Changeset - d7e10699513b
Parent rev.
Child rev.
[Not reviewed]
beta
0 1 0
Marcin Kuzminski - 13 years ago 2012-12-01 00:14:47
marcin@python-works.com
fixed some tests after recent changes on default group permissions
1 file changed with 4 insertions and 4 deletions:
rhodecode/tests/models/test_permissions.py
4
4
0 comments (0 inline, 0 general)
rhodecode/tests/models/test_permissions.py
Show inline comments
 
@@ -262,211 +262,211 @@ class TestPermissions(unittest.TestCase)
 
        a1_auth = AuthUser(user_id=self.anon.user_id)
 
        self.assertEqual(a1_auth.permissions['repositories_groups'],
 
                 {u'group1': u'group.none', u'group2': u'group.none'})
 

			




	
	
	
		
 
        #grant permission for u2 !

			




	
	
	
		
 
        ReposGroupModel().grant_user_permission(repos_group=self.g1,

			




	
	
	
		
 
                                                user=self.u2,

			




	
	
	
		
 
                                                perm='group.read')

			




	
	
	
		
 
        ReposGroupModel().grant_user_permission(repos_group=self.g2,

			




	
	
	
		
 
                                                user=self.u2,

			




	
	
	
		
 
                                                perm='group.read')

			




	
	
	
		
 
        Session().commit()

			




	
	
	
		
 
        self.assertNotEqual(self.u1, self.u2)

			




	
	
	
		
 
        #u1 and anon should have not change perms while u2 should !

			




	
	
	
		
 
        u1_auth = AuthUser(user_id=self.u1.user_id)

			




	
	
	
		
 
        self.assertEqual(u1_auth.permissions['repositories_groups'],

			




	
	
	
		
 
                 {u'group1': u'group.none', u'group2': u'group.none'})

			




	
	
	
		
 

			




	
	
	
		
 
        u2_auth = AuthUser(user_id=self.u2.user_id)

			




	
	
	
		
 
        self.assertEqual(u2_auth.permissions['repositories_groups'],

			




	
	
	
		
 
                 {u'group1': u'group.read', u'group2': u'group.read'})

			




	
	
	
		
 

			




	
	
	
		
 
        a1_auth = AuthUser(user_id=self.anon.user_id)

			




	
	
	
		
 
        self.assertEqual(a1_auth.permissions['repositories_groups'],

			




	
	
	
		
 
                 {u'group1': u'group.none', u'group2': u'group.none'})

			




	
	
	
		
 

			




	
	
	
		
 
    def test_repo_group_user_as_user_group_member(self):

			




	
	
	
		
 
        # create Group1

			




	
	
	
		
 
        self.g1 = _make_group('group1', skip_if_exists=True)

			




	
	
	
		
 
        Session().commit()

			




	
	
	
		
 
        a1_auth = AuthUser(user_id=self.anon.user_id)

			




	
	
	
		
 

			




	
	
	
		
 
        self.assertEqual(a1_auth.permissions['repositories_groups'],

			




	
	
	
		
 
                         {u'group1': u'group.read'})

			




	
	
	
		
 

			




	
	
	
		
 
        # set default permission to none

			




	
	
	
		
 
        ReposGroupModel().grant_user_permission(repos_group=self.g1,

			




	
	
	
		
 
                                                user=self.anon,

			




	
	
	
		
 
                                                perm='group.none')

			




	
	
	
		
 
        # make group

			




	
	
	
		
 
        self.ug1 = UsersGroupModel().create('G1')

			




	
	
	
		
 
        # add user to group

			




	
	
	
		
 
        UsersGroupModel().add_user_to_group(self.ug1, self.u1)

			




	
	
	
		
 
        Session().commit()

			




	
	
	
		
 

			




	
	
	
		
 
        # check if user is in the group

			




	
	
	
		
 
        membrs = [x.user_id for x in UsersGroupModel().get(self.ug1.users_group_id).members]

			




	
	
	
		
 
        self.assertEqual(membrs, [self.u1.user_id])

			




	
	
	
		
 
        # add some user to that group

			




	
	
	
		
 

			




	
	
	
		
 
        # check his permissions

			




	
	
	
		
 
        a1_auth = AuthUser(user_id=self.anon.user_id)

			




	
	
	
		
 
        self.assertEqual(a1_auth.permissions['repositories_groups'],

			




	
	
	
		
 
                         {u'group1': u'group.none'})

			




	
	
	
		
 

			




	
	
	
		
 
        u1_auth = AuthUser(user_id=self.u1.user_id)

			




	
	
	
		
 
        self.assertEqual(u1_auth.permissions['repositories_groups'],

			




	
	
	
		
 
                         {u'group1': u'group.none'})

			




	
	
	
		
 

			




	
	
	
		
 
        # grant ug1 read permissions for

			




	
	
	
		
 
        ReposGroupModel().grant_users_group_permission(repos_group=self.g1,

			




	
	
	
		
 
                                                       group_name=self.ug1,

			




	
	
	
		
 
                                                       perm='group.read')

			




	
	
	
		
 
        Session().commit()

			




	
	
	
		
 
        # check if the

			




	
	
	
		
 
        obj = Session().query(UsersGroupRepoGroupToPerm)\

			




	
	
	
		
 
            .filter(UsersGroupRepoGroupToPerm.group == self.g1)\

			




	
	
	
		
 
            .filter(UsersGroupRepoGroupToPerm.users_group == self.ug1)\

			




	
	
	
		
 
            .scalar()

			




	
	
	
		
 
        self.assertEqual(obj.permission.permission_name, 'group.read')

			




	
	
	
		
 

			




	
	
	
		
 
        a1_auth = AuthUser(user_id=self.anon.user_id)

			




	
	
	
		
 

			




	
	
	
		
 
        self.assertEqual(a1_auth.permissions['repositories_groups'],

			




	
	
	
		
 
                         {u'group1': u'group.none'})

			




	
	
	
		
 

			




	
	
	
		
 
        u1_auth = AuthUser(user_id=self.u1.user_id)

			




	
	
	
		
 
        self.assertEqual(u1_auth.permissions['repositories_groups'],

			




	
	
	
		
 
                         {u'group1': u'group.read'})

			




	
	
	
		
 

			




	
	
	
		
 
    def test_inherited_permissions_from_default_on_user_enabled(self):

			




	
	
	
		
 
        user_model = UserModel()

			




	
	
	
		
 
        # enable fork and create on default user

			




	
	
	
		
 
        usr = 'default'

			




	
	
	
		
 
        user_model.revoke_perm(usr, 'hg.create.none')

			




	
	
	
		
 
        user_model.grant_perm(usr, 'hg.create.repository')

			




	
	
	
		
 
        user_model.revoke_perm(usr, 'hg.fork.none')

			




	
	
	
		
 
        user_model.grant_perm(usr, 'hg.fork.repository')

			




	
	
	
		
 
        # make sure inherit flag is turned on

			




	
	
	
		
 
        self.u1.inherit_default_permissions = True

			




	
	
	
		
 
        Session().commit()

			




	
	
	
		
 
        u1_auth = AuthUser(user_id=self.u1.user_id)

			




	
	
	
		
 
        # this user will have inherited permissions from default user

			




	
	
	
		
 
        self.assertEqual(u1_auth.permissions['global'],

			




	
	
	
		
 
                         set(['hg.create.repository', 'hg.fork.repository',

			




	
	
	
		
 
                              'hg.register.manual_activate',

			




	
	
	
		
 
                              'repository.read']))

			




	
	
	
		
 
                              'repository.read', 'group.read']))

			




	
	
	
		
 

			




	
	
	
		
 
    def test_inherited_permissions_from_default_on_user_disabled(self):

			




	
	
	
		
 
        user_model = UserModel()

			




	
	
	
		
 
        # disable fork and create on default user

			




	
	
	
		
 
        usr = 'default'

			




	
	
	
		
 
        user_model.revoke_perm(usr, 'hg.create.repository')

			




	
	
	
		
 
        user_model.grant_perm(usr, 'hg.create.none')

			




	
	
	
		
 
        user_model.revoke_perm(usr, 'hg.fork.repository')

			




	
	
	
		
 
        user_model.grant_perm(usr, 'hg.fork.none')

			




	
	
	
		
 
        # make sure inherit flag is turned on

			




	
	
	
		
 
        self.u1.inherit_default_permissions = True

			




	
	
	
		
 
        Session().commit()

			




	
	
	
		
 
        u1_auth = AuthUser(user_id=self.u1.user_id)

			




	
	
	
		
 
        # this user will have inherited permissions from default user

			




	
	
	
		
 
        self.assertEqual(u1_auth.permissions['global'],

			




	
	
	
		
 
                         set(['hg.create.none', 'hg.fork.none',

			




	
	
	
		
 
                              'hg.register.manual_activate',

			




	
	
	
		
 
                              'repository.read']))

			




	
	
	
		
 
                              'repository.read', 'group.read']))

			




	
	
	
		
 

			




	
	
	
		
 
    def test_non_inherited_permissions_from_default_on_user_enabled(self):

			




	
	
	
		
 
        user_model = UserModel()

			




	
	
	
		
 
        # enable fork and create on default user

			




	
	
	
		
 
        usr = 'default'

			




	
	
	
		
 
        user_model.revoke_perm(usr, 'hg.create.none')

			




	
	
	
		
 
        user_model.grant_perm(usr, 'hg.create.repository')

			




	
	
	
		
 
        user_model.revoke_perm(usr, 'hg.fork.none')

			




	
	
	
		
 
        user_model.grant_perm(usr, 'hg.fork.repository')

			




	
	
	
		
 

			




	
	
	
		
 
        #disable global perms on specific user

			




	
	
	
		
 
        user_model.revoke_perm(self.u1, 'hg.create.repository')

			




	
	
	
		
 
        user_model.grant_perm(self.u1, 'hg.create.none')

			




	
	
	
		
 
        user_model.revoke_perm(self.u1, 'hg.fork.repository')

			




	
	
	
		
 
        user_model.grant_perm(self.u1, 'hg.fork.none')

			




	
	
	
		
 

			




	
	
	
		
 
        # make sure inherit flag is turned off

			




	
	
	
		
 
        self.u1.inherit_default_permissions = False

			




	
	
	
		
 
        Session().commit()

			




	
	
	
		
 
        u1_auth = AuthUser(user_id=self.u1.user_id)

			




	
	
	
		
 
        # this user will have non inherited permissions from he's

			




	
	
	
		
 
        # explicitly set permissions

			




	
	
	
		
 
        self.assertEqual(u1_auth.permissions['global'],

			




	
	
	
		
 
                         set(['hg.create.none', 'hg.fork.none',

			




	
	
	
		
 
                              'hg.register.manual_activate',

			




	
	
	
		
 
                              'repository.read']))

			




	
	
	
		
 
                              'repository.read', 'group.read']))

			




	
	
	
		
 

			




	
	
	
		
 
    def test_non_inherited_permissions_from_default_on_user_disabled(self):

			




	
	
	
		
 
        user_model = UserModel()

			




	
	
	
		
 
        # disable fork and create on default user

			




	
	
	
		
 
        usr = 'default'

			




	
	
	
		
 
        user_model.revoke_perm(usr, 'hg.create.repository')

			




	
	
	
		
 
        user_model.grant_perm(usr, 'hg.create.none')

			




	
	
	
		
 
        user_model.revoke_perm(usr, 'hg.fork.repository')

			




	
	
	
		
 
        user_model.grant_perm(usr, 'hg.fork.none')

			




	
	
	
		
 

			




	
	
	
		
 
        #enable global perms on specific user

			




	
	
	
		
 
        user_model.revoke_perm(self.u1, 'hg.create.none')

			




	
	
	
		
 
        user_model.grant_perm(self.u1, 'hg.create.repository')

			




	
	
	
		
 
        user_model.revoke_perm(self.u1, 'hg.fork.none')

			




	
	
	
		
 
        user_model.grant_perm(self.u1, 'hg.fork.repository')

			




	
	
	
		
 

			




	
	
	
		
 
        # make sure inherit flag is turned off

			




	
	
	
		
 
        self.u1.inherit_default_permissions = False

			




	
	
	
		
 
        Session().commit()

			




	
	
	
		
 
        u1_auth = AuthUser(user_id=self.u1.user_id)

			




	
	
	
		
 
        # this user will have non inherited permissions from he's

			




	
	
	
		
 
        # explicitly set permissions

			




	
	
	
		
 
        self.assertEqual(u1_auth.permissions['global'],

			




	
	
	
		
 
                         set(['hg.create.repository', 'hg.fork.repository',

			




	
	
	
		
 
                              'hg.register.manual_activate',

			




	
	
	
		
 
                              'repository.read']))

			




	
	
	
		
 
                              'repository.read', 'group.read']))

			




	
	
	
		
 

			




	
	
	
		
 
    def test_owner_permissions_doesnot_get_overwritten_by_group(self):

			




	
	
	
		
 
        #create repo as USER,

			




	
	
	
		
 
        self.test_repo = repo = RepoModel().create_repo(repo_name='myownrepo',

			




	
	
	
		
 
                                repo_type='hg',

			




	
	
	
		
 
                                description='desc',

			




	
	
	
		
 
                                owner=self.u1)

			




	
	
	
		
 

			




	
	
	
		
 
        Session().commit()

			




	
	
	
		
 
        #he has permissions of admin as owner

			




	
	
	
		
 
        u1_auth = AuthUser(user_id=self.u1.user_id)

			




	
	
	
		
 
        self.assertEqual(u1_auth.permissions['repositories']['myownrepo'],

			




	
	
	
		
 
                         'repository.admin')

			




	
	
	
		
 
        #set his permission as users group, he should still be admin

			




	
	
	
		
 
        self.ug1 = UsersGroupModel().create('G1')

			




	
	
	
		
 
        # add user to group

			




	
	
	
		
 
        UsersGroupModel().add_user_to_group(self.ug1, self.u1)

			




	
	
	
		
 
        RepoModel().grant_users_group_permission(repo, group_name=self.ug1,

			




	
	
	
		
 
                                                 perm='repository.none')

			




	
	
	
		
 

			




	
	
	
		
 
        Session().commit()

			




	
	
	
		
 
        u1_auth = AuthUser(user_id=self.u1.user_id)

			




	
	
	
		
 
        self.assertEqual(u1_auth.permissions['repositories']['myownrepo'],

			




	
	
	
		
 
                         'repository.admin')

			




	
	
	
		
 

			




	
	
	
		
 
    def test_owner_permissions_doesnot_get_overwritten_by_others(self):

			




	
	
	
		
 
        #create repo as USER,

			




	
	
	
		
 
        self.test_repo = repo = RepoModel().create_repo(repo_name='myownrepo',

			




	
	
	
		
 
                                repo_type='hg',

			




	
	
	
		
 
                                description='desc',

			




	
	
	
		
 
                                owner=self.u1)

			




	
	
	
		
 

			




	
	
	
		
 
        Session().commit()

			




	
	
	
		
 
        #he has permissions of admin as owner

			




	
	
	
		
 
        u1_auth = AuthUser(user_id=self.u1.user_id)

			




	
	
	
		
 
        self.assertEqual(u1_auth.permissions['repositories']['myownrepo'],

			




	
	
	
		
 
                         'repository.admin')

			




	
	
	
		
 
        #set his permission as user, he should still be admin

			




	
	
	
		
 
        RepoModel().grant_user_permission(repo, user=self.u1,

			




	
	
	
		
 
                                          perm='repository.none')

			




	
	
	
		
 
        Session().commit()

			




	
	
	
		
 
        u1_auth = AuthUser(user_id=self.u1.user_id)

			




	
	
	
		
 
        self.assertEqual(u1_auth.permissions['repositories']['myownrepo'],

			




	
	
	
		
 
                         'repository.admin')

			




        

    



    


    



    



      

      





    
    0 comments (0 inline, 0 general)
    





    


  

  







  


    




    








    
        
    
    
        This site is powered by
            Kallithea 0.7.0,
        which is
        © 2010–2025 by various authors & licensed under GPLv3.