletion = set(root_level_objects) - {object}
# assert with select query result
self.assertEqual(after_deletion,
set(self.session.query(ExemplaryModel).all()))
ACL.unset_user()
def decorated_function(*args, **kwargs):
credentials = http_auth.current_user()
ACL.set_user(ACL.Users.get(**credentials))
response = f(*args, **kwargs)
ACL.unset_user()
return response
def setup_acl(engine):
from sqlalchemy_acl import ACL
from .models import UserModel
ACL.setup(engine, user_model=UserModel, access_levels_config=ACL_CONFIG_PATH)
def setUp(self):
self.session, self.engine = setup_database(
DefaultSetupMixin.WHOLE_DB_PATH)
ACL.setup(self.engine)
# tabela z poziomami dostępu
director_acl = AccessLevelModel(role_description='Executive Director',
parent=ACL.root_access_level)
project_manager_acl = AccessLevelModel(
role_description='Project Manager', parent=director_acl)
software_developer_acl = AccessLevelModel(
role_description='Software Developer', parent=project_manager_acl)
network_admin_acl = AccessLevelModel(role_description='Network Admin',
parent=project_manager_acl)
devops_acl = AccessLevelModel(role_description='Dev Ops',
parent=project_manager_acl)
software_dev_intern_acl = AccessLevelModel(
role_description='Software Developer Intern',
parent=software_developer_acl)
network_admin_intern_acl = AccessLevelModel(
role_description='Network Admin Intern', parent=network_admin_acl)
ACL.AccessLevels.add([
director_acl, project_manager_acl, software_developer_acl,
network_admin_intern_acl, devops_acl, software_dev_intern_acl,
network_admin_intern_acl
])
# użytkownicy z odpowiednimi trybami dostępu (najlepiej po kilku na jeden tryb)
ACL.Users.add([
ACL.UserModel(username='******'),
ACL.UserModel(username='******')
], ACL.root_access_level)
ACL.Users.add([
ACL.UserModel(username='******'),
ACL.UserModel(username='******')
], project_manager_acl)
ACL.Users.add([
ACL.UserModel(username='******'),
ACL.UserModel(username='******'),
ACL.UserModel(username='******'),
ACL.UserModel(username='******')
], software_developer_acl)
ACL.Users.add([
ACL.UserModel(username='******'),
ACL.UserModel(username='******'),
ACL.UserModel(username='******'),
ACL.UserModel(username='******'),
ACL.UserModel(username='******'),
ACL.UserModel(username='******')
], software_dev_intern_acl)
ACL.Users.add([
ACL.UserModel(username='******'),
ACL.UserModel(username='******'),
ACL.UserModel(username='******'),
ACL.UserModel(username='******')
], network_admin_acl)
ACL.Users.add([
ACL.UserModel(username='******'),
ACL.UserModel(username='******'),
ACL.UserModel(username='******'),
ACL.UserModel(username='******'),
ACL.UserModel(username='******'),
ACL.UserModel(username='******')
], network_admin_intern_acl)
def setUp(self):
call('../utils/start_postgres.sh')
time.sleep(3)
self.session, self.engine = setup_database(PostgresSetupMixin.DB_PATH)
ACL.setup(self.engine,
access_levels_config=ParseYAMLSetupMixin.ACL_CONFIG)
# create exemplary users
ACL.Users.add([
ACL.UserModel(username='******'),
ACL.UserModel(username='******')
], ACL.root_access_level)
ACL.Users.add([
ACL.UserModel(username='******'),
ACL.UserModel(username='******')
], ACL.AccessLevels.get(role_description='Project Manager'))
ACL.Users.add([
ACL.UserModel(username='******'),
ACL.UserModel(username='******'),
ACL.UserModel(username='******'),
ACL.UserModel(username='******')
], ACL.AccessLevels.get(role_description='Software Developer'))
ACL.Users.add([
ACL.UserModel(username='******'),
ACL.UserModel(username='******'),
ACL.UserModel(username='******'),
ACL.UserModel(username='******'),
ACL.UserModel(username='******'),
ACL.UserModel(username='******')
], ACL.AccessLevels.get(role_description='Software Developer Intern'))
ACL.Users.add([
ACL.UserModel(username='******'),
ACL.UserModel(username='******'),
ACL.UserModel(username='******'),
ACL.UserModel(username='******')
], ACL.AccessLevels.get(role_description='Network Admin'))
ACL.Users.add([
ACL.UserModel(username='******'),
ACL.UserModel(username='******'),
ACL.UserModel(username='******'),
ACL.UserModel(username='******'),
ACL.UserModel(username='******'),
ACL.UserModel(username='******')
], ACL.AccessLevels.get(role_description='Network Admin Intern'))
def setUp(self):
self.session, self.engine = setup_database(
ParseYAMLSetupMixin.WHOLE_DB_PATH)
ACL.setup(self.engine,
access_levels_config=ParseYAMLSetupMixin.ACL_CONFIG)
# create exemplary users
ACL.Users.add([
ACL.UserModel(username='******'),
ACL.UserModel(username='******')
], ACL.root_access_level)
ACL.Users.add([ACL.UserModel(username='******')],
ACL.AccessLevels.get(role_description='Tradesman'))
ACL.Users.add([
ACL.UserModel(username='******'),
ACL.UserModel(username='******')
], ACL.AccessLevels.get(role_description='Tradesman Junior'))
ACL.Users.add([ACL.UserModel(username='******')],
ACL.AccessLevels.get(role_description='Accountant'))
ACL.Users.add(
[ACL.UserModel(username='******')],
ACL.AccessLevels.get(role_description='Accountant Junior'))
ACL.Users.add(
[ACL.UserModel(username='******')],
ACL.AccessLevels.get(role_description='Accountant Intern'))
ACL.Users.add([ACL.UserModel(username='******')],
ACL.AccessLevels.get(role_description='Buyer'))
ACL.Users.add(
[ACL.UserModel(username='******')],
ACL.AccessLevels.get(role_description='Storehouse Chief'))
properties = row[:-1]
print('\tObject properties: {0}'.format(properties))
print('\tAccess levels list: {0}\n'.format(access_levels))
session.add(CurrentModel(*properties))
session.commit()
entry = ACL.inner_session.query(ACLEntryModel) \
.filter(ACLEntryModel.dest_id == object_id, ACLEntryModel.dest_table == tablename) \
.all()[0]
entry.access_levels.extend(
ACL.inner_session.query(AccessLevelModel).filter(
AccessLevelModel.id.in_(access_levels)).all())
ACL.inner_session.add(entry)
ACL.inner_session.commit()
if __name__ == '__main__':
Base = declarative_base()
engine = create_engine(DB_URI, echo=False)
Session = sessionmaker(bind=engine)
session = Session()
if not database_exists(engine.url):
Base.metadata.create_all(bind=engine)
create_database(engine.url)
from .models import UserModel
ACL.setup(engine, UserModel, 'acl-config.yam;')
import_from_csv(session)