api_acl = Acl() # Grants api_acl.grants({ 'administrator': { 'User': ['read'], 'Node': ['create', 'read', 'update', 'delete'], 'FolderNode': ['create', 'read', 'update', 'delete'], 'DocumentNode': ['create', 'read', 'update', 'delete'], 'Document': ['create', 'read', 'update', 'delete'], 'ContentNode': ['read'] }, 'user': { 'User': ['read'], 'Node': ['create', 'read', 'update', 'delete'], 'FolderNode': ['create', 'read', 'update', 'delete'], 'DocumentNode': ['create', 'read', 'update', 'delete'], 'Document': ['create', 'read', 'update', 'delete'], 'ContentNode': ['read'] }, WBRoleModel.anonymous_role_name: { 'User': ['read'], 'Node': ['read'], 'FolderNode': ['read'], 'DocumentNode': ['read'], 'Document': ['read'], 'ContentNode': ['read'] } }) make_api(api, 'User', UserModel, UserSchema, api_authorizers=[api_acl.authorize])
author = db.Column(db.String(256), unique=False, nullable=True) class UserSchema(JSONAPISchema): username = fields.String(attribute="username") class MyTestSchema(JSONAPISchema): title = fields.String(attribute="title", validate=Length(10, 100)) author = fields.String(attribute="author", required=True) owner = fields.Nested("UserSchema", many=False) owner_id = fields.Integer(attribute="owner_id") my_test_acl = Acl() my_test_acl.grants({"admin": {"Test": ["create", "read", "update", "delete"]}, "manager": {"Test": ["read"]}}) class RecordAPITestCase(FlaskTestCase): def setUp(self): super(RecordAPITestCase, self).setUp() self.api = Api(self.app) with self.app.test_request_context("/"): db.initialize() # Create some roles self.r1 = WBRoleModel(rolename="admin") db.session.add(self.r1) self.r2 = WBRoleModel(rolename="manager") db.session.add(self.r2) self.r3 = WBRoleModel(rolename="user")
from flask import g from werkzeug.exceptions import HTTPException from woodbox.access_control.api import Acl from woodbox.db import db from woodbox.models.user_model import WBRoleModel, WBUserModel from woodbox.tests.flask_test_case import FlaskTestCase acl = Acl() acl.grants({ 'admin': { 'TestResource': ['create', 'read', 'update', 'delete'], }, 'manager': { 'TestResource': ['create', 'read'], }, 'user': { 'TestResource': ['read'], }, }) class ApiAccessTestCase(FlaskTestCase): def setUp(self): self.resource_name = 'TestResource' super(ApiAccessTestCase, self).setUp() with self.app.test_request_context('/'): db.initialize()
class UserSchema(JSONAPISchema): username = fields.String(attribute='username') class MyTestSchema(JSONAPISchema): title = fields.String(attribute='title', validate=Length(10, 100)) author = fields.String(attribute='author', required=True) owner = fields.Nested('UserSchema', many=False) owner_id = fields.Integer(attribute='owner_id') my_test_acl = Acl() my_test_acl.grants({ 'admin': { 'Test': ['create', 'read', 'update', 'delete'], }, 'manager': { 'Test': ['read'], }, }) class RecordAPITestCase(FlaskTestCase): def setUp(self): super(RecordAPITestCase, self).setUp() self.api = Api(self.app) with self.app.test_request_context('/'): db.initialize() # Create some roles self.r1 = WBRoleModel(rolename='admin') db.session.add(self.r1)