def test_remove_user(self):
u = self._create_user()
r = self._create_role()
authorization.add_user_to_role(r['name'], u['login'])
authorization.remove_user_from_role(r['name'], u['login'])
user_names = [u['login'] for u in authorization.list_users_in_role(r['name'])]
self.assertFalse(u['login'] in user_names)
def test_role_permission_remove(self):
u = self._create_user()
r = self._create_role()
s = self._create_resource()
o = authorization.READ
n = authorization.operation_to_name(o)
authorization.add_user_to_role(r['name'], u['login'])
authorization.grant_permission_to_role(s, r['name'], [n])
self.assertTrue(authorization.is_authorized(s, u, o))
authorization.remove_user_from_role(r['name'], u['login'])
self.assertFalse(authorization.is_authorized(s, u, o))
