Added role create/delete to logic layer and tests

ckan · Aug 23, 2012 · 76fc46b · 76fc46b
1 parent 462880a
commit 76fc46b
Show file tree

Hide file tree

Showing 3 changed files with 64 additions and 2 deletions.
diff --git a/ckan/logic/action/create.py b/ckan/logic/action/create.py
@@ -284,13 +284,17 @@ def organization_role_create(context, data_dict):
         model.Session.rollback()
         raise ValidationError(errors)
 
-    related = model_save.organization_role_dict_save(data, context)
+    role = model_save.organization_role_dict_save(data, context)
     if not context.get('defer_commit'):
         model.repo.commit_and_remove()
 
+    for d in data_dict.get('permissions', []):
+        p = model.Permission.get(d.get('id') or d.get('name'))
+        # Have to add to the role.
+
     session.flush()
 
-    return model_dictize.organization_role_dictize(related, context)
+    return model_dictize.organization_role_dictize(role, context)
 
 def related_create(context, data_dict):
     '''Add a new related item to a dataset.

diff --git a/ckan/logic/action/delete.py b/ckan/logic/action/delete.py
@@ -135,6 +135,43 @@ def related_delete(context, data_dict):
     model.repo.commit()
 
 
+def organization_role_delete(context, data_dict):
+    '''Delete n organization role
+
+    You must be a sysadmin to delete it an organization role.
+
+    :param id: the id or name of the role
+    :type id: string
+
+    '''
+    model = context['model']
+    session = context['session']
+    user = context['user']
+    userobj = model.User.get(user)
+
+    # Temporarily here because the auth is being replaced, and so no point
+    # it being in there for now.
+    from ckan.authz import Authorizer
+    from ckan.logic import NotAuthorized
+    if not Authorizer().is_sysadmin(unicode(user)):
+        msg = _('No valid API key provided.')
+        log.debug(msg)
+        raise NotAuthorized(msg)
+
+    id = _get_or_bust(data_dict, 'id')
+
+    entity = model.OrganisationRole.get(id)
+
+    if entity is None:
+        raise NotFound
+
+    # This will be to allow sysadmin once we have the auth implemented
+    #_check_access('related_delete',context, data_dict)
+
+    entity.delete()
+    model.repo.commit()
+
+
 def member_delete(context, data_dict=None):
     '''Remove an object (e.g. a user, dataset or group) from a group.
 

diff --git a/ckan/tests/functional/api/test_organisation_auth.py b/ckan/tests/functional/api/test_organisation_auth.py
@@ -27,9 +27,30 @@ def teardown_class(self):
         model.repo.rebuild_db()
 
     def test_role_create(self):
+        # Currently not adding the permissions to the new role.... hmm...
         params = _json.dumps({'name':'test_role', 'permissions': [{"name":"package.view"}]})
 
         response = self.app.post('/api/action/organization_role_create',
                 params=params, extra_environ=self.extra_environ).json
         assert response['success'] is True
+
+
+    def test_role_delete_succeed(self):
+        params = _json.dumps({'name':'test_role', 'permissions': [{"name":"package.view"}]})
+        response = self.app.post('/api/action/organization_role_create',
+                params=params, extra_environ=self.extra_environ).json
+        assert response['success'] is True
+
+        params = _json.dumps({'id':'test_role'})
+        response = self.app.post('/api/action/organization_role_delete',
+                params=params, extra_environ=self.extra_environ).json
+        assert response['success'] is True
+
+
+    def test_role_delete_fail(self):
+        params = _json.dumps({'id':'non-existant'})
+
+        response = self.app.post('/api/action/organization_role_delete',
+                params=params, extra_environ=self.extra_environ).json
+        assert response['success'] is False
         print response