def add_network_context(self, nh):
net_ctx = sriutils.get_network_context()
NodeHandleContext(nodehandle=nh, context=net_ctx).save()
def add_community_context(self, nh):
com_ctx = sriutils.get_community_context()
NodeHandleContext(nodehandle=nh, context=com_ctx).save()
def setUp(self, group_dict=None):
super(Neo4jGraphQLCommunityTest, self).setUp(group_dict=group_dict)
# create nodes
self.organization1 = self.create_node('organization1', 'organization', meta='Logical')
self.organization2 = self.create_node('organization2', 'organization', meta='Logical')
self.contact1 = self.create_node('contact1', 'contact', meta='Relation')
self.contact2 = self.create_node('contact2', 'contact', meta='Relation')
self.group1 = self.create_node('group1', 'group', meta='Logical')
self.group2 = self.create_node('group2', 'group', meta='Logical')
self.role1 = Role(name='role1').save()
self.role2 = Role(name='role2').save()
# add nodes to the appropiate context
self.perm_rel_org1 = \
NodeHandleContext(nodehandle=self.organization1, \
context=self.community_ctxt)
self.perm_rel_org1.save()
self.perm_rel_org2 = \
NodeHandleContext(nodehandle=self.organization2, \
context=self.community_ctxt)
self.perm_rel_org2.save()
NodeHandleContext(nodehandle=self.contact1, context=self.community_ctxt).save()
NodeHandleContext(nodehandle=self.contact2, context=self.community_ctxt).save()
NodeHandleContext(nodehandle=self.group1, context=self.community_ctxt).save()
NodeHandleContext(nodehandle=self.group2, context=self.community_ctxt).save()
# add some data
contact1_data = {
'first_name': 'Jane',
'last_name': 'Doe',
'name': 'Jane Doe',
}
for key, value in contact1_data.items():
self.contact1.get_node().add_property(key, value)
contact2_data = {
'first_name': 'John',
'last_name': 'Smith',
'name': 'John Smith',
}
for key, value in contact2_data.items():
self.contact2.get_node().add_property(key, value)
organization1_data = {
'type': 'university_college',
'organization_id': 'ORG1',
'affiliation_customer': True,
}
for key, value in organization1_data.items():
self.organization1.get_node().add_property(key, value)
organization2_data = {
'type': 'university_coldep',
'organization_id': 'ORG2',
'affiliation_end_customer': True,
}
for key, value in organization2_data.items():
self.organization2.get_node().add_property(key, value)
# create relationships
self.contact1.get_node().add_group(self.group1.handle_id)
self.contact2.get_node().add_group(self.group2.handle_id)
helpers.link_contact_role_for_organization(
self.context.user,
self.organization1.get_node(),
self.contact1.handle_id,
self.role1
)
helpers.link_contact_role_for_organization(
self.context.user,
self.organization2.get_node(),
self.contact2.handle_id,
self.role2
)
# create dummy dropdown
dropdown = Dropdown.objects.get_or_create(name='contact_type')[0]
dropdown.save()
ch1 = Choice.objects.get_or_create(dropdown=dropdown, name='Person', value='person')[0]
ch2 = Choice.objects.get_or_create(dropdown=dropdown, name='Group', value='group')[0]
ch1.save()
ch2.save()
def setUp(self):
super(SRIVaktRulesTest, self).setUp()
# create users
self.user1 = User(
first_name="Kate",
last_name="Svensson",
email="*****@*****.**",
is_staff=False,
is_active=True,
username="******",
)
self.user1.save()
self.user2 = User(
first_name="Jane",
last_name="Atkins",
email="*****@*****.**",
is_staff=False,
is_active=True,
username="******",
)
self.user2.save()
self.user3 = User(
first_name="Sven",
last_name="Svensson",
email="*****@*****.**",
is_staff=False,
is_active=True,
username="******",
)
self.user3.save()
# create authzactions
self.authzaction1 = AuthzAction(name="Read action")
self.authzaction2 = AuthzAction(name="Write action")
self.authzaction3 = AuthzAction(name="Admin action")
self.authzaction1.save()
self.authzaction2.save()
self.authzaction3.save()
# create groups
self.group1 = Group(name="Group with 2 contexts")
self.group2 = Group(name="Group with 1 context")
self.group3 = Group(name="Group without contexts")
self.group1.save()
self.group2.save()
self.group3.save()
# add users to groups
self.group1.user_set.add(self.user1)
self.group2.user_set.add(self.user2)
self.group3.user_set.add(self.user3)
# create contexts
self.context1 = Context(name="Context 1")
self.context2 = Context(name="Context 2")
self.context1.save()
self.context2.save()
# associate context and groups
# first group can read/write/admin in the first context
GroupContextAuthzAction(group=self.group1,
authzprofile=self.authzaction1,
context=self.context1).save()
GroupContextAuthzAction(group=self.group1,
authzprofile=self.authzaction2,
context=self.context1).save()
GroupContextAuthzAction(group=self.group1,
authzprofile=self.authzaction3,
context=self.context1).save()
# first group can read/write/admin in the second context
GroupContextAuthzAction(group=self.group1,
authzprofile=self.authzaction1,
context=self.context2).save()
GroupContextAuthzAction(group=self.group1,
authzprofile=self.authzaction2,
context=self.context2).save()
GroupContextAuthzAction(group=self.group1,
authzprofile=self.authzaction3,
context=self.context2).save()
# second group read/write in the first context
GroupContextAuthzAction(group=self.group2,
authzprofile=self.authzaction1,
context=self.context1).save()
GroupContextAuthzAction(group=self.group2,
authzprofile=self.authzaction2,
context=self.context1).save()
# second group reads in the second context
GroupContextAuthzAction(group=self.group2,
authzprofile=self.authzaction1,
context=self.context2).save()
# the third group can only read in the first context
GroupContextAuthzAction(group=self.group3,
authzprofile=self.authzaction1,
context=self.context1).save()
# create some nodes
self.organization = self.create_node('organization1',
'organization',
meta='Logical')
self.contact1 = self.create_node('contact1',
'contact',
meta='Relation')
self.contact2 = self.create_node('contact2',
'contact',
meta='Relation')
# the organization belongs to both modules
NodeHandleContext(nodehandle=self.organization,
context=self.context1).save()
NodeHandleContext(nodehandle=self.organization,
context=self.context2).save()
# the first contact belongs to the first module
NodeHandleContext(nodehandle=self.contact1,
context=self.context1).save()
# the second contact belongs to the first module
NodeHandleContext(nodehandle=self.contact2,
context=self.context2).save()
def test_user_permissions(self):
# create a simple group with another user
test_user = self.user
self.user = self.another_user
self.group1 = self.create_node('group1', 'group', meta='Logical')
NodeHandleContext(nodehandle=self.group1,
context=self.community_ctxt).save()
self.user = test_user
query = """
{
all_groups{
name
modifier{
user_permissions{
community{
read
list
write
}
network{
read
list
write
}
contracts{
read
list
write
}
}
}
}
}
"""
result = schema.execute(query, context=self.context)
assert not result.errors, pformat(result.errors, indent=1)
expected = None
if hasattr(self, 'test_type'):
if self.test_type == "user":
expected = {
'all_groups': [{
'name': 'group1',
'modifier': {
'user_permissions': None,
}
}]
}
elif self.test_type == "admin" or self.test_type == "superadmin":
# check that an admin or superadmin can read permissions of
# another user
expected = {
'all_groups': [{
'name': 'group1',
'modifier': {
'user_permissions': {
'community': {
'read': False,
'list': False,
'write': False,
},
'network': {
'read': False,
'list': False,
'write': False,
},
'contracts': {
'read': False,
'list': False,
'write': False,
},
}
}
}]
}
self.assert_correct(result, expected)
def setUp(self):
super(SRIVaktUtilsTest, self).setUp()
# get contexts
self.network_ctxt = sriutils.get_network_context()
self.community_ctxt = sriutils.get_community_context()
self.contracts_ctxt = sriutils.get_contracts_context()
# get auth actions
self.get_read_authaction = sriutils.get_read_authaction()
self.get_write_authaction = sriutils.get_write_authaction()
self.get_list_authaction = sriutils.get_list_authaction()
self.get_admin_authaction = sriutils.get_admin_authaction()
# create some nodes
self.organization1 = self.create_node('organization1',
'organization',
meta='Logical')
self.organization2 = self.create_node('organization2',
'organization',
meta='Logical')
self.contact1 = self.create_node('contact1',
'contact',
meta='Relation')
self.contact2 = self.create_node('contact2',
'contact',
meta='Relation')
# add context to resources
# organization1 belongs to the three modules
NodeHandleContext(nodehandle=self.organization1,
context=self.network_ctxt).save()
NodeHandleContext(nodehandle=self.organization1,
context=self.community_ctxt).save()
NodeHandleContext(nodehandle=self.organization1,
context=self.contracts_ctxt).save()
# organization2 belongs only to the network module
NodeHandleContext(nodehandle=self.organization2,
context=self.network_ctxt).save()
# the first contact belongs to the community module
NodeHandleContext(nodehandle=self.contact1,
context=self.community_ctxt).save()
# the second contact belongs to the contracts module
NodeHandleContext(nodehandle=self.contact2,
context=self.contracts_ctxt).save()
### create users and groups and add permissions
self.user1 = User(
first_name="Kate",
last_name="Svensson",
email="*****@*****.**",
is_staff=False,
is_active=True,
username="******",
)
self.user1.save()
self.user2 = User(
first_name="Jane",
last_name="Atkins",
email="*****@*****.**",
is_staff=False,
is_active=True,
username="******",
)
self.user2.save()
self.user3 = User(
first_name="Sven",
last_name="Svensson",
email="*****@*****.**",
is_staff=False,
is_active=True,
username="******",
)
self.user3.save()
self.user4 = User(
first_name="Pedro",
last_name="Zutano",
email="*****@*****.**",
is_staff=False,
is_active=True,
username="******",
)
self.user4.save()
# create groups
self.group1 = Group(name="Group can read all contexts")
self.group2 = Group(name="Group can write community and contracts")
self.group3 = Group(name="Group can admin community module")
self.group4 = Group(name="Group can list community and contracts")
self.group5 = Group(name="Group can read community contracts")
self.group1.save()
self.group2.save()
self.group3.save()
self.group4.save()
self.group5.save()
# add contexts and actions
# first group
contexts = [
self.network_ctxt, self.community_ctxt, self.contracts_ctxt
]
for context in contexts:
GroupContextAuthzAction(group=self.group1,
authzprofile=self.get_read_authaction,
context=context).save()
# second and fifth group
contexts = [self.community_ctxt, self.contracts_ctxt]
for context in contexts:
GroupContextAuthzAction(group=self.group2,
authzprofile=self.get_write_authaction,
context=context).save()
for context in contexts:
GroupContextAuthzAction(group=self.group5,
authzprofile=self.get_read_authaction,
context=context).save()
# third group
GroupContextAuthzAction(group=self.group3,
authzprofile=self.get_admin_authaction,
context=self.community_ctxt).save()
for context in contexts:
GroupContextAuthzAction(group=self.group4,
authzprofile=self.get_list_authaction,
context=context).save()
# add users to groups
self.group1.user_set.add(self.user1)
self.group1.user_set.add(self.user2)
self.group1.user_set.add(self.user3)
self.group2.user_set.add(self.user1)
self.group2.user_set.add(self.user2)
self.group3.user_set.add(self.user1)
self.group4.user_set.add(self.user1)
self.group4.user_set.add(self.user2)
self.group4.user_set.add(self.user3)
self.group5.user_set.add(self.user4)