Пример #1
0
    def options(self):
        user = session.get('auth_user', {})
        option = {
            'POST': Auth.has_permission(user, 'add_document'),
            'PUT': Auth.has_permission(user, 'add_document,modify_document'),
            'DELETE': Auth.has_permission(user, 'delete_document')
        }

        if request.args.get('method'):
            if not option.get(request.args.get('method')):
                option['notify_msg'] = {
                    'title': 'No Permission',
                    'message':
                    'You do not have permission to perform that action',
                    'type': 'error'
                }

            return Response(
                response=json.dumps(option),
                status=403
                if not option.get(request.args.get('method')) else 200,
                content_type='application/json')

        return Response(response=json.dumps(option),
                        content_type='application/json',
                        status=200)
Пример #2
0
    def options(self):
        user = session.get('auth_user', {})
        option = {
            'POST': Auth.has_permission(user, 'upload_archive_document'),
        }

        if request.args.get('method'):
            if not option.get(request.args.get('method')):
                option['notify_msg'] = {
                    'title': 'No Permission',
                    'message': 'You do not have permission to perform that action',
                    'type': 'error'
                }

            return Response(
                response=json.dumps(option),
                status=403 if not option.get(request.args.get('method')) else 200,
                content_type='application/json')

        return Response(response=json.dumps(option), content_type='application/json', status=200)
Пример #3
0
def test_missing_single_permission_from_set(user_mock):
    assert Auth.has_permission(user_mock, ['add', 'modify', 'delete', 'restore']) is False
Пример #4
0
def test_missing_permission(user_mock):
    assert Auth.has_permission(user_mock, ['restore']) is False
Пример #5
0
def test_has_multiple_permissions_subset(user_mock):
    assert Auth.has_permission(user_mock, ['add', 'modify']) is True
Пример #6
0
def test_has_multiple_permissions(user_mock):
    assert Auth.has_permission(user_mock, ['add', 'modify', 'delete']) is True
Пример #7
0
def test_has_single_permission(user_mock):
    assert Auth.has_permission(user_mock, 'add') is True
Пример #8
0
def test_missing_single_permission_from_set(user_mock):
    assert Auth.has_permission(user_mock,
                               ['add', 'modify', 'delete', 'restore']) is False
Пример #9
0
def test_missing_permission(user_mock):
    assert Auth.has_permission(user_mock, ['restore']) is False
Пример #10
0
def test_has_multiple_permissions_subset(user_mock):
    assert Auth.has_permission(user_mock, ['add', 'modify']) is True
Пример #11
0
def test_has_multiple_permissions(user_mock):
    assert Auth.has_permission(user_mock, ['add', 'modify', 'delete']) is True
Пример #12
0
def test_has_single_permission(user_mock):
    assert Auth.has_permission(user_mock, 'add') is True