Skip to content

Commit

Permalink
[#1665] Test with organizations as well
Browse files Browse the repository at this point in the history
  • Loading branch information
@vitorbaptista
vitorbaptista committed May 8, 2014
1 parent 38e36d3 commit d603f9a
Showing 1 changed file with 71 additions and 18 deletions.
89 changes: 71 additions & 18 deletions ckan/new_tests/test_new_authz.py
View file
Expand Up @@ -16,7 +16,7 @@ def setup(self):
def teardown(self):
new_authz.clear_auth_functions_cache()

def test_user_that_created_group_has_admin_permissions(self):
def test_group_user_that_created_it_has_admin_permissions(self):
user = factories.User()
group = factories.Group(user=user)

Expand All @@ -26,7 +26,17 @@ def test_user_that_created_group_has_admin_permissions(self):

assert_equals(result, True)

def test_users_not_part_of_the_group_dont_have_read_permissions(self):
def test_organization_user_that_created_it_has_admin_permissions(self):
user = factories.User()
org = factories.Organization(user=user)

result = new_authz.has_user_permission_for_group_or_org(org['id'],
user['name'],
'admin')

assert_equals(result, True)

def test_group_users_not_part_of_it_dont_have_read_permissions(self):
user = factories.User()
group = factories.Group()

Expand All @@ -36,8 +46,18 @@ def test_users_not_part_of_the_group_dont_have_read_permissions(self):

assert_equals(result, False)

def test_organization_users_not_part_of_it_dont_have_read_permissions(self):
user = factories.User()
org = factories.Organization()

result = new_authz.has_user_permission_for_group_or_org(org['id'],
user['name'],
'read')

assert_equals(result, False)

@helpers.change_config('ckan.auth.roles_that_cascade_to_sub_groups', 'admin')
def test_users_with_configured_roles_have_permissions_on_all_children_groups(self):
def test_group_users_with_roles_that_cascade_have_permissions_on_all_its_children(self):
user = factories.User()
parent_group = factories.Group(user=user)
group = factories.Group(groups=[parent_group])
Expand All @@ -48,7 +68,19 @@ def test_users_with_configured_roles_have_permissions_on_all_children_groups(sel

assert_equals(result, True)

def test_it_allows_sysadmins_to_do_anything(self):
@helpers.change_config('ckan.auth.roles_that_cascade_to_sub_groups', 'admin')
def test_organization_users_with_roles_that_cascade_have_permissions_on_all_its_children(self):
user = factories.User()
parent_org = factories.Organization(user=user)
org = factories.Organization(groups=[parent_org])

result = new_authz.has_user_permission_for_group_or_org(org['id'],
user['name'],
'admin')

assert_equals(result, True)

def test_group_allows_sysadmins_to_do_anything_to_it(self):
user = factories.Sysadmin()
group = factories.Group()

Expand All @@ -58,7 +90,39 @@ def test_it_allows_sysadmins_to_do_anything(self):

assert_equals(result, True)

def test_it_requires_group_id(self):
def test_organization_it_allows_sysadmins_to_do_anything_to_it(self):
user = factories.Sysadmin()
org = factories.Organization()

result = new_authz.has_user_permission_for_group_or_org(org['id'],
user['name'],
'admin')

assert_equals(result, True)

@helpers.change_config('ckan.auth.default_group_or_org_permissions', 'read member_create')
def test_group_its_default_permissions_can_be_overriden_by_config_variable(self):
user = factories.User()
group = factories.Group()

result = new_authz.has_user_permission_for_group_or_org(group['id'],
user['name'],
'read')

assert_equals(result, True)

@helpers.change_config('ckan.auth.default_group_or_org_permissions', 'read member_create')
def test_organization_its_default_permissions_can_be_overriden_by_config_variable(self):
user = factories.User()
org = factories.Organization()

result = new_authz.has_user_permission_for_group_or_org(org['id'],
user['name'],
'read')

assert_equals(result, True)

def test_requires_group_or_organization_id(self):
user = factories.Sysadmin()

result = new_authz.has_user_permission_for_group_or_org(None,
Expand All @@ -67,7 +131,7 @@ def test_it_requires_group_id(self):

assert_equals(result, False)

def test_it_requires_valid_group_id(self):
def test_requires_existent_group_or_organization_id(self):
user = factories.Sysadmin()

result = new_authz.has_user_permission_for_group_or_org('inexistent',
Expand All @@ -76,22 +140,11 @@ def test_it_requires_valid_group_id(self):

assert_equals(result, False)

def test_it_requires_valid_user_name(self):
def test_requires_existent_user_name(self):
group = factories.Group()

result = new_authz.has_user_permission_for_group_or_org(group['id'],
'inexistent',
'admin')

assert_equals(result, False)

@helpers.change_config('ckan.auth.default_group_or_org_permissions', 'read member_create')
def test_default_permissions_can_be_overriden_by_config_variable(self):
user = factories.User()
group = factories.Group()

result = new_authz.has_user_permission_for_group_or_org(group['id'],
user['name'],
'read')

assert_equals(result, True)

0 comments on commit d603f9a

Please sign in to comment.