def wrapped(*args, **kwargs):  # pylint: disable=missing-docstring

            user = getattr(request.authorization, "username", None)
            target = getattr(g, "username", None)

            checker = PermissionsChecker()
            # pylint: disable=undefined-variable
            checker.check_permission(
                PERMISSIONS.get(permission.get("permission")), user, target, getattr(g, "tournament_id", None)
            )

            return func(*args, **kwargs)
    def test_superuser(self):
        """check if a user is an organiser"""
        self.assertFalse(Account.query.\
            filter_by(username=self.acc_1).first().is_superuser)

        checker = PermissionsChecker()
        Account.query.filter_by(username=self.acc_1).first().is_superuser = True
        self.injector.inject(self.tourn_1)

        self.assertTrue(checker.check_permission(
            'enter_score',
            self.acc_1,
            None,
            self.tourn_1))
def all_tournaments_with_permission(action, username):
    """Find all tournaments where user has action. Returns list"""
    all_tournaments = TournamentDAO.query.\
        filter(TournamentDAO.date >= date.today()).\
        order_by(TournamentDAO.date.asc()).all()
    checker = PermissionsChecker()
    modifiable_tournaments = []

    for tourn in all_tournaments:
        try:
            if checker.check_permission(action, username, None, tourn.name):
                modifiable_tournaments.append(tourn.name)
        except PermissionDeniedException:
            pass

    return modifiable_tournaments
    def test_is_organiser(self):
        """check if a user is an organiser"""
        checker = PermissionsChecker()
        self.injector.inject(self.tourn_1)
        creator = '{}_creator'.format(self.tourn_1)

        options = [None, 'ranking_test', 'not_a_tournament', '', 'lisa', \
            'not_a_person', 'superman', 'permission_test', self.tourn_1, \
            creator]

        self.assertTrue(checker.is_organiser(creator, self.tourn_1))

        for user in options:
            for tourn in options:
                if user == creator and tourn == self.tourn_1:
                    self.assertTrue(checker.is_organiser(user, tourn))
                else:
                    self.assertFalse(checker.is_organiser(user, tourn))
    def test_remove_permissions(self):
        """Test that users can have their permissions removed"""

        checker = PermissionsChecker()
        self.injector.inject(self.tourn_1)
        player = '{}_player_1'.format(self.tourn_1)
        tourn_prot_obj = Tournament(self.tourn_1).get_dao().protected_object

        checker.add_permission(player, 'modify_application', tourn_prot_obj)
        prot_objs = ProtectedObject.query.count()
        prot_obj_actions = ProtObjAction.query.count()
        prot_obj_perms = ProtObjPerm.query.count()
        acc_perms = AccountProtectedObjectPerm.query.count()

        checker.remove_permission(player, 'modify_application', tourn_prot_obj)

        compare(prot_objs, ProtectedObject.query.count())
        compare(prot_obj_actions, ProtObjAction.query.count())
        compare(prot_obj_perms, ProtObjPerm.query.count())
        # the one account should now have lost it's permissions
        compare(acc_perms - 1, AccountProtectedObjectPerm.query.count())
    def test_check_permissions(self):
        """Test the entrypoint method"""
        checker = PermissionsChecker()
        self.injector.inject(self.tourn_1, num_players=2)
        t_player_1 = '{}_player_1'.format(self.tourn_1)

        # player for themselves
        self.assertTrue(checker.check_permission(
            'enter_score',
            t_player_1,
            t_player_1,
            self.tourn_1))

        # player for random user
        self.assertRaises(PermissionDeniedException,
                          checker.check_permission,
                          'enter_score',
                          t_player_1,
                          self.acc_1,
                          self.tourn_1)

        # player who is not superuser
        self.assertRaises(PermissionDeniedException,
                          checker.check_permission,
                          'enter_score',
                          t_player_1,
                          None,
                          self.tourn_1)

        # random user
        self.assertRaises(PermissionDeniedException,
                          checker.check_permission,
                          'enter_score',
                          self.acc_1,
                          None,
                          self.tourn_1)