def test_visible_to_administrator(self): # Launchpad administrators often have a need to see private # Launchpad things in order to fix up fubars by users. branch = self.factory.makeBranch( information_type=InformationType.USERDATA) naked_branch = removeSecurityProxy(branch) admin = getUtility(ILaunchpadCelebrities).admin.teamowner access = AccessBranch(naked_branch) self.assertTrue(access.checkAuthenticated(IPersonRoles(admin)))
def test_visible_to_owner(self): # The owners of a branch always have visibility of their own branches. owner = self.factory.makePerson() branch = self.factory.makeBranch( owner=owner, information_type=InformationType.USERDATA) naked_branch = removeSecurityProxy(branch) clear_cache() # Clear authorization cache for check_permission. access = AccessBranch(naked_branch) self.assertFalse(access.checkUnauthenticated()) self.assertTrue(access.checkAuthenticated(IPersonRoles(owner))) self.assertFalse(check_permission('launchpad.View', branch))
def test_visible_to_subscribers(self): # Branches that are not public are viewable by members of the # visibility_team and to subscribers. branch = self.factory.makeBranch( information_type=InformationType.USERDATA) naked_branch = removeSecurityProxy(branch) person = self.factory.makePerson() teamowner = self.factory.makePerson() team = self.factory.makeTeam( membership_policy=TeamMembershipPolicy.MODERATED, owner=teamowner, members=[person]) # Not visible to an unsubscribed person. access = AccessBranch(naked_branch) self.assertFalse(access.checkAuthenticated(IPersonRoles(person))) # Subscribing the team to the branch will allow access to the branch. naked_branch.subscribe(team, BranchSubscriptionNotificationLevel.NOEMAIL, BranchSubscriptionDiffSize.NODIFF, CodeReviewNotificationLevel.NOEMAIL, teamowner) self.assertTrue(access.checkAuthenticated(IPersonRoles(person)))
def test_visible_to_owner(self): # The owners of a branch always have visibility of their own branches. owner = self.factory.makePerson() branch = self.factory.makeBranch( owner=owner, information_type=InformationType.USERDATA) naked_branch = removeSecurityProxy(branch) clear_cache() # Clear authorization cache for check_permission. access = AccessBranch(naked_branch) self.assertFalse(access.checkUnauthenticated()) self.assertTrue( access.checkAuthenticated(IPersonRoles(owner))) self.assertFalse(check_permission('launchpad.View', branch))
def test_visible_to_subscribers(self): # Branches that are not public are viewable by members of the # visibility_team and to subscribers. branch = self.factory.makeBranch( information_type=InformationType.USERDATA) naked_branch = removeSecurityProxy(branch) person = self.factory.makePerson() teamowner = self.factory.makePerson() team = self.factory.makeTeam( membership_policy=TeamMembershipPolicy.MODERATED, owner=teamowner, members=[person]) # Not visible to an unsubscribed person. access = AccessBranch(naked_branch) self.assertFalse(access.checkAuthenticated(IPersonRoles(person))) # Subscribing the team to the branch will allow access to the branch. naked_branch.subscribe( team, BranchSubscriptionNotificationLevel.NOEMAIL, BranchSubscriptionDiffSize.NODIFF, CodeReviewNotificationLevel.NOEMAIL, teamowner) self.assertTrue(access.checkAuthenticated(IPersonRoles(person)))
def test_branch_access(self): # Accessing any attributes of the Branch content class through the # IBranch interface is configured to require the launchpad.View # permission. The AccessBranch authorization class is used to # authorize users for the combination of the launchpad.View permission # and the IBranch interface. branch = self.factory.makeBranch() naked_branch = removeSecurityProxy(branch) self.assertTrue( isinstance( getAdapter(branch, IAuthorization, name='launchpad.View'), AccessBranch)) access = AccessBranch(naked_branch) self.assertTrue(access.checkUnauthenticated()) person = self.factory.makePerson() self.assertTrue(access.checkAuthenticated(IPersonRoles(person)))
def test_branch_access(self): # Accessing any attributes of the Branch content class through the # IBranch interface is configured to require the launchpad.View # permission. The AccessBranch authorization class is used to # authorize users for the combination of the launchpad.View permission # and the IBranch interface. branch = self.factory.makeBranch() naked_branch = removeSecurityProxy(branch) self.assertTrue( isinstance( getAdapter(branch, IAuthorization, name='launchpad.View'), AccessBranch)) access = AccessBranch(naked_branch) self.assertTrue(access.checkUnauthenticated()) person = self.factory.makePerson() self.assertTrue( access.checkAuthenticated(IPersonRoles(person)))