def test_edit_default_user_permissions(flask_server, user): with flask_server.app.app_context(): new_user = sampledb.models.User(name="New User", email="*****@*****.**", type=sampledb.models.UserType.PERSON) sampledb.db.session.add(new_user) sampledb.db.session.commit() new_user_id = new_user.id object_permissions.set_default_permissions_for_user( creator_id=user.id, user_id=new_user_id, permissions=object_permissions.Permissions.WRITE) assert object_permissions.get_default_permissions_for_users( creator_id=user.id).get( new_user_id) == object_permissions.Permissions.WRITE session = requests.session() assert session.get(flask_server.base_url + 'users/{}/autologin'.format(user.id)).status_code == 200 r = session.get(flask_server.base_url + 'users/{}/preferences'.format(user.id)) assert r.status_code == 200 document = BeautifulSoup(r.content, 'html.parser') default_permissions_form = document.find(attrs={ 'name': 'edit_user_permissions', 'value': 'edit_user_permissions' }).find_parent('form') data = {} user_field_name = None for hidden_field in default_permissions_form.find_all( 'input', {'type': 'hidden'}): data[hidden_field['name']] = hidden_field['value'] if hidden_field['name'].endswith( 'user_id') and hidden_field['value'] == str(new_user_id): # the associated radio button is the first radio button in the same table row user_field_name = hidden_field.find_parent('tr').find( 'input', {'type': 'radio'})['name'] for radio_button in default_permissions_form.find_all( 'input', {'type': 'radio'}): if radio_button.has_attr( 'checked') and not radio_button.has_attr('disabled'): data[radio_button['name']] = radio_button['value'] assert user_field_name is not None assert data[user_field_name] == 'write' data[user_field_name] = 'read' data['edit_user_permissions'] = 'edit_user_permissions' assert session.post(flask_server.base_url + 'users/{}/preferences'.format(user.id), data=data).status_code == 200 with flask_server.app.app_context(): assert object_permissions.get_default_permissions_for_users( creator_id=user.id).get( new_user_id) == object_permissions.Permissions.READ
def test_default_permissions_for_creator(users): user, creator = users assert object_permissions.get_default_permissions_for_users(creator_id=creator.id) == { creator.id: Permissions.GRANT } # the creator cannot receive less than GRANT default permissions with pytest.raises(object_permissions.InvalidDefaultPermissionsError): object_permissions.set_default_permissions_for_user(creator_id=creator.id, user_id=creator.id, permissions=Permissions.WRITE) # setting the creator's default permissions to GRANT does nothing, but is acceptable object_permissions.set_default_permissions_for_user(creator_id=creator.id, user_id=creator.id, permissions=Permissions.GRANT) assert object_permissions.get_default_permissions_for_users(creator_id=creator.id) == { creator.id: Permissions.GRANT }
def test_default_permissions_for_users(users, independent_action): user, creator = users # unless set otherwise, no user beside the creator (and instrument responsible users) will get initial permissions assert object_permissions.get_default_permissions_for_users(creator_id=creator.id) == { creator.id: Permissions.GRANT } object = sampledb.logic.objects.create_object(user_id=creator.id, action_id=independent_action.id, data={ 'name': { '_type': 'text', 'text': 'Name' } }) assert object_permissions.get_object_permissions_for_users(object_id=object.id, include_instrument_responsible_users=False, include_groups=False) == { creator.id: Permissions.GRANT } object_permissions.set_default_permissions_for_user(creator_id=creator.id, user_id=user.id, permissions=Permissions.READ) assert object_permissions.get_default_permissions_for_users(creator_id=creator.id) == { creator.id: Permissions.GRANT, user.id: Permissions.READ } object = sampledb.logic.objects.create_object(user_id=creator.id, action_id=independent_action.id, data={ 'name': { '_type': 'text', 'text': 'Name' } }) assert object_permissions.get_object_permissions_for_users(object_id=object.id, include_instrument_responsible_users=False, include_groups=False) == { creator.id: Permissions.GRANT, user.id: Permissions.READ } # the default permissions are only used when creating a new object. object_permissions.set_default_permissions_for_user(creator_id=creator.id, user_id=user.id, permissions=Permissions.WRITE) assert object_permissions.get_default_permissions_for_users(creator_id=creator.id) == { creator.id: Permissions.GRANT, user.id: Permissions.WRITE } assert object_permissions.get_object_permissions_for_users(object_id=object.id, include_instrument_responsible_users=False, include_groups=False) == { creator.id: Permissions.GRANT, user.id: Permissions.READ }
def test_add_default_user_permissions(flask_server, user): with flask_server.app.app_context(): new_user = sampledb.models.User(name="New User", email="*****@*****.**", type=sampledb.models.UserType.PERSON) sampledb.db.session.add(new_user) sampledb.db.session.commit() new_user_id = new_user.id session = requests.session() assert session.get(flask_server.base_url + 'users/{}/autologin'.format(user.id)).status_code == 200 r = session.get(flask_server.base_url + 'users/{}/preferences'.format(user.id)) assert r.status_code == 200 document = BeautifulSoup(r.content, 'html.parser') default_permissions_form = document.find(attrs={ 'name': 'add_user_permissions', 'value': 'add_user_permissions' }).find_parent('form') data = {} for hidden_field in default_permissions_form.find_all( 'input', {'type': 'hidden'}): data[hidden_field['name']] = hidden_field['value'] data['user_id'] = str(new_user_id) data['permissions'] = 'read' data['add_user_permissions'] = 'add_user_permissions' assert session.post(flask_server.base_url + 'users/{}/preferences'.format(user.id), data=data).status_code == 200 with flask_server.app.app_context(): assert object_permissions.get_default_permissions_for_users( creator_id=user.id).get( new_user_id) == object_permissions.Permissions.READ