##// END OF EJS Templates
old style: navigation divs on file view are better inline
old style: navigation divs on file view are better inline

File last commit:

r4116:ffd45b18 rhodecode-2.2.5-gpl
r4156:555a351a rhodecode-2.2.5-gpl
Show More
test_permissions.py
532 lines | 23.8 KiB | text/x-python | PythonLexer
orginized test module...
r2527 from rhodecode.tests import *
more usage of fixture tools...
r3647 from rhodecode.tests.fixture import Fixture
Bradley M. Kuhn
Imported some of the GPLv3'd changes from RhodeCode v2.2.5....
r4116 from rhodecode.model.repo_group import RepoGroupModel
orginized test module...
r2527 from rhodecode.model.repo import RepoModel
fixed default permissions population during upgrades...
r3733 from rhodecode.model.db import RepoGroup, User, UserGroupRepoGroupToPerm,\
Permission, UserToPerm
orginized test module...
r2527 from rhodecode.model.user import UserModel
from rhodecode.model.meta import Session
Bradley M. Kuhn
Imported some of the GPLv3'd changes from RhodeCode v2.2.5....
r4116 from rhodecode.model.user_group import UserGroupModel
orginized test module...
r2527 from rhodecode.lib.auth import AuthUser
fixed default permissions population during upgrades...
r3733 from rhodecode.model.permission import PermissionModel
more usage of fixture tools...
r3647
fixture = Fixture()
orginized test module...
r2527
created basic TestClass for tests that does...
r3829 class TestPermissions(BaseTestCase):
orginized test module...
r2527 def __init__(self, methodName='runTest'):
super(TestPermissions, self).__init__(methodName=methodName)
Bradley M. Kuhn
Imported some of the GPLv3'd changes from RhodeCode v2.2.5....
r4116 @classmethod
def setUpClass(cls):
#recreate default user to get a clean start
PermissionModel().create_default_permissions(user=User.DEFAULT_USER,
force=True)
Session().commit()
orginized test module...
r2527 def setUp(self):
self.u1 = UserModel().create_or_update(
username=u'u1', password=u'qweqwe',
email=u'u1@rhodecode.org', firstname=u'u1', lastname=u'u1'
)
self.u2 = UserModel().create_or_update(
username=u'u2', password=u'qweqwe',
email=u'u2@rhodecode.org', firstname=u'u2', lastname=u'u2'
)
RhodeCode now has a option to explicitly set forking permissions. ref #508...
r2709 self.u3 = UserModel().create_or_update(
username=u'u3', password=u'qweqwe',
email=u'u3@rhodecode.org', firstname=u'u3', lastname=u'u3'
)
New default permissions definition for user group create
r3734 self.anon = User.get_default_user()
orginized test module...
r2527 self.a1 = UserModel().create_or_update(
username=u'a1', password=u'qweqwe',
email=u'a1@rhodecode.org', firstname=u'a1', lastname=u'a1', admin=True
)
Session().commit()
def tearDown(self):
if hasattr(self, 'test_repo'):
RepoModel().delete(repo=self.test_repo)
fixed #570 explicit users group permissions can overwrite owner permissions...
r2864
orginized test module...
r2527 UserModel().delete(self.u1)
UserModel().delete(self.u2)
RhodeCode now has a option to explicitly set forking permissions. ref #508...
r2709 UserModel().delete(self.u3)
orginized test module...
r2527 UserModel().delete(self.a1)
if hasattr(self, 'g1'):
Bradley M. Kuhn
Imported some of the GPLv3'd changes from RhodeCode v2.2.5....
r4116 RepoGroupModel().delete(self.g1.group_id)
orginized test module...
r2527 if hasattr(self, 'g2'):
Bradley M. Kuhn
Imported some of the GPLv3'd changes from RhodeCode v2.2.5....
r4116 RepoGroupModel().delete(self.g2.group_id)
orginized test module...
r2527
if hasattr(self, 'ug1'):
Mads Kiilerich
further cleanup of UsersGroup...
r3417 UserGroupModel().delete(self.ug1, force=True)
orginized test module...
r2527
Session().commit()
def test_default_perms_set(self):
u1_auth = AuthUser(user_id=self.u1.user_id)
perms = {
'repositories_groups': {},
'global': set([u'hg.create.repository', u'repository.read',
u'hg.register.manual_activate']),
'repositories': {u'vcs_test_hg': u'repository.read'}
}
self.assertEqual(u1_auth.permissions['repositories'][HG_REPO],
perms['repositories'][HG_REPO])
new_perm = 'repository.write'
RepoModel().grant_user_permission(repo=HG_REPO, user=self.u1,
perm=new_perm)
Session().commit()
u1_auth = AuthUser(user_id=self.u1.user_id)
self.assertEqual(u1_auth.permissions['repositories'][HG_REPO],
new_perm)
def test_default_admin_perms_set(self):
a1_auth = AuthUser(user_id=self.a1.user_id)
perms = {
'repositories_groups': {},
Bradley M. Kuhn
Imported some of the GPLv3'd changes from RhodeCode v2.2.5....
r4116 'global': set([u'hg.admin', 'hg.create.write_on_repogroup.true']),
orginized test module...
r2527 'repositories': {u'vcs_test_hg': u'repository.admin'}
}
self.assertEqual(a1_auth.permissions['repositories'][HG_REPO],
perms['repositories'][HG_REPO])
new_perm = 'repository.write'
RepoModel().grant_user_permission(repo=HG_REPO, user=self.a1,
perm=new_perm)
Session().commit()
Fixed spelling of get's to gets
r4089 # cannot really downgrade admins permissions !? they still gets set as
orginized test module...
r2527 # admin !
u1_auth = AuthUser(user_id=self.a1.user_id)
self.assertEqual(u1_auth.permissions['repositories'][HG_REPO],
perms['repositories'][HG_REPO])
def test_default_group_perms(self):
Bradley M. Kuhn
Imported some of the GPLv3'd changes from RhodeCode v2.2.5....
r4116 self.g1 = fixture.create_repo_group('test1', skip_if_exists=True)
self.g2 = fixture.create_repo_group('test2', skip_if_exists=True)
orginized test module...
r2527 u1_auth = AuthUser(user_id=self.u1.user_id)
perms = {
'repositories_groups': {u'test1': 'group.read', u'test2': 'group.read'},
fixed default permissions population during upgrades...
r3733 'global': set(Permission.DEFAULT_USER_PERMISSIONS),
orginized test module...
r2527 'repositories': {u'vcs_test_hg': u'repository.read'}
}
self.assertEqual(u1_auth.permissions['repositories'][HG_REPO],
perms['repositories'][HG_REPO])
self.assertEqual(u1_auth.permissions['repositories_groups'],
perms['repositories_groups'])
fixed default permissions population during upgrades...
r3733 self.assertEqual(u1_auth.permissions['global'],
perms['global'])
orginized test module...
r2527
def test_default_admin_group_perms(self):
Bradley M. Kuhn
Imported some of the GPLv3'd changes from RhodeCode v2.2.5....
r4116 self.g1 = fixture.create_repo_group('test1', skip_if_exists=True)
self.g2 = fixture.create_repo_group('test2', skip_if_exists=True)
orginized test module...
r2527 a1_auth = AuthUser(user_id=self.a1.user_id)
perms = {
'repositories_groups': {u'test1': 'group.admin', u'test2': 'group.admin'},
Bradley M. Kuhn
Imported some of the GPLv3'd changes from RhodeCode v2.2.5....
r4116 'global': set(['hg.admin', 'hg.create.write_on_repogroup.true']),
orginized test module...
r2527 'repositories': {u'vcs_test_hg': 'repository.admin'}
}
self.assertEqual(a1_auth.permissions['repositories'][HG_REPO],
perms['repositories'][HG_REPO])
self.assertEqual(a1_auth.permissions['repositories_groups'],
perms['repositories_groups'])
RhodeCode now has a option to explicitly set forking permissions. ref #508...
r2709 def test_propagated_permission_from_users_group_by_explicit_perms_exist(self):
orginized test module...
r2527 # make group
- Manage User’s Groups: create, delete, rename, add/remove users inside....
r3714 self.ug1 = fixture.create_user_group('G1')
Mads Kiilerich
further cleanup of UsersGroup...
r3417 UserGroupModel().add_user_to_group(self.ug1, self.u1)
orginized test module...
r2527
# set permission to lower
new_perm = 'repository.none'
RepoModel().grant_user_permission(repo=HG_REPO, user=self.u1, perm=new_perm)
Session().commit()
u1_auth = AuthUser(user_id=self.u1.user_id)
self.assertEqual(u1_auth.permissions['repositories'][HG_REPO],
new_perm)
RhodeCode now has a option to explicitly set forking permissions. ref #508...
r2709 # grant perm for group this should not override permission from user
# since it has explicitly set
new_perm_gr = 'repository.write'
Bradley M. Kuhn
Imported some of the GPLv3'd changes from RhodeCode v2.2.5....
r4116 RepoModel().grant_user_group_permission(repo=HG_REPO,
orginized test module...
r2527 group_name=self.ug1,
RhodeCode now has a option to explicitly set forking permissions. ref #508...
r2709 perm=new_perm_gr)
orginized test module...
r2527 # check perms
u1_auth = AuthUser(user_id=self.u1.user_id)
perms = {
'repositories_groups': {},
'global': set([u'hg.create.repository', u'repository.read',
u'hg.register.manual_activate']),
'repositories': {u'vcs_test_hg': u'repository.read'}
}
self.assertEqual(u1_auth.permissions['repositories'][HG_REPO],
new_perm)
self.assertEqual(u1_auth.permissions['repositories_groups'],
perms['repositories_groups'])
RhodeCode now has a option to explicitly set forking permissions. ref #508...
r2709 def test_propagated_permission_from_users_group(self):
# make group
- Manage User’s Groups: create, delete, rename, add/remove users inside....
r3714 self.ug1 = fixture.create_user_group('G1')
Mads Kiilerich
further cleanup of UsersGroup...
r3417 UserGroupModel().add_user_to_group(self.ug1, self.u3)
RhodeCode now has a option to explicitly set forking permissions. ref #508...
r2709
# grant perm for group this should override default permission from user
new_perm_gr = 'repository.write'
Bradley M. Kuhn
Imported some of the GPLv3'd changes from RhodeCode v2.2.5....
r4116 RepoModel().grant_user_group_permission(repo=HG_REPO,
RhodeCode now has a option to explicitly set forking permissions. ref #508...
r2709 group_name=self.ug1,
perm=new_perm_gr)
# check perms
u3_auth = AuthUser(user_id=self.u3.user_id)
perms = {
'repositories_groups': {},
'global': set([u'hg.create.repository', u'repository.read',
u'hg.register.manual_activate']),
'repositories': {u'vcs_test_hg': u'repository.read'}
}
self.assertEqual(u3_auth.permissions['repositories'][HG_REPO],
new_perm_gr)
self.assertEqual(u3_auth.permissions['repositories_groups'],
perms['repositories_groups'])
orginized test module...
r2527 def test_propagated_permission_from_users_group_lower_weight(self):
# make group
- Manage User’s Groups: create, delete, rename, add/remove users inside....
r3714 self.ug1 = fixture.create_user_group('G1')
orginized test module...
r2527 # add user to group
Mads Kiilerich
further cleanup of UsersGroup...
r3417 UserGroupModel().add_user_to_group(self.ug1, self.u1)
orginized test module...
r2527
# set permission to lower
new_perm_h = 'repository.write'
RepoModel().grant_user_permission(repo=HG_REPO, user=self.u1,
perm=new_perm_h)
Session().commit()
u1_auth = AuthUser(user_id=self.u1.user_id)
self.assertEqual(u1_auth.permissions['repositories'][HG_REPO],
new_perm_h)
# grant perm for group this should NOT override permission from user
# since it's lower than granted
new_perm_l = 'repository.read'
Bradley M. Kuhn
Imported some of the GPLv3'd changes from RhodeCode v2.2.5....
r4116 RepoModel().grant_user_group_permission(repo=HG_REPO,
orginized test module...
r2527 group_name=self.ug1,
perm=new_perm_l)
# check perms
u1_auth = AuthUser(user_id=self.u1.user_id)
perms = {
'repositories_groups': {},
'global': set([u'hg.create.repository', u'repository.read',
u'hg.register.manual_activate']),
'repositories': {u'vcs_test_hg': u'repository.write'}
}
self.assertEqual(u1_auth.permissions['repositories'][HG_REPO],
new_perm_h)
self.assertEqual(u1_auth.permissions['repositories_groups'],
perms['repositories_groups'])
def test_repo_in_group_permissions(self):
Bradley M. Kuhn
Imported some of the GPLv3'd changes from RhodeCode v2.2.5....
r4116 self.g1 = fixture.create_repo_group('group1', skip_if_exists=True)
self.g2 = fixture.create_repo_group('group2', skip_if_exists=True)
orginized test module...
r2527 # both perms should be read !
u1_auth = AuthUser(user_id=self.u1.user_id)
self.assertEqual(u1_auth.permissions['repositories_groups'],
{u'group1': u'group.read', u'group2': u'group.read'})
a1_auth = AuthUser(user_id=self.anon.user_id)
self.assertEqual(a1_auth.permissions['repositories_groups'],
{u'group1': u'group.read', u'group2': u'group.read'})
#Change perms to none for both groups
Bradley M. Kuhn
Imported some of the GPLv3'd changes from RhodeCode v2.2.5....
r4116 RepoGroupModel().grant_user_permission(repo_group=self.g1,
user=self.anon,
perm='group.none')
RepoGroupModel().grant_user_permission(repo_group=self.g2,
user=self.anon,
perm='group.none')
orginized test module...
r2527
u1_auth = AuthUser(user_id=self.u1.user_id)
self.assertEqual(u1_auth.permissions['repositories_groups'],
{u'group1': u'group.none', u'group2': u'group.none'})
a1_auth = AuthUser(user_id=self.anon.user_id)
self.assertEqual(a1_auth.permissions['repositories_groups'],
{u'group1': u'group.none', u'group2': u'group.none'})
# add repo to group
name = RepoGroup.url_sep().join([self.g1.group_name, 'test_perm'])
more usage of fixture tools...
r3647 self.test_repo = fixture.create_repo(name=name,
repo_type='hg',
Bradley M. Kuhn
Imported some of the GPLv3'd changes from RhodeCode v2.2.5....
r4116 repo_group=self.g1,
more usage of fixture tools...
r3647 cur_user=self.u1,)
orginized test module...
r2527
u1_auth = AuthUser(user_id=self.u1.user_id)
self.assertEqual(u1_auth.permissions['repositories_groups'],
{u'group1': u'group.none', u'group2': u'group.none'})
a1_auth = AuthUser(user_id=self.anon.user_id)
self.assertEqual(a1_auth.permissions['repositories_groups'],
{u'group1': u'group.none', u'group2': u'group.none'})
#grant permission for u2 !
Bradley M. Kuhn
Imported some of the GPLv3'd changes from RhodeCode v2.2.5....
r4116 RepoGroupModel().grant_user_permission(repo_group=self.g1, user=self.u2,
perm='group.read')
RepoGroupModel().grant_user_permission(repo_group=self.g2, user=self.u2,
perm='group.read')
orginized test module...
r2527 Session().commit()
self.assertNotEqual(self.u1, self.u2)
#u1 and anon should have not change perms while u2 should !
u1_auth = AuthUser(user_id=self.u1.user_id)
self.assertEqual(u1_auth.permissions['repositories_groups'],
{u'group1': u'group.none', u'group2': u'group.none'})
u2_auth = AuthUser(user_id=self.u2.user_id)
self.assertEqual(u2_auth.permissions['repositories_groups'],
{u'group1': u'group.read', u'group2': u'group.read'})
a1_auth = AuthUser(user_id=self.anon.user_id)
self.assertEqual(a1_auth.permissions['repositories_groups'],
{u'group1': u'group.none', u'group2': u'group.none'})
def test_repo_group_user_as_user_group_member(self):
# create Group1
Bradley M. Kuhn
Imported some of the GPLv3'd changes from RhodeCode v2.2.5....
r4116 self.g1 = fixture.create_repo_group('group1', skip_if_exists=True)
orginized test module...
r2527 a1_auth = AuthUser(user_id=self.anon.user_id)
self.assertEqual(a1_auth.permissions['repositories_groups'],
{u'group1': u'group.read'})
# set default permission to none
Bradley M. Kuhn
Imported some of the GPLv3'd changes from RhodeCode v2.2.5....
r4116 RepoGroupModel().grant_user_permission(repo_group=self.g1,
user=self.anon,
perm='group.none')
orginized test module...
r2527 # make group
- Manage User’s Groups: create, delete, rename, add/remove users inside....
r3714 self.ug1 = fixture.create_user_group('G1')
orginized test module...
r2527 # add user to group
Mads Kiilerich
further cleanup of UsersGroup...
r3417 UserGroupModel().add_user_to_group(self.ug1, self.u1)
orginized test module...
r2527 Session().commit()
# check if user is in the group
Mads Kiilerich
further cleanup of UsersGroup...
r3417 membrs = [x.user_id for x in UserGroupModel().get(self.ug1.users_group_id).members]
orginized test module...
r2527 self.assertEqual(membrs, [self.u1.user_id])
# add some user to that group
# check his permissions
a1_auth = AuthUser(user_id=self.anon.user_id)
self.assertEqual(a1_auth.permissions['repositories_groups'],
{u'group1': u'group.none'})
u1_auth = AuthUser(user_id=self.u1.user_id)
self.assertEqual(u1_auth.permissions['repositories_groups'],
{u'group1': u'group.none'})
# grant ug1 read permissions for
Bradley M. Kuhn
Imported some of the GPLv3'd changes from RhodeCode v2.2.5....
r4116 RepoGroupModel().grant_user_group_permission(repo_group=self.g1,
group_name=self.ug1,
perm='group.read')
orginized test module...
r2527 Session().commit()
# check if the
Mads Kiilerich
further cleanup of UsersGroup...
r3417 obj = Session().query(UserGroupRepoGroupToPerm)\
.filter(UserGroupRepoGroupToPerm.group == self.g1)\
.filter(UserGroupRepoGroupToPerm.users_group == self.ug1)\
orginized test module...
r2527 .scalar()
self.assertEqual(obj.permission.permission_name, 'group.read')
a1_auth = AuthUser(user_id=self.anon.user_id)
self.assertEqual(a1_auth.permissions['repositories_groups'],
{u'group1': u'group.none'})
u1_auth = AuthUser(user_id=self.u1.user_id)
self.assertEqual(u1_auth.permissions['repositories_groups'],
{u'group1': u'group.read'})
RhodeCode now has a option to explicitly set forking permissions. ref #508...
r2709
def test_inherited_permissions_from_default_on_user_enabled(self):
user_model = UserModel()
# enable fork and create on default user
usr = 'default'
user_model.revoke_perm(usr, 'hg.create.none')
user_model.grant_perm(usr, 'hg.create.repository')
user_model.revoke_perm(usr, 'hg.fork.none')
user_model.grant_perm(usr, 'hg.fork.repository')
# make sure inherit flag is turned on
self.u1.inherit_default_permissions = True
Session().commit()
u1_auth = AuthUser(user_id=self.u1.user_id)
# this user will have inherited permissions from default user
self.assertEqual(u1_auth.permissions['global'],
set(['hg.create.repository', 'hg.fork.repository',
'hg.register.manual_activate',
fixed tests
r3787 'hg.extern_activate.auto',
fixed default permissions population during upgrades...
r3733 'repository.read', 'group.read',
Bradley M. Kuhn
Imported some of the GPLv3'd changes from RhodeCode v2.2.5....
r4116 'usergroup.read', 'hg.create.write_on_repogroup.true']))
RhodeCode now has a option to explicitly set forking permissions. ref #508...
r2709
def test_inherited_permissions_from_default_on_user_disabled(self):
user_model = UserModel()
# disable fork and create on default user
usr = 'default'
user_model.revoke_perm(usr, 'hg.create.repository')
user_model.grant_perm(usr, 'hg.create.none')
user_model.revoke_perm(usr, 'hg.fork.repository')
user_model.grant_perm(usr, 'hg.fork.none')
# make sure inherit flag is turned on
self.u1.inherit_default_permissions = True
Session().commit()
u1_auth = AuthUser(user_id=self.u1.user_id)
# this user will have inherited permissions from default user
self.assertEqual(u1_auth.permissions['global'],
set(['hg.create.none', 'hg.fork.none',
'hg.register.manual_activate',
fixed tests
r3787 'hg.extern_activate.auto',
fixed default permissions population during upgrades...
r3733 'repository.read', 'group.read',
Bradley M. Kuhn
Imported some of the GPLv3'd changes from RhodeCode v2.2.5....
r4116 'usergroup.read', 'hg.create.write_on_repogroup.true']))
RhodeCode now has a option to explicitly set forking permissions. ref #508...
r2709
def test_non_inherited_permissions_from_default_on_user_enabled(self):
user_model = UserModel()
# enable fork and create on default user
usr = 'default'
user_model.revoke_perm(usr, 'hg.create.none')
user_model.grant_perm(usr, 'hg.create.repository')
user_model.revoke_perm(usr, 'hg.fork.none')
user_model.grant_perm(usr, 'hg.fork.repository')
#disable global perms on specific user
user_model.revoke_perm(self.u1, 'hg.create.repository')
user_model.grant_perm(self.u1, 'hg.create.none')
user_model.revoke_perm(self.u1, 'hg.fork.repository')
user_model.grant_perm(self.u1, 'hg.fork.none')
# make sure inherit flag is turned off
self.u1.inherit_default_permissions = False
Session().commit()
u1_auth = AuthUser(user_id=self.u1.user_id)
# this user will have non inherited permissions from he's
# explicitly set permissions
self.assertEqual(u1_auth.permissions['global'],
set(['hg.create.none', 'hg.fork.none',
'hg.register.manual_activate',
fixed tests
r3787 'hg.extern_activate.auto',
fixed default permissions population during upgrades...
r3733 'repository.read', 'group.read',
Bradley M. Kuhn
Imported some of the GPLv3'd changes from RhodeCode v2.2.5....
r4116 'usergroup.read', 'hg.create.write_on_repogroup.true']))
RhodeCode now has a option to explicitly set forking permissions. ref #508...
r2709
def test_non_inherited_permissions_from_default_on_user_disabled(self):
user_model = UserModel()
# disable fork and create on default user
usr = 'default'
user_model.revoke_perm(usr, 'hg.create.repository')
user_model.grant_perm(usr, 'hg.create.none')
user_model.revoke_perm(usr, 'hg.fork.repository')
user_model.grant_perm(usr, 'hg.fork.none')
#enable global perms on specific user
user_model.revoke_perm(self.u1, 'hg.create.none')
user_model.grant_perm(self.u1, 'hg.create.repository')
user_model.revoke_perm(self.u1, 'hg.fork.none')
user_model.grant_perm(self.u1, 'hg.fork.repository')
# make sure inherit flag is turned off
self.u1.inherit_default_permissions = False
Session().commit()
u1_auth = AuthUser(user_id=self.u1.user_id)
# this user will have non inherited permissions from he's
# explicitly set permissions
self.assertEqual(u1_auth.permissions['global'],
set(['hg.create.repository', 'hg.fork.repository',
'hg.register.manual_activate',
fixed tests
r3787 'hg.extern_activate.auto',
fixed default permissions population during upgrades...
r3733 'repository.read', 'group.read',
Bradley M. Kuhn
Imported some of the GPLv3'd changes from RhodeCode v2.2.5....
r4116 'usergroup.read', 'hg.create.write_on_repogroup.true']))
fixed #570 explicit users group permissions can overwrite owner permissions...
r2864
def test_owner_permissions_doesnot_get_overwritten_by_group(self):
#create repo as USER,
more usage of fixture tools...
r3647 self.test_repo = fixture.create_repo(name='myownrepo',
repo_type='hg',
cur_user=self.u1)
fixed #570 explicit users group permissions can overwrite owner permissions...
r2864
#he has permissions of admin as owner
u1_auth = AuthUser(user_id=self.u1.user_id)
self.assertEqual(u1_auth.permissions['repositories']['myownrepo'],
'repository.admin')
fixed tests and missing replacements from 5f1850e4712a
r3415 #set his permission as user group, he should still be admin
- Manage User’s Groups: create, delete, rename, add/remove users inside....
r3714 self.ug1 = fixture.create_user_group('G1')
Mads Kiilerich
further cleanup of UsersGroup...
r3417 UserGroupModel().add_user_to_group(self.ug1, self.u1)
Bradley M. Kuhn
Imported some of the GPLv3'd changes from RhodeCode v2.2.5....
r4116 RepoModel().grant_user_group_permission(self.test_repo,
more usage of fixture tools...
r3647 group_name=self.ug1,
fixed #570 explicit users group permissions can overwrite owner permissions...
r2864 perm='repository.none')
Session().commit()
u1_auth = AuthUser(user_id=self.u1.user_id)
self.assertEqual(u1_auth.permissions['repositories']['myownrepo'],
'repository.admin')
def test_owner_permissions_doesnot_get_overwritten_by_others(self):
#create repo as USER,
more usage of fixture tools...
r3647 self.test_repo = fixture.create_repo(name='myownrepo',
repo_type='hg',
cur_user=self.u1)
fixed #570 explicit users group permissions can overwrite owner permissions...
r2864
#he has permissions of admin as owner
u1_auth = AuthUser(user_id=self.u1.user_id)
self.assertEqual(u1_auth.permissions['repositories']['myownrepo'],
'repository.admin')
#set his permission as user, he should still be admin
more usage of fixture tools...
r3647 RepoModel().grant_user_permission(self.test_repo, user=self.u1,
fixed #570 explicit users group permissions can overwrite owner permissions...
r2864 perm='repository.none')
Session().commit()
u1_auth = AuthUser(user_id=self.u1.user_id)
self.assertEqual(u1_auth.permissions['repositories']['myownrepo'],
'repository.admin')
fixed default permissions population during upgrades...
r3733
def _test_def_perm_equal(self, user, change_factor=0):
perms = UserToPerm.query()\
.filter(UserToPerm.user == user)\
.all()
self.assertEqual(len(perms),
len(Permission.DEFAULT_USER_PERMISSIONS,)+change_factor,
msg=perms)
def test_set_default_permissions(self):
PermissionModel().create_default_permissions(user=self.u1)
self._test_def_perm_equal(user=self.u1)
def test_set_default_permissions_after_one_is_missing(self):
PermissionModel().create_default_permissions(user=self.u1)
self._test_def_perm_equal(user=self.u1)
#now we delete one, it should be re-created after another call
perms = UserToPerm.query()\
.filter(UserToPerm.user == self.u1)\
.all()
Session().delete(perms[0])
Session().commit()
self._test_def_perm_equal(user=self.u1, change_factor=-1)
#create missing one !
PermissionModel().create_default_permissions(user=self.u1)
self._test_def_perm_equal(user=self.u1)
@parameterized.expand([
('repository.read', 'repository.none'),
('group.read', 'group.none'),
('usergroup.read', 'usergroup.none'),
('hg.create.repository', 'hg.create.none'),
('hg.fork.repository', 'hg.fork.none'),
('hg.register.manual_activate', 'hg.register.auto_activate',)
])
def test_set_default_permissions_after_modification(self, perm, modify_to):
PermissionModel().create_default_permissions(user=self.u1)
self._test_def_perm_equal(user=self.u1)
old = Permission.get_by_key(perm)
new = Permission.get_by_key(modify_to)
self.assertNotEqual(old, None)
self.assertNotEqual(new, None)
#now modify permissions
p = UserToPerm.query()\
.filter(UserToPerm.user == self.u1)\
.filter(UserToPerm.permission == old)\
.one()
p.permission = new
Session().add(p)
Session().commit()
PermissionModel().create_default_permissions(user=self.u1)
self._test_def_perm_equal(user=self.u1)