allura-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From brond...@apache.org
Subject [09/10] allura git commit: [#7633] ticket:768 Add has_access API for ForgeLink
Date Mon, 01 Jun 2015 15:16:28 GMT
[#7633] ticket:768 Add has_access API for ForgeLink


Project: http://git-wip-us.apache.org/repos/asf/allura/repo
Commit: http://git-wip-us.apache.org/repos/asf/allura/commit/e1e7cdfb
Tree: http://git-wip-us.apache.org/repos/asf/allura/tree/e1e7cdfb
Diff: http://git-wip-us.apache.org/repos/asf/allura/diff/e1e7cdfb

Branch: refs/heads/master
Commit: e1e7cdfb6303468d2e4d3563f41c571c295a15f8
Parents: 0f577ad
Author: Igor Bondarenko <jetmind2@gmail.com>
Authored: Fri May 15 09:14:03 2015 +0000
Committer: Dave Brondsema <dave@brondsema.net>
Committed: Mon Jun 1 11:15:35 2015 -0400

----------------------------------------------------------------------
 ForgeLink/forgelink/link_main.py                |  3 +-
 .../forgelink/tests/functional/test_rest.py     | 51 ++++++++++++++++++++
 2 files changed, 53 insertions(+), 1 deletion(-)
----------------------------------------------------------------------


http://git-wip-us.apache.org/repos/asf/allura/blob/e1e7cdfb/ForgeLink/forgelink/link_main.py
----------------------------------------------------------------------
diff --git a/ForgeLink/forgelink/link_main.py b/ForgeLink/forgelink/link_main.py
index bfcf9f9..ef1c510 100644
--- a/ForgeLink/forgelink/link_main.py
+++ b/ForgeLink/forgelink/link_main.py
@@ -32,6 +32,7 @@ from allura.lib.security import require_access, has_access
 from allura.lib.utils import permanent_redirect
 from allura import model as M
 from allura.controllers import BaseController
+from allura.controllers.rest import AppRestControllerMixin
 
 # Local imports
 from forgelink import version
@@ -146,7 +147,7 @@ class LinkAdminController(DefaultAdminController):
         return {'status': 'ok'}
 
 
-class RootRestController(BaseController):
+class RootRestController(BaseController, AppRestControllerMixin):
 
     def __init__(self, app):
         self.app = app

http://git-wip-us.apache.org/repos/asf/allura/blob/e1e7cdfb/ForgeLink/forgelink/tests/functional/test_rest.py
----------------------------------------------------------------------
diff --git a/ForgeLink/forgelink/tests/functional/test_rest.py b/ForgeLink/forgelink/tests/functional/test_rest.py
index d7bb7da..7fd6485 100644
--- a/ForgeLink/forgelink/tests/functional/test_rest.py
+++ b/ForgeLink/forgelink/tests/functional/test_rest.py
@@ -78,3 +78,54 @@ class TestLinkApi(TestRestApiBase):
                       status=200)
         r = self.api_get(u'/rest/p/test/link'.encode('utf-8'))
         assert_equal(r.json['url'], 'http://yahoo.com')
+
+
+class TestLinkHasAccess(TestRestApiBase):
+
+    def setUp(self):
+        super(TestLinkHasAccess, self).setUp()
+        self.setup_with_tools()
+
+    @td.with_link
+    def setup_with_tools(self):
+        h.set_context('test', 'link', neighborhood='Projects')
+
+    def test_has_access_no_params(self):
+        r = self.api_get('/rest/p/test/link/has_access', status=404)
+        r = self.api_get('/rest/p/test/link/has_access?user=root', status=404)
+        r = self.api_get('/rest/p/test/link/has_access?perm=read', status=404)
+
+    def test_has_access_unknown_params(self):
+        """Unknown user and/or permission always False for has_access API"""
+        r = self.api_get(
+            '/rest/p/test/link/has_access?user=babadook&perm=read',
+            user='root')
+        assert_equal(r.status_int, 200)
+        assert_equal(r.json['result'], False)
+        r = self.api_get(
+            '/rest/p/test/link/has_access?user=test-user&perm=jump',
+            user='root')
+        assert_equal(r.status_int, 200)
+        assert_equal(r.json['result'], False)
+
+    def test_has_access_not_admin(self):
+        """
+        User which has no 'admin' permission on neighborhood can't use
+        has_access API
+        """
+        self.api_get(
+            '/rest/p/test/link/has_access?user=test-admin&perm=configure',
+            user='test-user',
+            status=403)
+
+    def test_has_access(self):
+        r = self.api_get(
+            '/rest/p/test/link/has_access?user=test-admin&perm=configure',
+            user='root')
+        assert_equal(r.status_int, 200)
+        assert_equal(r.json['result'], True)
+        r = self.api_get(
+            '/rest/p/test/link/has_access?user=test-user&perm=configure',
+            user='root')
+        assert_equal(r.status_int, 200)
+        assert_equal(r.json['result'], False)


Mime
View raw message