From d99676001794071f6f2db273ae1836af0ebde7e9 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Sybren=20A=2E=20St=C3=BCvel?= Date: Wed, 13 Jul 2016 12:27:42 +0200 Subject: [PATCH] Removed node type permissions from EXAMPLE_TEST_PROJECT This makes the test project mimick actual projects more. --- tests/common_test_data.py | 59 ++++++--------------------------------- tests/test_auth.py | 28 +++++++++++++++---- 2 files changed, 30 insertions(+), 57 deletions(-) diff --git a/tests/common_test_data.py b/tests/common_test_data.py index 75fb9639..081ec7c6 100644 --- a/tests/common_test_data.py +++ b/tests/common_test_data.py @@ -54,16 +54,7 @@ EXAMPLE_PROJECT = { u'form_schema': {u'order': {}, u'status': {}, u'url': {}}, u'name': u'group_texture', u'parent': [u'group_texture', u'project'], - u'permissions': {u'groups': [{u'group': EXAMPLE_ADMIN_GROUP_ID, - u'methods': [u'GET', u'PUT', u'POST']}, - {u'group': ObjectId('5596e975ea893b269af85c0f'), - u'methods': [u'GET']}, - {u'group': ObjectId('564733b56dcaf85da2faee8a'), - u'methods': [u'GET']}, - {u'group': ObjectId('564c52b96dcaf85da2faef00'), - u'methods': [u'GET', u'POST']}], - u'users': [], - u'world': [u'GET']}}, + u'permissions': {}}, {u'description': u'Generic group node type edited', u'dyn_schema': {u'notes': {u'maxlength': 256, u'type': u'string'}, u'order': {u'type': u'integer'}, @@ -73,14 +64,7 @@ EXAMPLE_PROJECT = { u'form_schema': {u'notes': {}, u'order': {}, u'status': {}, u'url': {}}, u'name': u'group', u'parent': [u'group', u'project'], - u'permissions': {u'groups': [{u'group': EXAMPLE_ADMIN_GROUP_ID, - u'methods': [u'GET', u'PUT', u'POST']}, - {u'group': ObjectId('5596e975ea893b269af85c0f'), - u'methods': [u'GET']}, - {u'group': ObjectId('564733b56dcaf85da2faee8a'), - u'methods': [u'GET']}], - u'users': [], - u'world': [u'GET']}}, + u'permissions': {}}, {u'description': u'Basic Asset Type', u'dyn_schema': { u'attachments': {u'schema': {u'schema': {u'field': {u'type': u'string'}, @@ -121,14 +105,7 @@ EXAMPLE_PROJECT = { u'tags': {}}, u'name': u'asset', u'parent': [u'group'], - u'permissions': {u'groups': [{u'group': EXAMPLE_ADMIN_GROUP_ID, - u'methods': [u'GET', u'PUT', u'POST']}, - {u'group': ObjectId('5596e975ea893b269af85c0f'), - u'methods': [u'DELETE', u'GET']}, - {u'group': ObjectId('564733b56dcaf85da2faee8a'), - u'methods': [u'GET']}], - u'users': [], - u'world': [u'GET']}}, + u'permissions': {}}, {u'description': u'Entrypoint to a remote or local storage solution', u'dyn_schema': {u'backend': {u'type': u'string'}, u'subdir': {u'type': u'string'}}, @@ -166,14 +143,7 @@ EXAMPLE_PROJECT = { u'status': {}}, u'name': u'comment', u'parent': [u'asset', u'comment'], - u'permissions': {u'groups': [{u'group': EXAMPLE_ADMIN_GROUP_ID, - u'methods': [u'GET', u'PUT', u'POST']}, - {u'group': ObjectId('5596e975ea893b269af85c0f'), - u'methods': [u'GET', u'POST']}, - {u'group': ObjectId('564733b56dcaf85da2faee8a'), - u'methods': [u'GET', u'POST']}], - u'users': [], - u'world': [u'GET']}}, + u'permissions': {}}, {u'description': u'Container for node_type post.', u'dyn_schema': {u'categories': {u'schema': {u'type': u'string'}, u'type': u'list'}, @@ -181,10 +151,7 @@ EXAMPLE_PROJECT = { u'form_schema': {u'categories': {}, u'template': {}}, u'name': u'blog', u'parent': [u'project'], - u'permissions': {u'groups': [{u'group': EXAMPLE_ADMIN_GROUP_ID, - u'methods': [u'GET', u'PUT', u'POST']}], - u'users': [], - u'world': [u'GET']}}, + u'permissions': {}}, {u'description': u'A blog post, for any project', u'dyn_schema': { u'attachments': {u'schema': {u'schema': {u'field': {u'type': u'string'}, @@ -220,10 +187,7 @@ EXAMPLE_PROJECT = { u'url': {}}, u'name': u'post', u'parent': [u'blog'], - u'permissions': {u'groups': [{u'group': EXAMPLE_ADMIN_GROUP_ID, - u'methods': [u'GET', u'PUT', u'POST']}], - u'users': [], - u'world': [u'GET']}}, + u'permissions': {}}, {u'description': u'Image Texture', u'dyn_schema': {u'aspect_ratio': {u'type': u'float'}, u'categories': {u'type': u'string'}, @@ -264,21 +228,14 @@ EXAMPLE_PROJECT = { u'tags': {}}, u'name': u'texture', u'parent': [u'group'], - u'permissions': {u'groups': [{u'group': EXAMPLE_ADMIN_GROUP_ID, - u'methods': [u'GET', u'PUT', u'POST']}, - {u'group': ObjectId('5596e975ea893b269af85c0f'), - u'methods': [u'GET']}, - {u'group': ObjectId('564733b56dcaf85da2faee8a'), - u'methods': [u'GET']}], - u'users': [], - u'world': [u'GET']}}], + u'permissions': {}}], u'nodes_blog': [], u'nodes_featured': [], u'nodes_latest': [], u'organization': ObjectId('55a99fb43004867fb9934f01'), u'owners': {u'groups': [], u'users': []}, u'permissions': {u'groups': [{u'group': EXAMPLE_ADMIN_GROUP_ID, - u'methods': [u'GET', u'POST', u'PUT']}], + u'methods': [u'GET', u'POST', u'PUT', u'DELETE']}], u'users': [], u'world': [u'GET']}, u'picture_header': ObjectId('5673f260c379cf0007b31bc4'), diff --git a/tests/test_auth.py b/tests/test_auth.py index 6ad723a4..079a4ecf 100644 --- a/tests/test_auth.py +++ b/tests/test_auth.py @@ -9,10 +9,26 @@ from bson import tz_util, ObjectId from werkzeug.exceptions import Forbidden from common_test_class import AbstractPillarTest, TEST_EMAIL_USER, TEST_EMAIL_ADDRESS -from common_test_data import EXAMPLE_PROJECT, EXAMPLE_NODE +from common_test_data import EXAMPLE_NODE +import common_test_data as ctd PUBLIC_USER_FIELDS = {'full_name', 'email'} +# Use the example project with some additional permissions for these tests. +EXAMPLE_PROJECT = copy.deepcopy(ctd.EXAMPLE_PROJECT) + +_texture_nt = next(nt for nt in EXAMPLE_PROJECT['node_types'] + if nt['name'] == 'texture') +_texture_nt['permissions']['groups'] = [ + {u'group': ObjectId('5596e975ea893b269af85c0f'), u'methods': [u'GET']}, + {u'group': ObjectId('564733b56dcaf85da2faee8a'), u'methods': [u'GET']}, ] + +_asset_nt = next(nt for nt in EXAMPLE_PROJECT['node_types'] + if nt['name'] == 'asset') +_asset_nt['permissions']['groups'] = [ + {u'group': ObjectId('5596e975ea893b269af85c0f'), u'methods': [u'DELETE', u'GET']}, + {u'group': ObjectId('564733b56dcaf85da2faee8a'), u'methods': [u'GET']}] + class AuthenticationTests(AbstractPillarTest): def test_make_unique_username(self): @@ -448,7 +464,7 @@ class PermissionComputationTest(AbstractPillarTest): self.assertEqual( { u'groups': [{u'group': ObjectId('5596e975ea893b269af85c0e'), - u'methods': [u'GET', u'POST', u'PUT']}], + u'methods': [u'DELETE', u'GET', u'POST', u'PUT']}], u'world': [u'GET'] }, self.sort(compute_aggr_permissions('projects', EXAMPLE_PROJECT, None))) @@ -457,7 +473,7 @@ class PermissionComputationTest(AbstractPillarTest): self.assertEqual( { u'groups': [{u'group': ObjectId('5596e975ea893b269af85c0e'), - u'methods': [u'GET', u'POST', u'PUT']}, + u'methods': [u'DELETE', u'GET', u'POST', u'PUT']}, {u'group': ObjectId('5596e975ea893b269af85c0f'), u'methods': [u'GET']}, {u'group': ObjectId('564733b56dcaf85da2faee8a'), @@ -473,10 +489,10 @@ class PermissionComputationTest(AbstractPillarTest): with self.app.test_request_context(): # Test node permissions without embedded project. - self.ensure_project_exists() + self.ensure_project_exists(project_overrides=EXAMPLE_PROJECT) self.assertEqual( {u'groups': [{u'group': ObjectId('5596e975ea893b269af85c0e'), - u'methods': [u'GET', u'POST', u'PUT']}, + u'methods': [u'DELETE', u'GET', u'POST', u'PUT']}, {u'group': ObjectId('5596e975ea893b269af85c0f'), u'methods': [u'DELETE', u'GET']}, {u'group': ObjectId('564733b56dcaf85da2faee8a'), @@ -490,7 +506,7 @@ class PermissionComputationTest(AbstractPillarTest): node['project'] = EXAMPLE_PROJECT self.assertEqual( {u'groups': [{u'group': ObjectId('5596e975ea893b269af85c0e'), - u'methods': [u'GET', u'POST', u'PUT']}, + u'methods': [u'DELETE', u'GET', u'POST', u'PUT']}, {u'group': ObjectId('5596e975ea893b269af85c0f'), u'methods': [u'DELETE', u'GET']}, {u'group': ObjectId('564733b56dcaf85da2faee8a'),