def __init__(self, user_id, tenant_id, is_admin=None, roles=None, timestamp=None, request_id=None, tenant_name=None, user_name=None, overwrite=True, auth_token=None, is_advsvc=None, **kwargs): """Object initialization. :param overwrite: Set to False to ensure that the greenthread local copy of the index is not overwritten. :param kwargs: Extra arguments that might be present, but we ignore because they possibly came in from older rpc messages. """ super(ContextBase, self).__init__(auth_token=auth_token, user=user_id, tenant=tenant_id, is_admin=is_admin, request_id=request_id, overwrite=overwrite, roles=roles) self.user_name = user_name self.tenant_name = tenant_name if not timestamp: timestamp = datetime.datetime.utcnow() self.timestamp = timestamp self.is_advsvc = is_advsvc if self.is_advsvc is None: self.is_advsvc = self.is_admin or policy.check_is_advsvc(self) if self.is_admin is None: self.is_admin = policy.check_is_admin(self)
def __init__(self, user_id=None, tenant_id=None, is_admin=None, timestamp=None, tenant_name=None, user_name=None, is_advsvc=None, **kwargs): """Object initialization. :param kwargs: Extra arguments that might be present, but we ignore because they possibly came in from older rpc messages. """ # NOTE(jamielennox): We maintain these arguments in order for tests # that pass arguments positionally. kwargs.setdefault('user', user_id) kwargs.setdefault('tenant', tenant_id) super(ContextBase, self).__init__(is_admin=is_admin, **kwargs) self.user_name = user_name self.tenant_name = tenant_name if not timestamp: timestamp = datetime.datetime.utcnow() self.timestamp = timestamp self.is_advsvc = is_advsvc if self.is_advsvc is None: self.is_advsvc = self.is_admin or policy.check_is_advsvc(self) if self.is_admin is None: self.is_admin = policy.check_is_admin(self)
def test_check_is_not_advsvc_admin(self): ctx = _context.Context('me', 'my_project').elevated() self.assertTrue(policy.check_is_admin(ctx)) self.assertFalse(policy.check_is_advsvc(ctx))
def test_check_is_admin_no_roles_no_admin(self): policy.init(policy_file='no_policy.json') ctx = _context.Context('me', 'my_project', roles=['user']).elevated() # With no admin role, elevated() should not work. self.assertFalse(policy.check_is_admin(ctx))
def test_check_user_elevated_is_admin(self): ctx = _context.Context('me', 'my_project', roles=['user']).elevated() self.assertTrue(policy.check_is_admin(ctx))
def test_check_user_is_not_admin(self): ctx = _context.Context('me', 'my_project') self.assertFalse(policy.check_is_admin(ctx))