Mercurial > gemma
view schema/auth_tests.sql @ 1234:1a5564655f2a
refac: Sidebar reorganized
In order to make context switches between administrative tasks
which are map related and those which are system related, we now have
a category "administration" and "systemadministration".
The Riverbedmorphology does nothing than display the map, so it is
renamed to that (map). In case the context of "systemadministration"
is chosen, the "map" brings you just back to the map.
| author | Thomas Junk <thomas.junk@intevation.de> |
|---|---|
| date | Tue, 20 Nov 2018 09:54:53 +0100 |
| parents | 642df1164aca |
| children | 6590208e3ee1 |
line wrap: on
line source
-- -- pgTAP test script for privileges and RLS policies -- -- -- Run tests as unprivileged user -- SET SESSION AUTHORIZATION test_user_at; SELECT throws_ok('CREATE TABLE test()', 42501, NULL, 'No objects can be created'); SELECT isnt_empty('SELECT * FROM waterway.bottlenecks', 'Staged data should be visible'); SELECT is_empty('SELECT * FROM waterway.bottlenecks WHERE NOT staging_done', 'Only staged data should be visible'); SELECT isnt_empty('SELECT * FROM users.templates', 'User should see templates associated to him'); SELECT is_empty('SELECT * FROM users.templates JOIN users.user_templates USING (template_name) WHERE username <> current_user', 'User should only see templates associated to him'); -- -- Run tests as waterway administrator -- SET SESSION AUTHORIZATION test_admin_at; PREPARE bn_insert (varchar, geometry(POLYGON, 4326)) AS INSERT INTO waterway.bottlenecks ( bottleneck_id, fk_g_fid, stretch, area, rb, lb, responsible_country, revisiting_time, limiting, source_organization) VALUES ( $1, ('AT', 'XXX', '00001', 'G0001', 1)::isrs, isrsrange(('AT', 'XXX', '00001', '00000', 0)::isrs, ('AT', 'XXX', '00001', '00000', 2)::isrs), $2, 'AT', 'AT', 'AT', 1, 'depth', 'testorganization' ); SELECT lives_ok('EXECUTE bn_insert( ''test1'', ST_geomfromtext(''POLYGON((0 0, 0 1, 1 1, 1 0, 0 0))'', 4326))', 'Waterway admin can insert data within his region'); SELECT throws_ok('EXECUTE bn_insert( ''test2'', ST_geomfromtext(''POLYGON((1 0, 1 1, 2 1, 2 0, 1 0))'', 4326))', 42501, NULL, 'Waterway admin cannot insert data outside his region'); -- template management SELECT isnt_empty('SELECT * FROM users.templates JOIN users.user_templates USING (template_name) WHERE username <> current_user', 'Waterway admin should see templates of other users'); SELECT lives_ok('INSERT INTO users.templates (template_name, template_data) VALUES (''New AT'', ''\x''); INSERT INTO users.user_templates VALUES (''test_user_at'', ''New AT'')', 'Waterway admin can add templates for users in his country'); SELECT throws_ok('INSERT INTO users.user_templates VALUES (''waterway_user2'', ''AT'')', 42501, NULL, 'Waterway admin cannot add template for other country'); SELECT isnt_empty('UPDATE users.templates SET template_data = ''\xDABE'' WHERE template_name = ''AT'' RETURNING *', 'Waterway admin can alter templates for own country'); SELECT is_empty('UPDATE users.templates SET template_data = ''\xDABE'' WHERE template_name = ''RO'' RETURNING *', 'Waterway admin cannot alter templates for other country'); SELECT isnt_empty('DELETE FROM users.templates WHERE template_name = ''AT'' RETURNING *', 'Waterway admin can delete templates for own country'); SELECT is_empty('DELETE FROM users.templates WHERE template_name = ''RO'' RETURNING *', 'Waterway admin cannot delete templates for other country');