def _sudo_eq_checker(self): for action in grant: self.perm_system.revoke_permission('testuser', action) realperm = self.perm self.perm = sudo(None, [], grant, []) self.perm.perm = realperm target(self)
def test_sudo_fail_require(self): sudoperm = sudo(None, 'EMAIL_VIEW', ['TEST_ADMIN']) sudoperm.perm = self.perm with self.assertRaises(perm.PermissionError) as test_cm: sudoperm.require('TRAC_ADMIN') self.assertEqual('EMAIL_VIEW', test_cm.exception.action)
def test_sudo_grant_meta_perm(self): self.env.parent.enable_component(perm.PermissionSystem) self.env.enable_component(perm.PermissionSystem) del self.env.parent.enabled[perm.PermissionSystem] del self.env.enabled[perm.PermissionSystem] sudoperm = sudo(None, 'TEST_CREATE', ['TRAC_ADMIN']) sudoperm.perm = self.perm self.assertTrue(sudoperm.has_permission('EMAIL_VIEW'))
def process_request(self, req): """Anticipate permission error to hijack admin panel dispatching process in product context if `TRAC_ADMIN` expectations are not met. """ # TODO: Verify `isinstance(self.env, ProductEnvironment)` once again ? cat_id = req.args.get('cat_id') panel_id = req.args.get('panel_id') if self._check_panel(cat_id, panel_id): with sudo(req): return self.global_process_request(req) else: raise HTTPNotFound(_('Unknown administration panel'))
def test_sudo_ambiguous(self): with self.assertRaises(ValueError) as test_cm: sudo(None, 'TEST_MODIFY', ['TEST_MODIFY', 'TEST_DELETE'], ['TEST_MODIFY', 'TEST_CREATE']) self.assertEquals('Impossible to grant and revoke (TEST_MODIFY)', str(test_cm.exception)) with self.assertRaises(ValueError) as test_cm: sudoperm = sudo(None, 'TEST_MODIFY', ['TEST_ADMIN'], ['TEST_MODIFY', 'TEST_CREATE']) sudoperm.perm = self.perm self.assertEquals('Impossible to grant and revoke ' '(TEST_CREATE, TEST_MODIFY)', str(test_cm.exception)) with self.assertRaises(ValueError) as test_cm: req = Mock(perm=self.perm) sudo(req, 'TEST_MODIFY', ['TEST_ADMIN'], ['TEST_MODIFY', 'TEST_CREATE']) self.assertEquals('Impossible to grant and revoke ' '(TEST_CREATE, TEST_MODIFY)', str(test_cm.exception))
def test_sudo_wrong_context(self): sudoperm = sudo(None, 'EMAIL_VIEW', ['TEST_ADMIN']) with self.assertRaises(RuntimeError) as test_cm: sudoperm.has_permission('TEST_MODIFY') self.assertEqual('Permission check out of context', str(test_cm.exception)) with self.assertRaises(ValueError) as test_cm: with sudoperm: pass self.assertEquals('Context manager not bound to request object', str(test_cm.exception))