def options(self): user = session.get('auth_user', {}) option = { 'POST': Auth.has_permission(user, 'add_document'), 'PUT': Auth.has_permission(user, 'add_document,modify_document'), 'DELETE': Auth.has_permission(user, 'delete_document') } if request.args.get('method'): if not option.get(request.args.get('method')): option['notify_msg'] = { 'title': 'No Permission', 'message': 'You do not have permission to perform that action', 'type': 'error' } return Response( response=json.dumps(option), status=403 if not option.get(request.args.get('method')) else 200, content_type='application/json') return Response(response=json.dumps(option), content_type='application/json', status=200)
def options(self): user = session.get('auth_user', {}) option = { 'POST': Auth.has_permission(user, 'upload_archive_document'), } if request.args.get('method'): if not option.get(request.args.get('method')): option['notify_msg'] = { 'title': 'No Permission', 'message': 'You do not have permission to perform that action', 'type': 'error' } return Response( response=json.dumps(option), status=403 if not option.get(request.args.get('method')) else 200, content_type='application/json') return Response(response=json.dumps(option), content_type='application/json', status=200)
def test_missing_single_permission_from_set(user_mock): assert Auth.has_permission(user_mock, ['add', 'modify', 'delete', 'restore']) is False
def test_missing_permission(user_mock): assert Auth.has_permission(user_mock, ['restore']) is False
def test_has_multiple_permissions_subset(user_mock): assert Auth.has_permission(user_mock, ['add', 'modify']) is True
def test_has_multiple_permissions(user_mock): assert Auth.has_permission(user_mock, ['add', 'modify', 'delete']) is True
def test_has_single_permission(user_mock): assert Auth.has_permission(user_mock, 'add') is True