def setUp(self) -> None: self.dash = db.session.query(Dashboard).filter_by( slug="births").first() self.authorized_guest = security_manager.get_guest_user_from_token({ "user": {}, "resources": [{ "type": "dashboard", "id": self.dash.id }] }) self.unauthorized_guest = security_manager.get_guest_user_from_token({ "user": {}, "resources": [{ "type": "dashboard", "id": self.dash.id + 1 }] })
def authorized_guest(self): return security_manager.get_guest_user_from_token({ "user": {}, "resources": [{ "type": "dashboard", "id": self.resource_id }] })
def setUp(self) -> None: self.dash = db.session.query(Dashboard).filter_by(slug="births").first() self.embedded = EmbeddedDAO.upsert(self.dash, []) self.authorized_guest = security_manager.get_guest_user_from_token( { "user": {}, "resources": [{"type": "dashboard", "id": str(self.embedded.uuid)}], } ) self.unauthorized_guest = security_manager.get_guest_user_from_token( { "user": {}, "resources": [ {"type": "dashboard", "id": "06383667-3e02-4e5e-843f-44e9c5896b6c"} ], } )
def test_has_guest_access__unauthorized_guest_user__different_resource_id(self): g.user = security_manager.get_guest_user_from_token( { "user": {}, "resources": [{"type": "dashboard", "id": "not-a-real-id"}], } ) has_guest_access = security_manager.has_guest_access(self.dash) self.assertFalse(has_guest_access)
def test_has_guest_access__unauthorized_guest_user__different_resource_type( self): g.user = security_manager.get_guest_user_from_token({ "user": {}, "resources": [{ "type": "dirt", "id": self.resource_id }] }) has_guest_access = security_manager.has_guest_access( GuestTokenResourceType.DASHBOARD, self.resource_id) self.assertFalse(has_guest_access)
def guest_user_with_rls(self, rules: Optional[List[Any]] = None) -> GuestUser: if rules is None: rules = [self.default_rls_rule()] return security_manager.get_guest_user_from_token({ "user": {}, "resources": [{ "type": GuestTokenResourceType.DASHBOARD.value }], "rls_rules": rules, })
def test_has_guest_access__unauthorized_guest_user__different_resource_type(self): g.user = security_manager.get_guest_user_from_token( {"user": {}, "resources": [{"type": "dirt", "id": self.embedded.uuid}]} ) has_guest_access = security_manager.has_guest_access(self.dash) self.assertFalse(has_guest_access)