def test_add_role(self): """Check if a user has a role added to them.""" role = Role.OWNER auth.add_role(self.user.id, self.project.id, role) self.assertEqual(role, auth.get_role(self.user.id, self.project.id)) auth._remove_role(self.user.id, self.project.id, role) self.assertEqual(None, auth.get_role(self.user.id, self.project.id))
def test_deleting_roles_on_deleting_users(self): """Test deletion of all roles related to a deleted user.""" user = User.objects.create(username="******") project = Project.objects.create(name="to_be_checked") auth.add_role(user.id, project.id, user.profile.get_default_role()) user_id = user.id user.delete() self.assertIs(None, auth.get_role(user_id, project.id))
def test_permission_removed_with_roled_removed(self): """ Check if permission is assigned if a role is assigned. Check if permission is removed if the role is removed. """ role = Role.OWNER auth.add_role(self.user.id, self.project.id, role) self.assertTrue( auth.check_permission(self.user.id, self.project.id, DELETE_PERMISSION)) auth._remove_role(self.user.id, self.project.id, role) self.assertFalse( auth.check_permission(self.user.id, self.project.id, DELETE_PERMISSION))
def test_authorized_creation_for_roles(self): """ Test that a user with owner role on a project can create a measurement. Test that a user with viewer role on a project cannot create a measurement. Test a user without any role on a project cannot create a measurement. """ row = ExcelRowInfoGenerator.get_sample_row() user = User.objects.create(username="******", password="******") authorized_project_name = row[PROJECT] auth.add_role(user.id, get_obj_id_from_name("project", authorized_project_name), Role.OWNER) MeasurementImporter(row, self.user_id).import_measurement() self.check_row_is_in_database(row) project_without_role = Project.objects.create(name="project_without_role") self.check_project_cannot_be_created(row.copy(), project_without_role) auth.add_role(self.user_id, project_without_role.id, Role.VIEWER) self.check_project_cannot_be_created(row.copy(), project_without_role)
def test_authorized_deletion_for_roles(self): """ Test that an owner user on a project can delete a measurement. Test that a viewer or anonymous user on a project cannot delete a measurement. """ row = ExcelRowInfoGenerator.get_sample_row() project_id = get_obj_id_from_name("project", row[PROJECT]) MeasurementImporter(row, self.user_id).import_measurement() self.check_row_is_in_database(row) # check viewer viewer = User.objects.create(username="******", password="******") auth.add_role(viewer.id, project_id, Role.VIEWER) self.try_deleting_row_and_check_it_was_not_deleted(viewer, project_id, row) # check anonymous auth.remove_existing_role(viewer.id, project_id) self.try_deleting_row_and_check_it_was_not_deleted(viewer, project_id, row) # check owner MeasurementImporter(row, self.user_id).delete_measurement() self.check_row_is_not_in_database(row)
def save_model(self, request, obj, form, change): """Add a new role.""" auth.add_role(obj.user.id, obj.project.id, Role(obj.role))
def _create_owner_user(self) -> int: """Create a user that has Owner role on all projects and return user id.""" user = User.objects.get_or_create(username="******", password="******")[0] for project in Project.objects.all(): auth.add_role(user.id, project.id, Role.OWNER) return user.id
def assign_a_role_in_all_projects(self, role: Role): """Assign a user a role in all projects.""" for project in Project.objects.all(): auth.add_role(self.user.id, project.id, role)
def add_user_roles_to_new_project(sender, instance, created, *args, **kwargs): """Add new roles for all internal users for this newly created project.""" if created: for user in User.objects.all(): auth.add_role(user.id, instance.id, user.profile.get_default_role())
def create_roles_for_user(user: User) -> None: """Create a default role for all projects for this user.""" for project in Project.objects.all(): auth.add_role(user.id, project.id, user.profile.get_default_role())