def testReadOnly(self):
""" In a read-only group, user should NOT be able to Edit or Annotate """
# Login as owner...
self.doLogin(dbhelpers.USERS['read_only_owner'])
p = dbhelpers.getProject(self.gateway, 'read_only_proj')
p2 = dbhelpers.getProject(self.gateway, 'read_only_proj_2')
pid = p.id
pid2 = p2.id
self.assertCanEdit(p, True)
self.assertCanAnnotate(p, True)
# Test Bug from #9505 commits: Second Project canEdit() is False
pros = self.gateway.getObjects("Project", [pid, pid2])
for p in pros:
self.assertCanEdit(p, True)
# Login as user...
self.doLogin(dbhelpers.USERS['read_only_user'])
p = self.gateway.getObject("Project", pid)
self.assertCanEdit(p, False)
self.assertCanAnnotate(p, False)
# Login as admin...
self.doLogin(dbhelpers.USERS['read_only_admin'])
p = self.gateway.getObject("Project", pid)
self.assertCanEdit(p, True, sudo_needed=True)
self.assertCanAnnotate(p, True, sudo_needed=True)
# Login as group leader...
self.doLogin(dbhelpers.USERS['read_only_leader'])
p = self.gateway.getObject("Project", pid)
self.assertCanEdit(p, True, sudo_needed=True)
self.assertCanAnnotate(p, True, sudo_needed=True)
def testReadOnly(self):
""" In a read-only group, user should NOT be able to Edit or Annotate """
# Login as owner...
self.doLogin(dbhelpers.USERS['read_only_owner'])
p = dbhelpers.getProject(self.gateway, 'read_only_proj')
p2 = dbhelpers.getProject(self.gateway, 'read_only_proj_2')
pid = p.id
pid2 = p2.id
self.assertCanEdit(p, True)
self.assertCanAnnotate(p, True)
# Test Bug from #9505 commits: Second Project canEdit() is False
pros = self.gateway.getObjects("Project", [pid, pid2])
for p in pros:
self.assertCanEdit(p, True)
# Login as user...
self.doLogin(dbhelpers.USERS['read_only_user'])
p = self.gateway.getObject("Project", pid)
self.assertCanEdit(p, False)
self.assertCanAnnotate(p, False)
# Login as admin...
self.doLogin(dbhelpers.USERS['read_only_admin'])
p = self.gateway.getObject("Project", pid)
self.assertCanEdit(p, True, sudo_needed=True)
self.assertCanAnnotate(p, True, sudo_needed=True)
# Login as group leader...
self.doLogin(dbhelpers.USERS['read_only_leader'])
p = self.gateway.getObject("Project", pid)
self.assertCanEdit(p, True, sudo_needed=True)
self.assertCanAnnotate(p, True, sudo_needed=True)
def testReadWrite(self):
""" In a read-write group, all should be able to Annotate and Edit"""
# Login as owner...
self.doLogin(dbhelpers.USERS['read_write_owner'])
p = dbhelpers.getProject(self.gateway, 'read_write_proj')
pid = p.id
self.assertCanEdit(p, True)
self.assertCanAnnotate(p, True)
# Login as user...
self.doLogin(dbhelpers.USERS['read_write_user'])
p = self.gateway.getObject("Project", pid)
self.assertCanEdit(p, True, exc_info=1)
self.assertCanAnnotate(p, True)
# Login as admin...
self.doLogin(dbhelpers.USERS['read_write_admin'])
p = self.gateway.getObject("Project", pid)
self.assertCanEdit(p, True)
self.assertCanAnnotate(p, True)
# Login as group leader...
self.doLogin(dbhelpers.USERS['read_write_leader'])
p = self.gateway.getObject("Project", pid)
self.assertCanEdit(p, True)
self.assertCanAnnotate(p, True)
def testReadAnnotate(self):
""" In a read-annotate group, user should be able to Annotate but NOT Edit"""
# Login as owner...
self.doLogin(dbhelpers.USERS['read_ann_owner'])
p = dbhelpers.getProject(self.gateway, 'read_ann_proj')
pid = p.id
self.assertCanEdit(p, True)
self.assertCanAnnotate(p, True)
# Login as user...
self.doLogin(dbhelpers.USERS['read_ann_user'])
p = self.gateway.getObject("Project", pid)
self.assertCanEdit(p, False)
self.assertCanAnnotate(p, True, exc_info=1)
# Login as admin...
self.doLogin(dbhelpers.USERS['read_ann_admin'])
self.gateway.SERVICE_OPTS.setOmeroGroup('-1')
p = self.gateway.getObject("Project", pid)
self.assertCanEdit(p, True)
self.assertCanAnnotate(p, True)
# Login as group leader...
self.doLogin(dbhelpers.USERS['read_ann_leader'])
p = self.gateway.getObject("Project", pid)
self.assertCanEdit(p, True)
self.assertCanAnnotate(p, True)
def testReadWrite(self):
""" In a read-write group, all should be able to Annotate and Edit"""
# Login as owner...
self.doLogin(dbhelpers.USERS['read_write_owner'])
p = dbhelpers.getProject(self.gateway, 'read_write_proj')
pid = p.id
self.assertCanEdit(p, True)
self.assertCanAnnotate(p, True)
# Login as user...
self.doLogin(dbhelpers.USERS['read_write_user'])
p = self.gateway.getObject("Project", pid)
self.assertCanEdit(p, True, exc_info=1)
self.assertCanAnnotate(p, True)
# Login as admin...
self.doLogin(dbhelpers.USERS['read_write_admin'])
p = self.gateway.getObject("Project", pid)
self.assertCanEdit(p, True)
self.assertCanAnnotate(p, True)
# Login as group leader...
self.doLogin(dbhelpers.USERS['read_write_leader'])
p = self.gateway.getObject("Project", pid)
self.assertCanEdit(p, True)
self.assertCanAnnotate(p, True)
def testReadAnnotate(self):
""" In a read-annotate group, user should be able to Annotate but NOT Edit"""
# Login as owner...
self.doLogin(dbhelpers.USERS['read_ann_owner'])
p = dbhelpers.getProject(self.gateway, 'read_ann_proj')
pid = p.id
self.assertCanEdit(p, True)
self.assertCanAnnotate(p, True)
# Login as user...
self.doLogin(dbhelpers.USERS['read_ann_user'])
p = self.gateway.getObject("Project", pid)
self.assertCanEdit(p, False)
self.assertCanAnnotate(p, True, exc_info=1)
# Login as admin...
self.doLogin(dbhelpers.USERS['read_ann_admin'])
self.gateway.SERVICE_OPTS.setOmeroGroup('-1')
p = self.gateway.getObject("Project", pid)
self.assertCanEdit(p, True)
self.assertCanAnnotate(p, True)
# Login as group leader...
self.doLogin(dbhelpers.USERS['read_ann_leader'])
p = self.gateway.getObject("Project", pid)
self.assertCanEdit(p, True)
self.assertCanAnnotate(p, True)
def testReadOnly(self):
""" In a read-only group, user should NOT be able to Edit or Annotate """
# Login as owner...
self.doLogin(dbhelpers.USERS['read_only_owner'])
p = dbhelpers.getProject(self.gateway, 'read_only_proj')
pid = p.id
self.assertCanEdit(p, True)
self.assertCanAnnotate(p, True)
# Login as user...
self.doLogin(dbhelpers.USERS['read_only_user'])
p = self.gateway.getObject("Project", pid)
self.assertCanEdit(p, False)
self.assertCanAnnotate(p, False)
# Login as admin...
self.doLogin(dbhelpers.USERS['read_only_admin'])
p = self.gateway.getObject("Project", pid)
self.assertCanEdit(p, True, sudo_needed=True)
self.assertCanAnnotate(p, True, sudo_needed=True)
# Login as group leader...
self.doLogin(dbhelpers.USERS['read_only_leader'])
p = self.gateway.getObject("Project", pid)
self.assertCanEdit(p, True, sudo_needed=True)
self.assertCanAnnotate(p, True, sudo_needed=True)
def testReadAnnotate(self, gatewaywrapper):
""" In a read-annotate group, user should be able to Annotate but NOT Edit"""
# Login as owner...
gatewaywrapper.doLogin(dbhelpers.USERS["read_ann_owner"])
p = dbhelpers.getProject(gatewaywrapper.gateway, "read_ann_proj")
pid = p.id
self.assertCanEdit(p, True)
self.assertCanAnnotate(p, True)
# Login as user...
gatewaywrapper.doLogin(dbhelpers.USERS["read_ann_user"])
p = gatewaywrapper.gateway.getObject("Project", pid)
self.assertCanEdit(p, False)
self.assertCanAnnotate(p, True, exc_info=1)
# Login as admin...
gatewaywrapper.doLogin(dbhelpers.USERS["read_ann_admin"])
gatewaywrapper.gateway.SERVICE_OPTS.setOmeroGroup("-1")
p = gatewaywrapper.gateway.getObject("Project", pid)
self.assertCanEdit(p, True)
self.assertCanAnnotate(p, True)
# Login as group leader...
gatewaywrapper.doLogin(dbhelpers.USERS["read_ann_leader"])
p = gatewaywrapper.gateway.getObject("Project", pid)
self.assertCanEdit(p, True)
self.assertCanAnnotate(p, True)
def testGroupMinusOne(self):
""" Should be able to Annotate and Edit object retrieved with omero.group:'-1' """
# Login as owner...
self.doLogin(dbhelpers.USERS['read_ann_owner'])
p = dbhelpers.getProject(self.gateway, 'read_ann_proj')
pid = p.id
self.gateway.SERVICE_OPTS.setOmeroGroup('-1')
p = self.gateway.getObject("Project", pid)
self.assertCanEdit(p, True)
# Need to get object again since p.save() in assertCanEdit() reloads it under different context
p = self.gateway.getObject("Project", pid)
self.assertCanAnnotate(p, True)
# Login as group leader...
self.doLogin(dbhelpers.USERS['read_ann_leader'])
self.gateway.SERVICE_OPTS.setOmeroGroup('-1')
p = self.gateway.getObject("Project", pid)
self.assertCanEdit(p, True)
p = self.gateway.getObject("Project", pid)
self.assertCanAnnotate(p, True)
def testGroupMinusOne(self):
""" Should be able to Annotate and Edit object retrieved with omero.group:'-1' """
# Login as owner...
self.doLogin(dbhelpers.USERS['read_ann_owner'])
p = dbhelpers.getProject(self.gateway, 'read_ann_proj')
pid = p.id
self.gateway.SERVICE_OPTS.setOmeroGroup('-1')
p = self.gateway.getObject("Project", pid)
self.assertCanEdit(p, True)
# Need to get object again since p.save() in assertCanEdit() reloads it under different context
p = self.gateway.getObject("Project", pid)
self.assertCanAnnotate(p, True)
# Login as group leader...
self.doLogin(dbhelpers.USERS['read_ann_leader'])
self.gateway.SERVICE_OPTS.setOmeroGroup('-1')
p = self.gateway.getObject("Project", pid)
self.assertCanEdit(p, True)
p = self.gateway.getObject("Project", pid)
self.assertCanAnnotate(p, True)
def getTestProject2(self):
return dbhelpers.getProject(self.gateway, 'testpr2')
def getTestProject2(self):
return dbhelpers.getProject(self.gateway, 'testpr2')
def getTestProject(self):
return dbhelpers.getProject(self.gateway, "testpr1")
