vbatts/quay
Archived
1
0
Fork 0
Code Issues Pull requests Releases Wiki Activity

Change permissions model so that non-admins do not get org-wide read

Browse source 
Fixes #1684
This commit is contained in:
Joseph Schorr 2016-08-04 16:23:09 -04:00
parent 5a4e557d90
commit c4daf1cc3d
5 changed files with 225 additions and 102 deletions
Download patch file Download diff file Expand all files Collapse all files

8
test/test_v2_endpoint_security.py
View file

@ -13,6 +13,7 @@ app.register_blueprint(v2_bp, url_prefix='/v2')
NO_ACCESS_USER = 'freshuser'
READ_ACCESS_USER = 'reader'
ADMIN_ACCESS_USER = 'devtable'
CREATOR_ACCESS_USER = 'creator'
class EndpointTestCase(unittest.TestCase):
@ -97,6 +98,13 @@ class TestReadAccess(EndpointTestCase):
auth_username = READ_ACCESS_USER
class TestCreatorAccess(EndpointTestCase):
__metaclass__ = _SpecTestBuilder
spec_func = build_v2_index_specs
result_attr = 'creator_code'
auth_username = CREATOR_ACCESS_USER
class TestAdminAccess(EndpointTestCase):
__metaclass__ = _SpecTestBuilder
spec_func = build_v2_index_specs