Removed 'subscriber' cap from 'admin' role
This allows admins to test what happens when users do not have a subscription. To give the user subscriber capability, just grant demo role as well.
This commit is contained in:
@@ -18,7 +18,7 @@ log = logging.getLogger(__name__)
|
|||||||
CAPABILITIES = collections.defaultdict(**{
|
CAPABILITIES = collections.defaultdict(**{
|
||||||
'subscriber': {'subscriber', 'home-project'},
|
'subscriber': {'subscriber', 'home-project'},
|
||||||
'demo': {'subscriber', 'home-project'},
|
'demo': {'subscriber', 'home-project'},
|
||||||
'admin': {'subscriber', 'home-project', 'video-encoding', 'admin',
|
'admin': {'video-encoding', 'admin',
|
||||||
'view-pending-nodes', 'edit-project-node-types'},
|
'view-pending-nodes', 'edit-project-node-types'},
|
||||||
}, default_factory=frozenset)
|
}, default_factory=frozenset)
|
||||||
|
|
||||||
|
|||||||
@@ -200,7 +200,7 @@ CELERY_BEAT_SCHEDULE = {
|
|||||||
USER_CAPABILITIES = defaultdict(**{
|
USER_CAPABILITIES = defaultdict(**{
|
||||||
'subscriber': {'subscriber', 'home-project'},
|
'subscriber': {'subscriber', 'home-project'},
|
||||||
'demo': {'subscriber', 'home-project'},
|
'demo': {'subscriber', 'home-project'},
|
||||||
'admin': {'subscriber', 'home-project', 'video-encoding', 'admin',
|
'admin': {'video-encoding', 'admin',
|
||||||
'view-pending-nodes', 'edit-project-node-types', 'create-organization'},
|
'view-pending-nodes', 'edit-project-node-types', 'create-organization'},
|
||||||
'org-subscriber': {'subscriber', 'home-project'},
|
'org-subscriber': {'subscriber', 'home-project'},
|
||||||
}, default_factory=frozenset)
|
}, default_factory=frozenset)
|
||||||
|
|||||||
@@ -677,7 +677,7 @@ class RequireRolesTest(AbstractPillarTest):
|
|||||||
self.assertFalse(called[0])
|
self.assertFalse(called[0])
|
||||||
|
|
||||||
with self.app.test_request_context():
|
with self.app.test_request_context():
|
||||||
self.login_api_as(ObjectId(24 * 'a'), ['admin'])
|
self.login_api_as(ObjectId(24 * 'a'), ['demo'])
|
||||||
call_me()
|
call_me()
|
||||||
self.assertTrue(called[0])
|
self.assertTrue(called[0])
|
||||||
|
|
||||||
|
|||||||
@@ -95,7 +95,7 @@ class ProjectCreationTest(AbstractProjectTest):
|
|||||||
def test_project_creation_access_admin(self):
|
def test_project_creation_access_admin(self):
|
||||||
"""Admin-created projects should be public"""
|
"""Admin-created projects should be public"""
|
||||||
|
|
||||||
proj = self._create_user_and_project(roles={'admin'})
|
proj = self._create_user_and_project(roles={'admin', 'demo'})
|
||||||
self.assertEqual(['GET'], proj['permissions']['world'])
|
self.assertEqual(['GET'], proj['permissions']['world'])
|
||||||
|
|
||||||
def test_project_creation_access_subscriber(self):
|
def test_project_creation_access_subscriber(self):
|
||||||
@@ -311,13 +311,14 @@ class ProjectEditTest(AbstractProjectTest):
|
|||||||
|
|
||||||
def test_delete_by_admin(self):
|
def test_delete_by_admin(self):
|
||||||
# Create public test project.
|
# Create public test project.
|
||||||
project_info = self._create_user_and_project(['admin'])
|
project_info = self._create_user_and_project(['admin', 'demo'])
|
||||||
project_id = project_info['_id']
|
project_id = project_info['_id']
|
||||||
project_url = '/api/projects/%s' % project_id
|
project_url = '/api/projects/%s' % project_id
|
||||||
|
|
||||||
# Create admin user that doesn't own the project, to check that
|
# Create admin user that doesn't own the project, to check that
|
||||||
# non-owner admins can delete projects too.
|
# non-owner admins can delete projects too.
|
||||||
self._create_user_with_token(['admin'], 'admin-token', user_id='cafef00dbeefcafef00dbeef')
|
self._create_user_with_token(['admin'], 'admin-token',
|
||||||
|
user_id='cafef00dbeefcafef00dbeef')
|
||||||
|
|
||||||
# Admin user should be able to DELETE.
|
# Admin user should be able to DELETE.
|
||||||
resp = self.client.delete(project_url,
|
resp = self.client.delete(project_url,
|
||||||
|
|||||||
Reference in New Issue
Block a user