104 lines
3.3 KiB
Python
104 lines
3.3 KiB
Python
from pathlib import Path
|
|
from tempfile import TemporaryDirectory
|
|
|
|
import pytest
|
|
from grung.db import GrungDB
|
|
from tinydb import where
|
|
from tinydb.storages import MemoryStorage
|
|
|
|
import ttfrog.app
|
|
from ttfrog import schema
|
|
|
|
|
|
@pytest.fixture
|
|
def app():
|
|
with TemporaryDirectory() as path:
|
|
fixture_db = GrungDB.with_schema(schema, path=Path(path), storage=MemoryStorage)
|
|
ttfrog.app.load_config(defaults=None, IN_MEMORY_DB=1)
|
|
ttfrog.app.initialize(db=fixture_db, force=True)
|
|
yield ttfrog.app
|
|
ttfrog.app.db.truncate()
|
|
|
|
|
|
def test_create(app):
|
|
user = schema.User(name="john", email="john@foo", password="powerfulCat")
|
|
|
|
# insert
|
|
john_something = app.db.save(user)
|
|
last_insert_id = john_something.doc_id
|
|
|
|
# read back
|
|
assert app.db.User.get(doc_id=last_insert_id) == john_something
|
|
assert john_something.name == user.name
|
|
assert john_something.email == user.email
|
|
|
|
# update
|
|
john_something.name = "james?"
|
|
before_update = app.db.User.get(doc_id=john_something.doc_id)
|
|
after_update = app.db.save(john_something)
|
|
assert after_update == john_something
|
|
assert before_update != after_update
|
|
|
|
|
|
@pytest.mark.xfail
|
|
def test_permissions(app):
|
|
john = app.db.save(schema.User(name="john", email="john@foo", password="powerfulCat"))
|
|
players = app.db.save(schema.Group(name="players", members=[john]))
|
|
notes = app.db.save(schema.Page(name="notes"))
|
|
note0 = notes.add_member(schema.Page(name="note0"))
|
|
|
|
# default no access
|
|
assert not players.can_read(notes)
|
|
assert not players.can_write(notes)
|
|
assert not players.can_delete(notes)
|
|
assert not john.can_read(notes)
|
|
assert not john.can_write(notes)
|
|
assert not john.can_delete(notes)
|
|
assert not players.can_read(note0)
|
|
assert not john.can_read(note0)
|
|
|
|
# set to rw, no delete
|
|
notes.set_permissions(players, [schema.Permissions.READ, schema.Permissions.WRITE])
|
|
notes = app.db.Page.get(doc_id=notes.doc_id)
|
|
assert players.can_read(notes)
|
|
assert players.can_write(notes)
|
|
assert not players.can_delete(notes)
|
|
|
|
# propagated
|
|
note0 = app.db.Page.get(doc_id=note0.doc_id)
|
|
assert players.can_read(note0)
|
|
assert players.can_write(note0)
|
|
assert not players.can_delete(note0)
|
|
assert not john.can_delete(note0)
|
|
|
|
# members of the group inherit group permissions
|
|
assert john.can_read(notes)
|
|
assert john.can_read(note0)
|
|
assert john.can_write(notes)
|
|
assert john.can_write(note0)
|
|
|
|
# permissions are the union of user + group permissions
|
|
notes.set_permissions(john, [schema.Permissions.DELETE])
|
|
notes = app.db.Page.get(doc_id=notes.doc_id)
|
|
note0 = app.db.Page.get(doc_id=note0.doc_id)
|
|
assert not players.can_delete(notes)
|
|
assert not players.can_delete(note0)
|
|
assert john.can_delete(notes)
|
|
assert john.can_delete(note0)
|
|
|
|
# user perms always override inherited permissions
|
|
note0.set_permissions(john, [])
|
|
note0 = app.db.Page.get(doc_id=note0.doc_id)
|
|
assert not john.can_read(note0)
|
|
assert players.can_read(note0)
|
|
|
|
|
|
def test_bootstrap(app):
|
|
from ttfrog.bootstrap import bootstrap
|
|
|
|
bootstrap()
|
|
|
|
admins = app.db.Group.get(where("name") == "administrators")
|
|
admin = app.db.User.get(where("name") == "admin")
|
|
assert admin.reference in admins.members
|