Mercurial > p > roundup > code
comparison test/test_security.py @ 4438:222efa59ee6c
search permissions must allow transitive properties
| author | Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net> |
|---|---|
| date | Wed, 20 Oct 2010 08:58:52 +0000 |
| parents | 75dc225613cc |
| children | 8137456a86f3 |
comparison
equal
deleted
inserted
replaced
| 4437:261c9f913ff7 | 4438:222efa59ee6c |
|---|---|
| 176 self.assertEquals(has('Test', super, 'test', itemid='1'), 1) | 176 self.assertEquals(has('Test', super, 'test', itemid='1'), 1) |
| 177 self.assertEquals(has('Test', super, 'test', itemid='2'), 1) | 177 self.assertEquals(has('Test', super, 'test', itemid='2'), 1) |
| 178 self.assertEquals(has('Test', none, 'test', itemid='1'), 0) | 178 self.assertEquals(has('Test', none, 'test', itemid='1'), 0) |
| 179 self.assertEquals(has('Test', none, 'test', itemid='2'), 0) | 179 self.assertEquals(has('Test', none, 'test', itemid='2'), 0) |
| 180 | 180 |
| 181 def testTransitiveSearchPermissions(self): | |
| 182 add = self.db.security.addPermission | |
| 183 has = self.db.security.hasSearchPermission | |
| 184 addRole = self.db.security.addRole | |
| 185 addToRole = self.db.security.addPermissionToRole | |
| 186 user = self.db.user.create(username='user1', roles='User') | |
| 187 anon = self.db.user.create(username='anonymous', roles='Anonymous') | |
| 188 addRole(name='User') | |
| 189 addRole(name='Anonymous') | |
| 190 iv = add(name="View", klass="issue") | |
| 191 addToRole('User', iv) | |
| 192 addToRole('Anonymous', iv) | |
| 193 ms = add(name="Search", klass="msg") | |
| 194 addToRole('User', ms) | |
| 195 addToRole('Anonymous', ms) | |
| 196 addToRole('User', add(name="View", klass="user")) | |
| 197 self.assertEquals(has(anon, 'issue', 'messages'), 1) | |
| 198 self.assertEquals(has(anon, 'issue', 'messages.author'), 1) | |
| 199 self.assertEquals(has(anon, 'issue', 'messages.author.username'), 0) | |
| 200 self.assertEquals(has(anon, 'issue', 'messages.recipients'), 1) | |
| 201 self.assertEquals(has(anon, 'issue', 'messages.recipients.username'), 0) | |
| 202 self.assertEquals(has(user, 'issue', 'messages'), 1) | |
| 203 self.assertEquals(has(user, 'issue', 'messages.author'), 1) | |
| 204 self.assertEquals(has(user, 'issue', 'messages.author.username'), 1) | |
| 205 self.assertEquals(has(user, 'issue', 'messages.recipients'), 1) | |
| 206 self.assertEquals(has(user, 'issue', 'messages.recipients.username'), 1) | |
| 207 | |
| 181 def test_suite(): | 208 def test_suite(): |
| 182 suite = unittest.TestSuite() | 209 suite = unittest.TestSuite() |
| 183 suite.addTest(unittest.makeSuite(PermissionTest)) | 210 suite.addTest(unittest.makeSuite(PermissionTest)) |
| 184 return suite | 211 return suite |
| 185 | 212 |