def test_permissions(self):
coll = Collection.find("test_root")
User.create(username="******",
password="******",
email="*****@*****.**",
quick=True)
User.create(username="******",
password="******",
email="*****@*****.**",
quick=True)
owning_user = User.find("protected_test_owner")
reading_user = User.find("protected_reader")
assert owning_user
assert reading_user
group = Group.create(name="protected_group", owner=owning_user.id)
Collection.create(name="protected",
parent=coll.id,
read_access=[group.id])
c = Collection.find("protected")
res_count = SearchIndex.index(c, ['name', 'metadata'])
assert res_count == 1
results = SearchIndex.find(["protected"], reading_user)
assert len(results) == 0, results
def test_create_fail(self):
User.create(username="******",
password="******",
email="*****@*****.**",
quick=True)
User.create(username="******",
password="******",
email="*****@*****.**",
quick=True)
def test_perms_for_collection_success_collection_no_group(self):
User.create(username="******",
password="******",
email="*****@*****.**",
groups=[],
quick=True)
user = User.find("test_coll3")
root = Collection.find("test_root")
coll = Collection.create(name="perm_check3",
parent=str(root.id),
read_access=[])
# User can read collection coll if user is in a group also in coll's read_access
assert coll.user_can(user, "read") == True
def test_perms_for_collection(self):
User.create(username="******",
password="******",
email="*****@*****.**",
groups=[],
quick=True)
user = User.find("test_coll")
group = Group.create(name="test_group_coll", owner=user.id)
user.update(groups=[group.id])
root = Collection.find("test_root")
coll = Collection.create(name="perm_check",
parent=str(root.id),
read_access=[group.id])
# User can read collection coll if user is in a group also in coll's read_access
assert coll.user_can(user, "read") == True
def test_permission_ok(self):
coll = Collection.get_root_collection()
user = User.create(username="******", password="******", email="*****@*****.**", groups=[], quick=True)
group = Group.create(name="test_group_resourdce", owner=user.id)
user.update(groups=[group.id])
resource = Resource.create(name='new_test_resource', container=coll.id, read_access=[group.id])
assert resource.user_can(user, "read")
def test_create(self):
user = User.create(username="******",
password="******",
email="*****@*****.**",
quick=True)
assert user.username == "test"
assert user.email == '*****@*****.**'
assert user.administrator == False
assert user.active == True
def test_index(self):
coll = Collection.create(name="test_root", parent=None, path="/")
res_count = SearchIndex.index(coll, ['name'])
assert res_count == 2, res_count
User.create(username="******",
password="******",
email="*****@*****.**",
quick=True)
user = User.find("test_index_user")
results = SearchIndex.find(["test", "root"], user)
assert len(results) == 1
assert results[0]["id"] == coll.id
assert results[0]["hit_count"] == 2
SearchIndex.reset(coll.id)
results = SearchIndex.find(["test", "root"], user)
assert len(results) == 0
def test_group_membership(self):
user = User.create(username="******",
password="******",
email="*****@*****.**",
groups=[],
quick=True)
assert user
group = Group.create(name="test_group_1", owner=user.id)
user.update(groups=[group.id])
# Refetch the user
user = User.find("test_group")
assert group.id in user.groups
groups = Group.find_by_ids(user.groups)
assert [g.id for g in groups] == user.groups
users = group.get_users()
assert users[0].id == user.id
def test_permission_public_ok(self):
coll = Collection.get_root_collection()
user = User.create(username="******", password="******", email="*****@*****.**", groups=[], quick=True)
resource = Resource.create(name='new_test_resource_public', container=coll.id)
assert resource.user_can(user, "read")
def test_authenticate_fail(self):
user = User.create(username="******",
password="******",
email="*****@*****.**",
quick=True)
assert not user.authenticate("not the password")