Mercurial > p > roundup > code
diff test/test_security.py @ 905:502a5ae11cc5
Very close now. The cgi and mailgw now use the new security API.
The two templates have been migrated to that setup. Lots of unit
tests. Still some issue in the web form for editing Roles assigned to
users.
| author | Richard Jones <richard@users.sourceforge.net> |
|---|---|
| date | Fri, 26 Jul 2002 08:27:00 +0000 |
| parents | b0d3d3535998 |
| children | ef9c759c243e |
line wrap: on
line diff
--- a/test/test_security.py Thu Jul 25 07:53:44 2002 +0000 +++ b/test/test_security.py Fri Jul 26 08:27:00 2002 +0000 @@ -18,7 +18,7 @@ # OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE # SOFTWARE. -# $Id: test_security.py,v 1.1 2002-07-25 07:14:06 richard Exp $ +# $Id: test_security.py,v 1.2 2002-07-26 08:27:00 richard Exp $ import os, unittest, shutil @@ -48,31 +48,42 @@ ei = self.db.security.addPermission(name="Edit", klass="issue", description="User is allowed to edit issues") self.db.security.addPermissionToRole('User', ei) - ai = self.db.security.addPermission(name="Assign", klass="issue", - description="User may be assigned to issues") + ai = self.db.security.addPermission(name="View", klass="issue", + description="User is allowed to access issues") self.db.security.addPermissionToRole('User', ai) + def testGetPermission(self): + self.db.security.getPermission('Edit') + self.db.security.getPermission('View') + self.assertRaises(ValueError, self.db.security.getPermission, 'x') + self.assertRaises(ValueError, self.db.security.getPermission, 'Edit', + 'fubar') + ei = self.db.security.addPermission(name="Edit", klass="issue", + description="User is allowed to edit issues") + self.db.security.getPermission('Edit', 'issue') + ai = self.db.security.addPermission(name="View", klass="issue", + description="User is allowed to access issues") + self.db.security.getPermission('View', 'issue') + def testDBinit(self): - r = str(self.db.role.lookup('Admin')) - self.db.user.create(username="admin", roles=[r]) - r = str(self.db.role.lookup('User')) - self.db.user.create(username="anonymous", roles=[r]) + self.db.user.create(username="admin", roles='Admin') + self.db.user.create(username="anonymous", roles='User') - def testAccess(self): + def testAccessControls(self): self.testDBinit() self.testInitialiseSecurity() # test class-level access userid = self.db.user.lookup('admin') - self.assertEquals(self.db.security.hasClassPermission('issue', - 'Edit', userid), 1) - self.assertEquals(self.db.security.hasClassPermission('user', - 'Edit', userid), 1) + self.assertEquals(self.db.security.hasPermission('Edit', userid, + 'issue'), 1) + self.assertEquals(self.db.security.hasPermission('Edit', userid, + 'user'), 1) userid = self.db.user.lookup('anonymous') - self.assertEquals(self.db.security.hasClassPermission('issue', - 'Edit', userid), 1) - self.assertEquals(self.db.security.hasClassPermission('user', - 'Edit', userid), 0) + self.assertEquals(self.db.security.hasPermission('Edit', userid, + 'issue'), 1) + self.assertEquals(self.db.security.hasPermission('Edit', userid, + 'user'), 0) # test node-level access issueid = self.db.issue.create(title='foo', assignedto='admin') @@ -91,6 +102,14 @@ # # $Log: not supported by cvs2svn $ +# Revision 1.1 2002/07/25 07:14:06 richard +# Bugger it. Here's the current shape of the new security implementation. +# Still to do: +# . call the security funcs from cgi and mailgw +# . change shipped templates to include correct initialisation and remove +# the old config vars +# ... that seems like a lot. The bulk of the work has been done though. Honest :) +# # Revision 1.1 2002/07/10 06:40:01 richard # ehem, forgot to add #