Mercurial > kallithea
comparison rhodecode/tests/models/test_users_group_permissions_on_groups.py @ 2820:c0cc8f8a71b0 beta
Permissions on group can be set in recursive mode setting defined permission to all children
- more explicit permissions
- fixes for empty values in permission form
| author | Marcin Kuzminski <marcin@python-works.com> |
|---|---|
| date | Fri, 07 Sep 2012 02:20:02 +0200 |
| parents | |
| children | 42d7ca49d073 |
comparison
equal
deleted
inserted
replaced
| 2819:bbaf0b86a1fe | 2820:c0cc8f8a71b0 |
|---|---|
| 1 import os | |
| 2 import unittest | |
| 3 import functools | |
| 4 from rhodecode.tests import * | |
| 5 | |
| 6 from rhodecode.model.repos_group import ReposGroupModel | |
| 7 from rhodecode.model.db import RepoGroup, Repository, User | |
| 8 | |
| 9 from rhodecode.model.meta import Session | |
| 10 from nose.tools import with_setup | |
| 11 from rhodecode.tests.models.common import _create_project_tree, check_tree_perms, \ | |
| 12 _get_perms, _check_expected_count, expected_count, _destroy_project_tree | |
| 13 from rhodecode.model.users_group import UsersGroupModel | |
| 14 from rhodecode.model.repo import RepoModel | |
| 15 | |
| 16 | |
| 17 test_u2_id = None | |
| 18 test_u2_gr_id = None | |
| 19 _get_repo_perms = None | |
| 20 _get_group_perms = None | |
| 21 | |
| 22 | |
| 23 def permissions_setup_func(group_name='g0', perm='group.read', recursive=True): | |
| 24 """ | |
| 25 Resets all permissions to perm attribute | |
| 26 """ | |
| 27 repos_group = RepoGroup.get_by_group_name(group_name=group_name) | |
| 28 if not repos_group: | |
| 29 raise Exception('Cannot get group %s' % group_name) | |
| 30 perms_updates = [[test_u2_gr_id, perm, 'users_group']] | |
| 31 ReposGroupModel()._update_permissions(repos_group, | |
| 32 perms_updates=perms_updates, | |
| 33 recursive=recursive) | |
| 34 Session().commit() | |
| 35 | |
| 36 | |
| 37 def setup_module(): | |
| 38 global test_u2_id, test_u2_gr_id, _get_repo_perms, _get_group_perms | |
| 39 test_u2 = _create_project_tree() | |
| 40 Session().commit() | |
| 41 test_u2_id = test_u2.user_id | |
| 42 | |
| 43 gr1 = UsersGroupModel().create(name='perms_group_1') | |
| 44 Session().commit() | |
| 45 test_u2_gr_id = gr1.users_group_id | |
| 46 UsersGroupModel().add_user_to_group(gr1, user=test_u2_id) | |
| 47 Session().commit() | |
| 48 | |
| 49 _get_repo_perms = functools.partial(_get_perms, key='repositories', | |
| 50 test_u1_id=test_u2_id) | |
| 51 _get_group_perms = functools.partial(_get_perms, key='repositories_groups', | |
| 52 test_u1_id=test_u2_id) | |
| 53 | |
| 54 | |
| 55 def teardown_module(): | |
| 56 _destroy_project_tree(test_u2_id) | |
| 57 | |
| 58 | |
| 59 @with_setup(permissions_setup_func) | |
| 60 def test_user_permissions_on_group_without_recursive_mode(): | |
| 61 # set permission to g0 non-recursive mode | |
| 62 recursive = False | |
| 63 group = 'g0' | |
| 64 permissions_setup_func(group, 'group.write', recursive=recursive) | |
| 65 | |
| 66 items = [x for x in _get_repo_perms(group, recursive)] | |
| 67 expected = 0 | |
| 68 assert len(items) == expected, ' %s != %s' % (len(items), expected) | |
| 69 for name, perm in items: | |
| 70 yield check_tree_perms, name, perm, group, 'repository.read' | |
| 71 | |
| 72 items = [x for x in _get_group_perms(group, recursive)] | |
| 73 expected = 1 | |
| 74 assert len(items) == expected, ' %s != %s' % (len(items), expected) | |
| 75 for name, perm in items: | |
| 76 yield check_tree_perms, name, perm, group, 'group.write' | |
| 77 | |
| 78 | |
| 79 @with_setup(permissions_setup_func) | |
| 80 def test_user_permissions_on_group_without_recursive_mode_subgroup(): | |
| 81 # set permission to g0 non-recursive mode | |
| 82 recursive = False | |
| 83 group = 'g0/g0_1' | |
| 84 permissions_setup_func(group, 'group.write', recursive=recursive) | |
| 85 | |
| 86 items = [x for x in _get_repo_perms(group, recursive)] | |
| 87 expected = 0 | |
| 88 assert len(items) == expected, ' %s != %s' % (len(items), expected) | |
| 89 for name, perm in items: | |
| 90 yield check_tree_perms, name, perm, group, 'repository.read' | |
| 91 | |
| 92 items = [x for x in _get_group_perms(group, recursive)] | |
| 93 expected = 1 | |
| 94 assert len(items) == expected, ' %s != %s' % (len(items), expected) | |
| 95 for name, perm in items: | |
| 96 yield check_tree_perms, name, perm, group, 'group.write' | |
| 97 | |
| 98 | |
| 99 @with_setup(permissions_setup_func) | |
| 100 def test_user_permissions_on_group_with_recursive_mode(): | |
| 101 | |
| 102 # set permission to g0 recursive mode, all children including | |
| 103 # other repos and groups should have this permission now set ! | |
| 104 recursive = True | |
| 105 group = 'g0' | |
| 106 permissions_setup_func(group, 'group.write', recursive=recursive) | |
| 107 | |
| 108 repo_items = [x for x in _get_repo_perms(group, recursive)] | |
| 109 items = [x for x in _get_group_perms(group, recursive)] | |
| 110 _check_expected_count(items, repo_items, expected_count(group, True)) | |
| 111 | |
| 112 for name, perm in repo_items: | |
| 113 yield check_tree_perms, name, perm, group, 'repository.write' | |
| 114 | |
| 115 for name, perm in items: | |
| 116 yield check_tree_perms, name, perm, group, 'group.write' | |
| 117 | |
| 118 | |
| 119 @with_setup(permissions_setup_func) | |
| 120 def test_user_permissions_on_group_with_recursive_mode_inner_group(): | |
| 121 ## set permission to g0_3 group to none | |
| 122 recursive = True | |
| 123 group = 'g0/g0_3' | |
| 124 permissions_setup_func(group, 'group.none', recursive=recursive) | |
| 125 | |
| 126 repo_items = [x for x in _get_repo_perms(group, recursive)] | |
| 127 items = [x for x in _get_group_perms(group, recursive)] | |
| 128 _check_expected_count(items, repo_items, expected_count(group, True)) | |
| 129 | |
| 130 for name, perm in repo_items: | |
| 131 yield check_tree_perms, name, perm, group, 'repository.none' | |
| 132 | |
| 133 for name, perm in items: | |
| 134 yield check_tree_perms, name, perm, group, 'group.none' | |
| 135 | |
| 136 | |
| 137 @with_setup(permissions_setup_func) | |
| 138 def test_user_permissions_on_group_with_recursive_mode_deepest(): | |
| 139 ## set permission to g0_3 group to none | |
| 140 recursive = True | |
| 141 group = 'g0/g0_1/g0_1_1' | |
| 142 permissions_setup_func(group, 'group.write', recursive=recursive) | |
| 143 | |
| 144 repo_items = [x for x in _get_repo_perms(group, recursive)] | |
| 145 items = [x for x in _get_group_perms(group, recursive)] | |
| 146 _check_expected_count(items, repo_items, expected_count(group, True)) | |
| 147 | |
| 148 for name, perm in repo_items: | |
| 149 yield check_tree_perms, name, perm, group, 'repository.write' | |
| 150 | |
| 151 for name, perm in items: | |
| 152 yield check_tree_perms, name, perm, group, 'group.write' | |
| 153 | |
| 154 | |
| 155 @with_setup(permissions_setup_func) | |
| 156 def test_user_permissions_on_group_with_recursive_mode_only_with_repos(): | |
| 157 ## set permission to g0_3 group to none | |
| 158 recursive = True | |
| 159 group = 'g0/g0_2' | |
| 160 permissions_setup_func(group, 'group.admin', recursive=recursive) | |
| 161 | |
| 162 repo_items = [x for x in _get_repo_perms(group, recursive)] | |
| 163 items = [x for x in _get_group_perms(group, recursive)] | |
| 164 _check_expected_count(items, repo_items, expected_count(group, True)) | |
| 165 | |
| 166 for name, perm in repo_items: | |
| 167 yield check_tree_perms, name, perm, group, 'repository.admin' | |
| 168 | |
| 169 for name, perm in items: | |
| 170 yield check_tree_perms, name, perm, group, 'group.admin' |