def test_edit_default_user_permissions(flask_server, user):
with flask_server.app.app_context():
new_user = sampledb.models.User(name="New User",
email="*****@*****.**",
type=sampledb.models.UserType.PERSON)
sampledb.db.session.add(new_user)
sampledb.db.session.commit()
new_user_id = new_user.id
object_permissions.set_default_permissions_for_user(
creator_id=user.id,
user_id=new_user_id,
permissions=object_permissions.Permissions.WRITE)
assert object_permissions.get_default_permissions_for_users(
creator_id=user.id).get(
new_user_id) == object_permissions.Permissions.WRITE
session = requests.session()
assert session.get(flask_server.base_url +
'users/{}/autologin'.format(user.id)).status_code == 200
r = session.get(flask_server.base_url +
'users/{}/preferences'.format(user.id))
assert r.status_code == 200
document = BeautifulSoup(r.content, 'html.parser')
default_permissions_form = document.find(attrs={
'name': 'edit_user_permissions',
'value': 'edit_user_permissions'
}).find_parent('form')
data = {}
user_field_name = None
for hidden_field in default_permissions_form.find_all(
'input', {'type': 'hidden'}):
data[hidden_field['name']] = hidden_field['value']
if hidden_field['name'].endswith(
'user_id') and hidden_field['value'] == str(new_user_id):
# the associated radio button is the first radio button in the same table row
user_field_name = hidden_field.find_parent('tr').find(
'input', {'type': 'radio'})['name']
for radio_button in default_permissions_form.find_all(
'input', {'type': 'radio'}):
if radio_button.has_attr(
'checked') and not radio_button.has_attr('disabled'):
data[radio_button['name']] = radio_button['value']
assert user_field_name is not None
assert data[user_field_name] == 'write'
data[user_field_name] = 'read'
data['edit_user_permissions'] = 'edit_user_permissions'
assert session.post(flask_server.base_url +
'users/{}/preferences'.format(user.id),
data=data).status_code == 200
with flask_server.app.app_context():
assert object_permissions.get_default_permissions_for_users(
creator_id=user.id).get(
new_user_id) == object_permissions.Permissions.READ
def test_default_permissions_for_creator(users):
user, creator = users
assert object_permissions.get_default_permissions_for_users(creator_id=creator.id) == {
creator.id: Permissions.GRANT
}
# the creator cannot receive less than GRANT default permissions
with pytest.raises(object_permissions.InvalidDefaultPermissionsError):
object_permissions.set_default_permissions_for_user(creator_id=creator.id, user_id=creator.id, permissions=Permissions.WRITE)
# setting the creator's default permissions to GRANT does nothing, but is acceptable
object_permissions.set_default_permissions_for_user(creator_id=creator.id, user_id=creator.id, permissions=Permissions.GRANT)
assert object_permissions.get_default_permissions_for_users(creator_id=creator.id) == {
creator.id: Permissions.GRANT
}
def test_default_permissions_for_users(users, independent_action):
user, creator = users
# unless set otherwise, no user beside the creator (and instrument responsible users) will get initial permissions
assert object_permissions.get_default_permissions_for_users(creator_id=creator.id) == {
creator.id: Permissions.GRANT
}
object = sampledb.logic.objects.create_object(user_id=creator.id, action_id=independent_action.id, data={
'name': {
'_type': 'text',
'text': 'Name'
}
})
assert object_permissions.get_object_permissions_for_users(object_id=object.id, include_instrument_responsible_users=False, include_groups=False) == {
creator.id: Permissions.GRANT
}
object_permissions.set_default_permissions_for_user(creator_id=creator.id, user_id=user.id, permissions=Permissions.READ)
assert object_permissions.get_default_permissions_for_users(creator_id=creator.id) == {
creator.id: Permissions.GRANT,
user.id: Permissions.READ
}
object = sampledb.logic.objects.create_object(user_id=creator.id, action_id=independent_action.id, data={
'name': {
'_type': 'text',
'text': 'Name'
}
})
assert object_permissions.get_object_permissions_for_users(object_id=object.id, include_instrument_responsible_users=False, include_groups=False) == {
creator.id: Permissions.GRANT,
user.id: Permissions.READ
}
# the default permissions are only used when creating a new object.
object_permissions.set_default_permissions_for_user(creator_id=creator.id, user_id=user.id, permissions=Permissions.WRITE)
assert object_permissions.get_default_permissions_for_users(creator_id=creator.id) == {
creator.id: Permissions.GRANT,
user.id: Permissions.WRITE
}
assert object_permissions.get_object_permissions_for_users(object_id=object.id, include_instrument_responsible_users=False, include_groups=False) == {
creator.id: Permissions.GRANT,
user.id: Permissions.READ
}
