Secure your code as it's written. Use Snyk Code to scan source code in minutes - no build needed - and fix issues immediately.
def test_nested_groups(self):
self.add_some_groups()
root = get_root()
child = root[u'child']
grandchild = child[u'grandchild']
# Check bob's groups on every level:
self.assertEqual(list_groups('bob', root), ['group:bobsgroup'])
self.assertEqual(
set(list_groups('bob', child)),
set(['group:bobsgroup', 'group:franksgroup', 'role:editor'])
)
self.assertEqual(
set(list_groups('bob', grandchild)),
set(['group:bobsgroup', 'group:franksgroup', 'role:editor',
'role:owner'])
)
# Check group:franksgroup groups on every level:
self.assertEqual(
set(list_groups('frank', root)),
set(['group:franksgroup', 'role:editor'])
)
self.assertEqual(
set(list_groups('frank', child)),
set(['group:franksgroup', 'role:editor'])
)
self.assertEqual(
set(list_groups('frank', grandchild)),
set(['group:franksgroup', 'role:editor', 'role:owner',
def test_simple(self):
root = get_root()
set_groups('bob', root, ['role:editor'])
self.assertEqual(
list_groups('bob', root), ['role:editor'])
self.assertEqual(
list_groups_raw(u'bob', root), set(['role:editor']))
def test_nested_groups(self):
self.add_some_groups()
root = get_root()
child = root[u'child']
grandchild = child[u'grandchild']
# Check bob's groups on every level:
self.assertEqual(list_groups('bob', root), ['group:bobsgroup'])
self.assertEqual(
set(list_groups('bob', child)),
set(['group:bobsgroup', 'group:franksgroup', 'role:editor'])
)
self.assertEqual(
set(list_groups('bob', grandchild)),
set(['group:bobsgroup', 'group:franksgroup', 'role:editor',
'role:owner'])
)
# Check group:franksgroup groups on every level:
self.assertEqual(
set(list_groups('frank', root)),
set(['group:franksgroup', 'role:editor'])
)
self.assertEqual(
set(list_groups('frank', child)),
set(['group:franksgroup', 'role:editor'])
users_manage(root, request)
self.assertEqual(request.session.pop_flash('notice'),
[u'No changes made.'])
self.assertEqual(list_groups('bob'), [])
bob.groups = [u'role:special']
request.params['role::bob::role:owner'] = u'1'
request.params['role::bob::role:editor'] = u'1'
request.params['orig-role::bob::role:owner'] = u''
request.params['orig-role::bob::role:editor'] = u''
users_manage(root, request)
self.assertEqual(request.session.pop_flash('success'),
[u'Your changes have been saved.'])
self.assertEqual(
set(list_groups('bob')),
set(['role:owner', 'role:editor', 'role:special'])
)
def test_apply(self):
from kotti.views.users import share_node
root = get_root()
request = DummyRequest()
self.add_some_principals()
request.params['apply'] = u''
share_node(root, request)
self.assertEqual(request.session.pop_flash('notice'),
[u'No changes made.'])
self.assertEqual(list_groups('bob', root), [])
set_groups('bob', root, ['role:special'])
request.params['role::bob::role:owner'] = u'1'
request.params['role::bob::role:editor'] = u'1'
request.params['orig-role::bob::role:owner'] = u''
request.params['orig-role::bob::role:editor'] = u''
share_node(root, request)
self.assertEqual(request.session.pop_flash('success'),
[u'Your changes have been saved.'])
self.assertEqual(
set(list_groups('bob', root)),
set(['role:owner', 'role:editor', 'role:special'])
)
# We cannot set a role that's not displayed, even if we forged
def test_root_default(self):
root = get_root()
self.assertEqual(list_groups('admin', root), ['role:admin'])
self.assertEqual(list_groups_raw(u'admin', root), set([]))
def test_groups_from_users(self):
self.make_bob()
session = DBSession()
root = get_root()
child = root[u'child'] = Node()
session.flush()
self.assertEqual(list_groups('bob', root), ['group:bobsgroup'])
set_groups('group:bobsgroup', root, ['role:editor'])
set_groups('role:editor', child, ['group:foogroup'])
self.assertEqual(
set(list_groups('bob', root)),
set(['group:bobsgroup', 'role:editor'])
)
self.assertEqual(
set(list_groups('bob', child)),
set(['group:bobsgroup', 'role:editor', 'group:foogroup'])
)
# Check bob's groups on every level:
self.assertEqual(list_groups('bob', root), ['group:bobsgroup'])
self.assertEqual(
set(list_groups('bob', child)),
set(['group:bobsgroup', 'group:franksgroup', 'role:editor'])
)
self.assertEqual(
set(list_groups('bob', grandchild)),
set(['group:bobsgroup', 'group:franksgroup', 'role:editor',
'role:owner'])
)
# Check group:franksgroup groups on every level:
self.assertEqual(
set(list_groups('frank', root)),
set(['group:franksgroup', 'role:editor'])
)
self.assertEqual(
set(list_groups('frank', child)),
set(['group:franksgroup', 'role:editor'])
)
self.assertEqual(
set(list_groups('frank', grandchild)),
set(['group:franksgroup', 'role:editor', 'role:owner',
'group:bobsgroup'])
)
# Sometimes it's useful to know which of the groups were
# inherited, that's what 'list_groups_ext' is for:
groups, inherited = list_groups_ext('bob', root)
self.assertEqual(groups, ['group:bobsgroup'])
share_node(root, request)
self.assertEqual(request.session.pop_flash('success'),
[u'Your changes have been saved.'])
self.assertEqual(
set(list_groups('bob', root)),
set(['role:owner', 'role:editor', 'role:special'])
)
# We cannot set a role that's not displayed, even if we forged
# the request:
request.params['role::bob::role:admin'] = u'1'
request.params['orig-role::bob::role:admin'] = u''
self.assertRaises(Forbidden, share_node, root, request)
self.assertEqual(
set(list_groups('bob', root)),
set(['role:owner', 'role:editor', 'role:special'])
)
def test_apply(self):
from kotti.views.users import users_manage
root = get_root()
request = DummyRequest()
TestNodeShare.add_some_principals()
bob = get_principals()[u'bob']
request.params['apply'] = u''
users_manage(root, request)
self.assertEqual(request.session.pop_flash('notice'),
[u'No changes made.'])
self.assertEqual(list_groups('bob'), [])
bob.groups = [u'role:special']
request.params['role::bob::role:owner'] = u'1'
request.params['role::bob::role:editor'] = u'1'
request.params['orig-role::bob::role:owner'] = u''
request.params['orig-role::bob::role:editor'] = u''
users_manage(root, request)
self.assertEqual(request.session.pop_flash('success'),
[u'Your changes have been saved.'])
self.assertEqual(
set(list_groups('bob')),
set(['role:owner', 'role:editor', 'role:special'])
)