def test_package_read_is_not_allowed_if_user_is_anonymous_and_package_private( self): package = Package.query.join(Publisher) \ .filter(Package.name == 'test_package', Publisher.name == self.publisher2.name).one() allowed = is_authorize(None, package, 'Package::Read') self.assertFalse(allowed)
def check_is_authorized(action, publisher, package=None, user_id=None): entity_str, action_str = action.split("::") if entity_str == 'Package': publisher_name, package_name = publisher, package instance = Package.get_by_publisher(publisher_name, package_name) elif entity_str == 'Publisher': publisher_name = publisher instance = Publisher.query.filter_by(name=publisher_name).one() else: raise InvalidUsage("{e} is not a valid one".format(e=entity_str), 401) return is_authorize(user_id, instance, action)
def test_publisher_add_member_is_authorize_if_user_is_owner(self): allowed = is_authorize(11, self.publisher, 'Publisher::AddMember') self.assertTrue(allowed)
def test_publisher_delete_is_not_allowed_if_user_is_anonymous(self): allowed = is_authorize(None, self.publisher1, 'Publisher::Delete') self.assertFalse(allowed)
def test_publisher_delete_is_not_allowed_if_user_is_member(self): allowed = is_authorize(11, self.publisher1, 'Publisher::Delete') self.assertFalse(allowed)
def test_publisher_delete_is_authorize_if_user_is_sysadmin(self): allowed = is_authorize(12, self.publisher, 'Publisher::Delete') self.assertTrue(allowed)
def test_publisher_delete_is_authorize_if_user_is_owner(self): allowed = is_authorize(11, self.publisher, 'Publisher::Delete') self.assertTrue(allowed)
def test_publisher_read_is_not_allowed_if_user_is_anonymous_and_package_private( self): allowed = is_authorize(None, self.publisher2, 'Publisher::Read') self.assertFalse(allowed)
def test_publisher_read_is_authorize_if_user_is_anonymous(self): allowed = is_authorize(None, self.publisher, 'Publisher::Read') self.assertTrue(allowed)
def test_publisher_read_is_authorize_if_user_is_member(self): allowed = is_authorize(11, self.publisher1, 'Publisher::Read') self.assertTrue(allowed)
def test_publisher_create_is_not_allowed_if_user_is_logged_in(self): package = Package.query.join(Publisher) \ .filter(Package.name == 'test_package', Publisher.name == self.publisher1.name).one() allowed = is_authorize(13, package, 'Publisher::Create') self.assertTrue(allowed)
def test_package_add_member_is_not_allowed_if_user_is_anonymous(self): package = Package.query.join(Publisher) \ .filter(Package.name == 'test_package', Publisher.name == self.publisher1.name).one() allowed = is_authorize(None, package, 'Package::Delete') self.assertFalse(allowed)
def test_package_add_member_is_authorize_if_user_is_member(self): package = Package.query.join(Publisher) \ .filter(Package.name == 'test_package', Publisher.name == self.publisher1.name).one() allowed = is_authorize(11, package, 'Package::Delete') self.assertTrue(allowed)
def test_package_delete_is_authorize_if_user_is_sysadmin(self): package = Package.query.join(Publisher) \ .filter(Package.name == 'test_package', Publisher.name == self.publisher.name).one() allowed = is_authorize(12, package, 'Package::Purge') self.assertTrue(allowed)
def test_package_read_is_authorize_if_user_is_owner(self): package = Package.query.join(Publisher)\ .filter(Package.name == 'test_package', Publisher.name == self.publisher.name).one() allowed = is_authorize(11, package, 'Package::Read') self.assertTrue(allowed)
def test_publisher_add_member_is_not_allowed_if_user_is_anonymous(self): allowed = is_authorize(None, self.publisher1, 'Publisher::AddMember') self.assertFalse(allowed)