def test_grants_needs(users, roles): user = users[0] role = roles[0] grant1 = Grant(user, "manage") grant2 = Grant(role, "view") dict_ = {"subject": "sysrole", "id": "system", "level": "view"} grant3 = Grant.from_dict(dict_) grants = Grants([grant1, grant2, grant3]) assert len(grants.needs("view")) == 3
def test_grant_from_dict(users): user = users[0] grant_dict = {"subject": "user", "id": user.id, "level": "view"} grant = Grant.from_dict(grant_dict) assert grant.subject_type == "user" assert grant.subject_id == user.id assert grant.subject == user
def test_grant_creation(users, roles): user = users[0] role = roles[0] grant = Grant(user, "view") assert grant.subject_type == "user" assert grant.subject_id == user.id assert grant.subject == user grant = Grant(role, "view") assert grant.subject_type == "role" assert grant.subject_id == role.id assert grant.subject == role grant = Grant(None, "view", subject_type="sysrole", subject_id="system") assert grant.subject_type == "sysrole" assert grant.subject_id == "system" assert grant.subject is None
def test_grant_from_token(): token = "{}.{}.{}".format( b64encode("sysrole".encode()).decode(), b64encode("system".encode()).decode(), b64encode("view".encode()).decode(), ) grant = Grant.from_token(token) dict_ = {"subject": "sysrole", "id": "system", "level": "view"} assert grant.to_dict() == dict_
def test_grant_to_token(): dict_ = {"subject": "sysrole", "id": "system", "level": "view"} grant = Grant.from_dict(dict_) token = "{}.{}.{}".format( b64encode("sysrole".encode()).decode(), b64encode("system".encode()).decode(), b64encode("view".encode()).decode(), ) assert grant.to_token() == token
def test_grants_dump(users, roles): user = users[0] role = roles[0] grant1 = Grant(user, "manage") grant2 = Grant(role, "view") dict_ = {"subject": "sysrole", "id": "system", "level": "view"} grant3 = Grant.from_dict(dict_) grants = Grants([grant1, grant2, grant3]) dump = grants.dump() assert len(dump) == 3 assert grant1.to_dict() in dump assert grant2.to_dict() in dump assert grant3.to_dict() in dump
def test_grant_to_need(users, roles): user = users[0] role = roles[0] grant = Grant(user, "view") need = grant.to_need() assert need.method == "id" assert need.value == user.id grant = Grant(role, "view") need = grant.to_need() assert need.method == "role" assert need.value == role.name dict_ = {"subject": "sysrole", "id": "system", "level": "view"} grant = Grant.from_dict(dict_) need = grant.to_need() assert need.method == "system_role" assert need.value == "system"
def test_grant_to_and_from_token(): dict_ = {"subject": "sysrole", "id": "system", "level": "view"} grant = Grant.from_dict(dict_) assert Grant.from_token(grant.to_token()) == grant
def test_grant_tokens_dumper_query(app, db, minimal_record, users, identity_simple, location): """Test grant token dumper extension queries.""" id1 = str(users[0].id) id2 = str(users[1].id) grant1 = Grant.from_dict({"subject": "user", "id": id1, "level": "view"}) grant2 = Grant.from_dict({"subject": "user", "id": id2, "level": "manage"}) grant3 = Grant.from_dict({ "subject": "user", "id": id1, "level": "viewfull" }) minimal_record["access"]["grants"] = [ grant1.to_dict(), grant2.to_dict(), ] # Create the record service = current_rdm_records.records_service service.create(identity_simple, minimal_record) minimal_record["access"]["grants"] = [ grant2.to_dict(), ] service.create(identity_simple, minimal_record) RDMDraft.index.refresh() # Search for it assert (service.search( identity_simple, { "q": "access.grant_tokens:{}".format(grant1.to_token()) }, status="draft", ).total == 1) assert (service.search( identity_simple, { "q": "access.grant_tokens:{}".format(grant2.to_token()) }, status="draft", ).total == 2) assert (service.search( identity_simple, { "q": "access.grant_tokens:{}".format(grant3.to_token()) }, status="draft", ).total == 0) assert (service.search( identity_simple, { "q": "access.grant_tokens:actually.invalid.token" }, status="draft", ).total == 0)