def test_write_auth_ignores_r_users_field(self): user2 = User('test2', 'sdfsdf', 'sdfsdf') doc = Doc('docid', 'title', ['test1'], ['test'], None, None, None, False) with app.test_request_context("/"): self.assertRaises(AuthenticationException, BokehServerTransaction, user2, doc, 'rw')
def test_read_auth_checks_both_fields(self): user2 = User('test2', 'sdfsdf', 'sdfsdf') user = User('test1', 'sdfsdf', 'sdfsdf') doc = Doc('docid', 'title', ['test1'], ['test2'], None, None, None, False) with app.test_request_context("/"): BokehServerTransaction(user, doc, 'r') with app.test_request_context("/"): BokehServerTransaction(user2, doc, 'r')
def test_permissions_with_temporary_docid(self): user = User('test1', 'sdfsdf', 'sdfsdf') doc = Doc('docid', 'title', [], ['test2'], None, None, None, False) # with temporary docid, a user must be able to read in order to get write access # this call should fail with app.test_request_context("/"): self.assertRaises(AuthenticationException, BokehServerTransaction, user, doc, 'rw', temporary_docid="foobar")