From 4c926d393f2b73579d91fa43aaa293746500937e Mon Sep 17 00:00:00 2001
From: Dominik Moritz <domoritz@gmail.com>
Date: Wed, 24 Apr 2013 18:33:55 +0200
Subject: [PATCH] [#652] Test whether the updates to the datastore resources
 work correctly

---
 ckanext/datastore/tests/test_search.py | 62 ++++++++++++++++++++++++++
 1 file changed, 62 insertions(+)

diff --git a/ckanext/datastore/tests/test_search.py b/ckanext/datastore/tests/test_search.py
index ac97b127999..a4771b218b3 100644
--- a/ckanext/datastore/tests/test_search.py
+++ b/ckanext/datastore/tests/test_search.py
@@ -620,3 +620,65 @@ def test_new_datastore_table_from_private_resource(self):
         res_dict = json.loads(res.body)
         assert res_dict['success'] is False
         assert res_dict['error']['__type'] == 'Authorization Error'
+
+    def test_making_resource_private_makes_datastore_private(self):
+        group = self.dataset.get_groups()[0]
+        context = {
+            'user': self.sysadmin_user.name,
+            'model': model}
+        package = p.toolkit.get_action('package_create')(
+            context,
+            {'name': 'privatedataset2',
+             'private': False,
+             'groups': [{
+                 'id': group.id
+             }]})
+        resource = p.toolkit.get_action('resource_create')(
+            context,
+            {'name': 'privateresource2',
+             'url': 'https://www.example.co.uk/',
+             'package_id': package['id']})
+
+        postparams = '%s=1' % json.dumps({
+            'resource_id': resource['id'],
+        })
+        auth = {'Authorization': str(self.sysadmin_user.apikey)}
+        res = self.app.post('/api/action/datastore_create', params=postparams,
+                            extra_environ=auth)
+        res_dict = json.loads(res.body)
+        assert res_dict['success'] is True
+
+        # Test public resource
+        query = 'SELECT * FROM "{0}"'.format(resource['id'])
+        data = {'sql': query}
+        postparams = json.dumps(data)
+        auth = {'Authorization': str(self.normal_user.apikey)}
+        res = self.app.post('/api/action/datastore_search_sql', params=postparams,
+                            extra_environ=auth)
+        res_dict = json.loads(res.body)
+        assert res_dict['success'] is True
+
+        # Make resource private
+        package = p.toolkit.get_action('package_show')(
+            context, {'id': package.get('id')})
+        package['private'] = True
+        package = p.toolkit.get_action('package_update')(context, package)
+
+        # Test private
+        res = self.app.post('/api/action/datastore_search_sql', params=postparams,
+                            extra_environ=auth, status=403)
+        res_dict = json.loads(res.body)
+        assert res_dict['success'] is False
+        assert res_dict['error']['__type'] == 'Authorization Error'
+
+        # Make resource public
+        package = p.toolkit.get_action('package_show')(
+            context, {'id': package.get('id')})
+        package['private'] = False
+        package = p.toolkit.get_action('package_update')(context, package)
+
+        # Test public again
+        res = self.app.post('/api/action/datastore_search_sql', params=postparams,
+                            extra_environ=auth)
+        res_dict = json.loads(res.body)
+        assert res_dict['success'] is True