def test_authenticated_user_delete_other_users_taskrun(self):
"""Test authenticated user cannot delete a taskrun if it was created
by another authenticated user, but can delete his own taskruns"""
own_taskrun = TaskRunFactory.create()
other_users_taskrun = TaskRunFactory.create()
assert self.mock_authenticated.id == own_taskrun.user.id
assert self.mock_authenticated.id != other_users_taskrun.user.id
assert_not_raises(Exception,
ensure_authorized_to, 'delete', own_taskrun)
assert_raises(Forbidden,
ensure_authorized_to, 'delete', other_users_taskrun)
python类Forbidden()的实例源码
def test_authenticated_user_cannot_save_results(self):
"""Test authenticated users cannot save results of a specific project"""
result = Result()
assert_raises(Forbidden, ensure_authorized_to, 'create', result)
def test_admin_user_cannot_save_results(self):
"""Test admin users cannot save results of a specific project"""
result = Result()
assert_raises(Forbidden, ensure_authorized_to, 'create', result)
def test_admin_user_cannot_delete_results(self):
"""Test admin users cannot delete results of a specific project"""
result = Result()
assert_raises(Forbidden, ensure_authorized_to, 'delete', result)
def test_auth_user_cannot_update_results(self):
"""Test auth users but not owner cannot update results of a specific project"""
result = self.create_result()
assert_raises(Forbidden, ensure_authorized_to, 'update', result)
def test_authenticated_user_cannot_crud_webhook(self):
"""Test authenticated users cannot crud webhooks"""
webhook = Webhook()
assert_raises(Forbidden, ensure_authorized_to, 'create', webhook)
assert_raises(Forbidden, ensure_authorized_to, 'update', webhook)
assert_raises(Forbidden, ensure_authorized_to, 'delete', webhook)
def test_admin_user_cannot_crud_webhook(self):
"""Test admin users cannot crud webhooks"""
webhook = Webhook()
assert_raises(Forbidden, ensure_authorized_to, 'create', webhook)
assert_raises(Forbidden, ensure_authorized_to, 'update', webhook)
assert_raises(Forbidden, ensure_authorized_to, 'delete', webhook)
def test_authenticated_user_can_crud(self):
"""Test authenticated users cannot crud categories"""
category = CategoryFactory.build()
assert_raises(Forbidden, ensure_authorized_to, 'create', category)
assert_not_raises(Exception, ensure_authorized_to, 'read', category)
assert_not_raises(Exception, ensure_authorized_to, 'read', Category)
assert_raises(Forbidden, ensure_authorized_to, 'update', category)
assert_raises(Forbidden, ensure_authorized_to, 'delete', category)
def test_authenticated_user_cannot_create(self):
"""Test authenticated users cannot create users"""
assert_raises(Forbidden, ensure_authorized_to, 'create', User)
def test_authenticated_user_cannot_update_another_user(self):
"""Test authenticated users cannot update another user than themselves"""
user = UserFactory.create()
assert user.id != self.mock_authenticated.id, user.id
assert_raises(Forbidden, ensure_authorized_to, 'update', user)
def test_authenticated_user_cannot_delete_another_user(self):
"""Test authenticated users cannot delete another user than themselves"""
user = UserFactory.create()
assert user.id != self.mock_authenticated.id, user.id
assert_raises(Forbidden, ensure_authorized_to, 'delete', user)
def test_anonymous_user_cannot_crud(self):
"""Test anonymous users cannot crud tasks"""
user = UserFactory.create()
project = ProjectFactory.create(owner=user)
task = TaskFactory.create(project=project)
assert_raises(Unauthorized, ensure_authorized_to, 'create', task)
assert_not_raises(Forbidden, ensure_authorized_to, 'read', task)
assert_not_raises(Forbidden, ensure_authorized_to, 'read', Task)
assert_raises(Unauthorized, ensure_authorized_to, 'update', task)
assert_raises(Unauthorized, ensure_authorized_to, 'delete', task)
def test_project_owner_can_crud(self):
"""Test project owner can crud tasks"""
user = UserFactory.create()
owner = UserFactory.create()
project = ProjectFactory.create(owner=owner)
task = TaskFactory.create(project=project)
assert self.mock_authenticated.id == owner.id
assert_not_raises(Forbidden, ensure_authorized_to, 'create', task)
assert_not_raises(Forbidden, ensure_authorized_to, 'read', task)
assert_not_raises(Forbidden, ensure_authorized_to, 'read', Task)
assert_not_raises(Forbidden, ensure_authorized_to, 'update', task)
assert_not_raises(Forbidden, ensure_authorized_to, 'delete', task)
def test_admin_can_crud(self):
"""Test admin user can crud tasks"""
admin = UserFactory.create()
owner = UserFactory.create()
project = ProjectFactory.create(owner=owner)
task = TaskFactory.create(project=project)
assert self.mock_admin.id != owner.id
assert_not_raises(Forbidden, ensure_authorized_to, 'create', task)
assert_not_raises(Forbidden, ensure_authorized_to, 'read', task)
assert_not_raises(Forbidden, ensure_authorized_to, 'read', Task)
assert_not_raises(Forbidden, ensure_authorized_to, 'update', task)
assert_not_raises(Forbidden, ensure_authorized_to, 'delete', task)
def test_authenticated_user_delete(self):
"""Test authenticated user is not allowed to delete an oauth token"""
for token in self.auth_providers:
assert_raises(Forbidden,
ensure_authorized_to, 'delete', 'token', token=token)
def test_authenticated_user_create(self):
"""Test authenticated user is not allowed to create an oauth token"""
for token in self.auth_providers:
assert_raises(Forbidden,
ensure_authorized_to, 'create', 'token', token=token)
def test_authenticated_user_update(self):
"""Test authenticated user is not allowed to update an oauth token"""
for token in self.auth_providers:
assert_raises(Forbidden,
ensure_authorized_to, 'update', 'token', token=token)
def test_a_project_cannot_be_created_as_published(self):
"""Test a project cannot be created directly as published"""
published_project = ProjectFactory.build(published=True)
assert_raises(Forbidden, ensure_authorized_to, 'create', published_project)
