[#2578] Fix for auth profile tests

ckan · Aug 30, 2012 · 4026632 · 4026632
1 parent 38510b2
commit 4026632
Show file tree

Hide file tree

Showing 3 changed files with 36 additions and 12 deletions.
diff --git a/ckan/logic/action/get.py b/ckan/logic/action/get.py
@@ -6,7 +6,6 @@
 from pylons.i18n import _
 import sqlalchemy
 
-import ckan
 import ckan.authz
 import ckan.lib.dictization
 import ckan.logic as logic

diff --git a/ckan/logic/auth/publisher/delete.py b/ckan/logic/auth/publisher/delete.py
@@ -29,6 +29,29 @@ def package_delete(context, data_dict):
 def package_relationship_delete(context, data_dict):
     return package_relationship_create(context, data_dict)
 
+def resource_delete(context, data_dict):
+    model = context['model']
+    user = context.get('user')
+    resource = get_resource_object(context, data_dict)
+
+    # check authentication against package
+    query = model.Session.query(model.Package)\
+        .join(model.ResourceGroup)\
+        .join(model.Resource)\
+        .filter(model.ResourceGroup.id == resource.resource_group_id)
+    pkg = query.first()
+    if not pkg:
+        raise logic.NotFound(_('No package found for this resource, cannot check auth.'))
+
+    pkg_dict = {'id': pkg.id}
+    authorized = package_delete(context, pkg_dict).get('success')
+
+    if not authorized:
+        return {'success': False, 'msg': _('User %s not authorized to delete resource %s') % (str(user), resource.id)}
+    else:
+        return {'success': True}
+
+
 def related_delete(context, data_dict):
     model = context['model']
     user = context['user']

diff --git a/ckan/tests/misc/test_auth_profiles.py b/ckan/tests/misc/test_auth_profiles.py
@@ -35,8 +35,8 @@ def test_authorizer_count(self):
         }
 
         module_items = {
-            'ckan.logic.auth': [],
-            'ckan.logic.auth.publisher': []
+            'ckan.logic.auth': {},
+            'ckan.logic.auth.publisher': {}
         }
 
         for module_root in modules.keys():
@@ -48,18 +48,20 @@ def test_authorizer_count(self):
                     module = getattr(module, part)
 
                 for key, v in module.__dict__.items():
-                    if not key.startswith('_'):
+                    # we should check these are actually functions
+                    if not key.startswith('_') and key != 'ckan':
                         modules[module_root] = modules[module_root] + 1
-                        module_items[module_root].append( key )
+                        info = '%s.%s.%s' % (module_root, auth_module_name, key)
+                        module_items[module_root][key] = info
 
         err = []
         if modules['ckan.logic.auth'] != modules['ckan.logic.auth.publisher']:
             oldauth = module_items['ckan.logic.auth']
             pubauth = module_items['ckan.logic.auth.publisher']
-            for e in [n for n in oldauth if not n in pubauth]:
-                err.append( '%s is in auth but not publisher auth ' % e )
-            for e in [n for n in  pubauth if not n in oldauth]:
-                err.append( '%s is in publisher auth but not auth ' % e )
-        # Temporarily fudge
-        assert modules['ckan.logic.auth']+8 == modules['ckan.logic.auth.publisher'], modules
-
+            for e in oldauth:
+                if not e in pubauth:
+                    err.append( '%s is in auth but not publisher auth ' % oldauth[e] )
+            for e in pubauth:
+                if not e in oldauth:
+                    err.append( '%s is in publisher auth but not auth ' % pubauth[e] )
+        assert not err, '\n'.join(err)