getUserPermsInheritance
This commit is contained in:
Tomas Kopecek
parent
66fec3a117
commit
e1ea85f184
3 changed files with 63 additions and 1 deletions
|
|
@ -13392,6 +13392,34 @@ class RootExports(object):
|
|||
user_info = get_user(userID, strict=True)
|
||||
return get_user_perms(user_info['id'], with_groups=with_groups)
|
||||
|
||||
def getUserPermsInheritance(self, userID):
|
||||
"""Get a dict of the permissions granted directly to user or inherited from groups
|
||||
with the sources.
|
||||
|
||||
:param int userID: User id
|
||||
:returns dict[str, list[str]]: list of permissions with source (None/group)
|
||||
"""
|
||||
user_info = get_user(userID, strict=True)
|
||||
perms = {}
|
||||
for perm in get_user_perms(user_info['id'], with_groups=False):
|
||||
perms[perm] = [None]
|
||||
|
||||
query = QueryProcessor(tables=['user_groups'],
|
||||
columns=['permissions.name', 'users.name'],
|
||||
aliases=['permission', 'group'],
|
||||
clauses=[
|
||||
'user_groups.active IS TRUE',
|
||||
'user_perms.active IS TRUE',
|
||||
'user_groups.user_id=%(user_id)s'],
|
||||
joins=[
|
||||
'user_perms ON user_perms.user_id = user_groups.group_id',
|
||||
'permissions ON perm_id = permissions.id',
|
||||
'users ON user_groups.group_id = users.id'],
|
||||
values={'user_id': user_info['id']})
|
||||
for row in query.execute():
|
||||
perms.setdefault(row['permission'], []).append(row['group'])
|
||||
return perms
|
||||
|
||||
def getAllPerms(self):
|
||||
"""Get a list of all permissions in the system. Returns a list of maps. Each
|
||||
map contains the following keys:
|
||||
|
|
|
|||
|
|
@ -1,6 +1,7 @@
|
|||
import mock
|
||||
import unittest
|
||||
import koji
|
||||
from .utils import DBQueryTestCase
|
||||
import kojihub
|
||||
|
||||
|
||||
|
|
@ -22,3 +23,36 @@ class TestGetUserPerms(unittest.TestCase):
|
|||
self.get_user.return_value = {'id': 123, 'name': 'testuser'}
|
||||
kojihub.RootExports().getUserPerms(123)
|
||||
self.get_user_perms.assert_called_once_with(123, with_groups=True)
|
||||
|
||||
|
||||
class TestGetUserPermsInheritance(DBQueryTestCase):
|
||||
def setUp(self):
|
||||
super(TestGetUserPermsInheritance, self).setUp()
|
||||
self.get_user = mock.patch('kojihub.kojihub.get_user').start()
|
||||
self.get_user_perms = mock.patch('kojihub.kojihub.get_user_perms').start()
|
||||
|
||||
def tearDown(self):
|
||||
mock.patch.stopall()
|
||||
|
||||
def test_no_user(self):
|
||||
self.get_user.side_effect = koji.GenericError
|
||||
with self.assertRaises(koji.GenericError):
|
||||
kojihub.RootExports().getUserPermsInheritance(123)
|
||||
self.get_user_perms.assert_not_called()
|
||||
|
||||
def test_normal(self):
|
||||
self.get_user.return_value = {'id': 123, 'name': 'testuser'}
|
||||
self.get_user_perms.return_value = ['test1', 'test2']
|
||||
self.qp_execute_return_value = [
|
||||
{'permission': 'test2', 'group': 'group1'},
|
||||
{'permission': 'test3', 'group': 'group1'},
|
||||
{'permission': 'test3', 'group': 'group2'},
|
||||
]
|
||||
result = kojihub.RootExports().getUserPermsInheritance(123)
|
||||
self.assertEqual(result, {
|
||||
'test1': [None],
|
||||
'test2': [None, 'group1'],
|
||||
'test3': ['group1', 'group2'],
|
||||
})
|
||||
self.get_user.assert_called_once_with(123, strict=True)
|
||||
self.get_user_perms.assert_called_once_with(123, with_groups=False)
|
||||
|
|
|
|||
|
|
@ -719,7 +719,7 @@ class TestAuthSession(unittest.TestCase):
|
|||
query = self.queries[1]
|
||||
self.assertEqual(query.tables, ['user_groups'])
|
||||
self.assertEqual(query.joins, [
|
||||
'LEFT JOIN user_perms ON user_perms.user_id = user_groups.group_id',
|
||||
'user_perms ON user_perms.user_id = user_groups.group_id',
|
||||
'permissions ON perm_id = permissions.id'])
|
||||
self.assertEqual(sorted(query.clauses), sorted([
|
||||
'user_groups.active IS TRUE',
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue