X-Git-Url: https://git.tokkee.org/?a=blobdiff_plain;f=test%2Ftest_security.py;h=c7d51286b4c35dcd5970f6a9821cf72936c4c2b4;hb=80cd6f610ee95dbd3f49638ec2ebf3f16e3587c0;hp=595dad322156951063b4f6bf687f84e95cbd5209;hpb=7cf02acb464a4a46708e7bd710c2994f757add25;p=roundup.git diff --git a/test/test_security.py b/test/test_security.py index 595dad3..c7d5128 100644 --- a/test/test_security.py +++ b/test/test_security.py @@ -183,21 +183,31 @@ class PermissionTest(MyTestCase): has = self.db.security.hasSearchPermission addRole = self.db.security.addRole addToRole = self.db.security.addPermissionToRole - user = self.db.user.create(username='user1', roles='User') - anon = self.db.user.create(username='anonymous', roles='Anonymous') addRole(name='User') addRole(name='Anonymous') + addRole(name='Issue') + addRole(name='Msg') + addRole(name='UV') + user = self.db.user.create(username='user1', roles='User') + anon = self.db.user.create(username='anonymous', roles='Anonymous') + ui = self.db.user.create(username='user2', roles='Issue') + uim = self.db.user.create(username='user3', roles='Issue,Msg') + uimu = self.db.user.create(username='user4', roles='Issue,Msg,UV') iv = add(name="View", klass="issue") addToRole('User', iv) addToRole('Anonymous', iv) + addToRole('Issue', iv) ms = add(name="Search", klass="msg") addToRole('User', ms) addToRole('Anonymous', ms) - addToRole('User', add(name="View", klass="user")) + addToRole('Msg', ms) + uv = add(name="View", klass="user") + addToRole('User', uv) + addToRole('UV', uv) self.assertEquals(has(anon, 'issue', 'messages'), 1) - self.assertEquals(has(anon, 'issue', 'messages.author'), 1) + self.assertEquals(has(anon, 'issue', 'messages.author'), 0) self.assertEquals(has(anon, 'issue', 'messages.author.username'), 0) - self.assertEquals(has(anon, 'issue', 'messages.recipients'), 1) + self.assertEquals(has(anon, 'issue', 'messages.recipients'), 0) self.assertEquals(has(anon, 'issue', 'messages.recipients.username'), 0) self.assertEquals(has(user, 'issue', 'messages'), 1) self.assertEquals(has(user, 'issue', 'messages.author'), 1) @@ -205,6 +215,24 @@ class PermissionTest(MyTestCase): self.assertEquals(has(user, 'issue', 'messages.recipients'), 1) self.assertEquals(has(user, 'issue', 'messages.recipients.username'), 1) + self.assertEquals(has(ui, 'issue', 'messages'), 0) + self.assertEquals(has(ui, 'issue', 'messages.author'), 0) + self.assertEquals(has(ui, 'issue', 'messages.author.username'), 0) + self.assertEquals(has(ui, 'issue', 'messages.recipients'), 0) + self.assertEquals(has(ui, 'issue', 'messages.recipients.username'), 0) + + self.assertEquals(has(uim, 'issue', 'messages'), 1) + self.assertEquals(has(uim, 'issue', 'messages.author'), 0) + self.assertEquals(has(uim, 'issue', 'messages.author.username'), 0) + self.assertEquals(has(uim, 'issue', 'messages.recipients'), 0) + self.assertEquals(has(uim, 'issue', 'messages.recipients.username'), 0) + + self.assertEquals(has(uimu, 'issue', 'messages'), 1) + self.assertEquals(has(uimu, 'issue', 'messages.author'), 1) + self.assertEquals(has(uimu, 'issue', 'messages.author.username'), 1) + self.assertEquals(has(uimu, 'issue', 'messages.recipients'), 1) + self.assertEquals(has(uimu, 'issue', 'messages.recipients.username'), 1) + def test_suite(): suite = unittest.TestSuite() suite.addTest(unittest.makeSuite(PermissionTest))