def test_delete_object_with_select(self): # objects associated with root access level root_level_objects = [ ExemplaryModel(id=1, string_field='some_string', integer_field=randrange(100000)), ExemplaryModel(id=2, string_field='some_string', integer_field=randrange(100000)), ExemplaryModel(id=3, string_field='some_string', integer_field=randrange(100000)), ExemplaryModel(id=4, string_field='some_string', integer_field=randrange(100000)), ] self.session.add_all(root_level_objects) self.session.commit() ACL.set_user(ACL.Users.get(username='******')) # get first object (object with id = 1) object = self.session.query(ExemplaryModel).get(1) # delete object and commit changes to database self.session.delete(object) self.session.commit() # create set corresponding to initial list without first object after_deletion = set(root_level_objects) - {object} # assert with select query result self.assertEqual(after_deletion, set(self.session.query(ExemplaryModel).all())) ACL.unset_user()
def decorated_function(*args, **kwargs): credentials = http_auth.current_user() ACL.set_user(ACL.Users.get(**credentials)) response = f(*args, **kwargs) ACL.unset_user() return response
def setup_acl(engine): from sqlalchemy_acl import ACL from .models import UserModel ACL.setup(engine, user_model=UserModel, access_levels_config=ACL_CONFIG_PATH)
def setUp(self): self.session, self.engine = setup_database( DefaultSetupMixin.WHOLE_DB_PATH) ACL.setup(self.engine) # tabela z poziomami dostępu director_acl = AccessLevelModel(role_description='Executive Director', parent=ACL.root_access_level) project_manager_acl = AccessLevelModel( role_description='Project Manager', parent=director_acl) software_developer_acl = AccessLevelModel( role_description='Software Developer', parent=project_manager_acl) network_admin_acl = AccessLevelModel(role_description='Network Admin', parent=project_manager_acl) devops_acl = AccessLevelModel(role_description='Dev Ops', parent=project_manager_acl) software_dev_intern_acl = AccessLevelModel( role_description='Software Developer Intern', parent=software_developer_acl) network_admin_intern_acl = AccessLevelModel( role_description='Network Admin Intern', parent=network_admin_acl) ACL.AccessLevels.add([ director_acl, project_manager_acl, software_developer_acl, network_admin_intern_acl, devops_acl, software_dev_intern_acl, network_admin_intern_acl ]) # użytkownicy z odpowiednimi trybami dostępu (najlepiej po kilku na jeden tryb) ACL.Users.add([ ACL.UserModel(username='******'), ACL.UserModel(username='******') ], ACL.root_access_level) ACL.Users.add([ ACL.UserModel(username='******'), ACL.UserModel(username='******') ], project_manager_acl) ACL.Users.add([ ACL.UserModel(username='******'), ACL.UserModel(username='******'), ACL.UserModel(username='******'), ACL.UserModel(username='******') ], software_developer_acl) ACL.Users.add([ ACL.UserModel(username='******'), ACL.UserModel(username='******'), ACL.UserModel(username='******'), ACL.UserModel(username='******'), ACL.UserModel(username='******'), ACL.UserModel(username='******') ], software_dev_intern_acl) ACL.Users.add([ ACL.UserModel(username='******'), ACL.UserModel(username='******'), ACL.UserModel(username='******'), ACL.UserModel(username='******') ], network_admin_acl) ACL.Users.add([ ACL.UserModel(username='******'), ACL.UserModel(username='******'), ACL.UserModel(username='******'), ACL.UserModel(username='******'), ACL.UserModel(username='******'), ACL.UserModel(username='******') ], network_admin_intern_acl)
def setUp(self): call('../utils/start_postgres.sh') time.sleep(3) self.session, self.engine = setup_database(PostgresSetupMixin.DB_PATH) ACL.setup(self.engine, access_levels_config=ParseYAMLSetupMixin.ACL_CONFIG) # create exemplary users ACL.Users.add([ ACL.UserModel(username='******'), ACL.UserModel(username='******') ], ACL.root_access_level) ACL.Users.add([ ACL.UserModel(username='******'), ACL.UserModel(username='******') ], ACL.AccessLevels.get(role_description='Project Manager')) ACL.Users.add([ ACL.UserModel(username='******'), ACL.UserModel(username='******'), ACL.UserModel(username='******'), ACL.UserModel(username='******') ], ACL.AccessLevels.get(role_description='Software Developer')) ACL.Users.add([ ACL.UserModel(username='******'), ACL.UserModel(username='******'), ACL.UserModel(username='******'), ACL.UserModel(username='******'), ACL.UserModel(username='******'), ACL.UserModel(username='******') ], ACL.AccessLevels.get(role_description='Software Developer Intern')) ACL.Users.add([ ACL.UserModel(username='******'), ACL.UserModel(username='******'), ACL.UserModel(username='******'), ACL.UserModel(username='******') ], ACL.AccessLevels.get(role_description='Network Admin')) ACL.Users.add([ ACL.UserModel(username='******'), ACL.UserModel(username='******'), ACL.UserModel(username='******'), ACL.UserModel(username='******'), ACL.UserModel(username='******'), ACL.UserModel(username='******') ], ACL.AccessLevels.get(role_description='Network Admin Intern'))
def setUp(self): self.session, self.engine = setup_database( ParseYAMLSetupMixin.WHOLE_DB_PATH) ACL.setup(self.engine, access_levels_config=ParseYAMLSetupMixin.ACL_CONFIG) # create exemplary users ACL.Users.add([ ACL.UserModel(username='******'), ACL.UserModel(username='******') ], ACL.root_access_level) ACL.Users.add([ACL.UserModel(username='******')], ACL.AccessLevels.get(role_description='Tradesman')) ACL.Users.add([ ACL.UserModel(username='******'), ACL.UserModel(username='******') ], ACL.AccessLevels.get(role_description='Tradesman Junior')) ACL.Users.add([ACL.UserModel(username='******')], ACL.AccessLevels.get(role_description='Accountant')) ACL.Users.add( [ACL.UserModel(username='******')], ACL.AccessLevels.get(role_description='Accountant Junior')) ACL.Users.add( [ACL.UserModel(username='******')], ACL.AccessLevels.get(role_description='Accountant Intern')) ACL.Users.add([ACL.UserModel(username='******')], ACL.AccessLevels.get(role_description='Buyer')) ACL.Users.add( [ACL.UserModel(username='******')], ACL.AccessLevels.get(role_description='Storehouse Chief'))
properties = row[:-1] print('\tObject properties: {0}'.format(properties)) print('\tAccess levels list: {0}\n'.format(access_levels)) session.add(CurrentModel(*properties)) session.commit() entry = ACL.inner_session.query(ACLEntryModel) \ .filter(ACLEntryModel.dest_id == object_id, ACLEntryModel.dest_table == tablename) \ .all()[0] entry.access_levels.extend( ACL.inner_session.query(AccessLevelModel).filter( AccessLevelModel.id.in_(access_levels)).all()) ACL.inner_session.add(entry) ACL.inner_session.commit() if __name__ == '__main__': Base = declarative_base() engine = create_engine(DB_URI, echo=False) Session = sessionmaker(bind=engine) session = Session() if not database_exists(engine.url): Base.metadata.create_all(bind=engine) create_database(engine.url) from .models import UserModel ACL.setup(engine, UserModel, 'acl-config.yam;') import_from_csv(session)