Mercurial > kallithea
annotate rhodecode/tests/models/test_permissions.py @ 3733:af049a957506 beta
fixed default permissions population during upgrades
- it often happen that introducing new permission
caused default permission to reset it's state to installation
default.
new version makes sure that only missing permissions are
created while leaving old defaults
author | Marcin Kuzminski <marcin@python-works.com> |
---|---|
date | Wed, 10 Apr 2013 02:55:21 +0200 |
parents | 7e3d89d9d3a2 |
children | a8f520540ab0 |
rev | line source |
---|---|
2527
95624ce4465f
orginized test module
Marcin Kuzminski <marcin@python-works.com>
parents:
diff
changeset
|
1 import os |
95624ce4465f
orginized test module
Marcin Kuzminski <marcin@python-works.com>
parents:
diff
changeset
|
2 import unittest |
95624ce4465f
orginized test module
Marcin Kuzminski <marcin@python-works.com>
parents:
diff
changeset
|
3 from rhodecode.tests import * |
3647
8a86836fad64
more usage of fixture tools
Marcin Kuzminski <marcin@python-works.com>
parents:
3417
diff
changeset
|
4 from rhodecode.tests.fixture import Fixture |
2527
95624ce4465f
orginized test module
Marcin Kuzminski <marcin@python-works.com>
parents:
diff
changeset
|
5 from rhodecode.model.repos_group import ReposGroupModel |
95624ce4465f
orginized test module
Marcin Kuzminski <marcin@python-works.com>
parents:
diff
changeset
|
6 from rhodecode.model.repo import RepoModel |
3733
af049a957506
fixed default permissions population during upgrades
Marcin Kuzminski <marcin@python-works.com>
parents:
3714
diff
changeset
|
7 from rhodecode.model.db import RepoGroup, User, UserGroupRepoGroupToPerm,\ |
af049a957506
fixed default permissions population during upgrades
Marcin Kuzminski <marcin@python-works.com>
parents:
3714
diff
changeset
|
8 Permission, UserToPerm |
2527
95624ce4465f
orginized test module
Marcin Kuzminski <marcin@python-works.com>
parents:
diff
changeset
|
9 from rhodecode.model.user import UserModel |
95624ce4465f
orginized test module
Marcin Kuzminski <marcin@python-works.com>
parents:
diff
changeset
|
10 |
95624ce4465f
orginized test module
Marcin Kuzminski <marcin@python-works.com>
parents:
diff
changeset
|
11 from rhodecode.model.meta import Session |
3417
fa6ba6727475
further cleanup of UsersGroup
Mads Kiilerich <madski@unity3d.com>
parents:
3415
diff
changeset
|
12 from rhodecode.model.users_group import UserGroupModel |
2527
95624ce4465f
orginized test module
Marcin Kuzminski <marcin@python-works.com>
parents:
diff
changeset
|
13 from rhodecode.lib.auth import AuthUser |
3733
af049a957506
fixed default permissions population during upgrades
Marcin Kuzminski <marcin@python-works.com>
parents:
3714
diff
changeset
|
14 from rhodecode.model.permission import PermissionModel |
3647
8a86836fad64
more usage of fixture tools
Marcin Kuzminski <marcin@python-works.com>
parents:
3417
diff
changeset
|
15 |
8a86836fad64
more usage of fixture tools
Marcin Kuzminski <marcin@python-works.com>
parents:
3417
diff
changeset
|
16 |
8a86836fad64
more usage of fixture tools
Marcin Kuzminski <marcin@python-works.com>
parents:
3417
diff
changeset
|
17 fixture = Fixture() |
2527
95624ce4465f
orginized test module
Marcin Kuzminski <marcin@python-works.com>
parents:
diff
changeset
|
18 |
95624ce4465f
orginized test module
Marcin Kuzminski <marcin@python-works.com>
parents:
diff
changeset
|
19 |
95624ce4465f
orginized test module
Marcin Kuzminski <marcin@python-works.com>
parents:
diff
changeset
|
20 class TestPermissions(unittest.TestCase): |
95624ce4465f
orginized test module
Marcin Kuzminski <marcin@python-works.com>
parents:
diff
changeset
|
21 def __init__(self, methodName='runTest'): |
95624ce4465f
orginized test module
Marcin Kuzminski <marcin@python-works.com>
parents:
diff
changeset
|
22 super(TestPermissions, self).__init__(methodName=methodName) |
95624ce4465f
orginized test module
Marcin Kuzminski <marcin@python-works.com>
parents:
diff
changeset
|
23 |
95624ce4465f
orginized test module
Marcin Kuzminski <marcin@python-works.com>
parents:
diff
changeset
|
24 def setUp(self): |
95624ce4465f
orginized test module
Marcin Kuzminski <marcin@python-works.com>
parents:
diff
changeset
|
25 self.u1 = UserModel().create_or_update( |
95624ce4465f
orginized test module
Marcin Kuzminski <marcin@python-works.com>
parents:
diff
changeset
|
26 username=u'u1', password=u'qweqwe', |
95624ce4465f
orginized test module
Marcin Kuzminski <marcin@python-works.com>
parents:
diff
changeset
|
27 email=u'u1@rhodecode.org', firstname=u'u1', lastname=u'u1' |
95624ce4465f
orginized test module
Marcin Kuzminski <marcin@python-works.com>
parents:
diff
changeset
|
28 ) |
95624ce4465f
orginized test module
Marcin Kuzminski <marcin@python-works.com>
parents:
diff
changeset
|
29 self.u2 = UserModel().create_or_update( |
95624ce4465f
orginized test module
Marcin Kuzminski <marcin@python-works.com>
parents:
diff
changeset
|
30 username=u'u2', password=u'qweqwe', |
95624ce4465f
orginized test module
Marcin Kuzminski <marcin@python-works.com>
parents:
diff
changeset
|
31 email=u'u2@rhodecode.org', firstname=u'u2', lastname=u'u2' |
95624ce4465f
orginized test module
Marcin Kuzminski <marcin@python-works.com>
parents:
diff
changeset
|
32 ) |
2709
d2d35cf2b351
RhodeCode now has a option to explicitly set forking permissions. ref #508
Marcin Kuzminski <marcin@python-works.com>
parents:
2529
diff
changeset
|
33 self.u3 = UserModel().create_or_update( |
d2d35cf2b351
RhodeCode now has a option to explicitly set forking permissions. ref #508
Marcin Kuzminski <marcin@python-works.com>
parents:
2529
diff
changeset
|
34 username=u'u3', password=u'qweqwe', |
d2d35cf2b351
RhodeCode now has a option to explicitly set forking permissions. ref #508
Marcin Kuzminski <marcin@python-works.com>
parents:
2529
diff
changeset
|
35 email=u'u3@rhodecode.org', firstname=u'u3', lastname=u'u3' |
d2d35cf2b351
RhodeCode now has a option to explicitly set forking permissions. ref #508
Marcin Kuzminski <marcin@python-works.com>
parents:
2529
diff
changeset
|
36 ) |
2527
95624ce4465f
orginized test module
Marcin Kuzminski <marcin@python-works.com>
parents:
diff
changeset
|
37 self.anon = User.get_by_username('default') |
95624ce4465f
orginized test module
Marcin Kuzminski <marcin@python-works.com>
parents:
diff
changeset
|
38 self.a1 = UserModel().create_or_update( |
95624ce4465f
orginized test module
Marcin Kuzminski <marcin@python-works.com>
parents:
diff
changeset
|
39 username=u'a1', password=u'qweqwe', |
95624ce4465f
orginized test module
Marcin Kuzminski <marcin@python-works.com>
parents:
diff
changeset
|
40 email=u'a1@rhodecode.org', firstname=u'a1', lastname=u'a1', admin=True |
95624ce4465f
orginized test module
Marcin Kuzminski <marcin@python-works.com>
parents:
diff
changeset
|
41 ) |
95624ce4465f
orginized test module
Marcin Kuzminski <marcin@python-works.com>
parents:
diff
changeset
|
42 Session().commit() |
95624ce4465f
orginized test module
Marcin Kuzminski <marcin@python-works.com>
parents:
diff
changeset
|
43 |
95624ce4465f
orginized test module
Marcin Kuzminski <marcin@python-works.com>
parents:
diff
changeset
|
44 def tearDown(self): |
95624ce4465f
orginized test module
Marcin Kuzminski <marcin@python-works.com>
parents:
diff
changeset
|
45 if hasattr(self, 'test_repo'): |
95624ce4465f
orginized test module
Marcin Kuzminski <marcin@python-works.com>
parents:
diff
changeset
|
46 RepoModel().delete(repo=self.test_repo) |
2864
5c1ad3b410e5
fixed #570 explicit users group permissions can overwrite owner permissions
Marcin Kuzminski <marcin@python-works.com>
parents:
2820
diff
changeset
|
47 |
2527
95624ce4465f
orginized test module
Marcin Kuzminski <marcin@python-works.com>
parents:
diff
changeset
|
48 UserModel().delete(self.u1) |
95624ce4465f
orginized test module
Marcin Kuzminski <marcin@python-works.com>
parents:
diff
changeset
|
49 UserModel().delete(self.u2) |
2709
d2d35cf2b351
RhodeCode now has a option to explicitly set forking permissions. ref #508
Marcin Kuzminski <marcin@python-works.com>
parents:
2529
diff
changeset
|
50 UserModel().delete(self.u3) |
2527
95624ce4465f
orginized test module
Marcin Kuzminski <marcin@python-works.com>
parents:
diff
changeset
|
51 UserModel().delete(self.a1) |
95624ce4465f
orginized test module
Marcin Kuzminski <marcin@python-works.com>
parents:
diff
changeset
|
52 if hasattr(self, 'g1'): |
95624ce4465f
orginized test module
Marcin Kuzminski <marcin@python-works.com>
parents:
diff
changeset
|
53 ReposGroupModel().delete(self.g1.group_id) |
95624ce4465f
orginized test module
Marcin Kuzminski <marcin@python-works.com>
parents:
diff
changeset
|
54 if hasattr(self, 'g2'): |
95624ce4465f
orginized test module
Marcin Kuzminski <marcin@python-works.com>
parents:
diff
changeset
|
55 ReposGroupModel().delete(self.g2.group_id) |
95624ce4465f
orginized test module
Marcin Kuzminski <marcin@python-works.com>
parents:
diff
changeset
|
56 |
95624ce4465f
orginized test module
Marcin Kuzminski <marcin@python-works.com>
parents:
diff
changeset
|
57 if hasattr(self, 'ug1'): |
3417
fa6ba6727475
further cleanup of UsersGroup
Mads Kiilerich <madski@unity3d.com>
parents:
3415
diff
changeset
|
58 UserGroupModel().delete(self.ug1, force=True) |
2527
95624ce4465f
orginized test module
Marcin Kuzminski <marcin@python-works.com>
parents:
diff
changeset
|
59 |
95624ce4465f
orginized test module
Marcin Kuzminski <marcin@python-works.com>
parents:
diff
changeset
|
60 Session().commit() |
95624ce4465f
orginized test module
Marcin Kuzminski <marcin@python-works.com>
parents:
diff
changeset
|
61 |
95624ce4465f
orginized test module
Marcin Kuzminski <marcin@python-works.com>
parents:
diff
changeset
|
62 def test_default_perms_set(self): |
95624ce4465f
orginized test module
Marcin Kuzminski <marcin@python-works.com>
parents:
diff
changeset
|
63 u1_auth = AuthUser(user_id=self.u1.user_id) |
95624ce4465f
orginized test module
Marcin Kuzminski <marcin@python-works.com>
parents:
diff
changeset
|
64 perms = { |
95624ce4465f
orginized test module
Marcin Kuzminski <marcin@python-works.com>
parents:
diff
changeset
|
65 'repositories_groups': {}, |
95624ce4465f
orginized test module
Marcin Kuzminski <marcin@python-works.com>
parents:
diff
changeset
|
66 'global': set([u'hg.create.repository', u'repository.read', |
95624ce4465f
orginized test module
Marcin Kuzminski <marcin@python-works.com>
parents:
diff
changeset
|
67 u'hg.register.manual_activate']), |
95624ce4465f
orginized test module
Marcin Kuzminski <marcin@python-works.com>
parents:
diff
changeset
|
68 'repositories': {u'vcs_test_hg': u'repository.read'} |
95624ce4465f
orginized test module
Marcin Kuzminski <marcin@python-works.com>
parents:
diff
changeset
|
69 } |
95624ce4465f
orginized test module
Marcin Kuzminski <marcin@python-works.com>
parents:
diff
changeset
|
70 self.assertEqual(u1_auth.permissions['repositories'][HG_REPO], |
95624ce4465f
orginized test module
Marcin Kuzminski <marcin@python-works.com>
parents:
diff
changeset
|
71 perms['repositories'][HG_REPO]) |
95624ce4465f
orginized test module
Marcin Kuzminski <marcin@python-works.com>
parents:
diff
changeset
|
72 new_perm = 'repository.write' |
95624ce4465f
orginized test module
Marcin Kuzminski <marcin@python-works.com>
parents:
diff
changeset
|
73 RepoModel().grant_user_permission(repo=HG_REPO, user=self.u1, |
95624ce4465f
orginized test module
Marcin Kuzminski <marcin@python-works.com>
parents:
diff
changeset
|
74 perm=new_perm) |
95624ce4465f
orginized test module
Marcin Kuzminski <marcin@python-works.com>
parents:
diff
changeset
|
75 Session().commit() |
95624ce4465f
orginized test module
Marcin Kuzminski <marcin@python-works.com>
parents:
diff
changeset
|
76 |
95624ce4465f
orginized test module
Marcin Kuzminski <marcin@python-works.com>
parents:
diff
changeset
|
77 u1_auth = AuthUser(user_id=self.u1.user_id) |
95624ce4465f
orginized test module
Marcin Kuzminski <marcin@python-works.com>
parents:
diff
changeset
|
78 self.assertEqual(u1_auth.permissions['repositories'][HG_REPO], |
95624ce4465f
orginized test module
Marcin Kuzminski <marcin@python-works.com>
parents:
diff
changeset
|
79 new_perm) |
95624ce4465f
orginized test module
Marcin Kuzminski <marcin@python-works.com>
parents:
diff
changeset
|
80 |
95624ce4465f
orginized test module
Marcin Kuzminski <marcin@python-works.com>
parents:
diff
changeset
|
81 def test_default_admin_perms_set(self): |
95624ce4465f
orginized test module
Marcin Kuzminski <marcin@python-works.com>
parents:
diff
changeset
|
82 a1_auth = AuthUser(user_id=self.a1.user_id) |
95624ce4465f
orginized test module
Marcin Kuzminski <marcin@python-works.com>
parents:
diff
changeset
|
83 perms = { |
95624ce4465f
orginized test module
Marcin Kuzminski <marcin@python-works.com>
parents:
diff
changeset
|
84 'repositories_groups': {}, |
95624ce4465f
orginized test module
Marcin Kuzminski <marcin@python-works.com>
parents:
diff
changeset
|
85 'global': set([u'hg.admin']), |
95624ce4465f
orginized test module
Marcin Kuzminski <marcin@python-works.com>
parents:
diff
changeset
|
86 'repositories': {u'vcs_test_hg': u'repository.admin'} |
95624ce4465f
orginized test module
Marcin Kuzminski <marcin@python-works.com>
parents:
diff
changeset
|
87 } |
95624ce4465f
orginized test module
Marcin Kuzminski <marcin@python-works.com>
parents:
diff
changeset
|
88 self.assertEqual(a1_auth.permissions['repositories'][HG_REPO], |
95624ce4465f
orginized test module
Marcin Kuzminski <marcin@python-works.com>
parents:
diff
changeset
|
89 perms['repositories'][HG_REPO]) |
95624ce4465f
orginized test module
Marcin Kuzminski <marcin@python-works.com>
parents:
diff
changeset
|
90 new_perm = 'repository.write' |
95624ce4465f
orginized test module
Marcin Kuzminski <marcin@python-works.com>
parents:
diff
changeset
|
91 RepoModel().grant_user_permission(repo=HG_REPO, user=self.a1, |
95624ce4465f
orginized test module
Marcin Kuzminski <marcin@python-works.com>
parents:
diff
changeset
|
92 perm=new_perm) |
95624ce4465f
orginized test module
Marcin Kuzminski <marcin@python-works.com>
parents:
diff
changeset
|
93 Session().commit() |
95624ce4465f
orginized test module
Marcin Kuzminski <marcin@python-works.com>
parents:
diff
changeset
|
94 # cannot really downgrade admins permissions !? they still get's set as |
95624ce4465f
orginized test module
Marcin Kuzminski <marcin@python-works.com>
parents:
diff
changeset
|
95 # admin ! |
95624ce4465f
orginized test module
Marcin Kuzminski <marcin@python-works.com>
parents:
diff
changeset
|
96 u1_auth = AuthUser(user_id=self.a1.user_id) |
95624ce4465f
orginized test module
Marcin Kuzminski <marcin@python-works.com>
parents:
diff
changeset
|
97 self.assertEqual(u1_auth.permissions['repositories'][HG_REPO], |
95624ce4465f
orginized test module
Marcin Kuzminski <marcin@python-works.com>
parents:
diff
changeset
|
98 perms['repositories'][HG_REPO]) |
95624ce4465f
orginized test module
Marcin Kuzminski <marcin@python-works.com>
parents:
diff
changeset
|
99 |
95624ce4465f
orginized test module
Marcin Kuzminski <marcin@python-works.com>
parents:
diff
changeset
|
100 def test_default_group_perms(self): |
3647
8a86836fad64
more usage of fixture tools
Marcin Kuzminski <marcin@python-works.com>
parents:
3417
diff
changeset
|
101 self.g1 = fixture.create_group('test1', skip_if_exists=True) |
8a86836fad64
more usage of fixture tools
Marcin Kuzminski <marcin@python-works.com>
parents:
3417
diff
changeset
|
102 self.g2 = fixture.create_group('test2', skip_if_exists=True) |
2527
95624ce4465f
orginized test module
Marcin Kuzminski <marcin@python-works.com>
parents:
diff
changeset
|
103 u1_auth = AuthUser(user_id=self.u1.user_id) |
95624ce4465f
orginized test module
Marcin Kuzminski <marcin@python-works.com>
parents:
diff
changeset
|
104 perms = { |
95624ce4465f
orginized test module
Marcin Kuzminski <marcin@python-works.com>
parents:
diff
changeset
|
105 'repositories_groups': {u'test1': 'group.read', u'test2': 'group.read'}, |
3733
af049a957506
fixed default permissions population during upgrades
Marcin Kuzminski <marcin@python-works.com>
parents:
3714
diff
changeset
|
106 'global': set(Permission.DEFAULT_USER_PERMISSIONS), |
2527
95624ce4465f
orginized test module
Marcin Kuzminski <marcin@python-works.com>
parents:
diff
changeset
|
107 'repositories': {u'vcs_test_hg': u'repository.read'} |
95624ce4465f
orginized test module
Marcin Kuzminski <marcin@python-works.com>
parents:
diff
changeset
|
108 } |
95624ce4465f
orginized test module
Marcin Kuzminski <marcin@python-works.com>
parents:
diff
changeset
|
109 self.assertEqual(u1_auth.permissions['repositories'][HG_REPO], |
95624ce4465f
orginized test module
Marcin Kuzminski <marcin@python-works.com>
parents:
diff
changeset
|
110 perms['repositories'][HG_REPO]) |
95624ce4465f
orginized test module
Marcin Kuzminski <marcin@python-works.com>
parents:
diff
changeset
|
111 self.assertEqual(u1_auth.permissions['repositories_groups'], |
95624ce4465f
orginized test module
Marcin Kuzminski <marcin@python-works.com>
parents:
diff
changeset
|
112 perms['repositories_groups']) |
3733
af049a957506
fixed default permissions population during upgrades
Marcin Kuzminski <marcin@python-works.com>
parents:
3714
diff
changeset
|
113 self.assertEqual(u1_auth.permissions['global'], |
af049a957506
fixed default permissions population during upgrades
Marcin Kuzminski <marcin@python-works.com>
parents:
3714
diff
changeset
|
114 perms['global']) |
2527
95624ce4465f
orginized test module
Marcin Kuzminski <marcin@python-works.com>
parents:
diff
changeset
|
115 |
95624ce4465f
orginized test module
Marcin Kuzminski <marcin@python-works.com>
parents:
diff
changeset
|
116 def test_default_admin_group_perms(self): |
3647
8a86836fad64
more usage of fixture tools
Marcin Kuzminski <marcin@python-works.com>
parents:
3417
diff
changeset
|
117 self.g1 = fixture.create_group('test1', skip_if_exists=True) |
8a86836fad64
more usage of fixture tools
Marcin Kuzminski <marcin@python-works.com>
parents:
3417
diff
changeset
|
118 self.g2 = fixture.create_group('test2', skip_if_exists=True) |
2527
95624ce4465f
orginized test module
Marcin Kuzminski <marcin@python-works.com>
parents:
diff
changeset
|
119 a1_auth = AuthUser(user_id=self.a1.user_id) |
95624ce4465f
orginized test module
Marcin Kuzminski <marcin@python-works.com>
parents:
diff
changeset
|
120 perms = { |
95624ce4465f
orginized test module
Marcin Kuzminski <marcin@python-works.com>
parents:
diff
changeset
|
121 'repositories_groups': {u'test1': 'group.admin', u'test2': 'group.admin'}, |
95624ce4465f
orginized test module
Marcin Kuzminski <marcin@python-works.com>
parents:
diff
changeset
|
122 'global': set(['hg.admin']), |
95624ce4465f
orginized test module
Marcin Kuzminski <marcin@python-works.com>
parents:
diff
changeset
|
123 'repositories': {u'vcs_test_hg': 'repository.admin'} |
95624ce4465f
orginized test module
Marcin Kuzminski <marcin@python-works.com>
parents:
diff
changeset
|
124 } |
95624ce4465f
orginized test module
Marcin Kuzminski <marcin@python-works.com>
parents:
diff
changeset
|
125 |
95624ce4465f
orginized test module
Marcin Kuzminski <marcin@python-works.com>
parents:
diff
changeset
|
126 self.assertEqual(a1_auth.permissions['repositories'][HG_REPO], |
95624ce4465f
orginized test module
Marcin Kuzminski <marcin@python-works.com>
parents:
diff
changeset
|
127 perms['repositories'][HG_REPO]) |
95624ce4465f
orginized test module
Marcin Kuzminski <marcin@python-works.com>
parents:
diff
changeset
|
128 self.assertEqual(a1_auth.permissions['repositories_groups'], |
95624ce4465f
orginized test module
Marcin Kuzminski <marcin@python-works.com>
parents:
diff
changeset
|
129 perms['repositories_groups']) |
95624ce4465f
orginized test module
Marcin Kuzminski <marcin@python-works.com>
parents:
diff
changeset
|
130 |
2709
d2d35cf2b351
RhodeCode now has a option to explicitly set forking permissions. ref #508
Marcin Kuzminski <marcin@python-works.com>
parents:
2529
diff
changeset
|
131 def test_propagated_permission_from_users_group_by_explicit_perms_exist(self): |
2527
95624ce4465f
orginized test module
Marcin Kuzminski <marcin@python-works.com>
parents:
diff
changeset
|
132 # make group |
3714
7e3d89d9d3a2
- Manage User’s Groups: create, delete, rename, add/remove users inside.
Marcin Kuzminski <marcin@python-works.com>
parents:
3647
diff
changeset
|
133 self.ug1 = fixture.create_user_group('G1') |
3417
fa6ba6727475
further cleanup of UsersGroup
Mads Kiilerich <madski@unity3d.com>
parents:
3415
diff
changeset
|
134 UserGroupModel().add_user_to_group(self.ug1, self.u1) |
2527
95624ce4465f
orginized test module
Marcin Kuzminski <marcin@python-works.com>
parents:
diff
changeset
|
135 |
95624ce4465f
orginized test module
Marcin Kuzminski <marcin@python-works.com>
parents:
diff
changeset
|
136 # set permission to lower |
95624ce4465f
orginized test module
Marcin Kuzminski <marcin@python-works.com>
parents:
diff
changeset
|
137 new_perm = 'repository.none' |
95624ce4465f
orginized test module
Marcin Kuzminski <marcin@python-works.com>
parents:
diff
changeset
|
138 RepoModel().grant_user_permission(repo=HG_REPO, user=self.u1, perm=new_perm) |
95624ce4465f
orginized test module
Marcin Kuzminski <marcin@python-works.com>
parents:
diff
changeset
|
139 Session().commit() |
95624ce4465f
orginized test module
Marcin Kuzminski <marcin@python-works.com>
parents:
diff
changeset
|
140 u1_auth = AuthUser(user_id=self.u1.user_id) |
95624ce4465f
orginized test module
Marcin Kuzminski <marcin@python-works.com>
parents:
diff
changeset
|
141 self.assertEqual(u1_auth.permissions['repositories'][HG_REPO], |
95624ce4465f
orginized test module
Marcin Kuzminski <marcin@python-works.com>
parents:
diff
changeset
|
142 new_perm) |
95624ce4465f
orginized test module
Marcin Kuzminski <marcin@python-works.com>
parents:
diff
changeset
|
143 |
2709
d2d35cf2b351
RhodeCode now has a option to explicitly set forking permissions. ref #508
Marcin Kuzminski <marcin@python-works.com>
parents:
2529
diff
changeset
|
144 # grant perm for group this should not override permission from user |
d2d35cf2b351
RhodeCode now has a option to explicitly set forking permissions. ref #508
Marcin Kuzminski <marcin@python-works.com>
parents:
2529
diff
changeset
|
145 # since it has explicitly set |
d2d35cf2b351
RhodeCode now has a option to explicitly set forking permissions. ref #508
Marcin Kuzminski <marcin@python-works.com>
parents:
2529
diff
changeset
|
146 new_perm_gr = 'repository.write' |
2527
95624ce4465f
orginized test module
Marcin Kuzminski <marcin@python-works.com>
parents:
diff
changeset
|
147 RepoModel().grant_users_group_permission(repo=HG_REPO, |
95624ce4465f
orginized test module
Marcin Kuzminski <marcin@python-works.com>
parents:
diff
changeset
|
148 group_name=self.ug1, |
2709
d2d35cf2b351
RhodeCode now has a option to explicitly set forking permissions. ref #508
Marcin Kuzminski <marcin@python-works.com>
parents:
2529
diff
changeset
|
149 perm=new_perm_gr) |
2527
95624ce4465f
orginized test module
Marcin Kuzminski <marcin@python-works.com>
parents:
diff
changeset
|
150 # check perms |
95624ce4465f
orginized test module
Marcin Kuzminski <marcin@python-works.com>
parents:
diff
changeset
|
151 u1_auth = AuthUser(user_id=self.u1.user_id) |
95624ce4465f
orginized test module
Marcin Kuzminski <marcin@python-works.com>
parents:
diff
changeset
|
152 perms = { |
95624ce4465f
orginized test module
Marcin Kuzminski <marcin@python-works.com>
parents:
diff
changeset
|
153 'repositories_groups': {}, |
95624ce4465f
orginized test module
Marcin Kuzminski <marcin@python-works.com>
parents:
diff
changeset
|
154 'global': set([u'hg.create.repository', u'repository.read', |
95624ce4465f
orginized test module
Marcin Kuzminski <marcin@python-works.com>
parents:
diff
changeset
|
155 u'hg.register.manual_activate']), |
95624ce4465f
orginized test module
Marcin Kuzminski <marcin@python-works.com>
parents:
diff
changeset
|
156 'repositories': {u'vcs_test_hg': u'repository.read'} |
95624ce4465f
orginized test module
Marcin Kuzminski <marcin@python-works.com>
parents:
diff
changeset
|
157 } |
95624ce4465f
orginized test module
Marcin Kuzminski <marcin@python-works.com>
parents:
diff
changeset
|
158 self.assertEqual(u1_auth.permissions['repositories'][HG_REPO], |
95624ce4465f
orginized test module
Marcin Kuzminski <marcin@python-works.com>
parents:
diff
changeset
|
159 new_perm) |
95624ce4465f
orginized test module
Marcin Kuzminski <marcin@python-works.com>
parents:
diff
changeset
|
160 self.assertEqual(u1_auth.permissions['repositories_groups'], |
95624ce4465f
orginized test module
Marcin Kuzminski <marcin@python-works.com>
parents:
diff
changeset
|
161 perms['repositories_groups']) |
95624ce4465f
orginized test module
Marcin Kuzminski <marcin@python-works.com>
parents:
diff
changeset
|
162 |
2709
d2d35cf2b351
RhodeCode now has a option to explicitly set forking permissions. ref #508
Marcin Kuzminski <marcin@python-works.com>
parents:
2529
diff
changeset
|
163 def test_propagated_permission_from_users_group(self): |
d2d35cf2b351
RhodeCode now has a option to explicitly set forking permissions. ref #508
Marcin Kuzminski <marcin@python-works.com>
parents:
2529
diff
changeset
|
164 # make group |
3714
7e3d89d9d3a2
- Manage User’s Groups: create, delete, rename, add/remove users inside.
Marcin Kuzminski <marcin@python-works.com>
parents:
3647
diff
changeset
|
165 self.ug1 = fixture.create_user_group('G1') |
3417
fa6ba6727475
further cleanup of UsersGroup
Mads Kiilerich <madski@unity3d.com>
parents:
3415
diff
changeset
|
166 UserGroupModel().add_user_to_group(self.ug1, self.u3) |
2709
d2d35cf2b351
RhodeCode now has a option to explicitly set forking permissions. ref #508
Marcin Kuzminski <marcin@python-works.com>
parents:
2529
diff
changeset
|
167 |
d2d35cf2b351
RhodeCode now has a option to explicitly set forking permissions. ref #508
Marcin Kuzminski <marcin@python-works.com>
parents:
2529
diff
changeset
|
168 # grant perm for group this should override default permission from user |
d2d35cf2b351
RhodeCode now has a option to explicitly set forking permissions. ref #508
Marcin Kuzminski <marcin@python-works.com>
parents:
2529
diff
changeset
|
169 new_perm_gr = 'repository.write' |
d2d35cf2b351
RhodeCode now has a option to explicitly set forking permissions. ref #508
Marcin Kuzminski <marcin@python-works.com>
parents:
2529
diff
changeset
|
170 RepoModel().grant_users_group_permission(repo=HG_REPO, |
d2d35cf2b351
RhodeCode now has a option to explicitly set forking permissions. ref #508
Marcin Kuzminski <marcin@python-works.com>
parents:
2529
diff
changeset
|
171 group_name=self.ug1, |
d2d35cf2b351
RhodeCode now has a option to explicitly set forking permissions. ref #508
Marcin Kuzminski <marcin@python-works.com>
parents:
2529
diff
changeset
|
172 perm=new_perm_gr) |
d2d35cf2b351
RhodeCode now has a option to explicitly set forking permissions. ref #508
Marcin Kuzminski <marcin@python-works.com>
parents:
2529
diff
changeset
|
173 # check perms |
d2d35cf2b351
RhodeCode now has a option to explicitly set forking permissions. ref #508
Marcin Kuzminski <marcin@python-works.com>
parents:
2529
diff
changeset
|
174 u3_auth = AuthUser(user_id=self.u3.user_id) |
d2d35cf2b351
RhodeCode now has a option to explicitly set forking permissions. ref #508
Marcin Kuzminski <marcin@python-works.com>
parents:
2529
diff
changeset
|
175 perms = { |
d2d35cf2b351
RhodeCode now has a option to explicitly set forking permissions. ref #508
Marcin Kuzminski <marcin@python-works.com>
parents:
2529
diff
changeset
|
176 'repositories_groups': {}, |
d2d35cf2b351
RhodeCode now has a option to explicitly set forking permissions. ref #508
Marcin Kuzminski <marcin@python-works.com>
parents:
2529
diff
changeset
|
177 'global': set([u'hg.create.repository', u'repository.read', |
d2d35cf2b351
RhodeCode now has a option to explicitly set forking permissions. ref #508
Marcin Kuzminski <marcin@python-works.com>
parents:
2529
diff
changeset
|
178 u'hg.register.manual_activate']), |
d2d35cf2b351
RhodeCode now has a option to explicitly set forking permissions. ref #508
Marcin Kuzminski <marcin@python-works.com>
parents:
2529
diff
changeset
|
179 'repositories': {u'vcs_test_hg': u'repository.read'} |
d2d35cf2b351
RhodeCode now has a option to explicitly set forking permissions. ref #508
Marcin Kuzminski <marcin@python-works.com>
parents:
2529
diff
changeset
|
180 } |
d2d35cf2b351
RhodeCode now has a option to explicitly set forking permissions. ref #508
Marcin Kuzminski <marcin@python-works.com>
parents:
2529
diff
changeset
|
181 self.assertEqual(u3_auth.permissions['repositories'][HG_REPO], |
d2d35cf2b351
RhodeCode now has a option to explicitly set forking permissions. ref #508
Marcin Kuzminski <marcin@python-works.com>
parents:
2529
diff
changeset
|
182 new_perm_gr) |
d2d35cf2b351
RhodeCode now has a option to explicitly set forking permissions. ref #508
Marcin Kuzminski <marcin@python-works.com>
parents:
2529
diff
changeset
|
183 self.assertEqual(u3_auth.permissions['repositories_groups'], |
d2d35cf2b351
RhodeCode now has a option to explicitly set forking permissions. ref #508
Marcin Kuzminski <marcin@python-works.com>
parents:
2529
diff
changeset
|
184 perms['repositories_groups']) |
d2d35cf2b351
RhodeCode now has a option to explicitly set forking permissions. ref #508
Marcin Kuzminski <marcin@python-works.com>
parents:
2529
diff
changeset
|
185 |
2527
95624ce4465f
orginized test module
Marcin Kuzminski <marcin@python-works.com>
parents:
diff
changeset
|
186 def test_propagated_permission_from_users_group_lower_weight(self): |
95624ce4465f
orginized test module
Marcin Kuzminski <marcin@python-works.com>
parents:
diff
changeset
|
187 # make group |
3714
7e3d89d9d3a2
- Manage User’s Groups: create, delete, rename, add/remove users inside.
Marcin Kuzminski <marcin@python-works.com>
parents:
3647
diff
changeset
|
188 self.ug1 = fixture.create_user_group('G1') |
2527
95624ce4465f
orginized test module
Marcin Kuzminski <marcin@python-works.com>
parents:
diff
changeset
|
189 # add user to group |
3417
fa6ba6727475
further cleanup of UsersGroup
Mads Kiilerich <madski@unity3d.com>
parents:
3415
diff
changeset
|
190 UserGroupModel().add_user_to_group(self.ug1, self.u1) |
2527
95624ce4465f
orginized test module
Marcin Kuzminski <marcin@python-works.com>
parents:
diff
changeset
|
191 |
95624ce4465f
orginized test module
Marcin Kuzminski <marcin@python-works.com>
parents:
diff
changeset
|
192 # set permission to lower |
95624ce4465f
orginized test module
Marcin Kuzminski <marcin@python-works.com>
parents:
diff
changeset
|
193 new_perm_h = 'repository.write' |
95624ce4465f
orginized test module
Marcin Kuzminski <marcin@python-works.com>
parents:
diff
changeset
|
194 RepoModel().grant_user_permission(repo=HG_REPO, user=self.u1, |
95624ce4465f
orginized test module
Marcin Kuzminski <marcin@python-works.com>
parents:
diff
changeset
|
195 perm=new_perm_h) |
95624ce4465f
orginized test module
Marcin Kuzminski <marcin@python-works.com>
parents:
diff
changeset
|
196 Session().commit() |
95624ce4465f
orginized test module
Marcin Kuzminski <marcin@python-works.com>
parents:
diff
changeset
|
197 u1_auth = AuthUser(user_id=self.u1.user_id) |
95624ce4465f
orginized test module
Marcin Kuzminski <marcin@python-works.com>
parents:
diff
changeset
|
198 self.assertEqual(u1_auth.permissions['repositories'][HG_REPO], |
95624ce4465f
orginized test module
Marcin Kuzminski <marcin@python-works.com>
parents:
diff
changeset
|
199 new_perm_h) |
95624ce4465f
orginized test module
Marcin Kuzminski <marcin@python-works.com>
parents:
diff
changeset
|
200 |
95624ce4465f
orginized test module
Marcin Kuzminski <marcin@python-works.com>
parents:
diff
changeset
|
201 # grant perm for group this should NOT override permission from user |
95624ce4465f
orginized test module
Marcin Kuzminski <marcin@python-works.com>
parents:
diff
changeset
|
202 # since it's lower than granted |
95624ce4465f
orginized test module
Marcin Kuzminski <marcin@python-works.com>
parents:
diff
changeset
|
203 new_perm_l = 'repository.read' |
95624ce4465f
orginized test module
Marcin Kuzminski <marcin@python-works.com>
parents:
diff
changeset
|
204 RepoModel().grant_users_group_permission(repo=HG_REPO, |
95624ce4465f
orginized test module
Marcin Kuzminski <marcin@python-works.com>
parents:
diff
changeset
|
205 group_name=self.ug1, |
95624ce4465f
orginized test module
Marcin Kuzminski <marcin@python-works.com>
parents:
diff
changeset
|
206 perm=new_perm_l) |
95624ce4465f
orginized test module
Marcin Kuzminski <marcin@python-works.com>
parents:
diff
changeset
|
207 # check perms |
95624ce4465f
orginized test module
Marcin Kuzminski <marcin@python-works.com>
parents:
diff
changeset
|
208 u1_auth = AuthUser(user_id=self.u1.user_id) |
95624ce4465f
orginized test module
Marcin Kuzminski <marcin@python-works.com>
parents:
diff
changeset
|
209 perms = { |
95624ce4465f
orginized test module
Marcin Kuzminski <marcin@python-works.com>
parents:
diff
changeset
|
210 'repositories_groups': {}, |
95624ce4465f
orginized test module
Marcin Kuzminski <marcin@python-works.com>
parents:
diff
changeset
|
211 'global': set([u'hg.create.repository', u'repository.read', |
95624ce4465f
orginized test module
Marcin Kuzminski <marcin@python-works.com>
parents:
diff
changeset
|
212 u'hg.register.manual_activate']), |
95624ce4465f
orginized test module
Marcin Kuzminski <marcin@python-works.com>
parents:
diff
changeset
|
213 'repositories': {u'vcs_test_hg': u'repository.write'} |
95624ce4465f
orginized test module
Marcin Kuzminski <marcin@python-works.com>
parents:
diff
changeset
|
214 } |
95624ce4465f
orginized test module
Marcin Kuzminski <marcin@python-works.com>
parents:
diff
changeset
|
215 self.assertEqual(u1_auth.permissions['repositories'][HG_REPO], |
95624ce4465f
orginized test module
Marcin Kuzminski <marcin@python-works.com>
parents:
diff
changeset
|
216 new_perm_h) |
95624ce4465f
orginized test module
Marcin Kuzminski <marcin@python-works.com>
parents:
diff
changeset
|
217 self.assertEqual(u1_auth.permissions['repositories_groups'], |
95624ce4465f
orginized test module
Marcin Kuzminski <marcin@python-works.com>
parents:
diff
changeset
|
218 perms['repositories_groups']) |
95624ce4465f
orginized test module
Marcin Kuzminski <marcin@python-works.com>
parents:
diff
changeset
|
219 |
95624ce4465f
orginized test module
Marcin Kuzminski <marcin@python-works.com>
parents:
diff
changeset
|
220 def test_repo_in_group_permissions(self): |
3647
8a86836fad64
more usage of fixture tools
Marcin Kuzminski <marcin@python-works.com>
parents:
3417
diff
changeset
|
221 self.g1 = fixture.create_group('group1', skip_if_exists=True) |
8a86836fad64
more usage of fixture tools
Marcin Kuzminski <marcin@python-works.com>
parents:
3417
diff
changeset
|
222 self.g2 = fixture.create_group('group2', skip_if_exists=True) |
2527
95624ce4465f
orginized test module
Marcin Kuzminski <marcin@python-works.com>
parents:
diff
changeset
|
223 # both perms should be read ! |
95624ce4465f
orginized test module
Marcin Kuzminski <marcin@python-works.com>
parents:
diff
changeset
|
224 u1_auth = AuthUser(user_id=self.u1.user_id) |
95624ce4465f
orginized test module
Marcin Kuzminski <marcin@python-works.com>
parents:
diff
changeset
|
225 self.assertEqual(u1_auth.permissions['repositories_groups'], |
95624ce4465f
orginized test module
Marcin Kuzminski <marcin@python-works.com>
parents:
diff
changeset
|
226 {u'group1': u'group.read', u'group2': u'group.read'}) |
95624ce4465f
orginized test module
Marcin Kuzminski <marcin@python-works.com>
parents:
diff
changeset
|
227 |
95624ce4465f
orginized test module
Marcin Kuzminski <marcin@python-works.com>
parents:
diff
changeset
|
228 a1_auth = AuthUser(user_id=self.anon.user_id) |
95624ce4465f
orginized test module
Marcin Kuzminski <marcin@python-works.com>
parents:
diff
changeset
|
229 self.assertEqual(a1_auth.permissions['repositories_groups'], |
95624ce4465f
orginized test module
Marcin Kuzminski <marcin@python-works.com>
parents:
diff
changeset
|
230 {u'group1': u'group.read', u'group2': u'group.read'}) |
95624ce4465f
orginized test module
Marcin Kuzminski <marcin@python-works.com>
parents:
diff
changeset
|
231 |
95624ce4465f
orginized test module
Marcin Kuzminski <marcin@python-works.com>
parents:
diff
changeset
|
232 #Change perms to none for both groups |
95624ce4465f
orginized test module
Marcin Kuzminski <marcin@python-works.com>
parents:
diff
changeset
|
233 ReposGroupModel().grant_user_permission(repos_group=self.g1, |
95624ce4465f
orginized test module
Marcin Kuzminski <marcin@python-works.com>
parents:
diff
changeset
|
234 user=self.anon, |
95624ce4465f
orginized test module
Marcin Kuzminski <marcin@python-works.com>
parents:
diff
changeset
|
235 perm='group.none') |
95624ce4465f
orginized test module
Marcin Kuzminski <marcin@python-works.com>
parents:
diff
changeset
|
236 ReposGroupModel().grant_user_permission(repos_group=self.g2, |
95624ce4465f
orginized test module
Marcin Kuzminski <marcin@python-works.com>
parents:
diff
changeset
|
237 user=self.anon, |
95624ce4465f
orginized test module
Marcin Kuzminski <marcin@python-works.com>
parents:
diff
changeset
|
238 perm='group.none') |
95624ce4465f
orginized test module
Marcin Kuzminski <marcin@python-works.com>
parents:
diff
changeset
|
239 |
95624ce4465f
orginized test module
Marcin Kuzminski <marcin@python-works.com>
parents:
diff
changeset
|
240 u1_auth = AuthUser(user_id=self.u1.user_id) |
95624ce4465f
orginized test module
Marcin Kuzminski <marcin@python-works.com>
parents:
diff
changeset
|
241 self.assertEqual(u1_auth.permissions['repositories_groups'], |
95624ce4465f
orginized test module
Marcin Kuzminski <marcin@python-works.com>
parents:
diff
changeset
|
242 {u'group1': u'group.none', u'group2': u'group.none'}) |
95624ce4465f
orginized test module
Marcin Kuzminski <marcin@python-works.com>
parents:
diff
changeset
|
243 |
95624ce4465f
orginized test module
Marcin Kuzminski <marcin@python-works.com>
parents:
diff
changeset
|
244 a1_auth = AuthUser(user_id=self.anon.user_id) |
95624ce4465f
orginized test module
Marcin Kuzminski <marcin@python-works.com>
parents:
diff
changeset
|
245 self.assertEqual(a1_auth.permissions['repositories_groups'], |
95624ce4465f
orginized test module
Marcin Kuzminski <marcin@python-works.com>
parents:
diff
changeset
|
246 {u'group1': u'group.none', u'group2': u'group.none'}) |
95624ce4465f
orginized test module
Marcin Kuzminski <marcin@python-works.com>
parents:
diff
changeset
|
247 |
95624ce4465f
orginized test module
Marcin Kuzminski <marcin@python-works.com>
parents:
diff
changeset
|
248 # add repo to group |
95624ce4465f
orginized test module
Marcin Kuzminski <marcin@python-works.com>
parents:
diff
changeset
|
249 name = RepoGroup.url_sep().join([self.g1.group_name, 'test_perm']) |
3647
8a86836fad64
more usage of fixture tools
Marcin Kuzminski <marcin@python-works.com>
parents:
3417
diff
changeset
|
250 self.test_repo = fixture.create_repo(name=name, |
8a86836fad64
more usage of fixture tools
Marcin Kuzminski <marcin@python-works.com>
parents:
3417
diff
changeset
|
251 repo_type='hg', |
8a86836fad64
more usage of fixture tools
Marcin Kuzminski <marcin@python-works.com>
parents:
3417
diff
changeset
|
252 repos_group=self.g1, |
8a86836fad64
more usage of fixture tools
Marcin Kuzminski <marcin@python-works.com>
parents:
3417
diff
changeset
|
253 cur_user=self.u1,) |
2527
95624ce4465f
orginized test module
Marcin Kuzminski <marcin@python-works.com>
parents:
diff
changeset
|
254 |
95624ce4465f
orginized test module
Marcin Kuzminski <marcin@python-works.com>
parents:
diff
changeset
|
255 u1_auth = AuthUser(user_id=self.u1.user_id) |
95624ce4465f
orginized test module
Marcin Kuzminski <marcin@python-works.com>
parents:
diff
changeset
|
256 self.assertEqual(u1_auth.permissions['repositories_groups'], |
95624ce4465f
orginized test module
Marcin Kuzminski <marcin@python-works.com>
parents:
diff
changeset
|
257 {u'group1': u'group.none', u'group2': u'group.none'}) |
95624ce4465f
orginized test module
Marcin Kuzminski <marcin@python-works.com>
parents:
diff
changeset
|
258 |
95624ce4465f
orginized test module
Marcin Kuzminski <marcin@python-works.com>
parents:
diff
changeset
|
259 a1_auth = AuthUser(user_id=self.anon.user_id) |
95624ce4465f
orginized test module
Marcin Kuzminski <marcin@python-works.com>
parents:
diff
changeset
|
260 self.assertEqual(a1_auth.permissions['repositories_groups'], |
95624ce4465f
orginized test module
Marcin Kuzminski <marcin@python-works.com>
parents:
diff
changeset
|
261 {u'group1': u'group.none', u'group2': u'group.none'}) |
95624ce4465f
orginized test module
Marcin Kuzminski <marcin@python-works.com>
parents:
diff
changeset
|
262 |
95624ce4465f
orginized test module
Marcin Kuzminski <marcin@python-works.com>
parents:
diff
changeset
|
263 #grant permission for u2 ! |
95624ce4465f
orginized test module
Marcin Kuzminski <marcin@python-works.com>
parents:
diff
changeset
|
264 ReposGroupModel().grant_user_permission(repos_group=self.g1, |
95624ce4465f
orginized test module
Marcin Kuzminski <marcin@python-works.com>
parents:
diff
changeset
|
265 user=self.u2, |
95624ce4465f
orginized test module
Marcin Kuzminski <marcin@python-works.com>
parents:
diff
changeset
|
266 perm='group.read') |
95624ce4465f
orginized test module
Marcin Kuzminski <marcin@python-works.com>
parents:
diff
changeset
|
267 ReposGroupModel().grant_user_permission(repos_group=self.g2, |
95624ce4465f
orginized test module
Marcin Kuzminski <marcin@python-works.com>
parents:
diff
changeset
|
268 user=self.u2, |
95624ce4465f
orginized test module
Marcin Kuzminski <marcin@python-works.com>
parents:
diff
changeset
|
269 perm='group.read') |
95624ce4465f
orginized test module
Marcin Kuzminski <marcin@python-works.com>
parents:
diff
changeset
|
270 Session().commit() |
95624ce4465f
orginized test module
Marcin Kuzminski <marcin@python-works.com>
parents:
diff
changeset
|
271 self.assertNotEqual(self.u1, self.u2) |
95624ce4465f
orginized test module
Marcin Kuzminski <marcin@python-works.com>
parents:
diff
changeset
|
272 #u1 and anon should have not change perms while u2 should ! |
95624ce4465f
orginized test module
Marcin Kuzminski <marcin@python-works.com>
parents:
diff
changeset
|
273 u1_auth = AuthUser(user_id=self.u1.user_id) |
95624ce4465f
orginized test module
Marcin Kuzminski <marcin@python-works.com>
parents:
diff
changeset
|
274 self.assertEqual(u1_auth.permissions['repositories_groups'], |
95624ce4465f
orginized test module
Marcin Kuzminski <marcin@python-works.com>
parents:
diff
changeset
|
275 {u'group1': u'group.none', u'group2': u'group.none'}) |
95624ce4465f
orginized test module
Marcin Kuzminski <marcin@python-works.com>
parents:
diff
changeset
|
276 |
95624ce4465f
orginized test module
Marcin Kuzminski <marcin@python-works.com>
parents:
diff
changeset
|
277 u2_auth = AuthUser(user_id=self.u2.user_id) |
95624ce4465f
orginized test module
Marcin Kuzminski <marcin@python-works.com>
parents:
diff
changeset
|
278 self.assertEqual(u2_auth.permissions['repositories_groups'], |
95624ce4465f
orginized test module
Marcin Kuzminski <marcin@python-works.com>
parents:
diff
changeset
|
279 {u'group1': u'group.read', u'group2': u'group.read'}) |
95624ce4465f
orginized test module
Marcin Kuzminski <marcin@python-works.com>
parents:
diff
changeset
|
280 |
95624ce4465f
orginized test module
Marcin Kuzminski <marcin@python-works.com>
parents:
diff
changeset
|
281 a1_auth = AuthUser(user_id=self.anon.user_id) |
95624ce4465f
orginized test module
Marcin Kuzminski <marcin@python-works.com>
parents:
diff
changeset
|
282 self.assertEqual(a1_auth.permissions['repositories_groups'], |
95624ce4465f
orginized test module
Marcin Kuzminski <marcin@python-works.com>
parents:
diff
changeset
|
283 {u'group1': u'group.none', u'group2': u'group.none'}) |
95624ce4465f
orginized test module
Marcin Kuzminski <marcin@python-works.com>
parents:
diff
changeset
|
284 |
95624ce4465f
orginized test module
Marcin Kuzminski <marcin@python-works.com>
parents:
diff
changeset
|
285 def test_repo_group_user_as_user_group_member(self): |
95624ce4465f
orginized test module
Marcin Kuzminski <marcin@python-works.com>
parents:
diff
changeset
|
286 # create Group1 |
3647
8a86836fad64
more usage of fixture tools
Marcin Kuzminski <marcin@python-works.com>
parents:
3417
diff
changeset
|
287 self.g1 = fixture.create_group('group1', skip_if_exists=True) |
2527
95624ce4465f
orginized test module
Marcin Kuzminski <marcin@python-works.com>
parents:
diff
changeset
|
288 a1_auth = AuthUser(user_id=self.anon.user_id) |
95624ce4465f
orginized test module
Marcin Kuzminski <marcin@python-works.com>
parents:
diff
changeset
|
289 |
95624ce4465f
orginized test module
Marcin Kuzminski <marcin@python-works.com>
parents:
diff
changeset
|
290 self.assertEqual(a1_auth.permissions['repositories_groups'], |
95624ce4465f
orginized test module
Marcin Kuzminski <marcin@python-works.com>
parents:
diff
changeset
|
291 {u'group1': u'group.read'}) |
95624ce4465f
orginized test module
Marcin Kuzminski <marcin@python-works.com>
parents:
diff
changeset
|
292 |
95624ce4465f
orginized test module
Marcin Kuzminski <marcin@python-works.com>
parents:
diff
changeset
|
293 # set default permission to none |
95624ce4465f
orginized test module
Marcin Kuzminski <marcin@python-works.com>
parents:
diff
changeset
|
294 ReposGroupModel().grant_user_permission(repos_group=self.g1, |
95624ce4465f
orginized test module
Marcin Kuzminski <marcin@python-works.com>
parents:
diff
changeset
|
295 user=self.anon, |
95624ce4465f
orginized test module
Marcin Kuzminski <marcin@python-works.com>
parents:
diff
changeset
|
296 perm='group.none') |
95624ce4465f
orginized test module
Marcin Kuzminski <marcin@python-works.com>
parents:
diff
changeset
|
297 # make group |
3714
7e3d89d9d3a2
- Manage User’s Groups: create, delete, rename, add/remove users inside.
Marcin Kuzminski <marcin@python-works.com>
parents:
3647
diff
changeset
|
298 self.ug1 = fixture.create_user_group('G1') |
2527
95624ce4465f
orginized test module
Marcin Kuzminski <marcin@python-works.com>
parents:
diff
changeset
|
299 # add user to group |
3417
fa6ba6727475
further cleanup of UsersGroup
Mads Kiilerich <madski@unity3d.com>
parents:
3415
diff
changeset
|
300 UserGroupModel().add_user_to_group(self.ug1, self.u1) |
2527
95624ce4465f
orginized test module
Marcin Kuzminski <marcin@python-works.com>
parents:
diff
changeset
|
301 Session().commit() |
95624ce4465f
orginized test module
Marcin Kuzminski <marcin@python-works.com>
parents:
diff
changeset
|
302 |
95624ce4465f
orginized test module
Marcin Kuzminski <marcin@python-works.com>
parents:
diff
changeset
|
303 # check if user is in the group |
3417
fa6ba6727475
further cleanup of UsersGroup
Mads Kiilerich <madski@unity3d.com>
parents:
3415
diff
changeset
|
304 membrs = [x.user_id for x in UserGroupModel().get(self.ug1.users_group_id).members] |
2527
95624ce4465f
orginized test module
Marcin Kuzminski <marcin@python-works.com>
parents:
diff
changeset
|
305 self.assertEqual(membrs, [self.u1.user_id]) |
95624ce4465f
orginized test module
Marcin Kuzminski <marcin@python-works.com>
parents:
diff
changeset
|
306 # add some user to that group |
95624ce4465f
orginized test module
Marcin Kuzminski <marcin@python-works.com>
parents:
diff
changeset
|
307 |
95624ce4465f
orginized test module
Marcin Kuzminski <marcin@python-works.com>
parents:
diff
changeset
|
308 # check his permissions |
95624ce4465f
orginized test module
Marcin Kuzminski <marcin@python-works.com>
parents:
diff
changeset
|
309 a1_auth = AuthUser(user_id=self.anon.user_id) |
95624ce4465f
orginized test module
Marcin Kuzminski <marcin@python-works.com>
parents:
diff
changeset
|
310 self.assertEqual(a1_auth.permissions['repositories_groups'], |
95624ce4465f
orginized test module
Marcin Kuzminski <marcin@python-works.com>
parents:
diff
changeset
|
311 {u'group1': u'group.none'}) |
95624ce4465f
orginized test module
Marcin Kuzminski <marcin@python-works.com>
parents:
diff
changeset
|
312 |
95624ce4465f
orginized test module
Marcin Kuzminski <marcin@python-works.com>
parents:
diff
changeset
|
313 u1_auth = AuthUser(user_id=self.u1.user_id) |
95624ce4465f
orginized test module
Marcin Kuzminski <marcin@python-works.com>
parents:
diff
changeset
|
314 self.assertEqual(u1_auth.permissions['repositories_groups'], |
95624ce4465f
orginized test module
Marcin Kuzminski <marcin@python-works.com>
parents:
diff
changeset
|
315 {u'group1': u'group.none'}) |
95624ce4465f
orginized test module
Marcin Kuzminski <marcin@python-works.com>
parents:
diff
changeset
|
316 |
95624ce4465f
orginized test module
Marcin Kuzminski <marcin@python-works.com>
parents:
diff
changeset
|
317 # grant ug1 read permissions for |
95624ce4465f
orginized test module
Marcin Kuzminski <marcin@python-works.com>
parents:
diff
changeset
|
318 ReposGroupModel().grant_users_group_permission(repos_group=self.g1, |
95624ce4465f
orginized test module
Marcin Kuzminski <marcin@python-works.com>
parents:
diff
changeset
|
319 group_name=self.ug1, |
95624ce4465f
orginized test module
Marcin Kuzminski <marcin@python-works.com>
parents:
diff
changeset
|
320 perm='group.read') |
95624ce4465f
orginized test module
Marcin Kuzminski <marcin@python-works.com>
parents:
diff
changeset
|
321 Session().commit() |
95624ce4465f
orginized test module
Marcin Kuzminski <marcin@python-works.com>
parents:
diff
changeset
|
322 # check if the |
3417
fa6ba6727475
further cleanup of UsersGroup
Mads Kiilerich <madski@unity3d.com>
parents:
3415
diff
changeset
|
323 obj = Session().query(UserGroupRepoGroupToPerm)\ |
fa6ba6727475
further cleanup of UsersGroup
Mads Kiilerich <madski@unity3d.com>
parents:
3415
diff
changeset
|
324 .filter(UserGroupRepoGroupToPerm.group == self.g1)\ |
fa6ba6727475
further cleanup of UsersGroup
Mads Kiilerich <madski@unity3d.com>
parents:
3415
diff
changeset
|
325 .filter(UserGroupRepoGroupToPerm.users_group == self.ug1)\ |
2527
95624ce4465f
orginized test module
Marcin Kuzminski <marcin@python-works.com>
parents:
diff
changeset
|
326 .scalar() |
95624ce4465f
orginized test module
Marcin Kuzminski <marcin@python-works.com>
parents:
diff
changeset
|
327 self.assertEqual(obj.permission.permission_name, 'group.read') |
95624ce4465f
orginized test module
Marcin Kuzminski <marcin@python-works.com>
parents:
diff
changeset
|
328 |
95624ce4465f
orginized test module
Marcin Kuzminski <marcin@python-works.com>
parents:
diff
changeset
|
329 a1_auth = AuthUser(user_id=self.anon.user_id) |
95624ce4465f
orginized test module
Marcin Kuzminski <marcin@python-works.com>
parents:
diff
changeset
|
330 |
95624ce4465f
orginized test module
Marcin Kuzminski <marcin@python-works.com>
parents:
diff
changeset
|
331 self.assertEqual(a1_auth.permissions['repositories_groups'], |
95624ce4465f
orginized test module
Marcin Kuzminski <marcin@python-works.com>
parents:
diff
changeset
|
332 {u'group1': u'group.none'}) |
95624ce4465f
orginized test module
Marcin Kuzminski <marcin@python-works.com>
parents:
diff
changeset
|
333 |
95624ce4465f
orginized test module
Marcin Kuzminski <marcin@python-works.com>
parents:
diff
changeset
|
334 u1_auth = AuthUser(user_id=self.u1.user_id) |
95624ce4465f
orginized test module
Marcin Kuzminski <marcin@python-works.com>
parents:
diff
changeset
|
335 self.assertEqual(u1_auth.permissions['repositories_groups'], |
95624ce4465f
orginized test module
Marcin Kuzminski <marcin@python-works.com>
parents:
diff
changeset
|
336 {u'group1': u'group.read'}) |
2709
d2d35cf2b351
RhodeCode now has a option to explicitly set forking permissions. ref #508
Marcin Kuzminski <marcin@python-works.com>
parents:
2529
diff
changeset
|
337 |
d2d35cf2b351
RhodeCode now has a option to explicitly set forking permissions. ref #508
Marcin Kuzminski <marcin@python-works.com>
parents:
2529
diff
changeset
|
338 def test_inherited_permissions_from_default_on_user_enabled(self): |
d2d35cf2b351
RhodeCode now has a option to explicitly set forking permissions. ref #508
Marcin Kuzminski <marcin@python-works.com>
parents:
2529
diff
changeset
|
339 user_model = UserModel() |
d2d35cf2b351
RhodeCode now has a option to explicitly set forking permissions. ref #508
Marcin Kuzminski <marcin@python-works.com>
parents:
2529
diff
changeset
|
340 # enable fork and create on default user |
d2d35cf2b351
RhodeCode now has a option to explicitly set forking permissions. ref #508
Marcin Kuzminski <marcin@python-works.com>
parents:
2529
diff
changeset
|
341 usr = 'default' |
d2d35cf2b351
RhodeCode now has a option to explicitly set forking permissions. ref #508
Marcin Kuzminski <marcin@python-works.com>
parents:
2529
diff
changeset
|
342 user_model.revoke_perm(usr, 'hg.create.none') |
d2d35cf2b351
RhodeCode now has a option to explicitly set forking permissions. ref #508
Marcin Kuzminski <marcin@python-works.com>
parents:
2529
diff
changeset
|
343 user_model.grant_perm(usr, 'hg.create.repository') |
d2d35cf2b351
RhodeCode now has a option to explicitly set forking permissions. ref #508
Marcin Kuzminski <marcin@python-works.com>
parents:
2529
diff
changeset
|
344 user_model.revoke_perm(usr, 'hg.fork.none') |
d2d35cf2b351
RhodeCode now has a option to explicitly set forking permissions. ref #508
Marcin Kuzminski <marcin@python-works.com>
parents:
2529
diff
changeset
|
345 user_model.grant_perm(usr, 'hg.fork.repository') |
d2d35cf2b351
RhodeCode now has a option to explicitly set forking permissions. ref #508
Marcin Kuzminski <marcin@python-works.com>
parents:
2529
diff
changeset
|
346 # make sure inherit flag is turned on |
d2d35cf2b351
RhodeCode now has a option to explicitly set forking permissions. ref #508
Marcin Kuzminski <marcin@python-works.com>
parents:
2529
diff
changeset
|
347 self.u1.inherit_default_permissions = True |
d2d35cf2b351
RhodeCode now has a option to explicitly set forking permissions. ref #508
Marcin Kuzminski <marcin@python-works.com>
parents:
2529
diff
changeset
|
348 Session().commit() |
d2d35cf2b351
RhodeCode now has a option to explicitly set forking permissions. ref #508
Marcin Kuzminski <marcin@python-works.com>
parents:
2529
diff
changeset
|
349 u1_auth = AuthUser(user_id=self.u1.user_id) |
d2d35cf2b351
RhodeCode now has a option to explicitly set forking permissions. ref #508
Marcin Kuzminski <marcin@python-works.com>
parents:
2529
diff
changeset
|
350 # this user will have inherited permissions from default user |
d2d35cf2b351
RhodeCode now has a option to explicitly set forking permissions. ref #508
Marcin Kuzminski <marcin@python-works.com>
parents:
2529
diff
changeset
|
351 self.assertEqual(u1_auth.permissions['global'], |
d2d35cf2b351
RhodeCode now has a option to explicitly set forking permissions. ref #508
Marcin Kuzminski <marcin@python-works.com>
parents:
2529
diff
changeset
|
352 set(['hg.create.repository', 'hg.fork.repository', |
d2d35cf2b351
RhodeCode now has a option to explicitly set forking permissions. ref #508
Marcin Kuzminski <marcin@python-works.com>
parents:
2529
diff
changeset
|
353 'hg.register.manual_activate', |
3733
af049a957506
fixed default permissions population during upgrades
Marcin Kuzminski <marcin@python-works.com>
parents:
3714
diff
changeset
|
354 'repository.read', 'group.read', |
af049a957506
fixed default permissions population during upgrades
Marcin Kuzminski <marcin@python-works.com>
parents:
3714
diff
changeset
|
355 'usergroup.read'])) |
2709
d2d35cf2b351
RhodeCode now has a option to explicitly set forking permissions. ref #508
Marcin Kuzminski <marcin@python-works.com>
parents:
2529
diff
changeset
|
356 |
d2d35cf2b351
RhodeCode now has a option to explicitly set forking permissions. ref #508
Marcin Kuzminski <marcin@python-works.com>
parents:
2529
diff
changeset
|
357 def test_inherited_permissions_from_default_on_user_disabled(self): |
d2d35cf2b351
RhodeCode now has a option to explicitly set forking permissions. ref #508
Marcin Kuzminski <marcin@python-works.com>
parents:
2529
diff
changeset
|
358 user_model = UserModel() |
d2d35cf2b351
RhodeCode now has a option to explicitly set forking permissions. ref #508
Marcin Kuzminski <marcin@python-works.com>
parents:
2529
diff
changeset
|
359 # disable fork and create on default user |
d2d35cf2b351
RhodeCode now has a option to explicitly set forking permissions. ref #508
Marcin Kuzminski <marcin@python-works.com>
parents:
2529
diff
changeset
|
360 usr = 'default' |
d2d35cf2b351
RhodeCode now has a option to explicitly set forking permissions. ref #508
Marcin Kuzminski <marcin@python-works.com>
parents:
2529
diff
changeset
|
361 user_model.revoke_perm(usr, 'hg.create.repository') |
d2d35cf2b351
RhodeCode now has a option to explicitly set forking permissions. ref #508
Marcin Kuzminski <marcin@python-works.com>
parents:
2529
diff
changeset
|
362 user_model.grant_perm(usr, 'hg.create.none') |
d2d35cf2b351
RhodeCode now has a option to explicitly set forking permissions. ref #508
Marcin Kuzminski <marcin@python-works.com>
parents:
2529
diff
changeset
|
363 user_model.revoke_perm(usr, 'hg.fork.repository') |
d2d35cf2b351
RhodeCode now has a option to explicitly set forking permissions. ref #508
Marcin Kuzminski <marcin@python-works.com>
parents:
2529
diff
changeset
|
364 user_model.grant_perm(usr, 'hg.fork.none') |
d2d35cf2b351
RhodeCode now has a option to explicitly set forking permissions. ref #508
Marcin Kuzminski <marcin@python-works.com>
parents:
2529
diff
changeset
|
365 # make sure inherit flag is turned on |
d2d35cf2b351
RhodeCode now has a option to explicitly set forking permissions. ref #508
Marcin Kuzminski <marcin@python-works.com>
parents:
2529
diff
changeset
|
366 self.u1.inherit_default_permissions = True |
d2d35cf2b351
RhodeCode now has a option to explicitly set forking permissions. ref #508
Marcin Kuzminski <marcin@python-works.com>
parents:
2529
diff
changeset
|
367 Session().commit() |
d2d35cf2b351
RhodeCode now has a option to explicitly set forking permissions. ref #508
Marcin Kuzminski <marcin@python-works.com>
parents:
2529
diff
changeset
|
368 u1_auth = AuthUser(user_id=self.u1.user_id) |
d2d35cf2b351
RhodeCode now has a option to explicitly set forking permissions. ref #508
Marcin Kuzminski <marcin@python-works.com>
parents:
2529
diff
changeset
|
369 # this user will have inherited permissions from default user |
d2d35cf2b351
RhodeCode now has a option to explicitly set forking permissions. ref #508
Marcin Kuzminski <marcin@python-works.com>
parents:
2529
diff
changeset
|
370 self.assertEqual(u1_auth.permissions['global'], |
d2d35cf2b351
RhodeCode now has a option to explicitly set forking permissions. ref #508
Marcin Kuzminski <marcin@python-works.com>
parents:
2529
diff
changeset
|
371 set(['hg.create.none', 'hg.fork.none', |
d2d35cf2b351
RhodeCode now has a option to explicitly set forking permissions. ref #508
Marcin Kuzminski <marcin@python-works.com>
parents:
2529
diff
changeset
|
372 'hg.register.manual_activate', |
3733
af049a957506
fixed default permissions population during upgrades
Marcin Kuzminski <marcin@python-works.com>
parents:
3714
diff
changeset
|
373 'repository.read', 'group.read', |
af049a957506
fixed default permissions population during upgrades
Marcin Kuzminski <marcin@python-works.com>
parents:
3714
diff
changeset
|
374 'usergroup.read'])) |
2709
d2d35cf2b351
RhodeCode now has a option to explicitly set forking permissions. ref #508
Marcin Kuzminski <marcin@python-works.com>
parents:
2529
diff
changeset
|
375 |
d2d35cf2b351
RhodeCode now has a option to explicitly set forking permissions. ref #508
Marcin Kuzminski <marcin@python-works.com>
parents:
2529
diff
changeset
|
376 def test_non_inherited_permissions_from_default_on_user_enabled(self): |
d2d35cf2b351
RhodeCode now has a option to explicitly set forking permissions. ref #508
Marcin Kuzminski <marcin@python-works.com>
parents:
2529
diff
changeset
|
377 user_model = UserModel() |
d2d35cf2b351
RhodeCode now has a option to explicitly set forking permissions. ref #508
Marcin Kuzminski <marcin@python-works.com>
parents:
2529
diff
changeset
|
378 # enable fork and create on default user |
d2d35cf2b351
RhodeCode now has a option to explicitly set forking permissions. ref #508
Marcin Kuzminski <marcin@python-works.com>
parents:
2529
diff
changeset
|
379 usr = 'default' |
d2d35cf2b351
RhodeCode now has a option to explicitly set forking permissions. ref #508
Marcin Kuzminski <marcin@python-works.com>
parents:
2529
diff
changeset
|
380 user_model.revoke_perm(usr, 'hg.create.none') |
d2d35cf2b351
RhodeCode now has a option to explicitly set forking permissions. ref #508
Marcin Kuzminski <marcin@python-works.com>
parents:
2529
diff
changeset
|
381 user_model.grant_perm(usr, 'hg.create.repository') |
d2d35cf2b351
RhodeCode now has a option to explicitly set forking permissions. ref #508
Marcin Kuzminski <marcin@python-works.com>
parents:
2529
diff
changeset
|
382 user_model.revoke_perm(usr, 'hg.fork.none') |
d2d35cf2b351
RhodeCode now has a option to explicitly set forking permissions. ref #508
Marcin Kuzminski <marcin@python-works.com>
parents:
2529
diff
changeset
|
383 user_model.grant_perm(usr, 'hg.fork.repository') |
d2d35cf2b351
RhodeCode now has a option to explicitly set forking permissions. ref #508
Marcin Kuzminski <marcin@python-works.com>
parents:
2529
diff
changeset
|
384 |
d2d35cf2b351
RhodeCode now has a option to explicitly set forking permissions. ref #508
Marcin Kuzminski <marcin@python-works.com>
parents:
2529
diff
changeset
|
385 #disable global perms on specific user |
d2d35cf2b351
RhodeCode now has a option to explicitly set forking permissions. ref #508
Marcin Kuzminski <marcin@python-works.com>
parents:
2529
diff
changeset
|
386 user_model.revoke_perm(self.u1, 'hg.create.repository') |
d2d35cf2b351
RhodeCode now has a option to explicitly set forking permissions. ref #508
Marcin Kuzminski <marcin@python-works.com>
parents:
2529
diff
changeset
|
387 user_model.grant_perm(self.u1, 'hg.create.none') |
d2d35cf2b351
RhodeCode now has a option to explicitly set forking permissions. ref #508
Marcin Kuzminski <marcin@python-works.com>
parents:
2529
diff
changeset
|
388 user_model.revoke_perm(self.u1, 'hg.fork.repository') |
d2d35cf2b351
RhodeCode now has a option to explicitly set forking permissions. ref #508
Marcin Kuzminski <marcin@python-works.com>
parents:
2529
diff
changeset
|
389 user_model.grant_perm(self.u1, 'hg.fork.none') |
d2d35cf2b351
RhodeCode now has a option to explicitly set forking permissions. ref #508
Marcin Kuzminski <marcin@python-works.com>
parents:
2529
diff
changeset
|
390 |
d2d35cf2b351
RhodeCode now has a option to explicitly set forking permissions. ref #508
Marcin Kuzminski <marcin@python-works.com>
parents:
2529
diff
changeset
|
391 # make sure inherit flag is turned off |
d2d35cf2b351
RhodeCode now has a option to explicitly set forking permissions. ref #508
Marcin Kuzminski <marcin@python-works.com>
parents:
2529
diff
changeset
|
392 self.u1.inherit_default_permissions = False |
d2d35cf2b351
RhodeCode now has a option to explicitly set forking permissions. ref #508
Marcin Kuzminski <marcin@python-works.com>
parents:
2529
diff
changeset
|
393 Session().commit() |
d2d35cf2b351
RhodeCode now has a option to explicitly set forking permissions. ref #508
Marcin Kuzminski <marcin@python-works.com>
parents:
2529
diff
changeset
|
394 u1_auth = AuthUser(user_id=self.u1.user_id) |
d2d35cf2b351
RhodeCode now has a option to explicitly set forking permissions. ref #508
Marcin Kuzminski <marcin@python-works.com>
parents:
2529
diff
changeset
|
395 # this user will have non inherited permissions from he's |
d2d35cf2b351
RhodeCode now has a option to explicitly set forking permissions. ref #508
Marcin Kuzminski <marcin@python-works.com>
parents:
2529
diff
changeset
|
396 # explicitly set permissions |
d2d35cf2b351
RhodeCode now has a option to explicitly set forking permissions. ref #508
Marcin Kuzminski <marcin@python-works.com>
parents:
2529
diff
changeset
|
397 self.assertEqual(u1_auth.permissions['global'], |
d2d35cf2b351
RhodeCode now has a option to explicitly set forking permissions. ref #508
Marcin Kuzminski <marcin@python-works.com>
parents:
2529
diff
changeset
|
398 set(['hg.create.none', 'hg.fork.none', |
d2d35cf2b351
RhodeCode now has a option to explicitly set forking permissions. ref #508
Marcin Kuzminski <marcin@python-works.com>
parents:
2529
diff
changeset
|
399 'hg.register.manual_activate', |
3733
af049a957506
fixed default permissions population during upgrades
Marcin Kuzminski <marcin@python-works.com>
parents:
3714
diff
changeset
|
400 'repository.read', 'group.read', |
af049a957506
fixed default permissions population during upgrades
Marcin Kuzminski <marcin@python-works.com>
parents:
3714
diff
changeset
|
401 'usergroup.read'])) |
2709
d2d35cf2b351
RhodeCode now has a option to explicitly set forking permissions. ref #508
Marcin Kuzminski <marcin@python-works.com>
parents:
2529
diff
changeset
|
402 |
d2d35cf2b351
RhodeCode now has a option to explicitly set forking permissions. ref #508
Marcin Kuzminski <marcin@python-works.com>
parents:
2529
diff
changeset
|
403 def test_non_inherited_permissions_from_default_on_user_disabled(self): |
d2d35cf2b351
RhodeCode now has a option to explicitly set forking permissions. ref #508
Marcin Kuzminski <marcin@python-works.com>
parents:
2529
diff
changeset
|
404 user_model = UserModel() |
d2d35cf2b351
RhodeCode now has a option to explicitly set forking permissions. ref #508
Marcin Kuzminski <marcin@python-works.com>
parents:
2529
diff
changeset
|
405 # disable fork and create on default user |
d2d35cf2b351
RhodeCode now has a option to explicitly set forking permissions. ref #508
Marcin Kuzminski <marcin@python-works.com>
parents:
2529
diff
changeset
|
406 usr = 'default' |
d2d35cf2b351
RhodeCode now has a option to explicitly set forking permissions. ref #508
Marcin Kuzminski <marcin@python-works.com>
parents:
2529
diff
changeset
|
407 user_model.revoke_perm(usr, 'hg.create.repository') |
d2d35cf2b351
RhodeCode now has a option to explicitly set forking permissions. ref #508
Marcin Kuzminski <marcin@python-works.com>
parents:
2529
diff
changeset
|
408 user_model.grant_perm(usr, 'hg.create.none') |
d2d35cf2b351
RhodeCode now has a option to explicitly set forking permissions. ref #508
Marcin Kuzminski <marcin@python-works.com>
parents:
2529
diff
changeset
|
409 user_model.revoke_perm(usr, 'hg.fork.repository') |
d2d35cf2b351
RhodeCode now has a option to explicitly set forking permissions. ref #508
Marcin Kuzminski <marcin@python-works.com>
parents:
2529
diff
changeset
|
410 user_model.grant_perm(usr, 'hg.fork.none') |
d2d35cf2b351
RhodeCode now has a option to explicitly set forking permissions. ref #508
Marcin Kuzminski <marcin@python-works.com>
parents:
2529
diff
changeset
|
411 |
d2d35cf2b351
RhodeCode now has a option to explicitly set forking permissions. ref #508
Marcin Kuzminski <marcin@python-works.com>
parents:
2529
diff
changeset
|
412 #enable global perms on specific user |
d2d35cf2b351
RhodeCode now has a option to explicitly set forking permissions. ref #508
Marcin Kuzminski <marcin@python-works.com>
parents:
2529
diff
changeset
|
413 user_model.revoke_perm(self.u1, 'hg.create.none') |
d2d35cf2b351
RhodeCode now has a option to explicitly set forking permissions. ref #508
Marcin Kuzminski <marcin@python-works.com>
parents:
2529
diff
changeset
|
414 user_model.grant_perm(self.u1, 'hg.create.repository') |
d2d35cf2b351
RhodeCode now has a option to explicitly set forking permissions. ref #508
Marcin Kuzminski <marcin@python-works.com>
parents:
2529
diff
changeset
|
415 user_model.revoke_perm(self.u1, 'hg.fork.none') |
d2d35cf2b351
RhodeCode now has a option to explicitly set forking permissions. ref #508
Marcin Kuzminski <marcin@python-works.com>
parents:
2529
diff
changeset
|
416 user_model.grant_perm(self.u1, 'hg.fork.repository') |
d2d35cf2b351
RhodeCode now has a option to explicitly set forking permissions. ref #508
Marcin Kuzminski <marcin@python-works.com>
parents:
2529
diff
changeset
|
417 |
d2d35cf2b351
RhodeCode now has a option to explicitly set forking permissions. ref #508
Marcin Kuzminski <marcin@python-works.com>
parents:
2529
diff
changeset
|
418 # make sure inherit flag is turned off |
d2d35cf2b351
RhodeCode now has a option to explicitly set forking permissions. ref #508
Marcin Kuzminski <marcin@python-works.com>
parents:
2529
diff
changeset
|
419 self.u1.inherit_default_permissions = False |
d2d35cf2b351
RhodeCode now has a option to explicitly set forking permissions. ref #508
Marcin Kuzminski <marcin@python-works.com>
parents:
2529
diff
changeset
|
420 Session().commit() |
d2d35cf2b351
RhodeCode now has a option to explicitly set forking permissions. ref #508
Marcin Kuzminski <marcin@python-works.com>
parents:
2529
diff
changeset
|
421 u1_auth = AuthUser(user_id=self.u1.user_id) |
d2d35cf2b351
RhodeCode now has a option to explicitly set forking permissions. ref #508
Marcin Kuzminski <marcin@python-works.com>
parents:
2529
diff
changeset
|
422 # this user will have non inherited permissions from he's |
d2d35cf2b351
RhodeCode now has a option to explicitly set forking permissions. ref #508
Marcin Kuzminski <marcin@python-works.com>
parents:
2529
diff
changeset
|
423 # explicitly set permissions |
d2d35cf2b351
RhodeCode now has a option to explicitly set forking permissions. ref #508
Marcin Kuzminski <marcin@python-works.com>
parents:
2529
diff
changeset
|
424 self.assertEqual(u1_auth.permissions['global'], |
d2d35cf2b351
RhodeCode now has a option to explicitly set forking permissions. ref #508
Marcin Kuzminski <marcin@python-works.com>
parents:
2529
diff
changeset
|
425 set(['hg.create.repository', 'hg.fork.repository', |
d2d35cf2b351
RhodeCode now has a option to explicitly set forking permissions. ref #508
Marcin Kuzminski <marcin@python-works.com>
parents:
2529
diff
changeset
|
426 'hg.register.manual_activate', |
3733
af049a957506
fixed default permissions population during upgrades
Marcin Kuzminski <marcin@python-works.com>
parents:
3714
diff
changeset
|
427 'repository.read', 'group.read', |
af049a957506
fixed default permissions population during upgrades
Marcin Kuzminski <marcin@python-works.com>
parents:
3714
diff
changeset
|
428 'usergroup.read'])) |
2864
5c1ad3b410e5
fixed #570 explicit users group permissions can overwrite owner permissions
Marcin Kuzminski <marcin@python-works.com>
parents:
2820
diff
changeset
|
429 |
5c1ad3b410e5
fixed #570 explicit users group permissions can overwrite owner permissions
Marcin Kuzminski <marcin@python-works.com>
parents:
2820
diff
changeset
|
430 def test_owner_permissions_doesnot_get_overwritten_by_group(self): |
5c1ad3b410e5
fixed #570 explicit users group permissions can overwrite owner permissions
Marcin Kuzminski <marcin@python-works.com>
parents:
2820
diff
changeset
|
431 #create repo as USER, |
3647
8a86836fad64
more usage of fixture tools
Marcin Kuzminski <marcin@python-works.com>
parents:
3417
diff
changeset
|
432 self.test_repo = fixture.create_repo(name='myownrepo', |
8a86836fad64
more usage of fixture tools
Marcin Kuzminski <marcin@python-works.com>
parents:
3417
diff
changeset
|
433 repo_type='hg', |
8a86836fad64
more usage of fixture tools
Marcin Kuzminski <marcin@python-works.com>
parents:
3417
diff
changeset
|
434 cur_user=self.u1) |
2864
5c1ad3b410e5
fixed #570 explicit users group permissions can overwrite owner permissions
Marcin Kuzminski <marcin@python-works.com>
parents:
2820
diff
changeset
|
435 |
5c1ad3b410e5
fixed #570 explicit users group permissions can overwrite owner permissions
Marcin Kuzminski <marcin@python-works.com>
parents:
2820
diff
changeset
|
436 #he has permissions of admin as owner |
5c1ad3b410e5
fixed #570 explicit users group permissions can overwrite owner permissions
Marcin Kuzminski <marcin@python-works.com>
parents:
2820
diff
changeset
|
437 u1_auth = AuthUser(user_id=self.u1.user_id) |
5c1ad3b410e5
fixed #570 explicit users group permissions can overwrite owner permissions
Marcin Kuzminski <marcin@python-works.com>
parents:
2820
diff
changeset
|
438 self.assertEqual(u1_auth.permissions['repositories']['myownrepo'], |
5c1ad3b410e5
fixed #570 explicit users group permissions can overwrite owner permissions
Marcin Kuzminski <marcin@python-works.com>
parents:
2820
diff
changeset
|
439 'repository.admin') |
3415
b8f929bff7e3
fixed tests and missing replacements from 5f1850e4712a
Marcin Kuzminski <marcin@python-works.com>
parents:
3053
diff
changeset
|
440 #set his permission as user group, he should still be admin |
3714
7e3d89d9d3a2
- Manage User’s Groups: create, delete, rename, add/remove users inside.
Marcin Kuzminski <marcin@python-works.com>
parents:
3647
diff
changeset
|
441 self.ug1 = fixture.create_user_group('G1') |
3417
fa6ba6727475
further cleanup of UsersGroup
Mads Kiilerich <madski@unity3d.com>
parents:
3415
diff
changeset
|
442 UserGroupModel().add_user_to_group(self.ug1, self.u1) |
3647
8a86836fad64
more usage of fixture tools
Marcin Kuzminski <marcin@python-works.com>
parents:
3417
diff
changeset
|
443 RepoModel().grant_users_group_permission(self.test_repo, |
8a86836fad64
more usage of fixture tools
Marcin Kuzminski <marcin@python-works.com>
parents:
3417
diff
changeset
|
444 group_name=self.ug1, |
2864
5c1ad3b410e5
fixed #570 explicit users group permissions can overwrite owner permissions
Marcin Kuzminski <marcin@python-works.com>
parents:
2820
diff
changeset
|
445 perm='repository.none') |
5c1ad3b410e5
fixed #570 explicit users group permissions can overwrite owner permissions
Marcin Kuzminski <marcin@python-works.com>
parents:
2820
diff
changeset
|
446 |
5c1ad3b410e5
fixed #570 explicit users group permissions can overwrite owner permissions
Marcin Kuzminski <marcin@python-works.com>
parents:
2820
diff
changeset
|
447 Session().commit() |
5c1ad3b410e5
fixed #570 explicit users group permissions can overwrite owner permissions
Marcin Kuzminski <marcin@python-works.com>
parents:
2820
diff
changeset
|
448 u1_auth = AuthUser(user_id=self.u1.user_id) |
5c1ad3b410e5
fixed #570 explicit users group permissions can overwrite owner permissions
Marcin Kuzminski <marcin@python-works.com>
parents:
2820
diff
changeset
|
449 self.assertEqual(u1_auth.permissions['repositories']['myownrepo'], |
5c1ad3b410e5
fixed #570 explicit users group permissions can overwrite owner permissions
Marcin Kuzminski <marcin@python-works.com>
parents:
2820
diff
changeset
|
450 'repository.admin') |
5c1ad3b410e5
fixed #570 explicit users group permissions can overwrite owner permissions
Marcin Kuzminski <marcin@python-works.com>
parents:
2820
diff
changeset
|
451 |
5c1ad3b410e5
fixed #570 explicit users group permissions can overwrite owner permissions
Marcin Kuzminski <marcin@python-works.com>
parents:
2820
diff
changeset
|
452 def test_owner_permissions_doesnot_get_overwritten_by_others(self): |
5c1ad3b410e5
fixed #570 explicit users group permissions can overwrite owner permissions
Marcin Kuzminski <marcin@python-works.com>
parents:
2820
diff
changeset
|
453 #create repo as USER, |
3647
8a86836fad64
more usage of fixture tools
Marcin Kuzminski <marcin@python-works.com>
parents:
3417
diff
changeset
|
454 self.test_repo = fixture.create_repo(name='myownrepo', |
8a86836fad64
more usage of fixture tools
Marcin Kuzminski <marcin@python-works.com>
parents:
3417
diff
changeset
|
455 repo_type='hg', |
8a86836fad64
more usage of fixture tools
Marcin Kuzminski <marcin@python-works.com>
parents:
3417
diff
changeset
|
456 cur_user=self.u1) |
2864
5c1ad3b410e5
fixed #570 explicit users group permissions can overwrite owner permissions
Marcin Kuzminski <marcin@python-works.com>
parents:
2820
diff
changeset
|
457 |
5c1ad3b410e5
fixed #570 explicit users group permissions can overwrite owner permissions
Marcin Kuzminski <marcin@python-works.com>
parents:
2820
diff
changeset
|
458 #he has permissions of admin as owner |
5c1ad3b410e5
fixed #570 explicit users group permissions can overwrite owner permissions
Marcin Kuzminski <marcin@python-works.com>
parents:
2820
diff
changeset
|
459 u1_auth = AuthUser(user_id=self.u1.user_id) |
5c1ad3b410e5
fixed #570 explicit users group permissions can overwrite owner permissions
Marcin Kuzminski <marcin@python-works.com>
parents:
2820
diff
changeset
|
460 self.assertEqual(u1_auth.permissions['repositories']['myownrepo'], |
5c1ad3b410e5
fixed #570 explicit users group permissions can overwrite owner permissions
Marcin Kuzminski <marcin@python-works.com>
parents:
2820
diff
changeset
|
461 'repository.admin') |
5c1ad3b410e5
fixed #570 explicit users group permissions can overwrite owner permissions
Marcin Kuzminski <marcin@python-works.com>
parents:
2820
diff
changeset
|
462 #set his permission as user, he should still be admin |
3647
8a86836fad64
more usage of fixture tools
Marcin Kuzminski <marcin@python-works.com>
parents:
3417
diff
changeset
|
463 RepoModel().grant_user_permission(self.test_repo, user=self.u1, |
2864
5c1ad3b410e5
fixed #570 explicit users group permissions can overwrite owner permissions
Marcin Kuzminski <marcin@python-works.com>
parents:
2820
diff
changeset
|
464 perm='repository.none') |
5c1ad3b410e5
fixed #570 explicit users group permissions can overwrite owner permissions
Marcin Kuzminski <marcin@python-works.com>
parents:
2820
diff
changeset
|
465 Session().commit() |
5c1ad3b410e5
fixed #570 explicit users group permissions can overwrite owner permissions
Marcin Kuzminski <marcin@python-works.com>
parents:
2820
diff
changeset
|
466 u1_auth = AuthUser(user_id=self.u1.user_id) |
5c1ad3b410e5
fixed #570 explicit users group permissions can overwrite owner permissions
Marcin Kuzminski <marcin@python-works.com>
parents:
2820
diff
changeset
|
467 self.assertEqual(u1_auth.permissions['repositories']['myownrepo'], |
5c1ad3b410e5
fixed #570 explicit users group permissions can overwrite owner permissions
Marcin Kuzminski <marcin@python-works.com>
parents:
2820
diff
changeset
|
468 'repository.admin') |
3733
af049a957506
fixed default permissions population during upgrades
Marcin Kuzminski <marcin@python-works.com>
parents:
3714
diff
changeset
|
469 |
af049a957506
fixed default permissions population during upgrades
Marcin Kuzminski <marcin@python-works.com>
parents:
3714
diff
changeset
|
470 def _test_def_perm_equal(self, user, change_factor=0): |
af049a957506
fixed default permissions population during upgrades
Marcin Kuzminski <marcin@python-works.com>
parents:
3714
diff
changeset
|
471 perms = UserToPerm.query()\ |
af049a957506
fixed default permissions population during upgrades
Marcin Kuzminski <marcin@python-works.com>
parents:
3714
diff
changeset
|
472 .filter(UserToPerm.user == user)\ |
af049a957506
fixed default permissions population during upgrades
Marcin Kuzminski <marcin@python-works.com>
parents:
3714
diff
changeset
|
473 .all() |
af049a957506
fixed default permissions population during upgrades
Marcin Kuzminski <marcin@python-works.com>
parents:
3714
diff
changeset
|
474 self.assertEqual(len(perms), |
af049a957506
fixed default permissions population during upgrades
Marcin Kuzminski <marcin@python-works.com>
parents:
3714
diff
changeset
|
475 len(Permission.DEFAULT_USER_PERMISSIONS,)+change_factor, |
af049a957506
fixed default permissions population during upgrades
Marcin Kuzminski <marcin@python-works.com>
parents:
3714
diff
changeset
|
476 msg=perms) |
af049a957506
fixed default permissions population during upgrades
Marcin Kuzminski <marcin@python-works.com>
parents:
3714
diff
changeset
|
477 |
af049a957506
fixed default permissions population during upgrades
Marcin Kuzminski <marcin@python-works.com>
parents:
3714
diff
changeset
|
478 def test_set_default_permissions(self): |
af049a957506
fixed default permissions population during upgrades
Marcin Kuzminski <marcin@python-works.com>
parents:
3714
diff
changeset
|
479 PermissionModel().create_default_permissions(user=self.u1) |
af049a957506
fixed default permissions population during upgrades
Marcin Kuzminski <marcin@python-works.com>
parents:
3714
diff
changeset
|
480 self._test_def_perm_equal(user=self.u1) |
af049a957506
fixed default permissions population during upgrades
Marcin Kuzminski <marcin@python-works.com>
parents:
3714
diff
changeset
|
481 |
af049a957506
fixed default permissions population during upgrades
Marcin Kuzminski <marcin@python-works.com>
parents:
3714
diff
changeset
|
482 def test_set_default_permissions_after_one_is_missing(self): |
af049a957506
fixed default permissions population during upgrades
Marcin Kuzminski <marcin@python-works.com>
parents:
3714
diff
changeset
|
483 PermissionModel().create_default_permissions(user=self.u1) |
af049a957506
fixed default permissions population during upgrades
Marcin Kuzminski <marcin@python-works.com>
parents:
3714
diff
changeset
|
484 self._test_def_perm_equal(user=self.u1) |
af049a957506
fixed default permissions population during upgrades
Marcin Kuzminski <marcin@python-works.com>
parents:
3714
diff
changeset
|
485 #now we delete one, it should be re-created after another call |
af049a957506
fixed default permissions population during upgrades
Marcin Kuzminski <marcin@python-works.com>
parents:
3714
diff
changeset
|
486 perms = UserToPerm.query()\ |
af049a957506
fixed default permissions population during upgrades
Marcin Kuzminski <marcin@python-works.com>
parents:
3714
diff
changeset
|
487 .filter(UserToPerm.user == self.u1)\ |
af049a957506
fixed default permissions population during upgrades
Marcin Kuzminski <marcin@python-works.com>
parents:
3714
diff
changeset
|
488 .all() |
af049a957506
fixed default permissions population during upgrades
Marcin Kuzminski <marcin@python-works.com>
parents:
3714
diff
changeset
|
489 Session().delete(perms[0]) |
af049a957506
fixed default permissions population during upgrades
Marcin Kuzminski <marcin@python-works.com>
parents:
3714
diff
changeset
|
490 Session().commit() |
af049a957506
fixed default permissions population during upgrades
Marcin Kuzminski <marcin@python-works.com>
parents:
3714
diff
changeset
|
491 |
af049a957506
fixed default permissions population during upgrades
Marcin Kuzminski <marcin@python-works.com>
parents:
3714
diff
changeset
|
492 self._test_def_perm_equal(user=self.u1, change_factor=-1) |
af049a957506
fixed default permissions population during upgrades
Marcin Kuzminski <marcin@python-works.com>
parents:
3714
diff
changeset
|
493 |
af049a957506
fixed default permissions population during upgrades
Marcin Kuzminski <marcin@python-works.com>
parents:
3714
diff
changeset
|
494 #create missing one ! |
af049a957506
fixed default permissions population during upgrades
Marcin Kuzminski <marcin@python-works.com>
parents:
3714
diff
changeset
|
495 PermissionModel().create_default_permissions(user=self.u1) |
af049a957506
fixed default permissions population during upgrades
Marcin Kuzminski <marcin@python-works.com>
parents:
3714
diff
changeset
|
496 self._test_def_perm_equal(user=self.u1) |
af049a957506
fixed default permissions population during upgrades
Marcin Kuzminski <marcin@python-works.com>
parents:
3714
diff
changeset
|
497 |
af049a957506
fixed default permissions population during upgrades
Marcin Kuzminski <marcin@python-works.com>
parents:
3714
diff
changeset
|
498 @parameterized.expand([ |
af049a957506
fixed default permissions population during upgrades
Marcin Kuzminski <marcin@python-works.com>
parents:
3714
diff
changeset
|
499 ('repository.read', 'repository.none'), |
af049a957506
fixed default permissions population during upgrades
Marcin Kuzminski <marcin@python-works.com>
parents:
3714
diff
changeset
|
500 ('group.read', 'group.none'), |
af049a957506
fixed default permissions population during upgrades
Marcin Kuzminski <marcin@python-works.com>
parents:
3714
diff
changeset
|
501 ('usergroup.read', 'usergroup.none'), |
af049a957506
fixed default permissions population during upgrades
Marcin Kuzminski <marcin@python-works.com>
parents:
3714
diff
changeset
|
502 ('hg.create.repository', 'hg.create.none'), |
af049a957506
fixed default permissions population during upgrades
Marcin Kuzminski <marcin@python-works.com>
parents:
3714
diff
changeset
|
503 ('hg.fork.repository', 'hg.fork.none'), |
af049a957506
fixed default permissions population during upgrades
Marcin Kuzminski <marcin@python-works.com>
parents:
3714
diff
changeset
|
504 ('hg.register.manual_activate', 'hg.register.auto_activate',) |
af049a957506
fixed default permissions population during upgrades
Marcin Kuzminski <marcin@python-works.com>
parents:
3714
diff
changeset
|
505 ]) |
af049a957506
fixed default permissions population during upgrades
Marcin Kuzminski <marcin@python-works.com>
parents:
3714
diff
changeset
|
506 def test_set_default_permissions_after_modification(self, perm, modify_to): |
af049a957506
fixed default permissions population during upgrades
Marcin Kuzminski <marcin@python-works.com>
parents:
3714
diff
changeset
|
507 PermissionModel().create_default_permissions(user=self.u1) |
af049a957506
fixed default permissions population during upgrades
Marcin Kuzminski <marcin@python-works.com>
parents:
3714
diff
changeset
|
508 self._test_def_perm_equal(user=self.u1) |
af049a957506
fixed default permissions population during upgrades
Marcin Kuzminski <marcin@python-works.com>
parents:
3714
diff
changeset
|
509 |
af049a957506
fixed default permissions population during upgrades
Marcin Kuzminski <marcin@python-works.com>
parents:
3714
diff
changeset
|
510 old = Permission.get_by_key(perm) |
af049a957506
fixed default permissions population during upgrades
Marcin Kuzminski <marcin@python-works.com>
parents:
3714
diff
changeset
|
511 new = Permission.get_by_key(modify_to) |
af049a957506
fixed default permissions population during upgrades
Marcin Kuzminski <marcin@python-works.com>
parents:
3714
diff
changeset
|
512 self.assertNotEqual(old, None) |
af049a957506
fixed default permissions population during upgrades
Marcin Kuzminski <marcin@python-works.com>
parents:
3714
diff
changeset
|
513 self.assertNotEqual(new, None) |
af049a957506
fixed default permissions population during upgrades
Marcin Kuzminski <marcin@python-works.com>
parents:
3714
diff
changeset
|
514 |
af049a957506
fixed default permissions population during upgrades
Marcin Kuzminski <marcin@python-works.com>
parents:
3714
diff
changeset
|
515 #now modify permissions |
af049a957506
fixed default permissions population during upgrades
Marcin Kuzminski <marcin@python-works.com>
parents:
3714
diff
changeset
|
516 p = UserToPerm.query()\ |
af049a957506
fixed default permissions population during upgrades
Marcin Kuzminski <marcin@python-works.com>
parents:
3714
diff
changeset
|
517 .filter(UserToPerm.user == self.u1)\ |
af049a957506
fixed default permissions population during upgrades
Marcin Kuzminski <marcin@python-works.com>
parents:
3714
diff
changeset
|
518 .filter(UserToPerm.permission == old)\ |
af049a957506
fixed default permissions population during upgrades
Marcin Kuzminski <marcin@python-works.com>
parents:
3714
diff
changeset
|
519 .one() |
af049a957506
fixed default permissions population during upgrades
Marcin Kuzminski <marcin@python-works.com>
parents:
3714
diff
changeset
|
520 p.permission = new |
af049a957506
fixed default permissions population during upgrades
Marcin Kuzminski <marcin@python-works.com>
parents:
3714
diff
changeset
|
521 Session().add(p) |
af049a957506
fixed default permissions population during upgrades
Marcin Kuzminski <marcin@python-works.com>
parents:
3714
diff
changeset
|
522 Session().commit() |
af049a957506
fixed default permissions population during upgrades
Marcin Kuzminski <marcin@python-works.com>
parents:
3714
diff
changeset
|
523 |
af049a957506
fixed default permissions population during upgrades
Marcin Kuzminski <marcin@python-works.com>
parents:
3714
diff
changeset
|
524 PermissionModel().create_default_permissions(user=self.u1) |
af049a957506
fixed default permissions population during upgrades
Marcin Kuzminski <marcin@python-works.com>
parents:
3714
diff
changeset
|
525 self._test_def_perm_equal(user=self.u1) |