This repository has been archived on 2020-03-24. You can view files and clone it, but cannot push or open issues or pull requests.
quay/test/test_permissions.py

42 lines
1.3 KiB
Python

import unittest
from app import app
from data import model
from auth import scopes
from auth.permissions import SuperUserPermission, QuayDeferredPermissionUser
from initdb import setup_database_for_testing, finished_database_for_testing
SUPER_USERNAME = 'devtable'
UNSUPER_USERNAME = 'freshuser'
class TestSuperUserOps(unittest.TestCase):
def setUp(self):
setup_database_for_testing(self)
self._su = model.get_user(SUPER_USERNAME)
self._normie = model.get_user(UNSUPER_USERNAME)
def tearDown(self):
finished_database_for_testing(self)
def test_superuser_matrix(self):
import logging
logging.basicConfig(level=logging.DEBUG)
test_cases = [
(self._su, {scopes.SUPERUSER}, True),
(self._su, {scopes.DIRECT_LOGIN}, True),
(self._su, {scopes.READ_USER, scopes.SUPERUSER}, True),
(self._su, {scopes.READ_USER}, False),
(self._normie, {scopes.SUPERUSER}, False),
(self._normie, {scopes.DIRECT_LOGIN}, False),
(self._normie, {scopes.READ_USER, scopes.SUPERUSER}, False),
(self._normie, {scopes.READ_USER}, False),
]
for user_obj, scope_set, expected in test_cases:
perm_user = QuayDeferredPermissionUser.for_user(user_obj, scope_set)
has_su = perm_user.can(SuperUserPermission())
self.assertEquals(has_su, expected)