def test_get_action_permissions(users, user_action):
user_id = users[0].id
action_id = user_action.id
# by default, only the user who created an action has access to it
assert action_permissions.get_action_permissions_for_users(
action_id=action_id) == {
users[1].id: Permissions.GRANT
}
assert not action_permissions.action_is_public(action_id)
action_permissions.set_action_public(action_id)
assert action_permissions.get_action_permissions_for_users(
action_id=action_id) == {
users[1].id: Permissions.GRANT
}
assert action_permissions.action_is_public(action_id)
sampledb.db.session.add(
UserActionPermissions(user_id=user_id,
action_id=action_id,
permissions=Permissions.WRITE))
sampledb.db.session.commit()
assert action_permissions.get_action_permissions_for_users(
action_id=action_id) == {
user_id: Permissions.WRITE,
users[1].id: Permissions.GRANT
}
assert action_permissions.action_is_public(action_id)
def test_get_user_public_action_permissions(user, user_action, independent_action):
user_id = user.id
action_id = user_action.id
action_permissions.set_action_public(action_id)
assert action_permissions.get_user_action_permissions(user_id=user_id, action_id=action_id) == Permissions.READ
action_id = independent_action.id
assert action_permissions.get_user_action_permissions(user_id=user_id, action_id=action_id) == Permissions.READ
def test_public_actions(independent_action, user_action):
# non-user actions will always
action_id = independent_action.id
assert not action_permissions.action_is_public(action_id)
action_permissions.set_action_public(action_id)
assert action_permissions.action_is_public(action_id)
action_permissions.set_action_public(action_id, False)
assert not action_permissions.action_is_public(action_id)
action_id = user_action.id
assert not action_permissions.action_is_public(action_id)
action_permissions.set_action_public(action_id)
assert action_permissions.action_is_public(action_id)
action_permissions.set_action_public(action_id, False)
assert not action_permissions.action_is_public(action_id)