Skip to content
This repository has been archived by the owner on Mar 28, 2019. It is now read-only.

Commit

Permalink
Fix crash in Redis permission backend (ref Kinto/kinto#215)
Browse files Browse the repository at this point in the history 
When permission contains ":"

@Natim r?
  • Loading branch information
@leplatrem
leplatrem committed Oct 19, 2015
1 parent c076368 commit feadd28
Show file tree
Hide file tree
Showing 2 changed files with 12 additions and 9 deletions.
4 changes: 2 additions & 2 deletions cliquet/permission/redis.py
View file
Expand Up @@ -135,7 +135,7 @@ def object_permissions(self, object_id, permissions=None):

permissions = defaultdict(set)
for i, result in enumerate(results):
permission = keys[i].split(':')[-1]
permission = keys[i].split(':', 2)[-1]
permissions[permission] = self._decode_set(result)

return permissions
Expand All @@ -147,7 +147,7 @@ def replace_object_permissions(self, object_id, permissions):
with self._client.pipeline() as pipe:
for key in keys:
pipe.delete(key)
permission = key.split(':')[-1]
permission = key.split(':', 2)[-1]
principals = permissions[permission]
if len(principals) > 0:
pipe.sadd(key, *principals)
Expand Down
17 changes: 10 additions & 7 deletions cliquet/tests/test_permission.py
View file
Expand Up @@ -294,12 +294,12 @@ def test_object_permissions_return_all_object_acls(self):
self.permission.add_principal_to_ace('/url/a/id/1', 'write', 'user1')
self.permission.add_principal_to_ace('/url/a/id/1', 'write', 'user2')
self.permission.add_principal_to_ace('/url/a/id/1', 'read', 'user3')
self.permission.add_principal_to_ace('/url/a/id/1', 'create', 'user1')
self.permission.add_principal_to_ace('/url/a/id/1', 'obj:del', 'user1')
object_permissions = self.permission.object_permissions('/url/a/id/1')
self.assertDictEqual(object_permissions, {
"write": {"user1", "user2"},
"read": {"user3"},
"create": {"user1"}
"obj:del": {"user1"}
})

def test_object_permissions_return_listed_object_acls(self):
Expand All @@ -321,27 +321,30 @@ def test_replace_object_permission_replace_all_given_sets(self):
self.permission.add_principal_to_ace('/url/a/id/1', 'write', 'user1')
self.permission.add_principal_to_ace('/url/a/id/1', 'write', 'user2')
self.permission.add_principal_to_ace('/url/a/id/1', 'read', 'user3')
self.permission.add_principal_to_ace('/url/a/id/1', 'create', 'user1')
self.permission.add_principal_to_ace('/url/a/id/1', 'update', 'user1')
self.permission.add_principal_to_ace('/url/a/id/1', 'obj:del', 'user1')

self.permission.replace_object_permissions('/url/a/id/1', {
"write": ["user1"],
"read": set(["user2"]),
"create": set(),
"read": ["user2"],
"update": [],
"obj:del": ["user1"],
"new": ["user3"]
})

object_permissions = self.permission.object_permissions('/url/a/id/1')
self.assertDictEqual(object_permissions, {
"write": {"user1"},
"read": {"user2"},
"obj:del": {"user1"},
"new": {"user3"}
})

def test_replace_object_permission_only_replace_given_sets(self):
self.permission.add_principal_to_ace('/url/a/id/1', 'write', 'user1')
self.permission.add_principal_to_ace('/url/a/id/1', 'write', 'user2')
self.permission.add_principal_to_ace('/url/a/id/1', 'read', 'user3')
self.permission.add_principal_to_ace('/url/a/id/1', 'create', 'user1')
self.permission.add_principal_to_ace('/url/a/id/1', 'obj:del', 'user1')

self.permission.replace_object_permissions('/url/a/id/1', {
"write": ["user1"],
Expand All @@ -353,7 +356,7 @@ def test_replace_object_permission_only_replace_given_sets(self):
"write": {"user1"},
"read": {"user3"},
"new": {"user2"},
"create": {"user1"}
"obj:del": {"user1"}
})

def test_replace_object_permission_supports_empty_input(self):
Expand Down

0 comments on commit feadd28

Please sign in to comment.