def app():
mc = MongoClient()
db = mc[str(uuid4())]
app = Flask(__name__)
EchelonManager(app, database=db, api_url_prefix='/api')
yield app
mc.drop_database(db.name)
def test_019_helper_has_access():
app = Flask(__name__)
LoginManager(app)
manager = EchelonManager(app, database=DB)
manager.define_echelon('foo::bar')
manager.define_echelon('foo')
manager.define_echelon('spam::spam::spam')
user = User('user1', ['group1'])
manager.add_member('foo', user.get_id(), MemberTypes.USER)
with app.test_request_context():
_request_ctx_stack.top.user = user
assert has_access('foo::bar')
assert not has_access('spam::spam::spam')
def test_016_anonymous():
manager = EchelonManager(database=DB)
manager.define_echelon('anon')
user = AnonUser('anonymous')
manager.add_member('anon', user.get_id(), MemberTypes.USER)
assert manager.check_access(user, 'anon') is True
def test_014_invalid_echelon():
manager = EchelonManager(database=DB)
user = User('test', [])
with pytest.raises(ValueError):
manager.define_echelon('::foo::bar')
with pytest.raises(ValueError):
manager.check_access(user, '::foo::bar')
def test_021__is_member():
manager = EchelonManager(database=DB)
manager.define_echelon('foo::bar')
manager.define_echelon('foo')
manager.define_echelon('ham::spam::eggs')
manager.define_echelon('spam::spam::spam')
manager.add_member('foo', 'group1', MemberTypes.GROUP)
manager.add_member('ham::spam::eggs', 'group1', MemberTypes.GROUP)
access = manager.member_echelons('group1', member_type=MemberTypes.GROUP)
assert 'foo' in access
assert 'foo::bar' in access
assert 'spam' not in access
assert 'spam::spam::spam' not in access
def test_017_compile_echelons_user():
manager = EchelonManager(database=DB)
manager.define_echelon('foo::bar')
manager.define_echelon('foo')
manager.define_echelon('ham::spam::eggs')
manager.define_echelon('spam::spam::spam')
user = User('user1', ['group1', 'group2'])
manager.add_member('foo', user.get_id(), MemberTypes.USER)
manager.add_member('ham::spam::eggs', user.get_id(), MemberTypes.USER)
access = manager.member_echelons(user, member_type=MemberTypes.USER)
assert 'foo' in access
assert 'foo::bar' in access
assert 'spam' not in access
assert 'spam::spam::spam' not in access
def test_015_all_echelons():
echelons = ['flask::admin', 'flask::user', 'flask', 'foo', 'bar::baz']
manager = EchelonManager(database=DB)
for e in echelons:
manager.define_echelon(e)
assert set(echelons) == set(manager.all_echelons.keys())
def test_013_custom_separator():
manager = EchelonManager(database=DB, separator='|')
admin_echelon = 'foo'
valid_echelon = 'foo|bar'
another_valid_echelon = 'foo|bar|baz'
invalid_echelon = 'foo!bar'
manager.define_echelon(admin_echelon)
manager.define_echelon(valid_echelon)
manager.define_echelon(invalid_echelon)
admin = User('admin', [])
manager.add_member(admin_echelon, 'admin', MemberTypes.USER)
assert manager.check_access(admin, admin_echelon) is True
assert manager.check_access(admin, valid_echelon) is True
assert manager.check_access(admin, another_valid_echelon) is True
assert manager.check_access(admin, invalid_echelon) is False