def test_get_action_permissions(users, user_action): user_id = users[0].id action_id = user_action.id # by default, only the user who created an action has access to it assert action_permissions.get_action_permissions_for_users( action_id=action_id) == { users[1].id: Permissions.GRANT } assert not action_permissions.action_is_public(action_id) action_permissions.set_action_public(action_id) assert action_permissions.get_action_permissions_for_users( action_id=action_id) == { users[1].id: Permissions.GRANT } assert action_permissions.action_is_public(action_id) sampledb.db.session.add( UserActionPermissions(user_id=user_id, action_id=action_id, permissions=Permissions.WRITE)) sampledb.db.session.commit() assert action_permissions.get_action_permissions_for_users( action_id=action_id) == { user_id: Permissions.WRITE, users[1].id: Permissions.GRANT } assert action_permissions.action_is_public(action_id)
def test_update_action_permissions(users, user_action): user_id = users[0].id action_id = user_action.id assert action_permissions.get_user_action_permissions( user_id=user_id, action_id=action_id) == Permissions.NONE action_permissions.set_user_action_permissions( action_id=action_id, user_id=user_id, permissions=Permissions.WRITE) assert action_permissions.get_user_action_permissions( user_id=user_id, action_id=action_id) == Permissions.WRITE action_permissions.set_user_action_permissions( action_id=action_id, user_id=user_id, permissions=Permissions.READ) assert action_permissions.get_user_action_permissions( user_id=user_id, action_id=action_id) == Permissions.READ action_permissions.set_user_action_permissions( action_id=action_id, user_id=user_id, permissions=Permissions.NONE) assert action_permissions.get_user_action_permissions( user_id=user_id, action_id=action_id) == Permissions.NONE assert action_permissions.get_action_permissions_for_users( action_id=action_id) == { users[1].id: Permissions.GRANT } assert not action_permissions.action_is_public(action_id)
def test_group_permissions(users, user_action): user, creator = users action_id = user_action.id group_id = groups.create_group("Example Group", "", creator.id).id assert action_permissions.get_action_permissions_for_users(action_id=action_id) == { creator.id: Permissions.GRANT } assert not action_permissions.action_is_public(action_id) assert action_permissions.get_user_action_permissions(action_id=action_id, user_id=user.id) == Permissions.NONE action_permissions.set_group_action_permissions(action_id=action_id, group_id=group_id, permissions=Permissions.WRITE) assert action_permissions.get_action_permissions_for_users(action_id=action_id) == { creator.id: Permissions.GRANT } assert not action_permissions.action_is_public(action_id) assert action_permissions.get_user_action_permissions(action_id=action_id, user_id=user.id) == Permissions.NONE groups.add_user_to_group(group_id=group_id, user_id=user.id) assert action_permissions.get_action_permissions_for_users(action_id=action_id) == { creator.id: Permissions.GRANT, user.id: Permissions.WRITE } assert not action_permissions.action_is_public(action_id) assert action_permissions.get_user_action_permissions(action_id=action_id, user_id=user.id) == Permissions.WRITE action_permissions.set_user_action_permissions(action_id=action_id, user_id=user.id, permissions=Permissions.READ) assert action_permissions.get_action_permissions_for_users(action_id=action_id) == { creator.id: Permissions.GRANT, user.id: Permissions.WRITE } assert not action_permissions.action_is_public(action_id) assert action_permissions.get_user_action_permissions(action_id=action_id, user_id=user.id) == Permissions.WRITE action_permissions.set_group_action_permissions(action_id=action_id, group_id=group_id, permissions=Permissions.READ) action_permissions.set_user_action_permissions(action_id=action_id, user_id=user.id, permissions=Permissions.WRITE) assert action_permissions.get_action_permissions_for_users(action_id=action_id) == { creator.id: Permissions.GRANT, user.id: Permissions.WRITE } assert not action_permissions.action_is_public(action_id) assert action_permissions.get_user_action_permissions(action_id=action_id, user_id=user.id) == Permissions.WRITE action_permissions.set_user_action_permissions(action_id=action_id, user_id=user.id, permissions=Permissions.READ) action_permissions.set_group_action_permissions(action_id=action_id, group_id=group_id, permissions=Permissions.GRANT) groups.remove_user_from_group(group_id=group_id, user_id=user.id) assert action_permissions.get_action_permissions_for_users(action_id=action_id) == { creator.id: Permissions.GRANT, user.id: Permissions.READ } assert not action_permissions.action_is_public(action_id) assert action_permissions.get_user_action_permissions(action_id=action_id, user_id=user.id) == Permissions.READ
def test_public_actions(independent_action, user_action): # non-user actions will always action_id = independent_action.id assert not action_permissions.action_is_public(action_id) action_permissions.set_action_public(action_id) assert action_permissions.action_is_public(action_id) action_permissions.set_action_public(action_id, False) assert not action_permissions.action_is_public(action_id) action_id = user_action.id assert not action_permissions.action_is_public(action_id) action_permissions.set_action_public(action_id) assert action_permissions.action_is_public(action_id) action_permissions.set_action_public(action_id, False) assert not action_permissions.action_is_public(action_id)