# add some user to that group

        # check his permissions

        a1_auth = AuthUser(user_id=self.anon.user_id)

        self.assertEqual(a1_auth.permissions['repositories_groups'],

                         {u'group1': u'group.none'})

        u1_auth = AuthUser(user_id=self.u1.user_id)

        self.assertEqual(u1_auth.permissions['repositories_groups'],

                         {u'group1': u'group.none'})

        # grant ug1 read permissions for

        ReposGroupModel().grant_users_group_permission(repos_group=self.g1,

                                                       group_name=self.ug1,

                                                       perm='group.read')

        Session().commit()

        # check if the

        obj = Session().query(UserGroupRepoGroupToPerm)\

            .filter(UserGroupRepoGroupToPerm.group == self.g1)\

            .filter(UserGroupRepoGroupToPerm.users_group == self.ug1)\

            .scalar()

        self.assertEqual(obj.permission.permission_name, 'group.read')

        a1_auth = AuthUser(user_id=self.anon.user_id)

        self.assertEqual(a1_auth.permissions['repositories_groups'],

                         {u'group1': u'group.none'})

        u1_auth = AuthUser(user_id=self.u1.user_id)

        self.assertEqual(u1_auth.permissions['repositories_groups'],

                         {u'group1': u'group.read'})

    def test_inherited_permissions_from_default_on_user_enabled(self):

        user_model = UserModel()

        # enable fork and create on default user

        usr = 'default'

        user_model.revoke_perm(usr, 'hg.create.none')

        user_model.grant_perm(usr, 'hg.create.repository')

        user_model.revoke_perm(usr, 'hg.fork.none')

        user_model.grant_perm(usr, 'hg.fork.repository')

        # make sure inherit flag is turned on

        self.u1.inherit_default_permissions = True

        Session().commit()

        u1_auth = AuthUser(user_id=self.u1.user_id)

        # this user will have inherited permissions from default user

        self.assertEqual(u1_auth.permissions['global'],

                         set(['hg.create.repository', 'hg.fork.repository',

                              'hg.register.manual_activate',

                              'repository.read', 'group.read',

                              'usergroup.read']))

    def test_inherited_permissions_from_default_on_user_disabled(self):

        user_model = UserModel()

        # disable fork and create on default user

        usr = 'default'

        user_model.revoke_perm(usr, 'hg.create.repository')

        user_model.grant_perm(usr, 'hg.create.none')

        user_model.revoke_perm(usr, 'hg.fork.repository')

        user_model.grant_perm(usr, 'hg.fork.none')

        # make sure inherit flag is turned on

        self.u1.inherit_default_permissions = True

        Session().commit()

        u1_auth = AuthUser(user_id=self.u1.user_id)

        # this user will have inherited permissions from default user

        self.assertEqual(u1_auth.permissions['global'],

                         set(['hg.create.none', 'hg.fork.none',

                              'hg.register.manual_activate',

                              'repository.read', 'group.read',

                              'usergroup.read']))

    def test_non_inherited_permissions_from_default_on_user_enabled(self):

        user_model = UserModel()

        # enable fork and create on default user

        usr = 'default'

        user_model.revoke_perm(usr, 'hg.create.none')

        user_model.grant_perm(usr, 'hg.create.repository')

        user_model.revoke_perm(usr, 'hg.fork.none')

        user_model.grant_perm(usr, 'hg.fork.repository')

        #disable global perms on specific user

        user_model.revoke_perm(self.u1, 'hg.create.repository')

        user_model.grant_perm(self.u1, 'hg.create.none')

        user_model.revoke_perm(self.u1, 'hg.fork.repository')

        user_model.grant_perm(self.u1, 'hg.fork.none')

        # make sure inherit flag is turned off

        self.u1.inherit_default_permissions = False

        Session().commit()

        u1_auth = AuthUser(user_id=self.u1.user_id)

        # this user will have non inherited permissions from he's

        # explicitly set permissions

        self.assertEqual(u1_auth.permissions['global'],

                         set(['hg.create.none', 'hg.fork.none',

                              'hg.register.manual_activate',

                              'repository.read', 'group.read',

                              'usergroup.read']))

    def test_non_inherited_permissions_from_default_on_user_disabled(self):

        user_model = UserModel()

        # disable fork and create on default user

        usr = 'default'

        user_model.revoke_perm(usr, 'hg.create.repository')

        user_model.grant_perm(usr, 'hg.create.none')

        user_model.revoke_perm(usr, 'hg.fork.repository')

        user_model.grant_perm(usr, 'hg.fork.none')

        #enable global perms on specific user

        user_model.revoke_perm(self.u1, 'hg.create.none')

        user_model.grant_perm(self.u1, 'hg.create.repository')

        user_model.revoke_perm(self.u1, 'hg.fork.none')

        user_model.grant_perm(self.u1, 'hg.fork.repository')

        # make sure inherit flag is turned off

        self.u1.inherit_default_permissions = False

        Session().commit()

        u1_auth = AuthUser(user_id=self.u1.user_id)

        # this user will have non inherited permissions from he's

        # explicitly set permissions

        self.assertEqual(u1_auth.permissions['global'],

                         set(['hg.create.repository', 'hg.fork.repository',

                              'hg.register.manual_activate',

                              'repository.read', 'group.read',

                              'usergroup.read']))

    def test_owner_permissions_doesnot_get_overwritten_by_group(self):

        #create repo as USER,

        self.test_repo = fixture.create_repo(name='myownrepo',

                                             repo_type='hg',

                                             cur_user=self.u1)

        #he has permissions of admin as owner

        u1_auth = AuthUser(user_id=self.u1.user_id)

        self.assertEqual(u1_auth.permissions['repositories']['myownrepo'],

                         'repository.admin')

        #set his permission as user group, he should still be admin

        self.ug1 = fixture.create_user_group('G1')

        UserGroupModel().add_user_to_group(self.ug1, self.u1)

        RepoModel().grant_users_group_permission(self.test_repo,

                                                 group_name=self.ug1,

                                                 perm='repository.none')

        Session().commit()

        u1_auth = AuthUser(user_id=self.u1.user_id)

        self.assertEqual(u1_auth.permissions['repositories']['myownrepo'],

                         'repository.admin')

    def test_owner_permissions_doesnot_get_overwritten_by_others(self):

        #create repo as USER,

        self.test_repo = fixture.create_repo(name='myownrepo',

                                             repo_type='hg',

                                             cur_user=self.u1)

        #he has permissions of admin as owner

        u1_auth = AuthUser(user_id=self.u1.user_id)

        self.assertEqual(u1_auth.permissions['repositories']['myownrepo'],

                         'repository.admin')

        #set his permission as user, he should still be admin

        RepoModel().grant_user_permission(self.test_repo, user=self.u1,

                                          perm='repository.none')

        Session().commit()

        u1_auth = AuthUser(user_id=self.u1.user_id)

        self.assertEqual(u1_auth.permissions['repositories']['myownrepo'],

                         'repository.admin')

    def _test_def_perm_equal(self, user, change_factor=0):

        perms = UserToPerm.query()\

                .filter(UserToPerm.user == user)\

                .all()

        self.assertEqual(len(perms),