def test_allow_to_edit(self, server_iface, DBSession, test_data2): # noqa: ignore=N803 session = DBSession() ogcserver_accesscontrol = OGCServerAccessControl( server_iface, "qgisserver", "no_project", 21781, lambda: session) ogcserver_accesscontrol.project = test_data2["project"] for user_name, expected, geometry in [ ["user_no_access", False, geom_in], ["user_full_access", True, geom_in], ["user_area_access", True, geom_in], ["user_no_access", False, geom_intersects], ["user_full_access", True, geom_intersects], ["user_area_access", True, geom_intersects], ["user_no_access", False, geom_out], ["user_full_access", True, geom_out], ["user_area_access", False, geom_out], ]: user = test_data2["users"][user_name] set_request_parameters( server_iface, { "USER_ID": str(user["id"]), "ROLE_IDS": ",".join([str(e) for e in user["role_ids"]]) }, ) layer = test_data2["project"].mapLayersByName("private_layer")[0] feature = QgsFeature() geom = QgsGeometry() geom.fromWkb(geometry.wkb) feature.setGeometry(geom) result = ogcserver_accesscontrol.allowToEdit(layer, feature) assert expected == result, "allowToEdit with '{}', should return '{}'.".format( user_name, expected)
def test_get_area(self, server_iface, DBSession, test_data): # noqa: ignore=N803 dbsession = DBSession() ogcserver_accesscontrol = OGCServerAccessControl( server_iface, "qgisserver1", "no_project", 21781, lambda: dbsession) ogcserver_accesscontrol.project = test_data["project"] for user_name, layer_name, expected in [ ("root", layer_name, (Access.FULL, None)) for layer_name in ("public_layer", "private_layer1", "private_layer2", "private_layer3") ] + [ ("user1", "public_layer", (Access.FULL, None)), ("user1", "private_layer1", (Access.AREA, area1.wkt)), ("user1", "private_layer2", (Access.NO, None)), ("user1", "private_layer3", (Access.AREA, area1.wkt)), ]: user = test_data["users"][user_name] set_request_parameters( server_iface, { "USER_ID": str(user["id"]), "ROLE_IDS": ",".join([str(r) for r in user["role_ids"]]) }, ) layer = test_data["project"].mapLayersByName(layer_name)[0] access, area = ogcserver_accesscontrol.get_area(layer, dbsession) assert expected == ( access, area.wkt if area else None, ), 'get_area with "{}", "{}" should return {}'.format( user_name, layer_name, expected)
def test_ogc_layer_with_wms_use_layer_ids(self, server_iface, DBSession, test_data): # noqa: ignore=N803 dbsession = DBSession() ogcserver_accesscontrol = OGCServerAccessControl( server_iface, "qgisserver1", "no_project", 21781, lambda: dbsession) ogcserver_accesscontrol.project = test_data["project"] layer = test_data["project"].mapLayersByName("private_layer1")[0] assert layer.id() == ogcserver_accesscontrol.ogc_layer_name(layer)
def test_layer_permissions(server_iface, DBSession, test_data): # noqa: ignore=N803 dbsession = DBSession() ogcserver_accesscontrol = OGCServerAccessControl( server_iface, "qgisserver1", "no_project", 21781, lambda: dbsession) ogcserver_accesscontrol.project = test_data["project"] for user_name, layer_name, expected in ( ( "user1", "public_layer", { "canDelete": False, "canInsert": False, "canRead": True, "canUpdate": False }, ), ( "user1", "private_layer1", { "canDelete": False, "canInsert": False, "canRead": True, "canUpdate": False }, ), ( "user12", "private_layer2", { "canDelete": True, "canInsert": True, "canRead": True, "canUpdate": True }, ), ): user = test_data["users"][user_name] set_request_parameters( server_iface, { "USER_ID": str(user["id"]), "ROLE_IDS": ",".join([str(r) for r in user["role_ids"]]) }, ) layer = test_data["project"].mapLayersByName(layer_name)[0] permissions = ogcserver_accesscontrol.layerPermissions(layer) for key, value in expected.items(): assert value == getattr(permissions, key)
def test_ogc_layer_name(self, server_iface, DBSession, test_data): # noqa: ignore=N803 dbsession = DBSession() ogcserver_accesscontrol = OGCServerAccessControl( server_iface, "qgisserver1", "no_project", 21781, lambda: dbsession) ogcserver_accesscontrol.project = test_data["project"] for layer_name, expected in ( ("private_layer1", "private_layer1"), ("private_layer3", "pl3"), ): layer = test_data["project"].mapLayersByName(layer_name)[0] assert expected == ogcserver_accesscontrol.ogc_layer_name(layer)
def test_get_layers(self, server_iface, DBSession, test_data): # noqa: ignore=N803 dbsession = DBSession() ogcserver_accesscontrol = OGCServerAccessControl( server_iface, "qgisserver1", "no_project", 21781, lambda: dbsession) ogcserver_accesscontrol.project = test_data["project"] expected = { "public_group": ["public_group"], "public_layer": ["public_group", "public_layer"], "private_layer1": ["private_layer1"], "private_layer2": ["private_layer2"], "pg3": ["private_group3"], "pl3": ["private_group3", "private_layer3"], } layers = ogcserver_accesscontrol.get_layers(dbsession) assert set(expected.keys()) == set(layers.keys()) for key in expected.keys(): assert set(expected[key]) == {layer.name for layer in layers[key]}