Skip to content

Commit

Permalink
Merge pull request #726 from Kinto/725-redis-get_accessible_object
Browse files Browse the repository at this point in the history
Fix Redis get_accessible_object implementation.
  • Loading branch information
Natim authored and leplatrem committed Jul 21, 2016
1 parent 8d44754 commit 23c8be9
Show file tree
Hide file tree
Showing 3 changed files with 13 additions and 4 deletions.
8 changes: 8 additions & 0 deletions CHANGELOG.rst
Original file line number Diff line number Diff line change
Expand Up @@ -3,6 +3,14 @@ Changelog

This document describes changes between each past release.

3.3.2 (unreleased)
==================

**Bug fixes**

- Fix Redis get_accessible_object implementation (#725)


3.3.1 (2016-07-19)
==================

Expand Down
4 changes: 2 additions & 2 deletions kinto/core/permission/redis.py
Original file line number Diff line number Diff line change
Expand Up @@ -100,8 +100,8 @@ def get_accessible_objects(self, principals, bound_permissions=None):
for key in matched:
authorized = self._decode_set(self._client.smembers(key))
if len(authorized & principals) > 0:
_, object_id, permission = key.decode('utf-8').split(':')
perms_by_id.setdefault(object_id, set()).add(permission)
_, obj_id, permission = key.decode('utf-8').split(':', 2)
perms_by_id.setdefault(obj_id, set()).add(permission)

return perms_by_id

Expand Down
5 changes: 3 additions & 2 deletions kinto/tests/core/test_permission.py
Original file line number Diff line number Diff line change
Expand Up @@ -296,14 +296,15 @@ def test_get_authorized_principals_handles_empty_set(self):

def test_accessible_objects(self):
self.permission.add_principal_to_ace('id1', 'write', 'user1')
self.permission.add_principal_to_ace('id1', 'read', 'group')
self.permission.add_principal_to_ace('id1', 'record:create', 'group')
self.permission.add_principal_to_ace('id2', 'read', 'user1')
self.permission.add_principal_to_ace('id2', 'read', 'user2')
self.permission.add_principal_to_ace('id3', 'write', 'user2')
per_object_ids = self.permission.get_accessible_objects(
['user1', 'group'])
self.assertEquals(sorted(per_object_ids.keys()), ['id1', 'id2'])
self.assertEquals(per_object_ids['id1'], set(['read', 'write']))
self.assertEquals(per_object_ids['id1'],
set(['write', 'record:create']))
self.assertEquals(per_object_ids['id2'], set(['read']))

def test_accessible_objects_from_permission(self):
Expand Down

0 comments on commit 23c8be9

Please sign in to comment.