Mercurial > p > roundup > code
comparison test/test_security.py @ 5186:36630a062fb5
Check in enhanced form for check command used by addPermission.
New form can include a **context dictionary that allows access to the
name of the property, class, and permission being checked. This
should make designing more complex permission requirements easier.
| author | John Rouillard <rouilj@ieee.org> |
|---|---|
| date | Fri, 17 Feb 2017 21:18:34 -0500 |
| parents | 364c54991861 |
| children | e0732fd6a6c7 |
comparison
equal
deleted
inserted
replaced
| 5185:349bef975367 | 5186:36630a062fb5 |
|---|---|
| 153 self.assertEquals(has('Test', none, 'test', property='a'), 0) | 153 self.assertEquals(has('Test', none, 'test', property='a'), 0) |
| 154 self.assertEquals(has('Test', none, 'test', property='b'), 0) | 154 self.assertEquals(has('Test', none, 'test', property='b'), 0) |
| 155 self.assertEquals(has('Test', none, 'test', property='c'), 0) | 155 self.assertEquals(has('Test', none, 'test', property='c'), 0) |
| 156 self.assertEquals(has('Test', none, 'test'), 0) | 156 self.assertEquals(has('Test', none, 'test'), 0) |
| 157 | 157 |
| 158 # check function | 158 # check function new style. Make sure that other args are passed. |
| 159 check = lambda db, userid, itemid: itemid == '1' | 159 def check(db,userid,itemid, **other): |
| 160 prop = other['property'] | |
| 161 prop = other['classname'] | |
| 162 prop = other['permission'] | |
| 163 return (itemid == '1') | |
| 164 | |
| 160 addRole(name='Role3') | 165 addRole(name='Role3') |
| 161 addToRole('Role3', add(name="Test", klass="test", check=check)) | 166 addToRole('Role3', add(name="Test", klass="test", check=check)) |
| 162 user3 = self.db.user.create(username='user3', roles='Role3') | 167 user3 = self.db.user.create(username='user3', roles='Role3') |
| 163 # *any* access to class | 168 # *any* access to class |
| 164 self.assertEquals(has('Test', user1, 'test'), 1) | 169 self.assertEquals(has('Test', user1, 'test'), 1) |