Coverage for gws-app/gws/base/auth/_test/access_test.py: 100%

37 statements  

« prev     ^ index     » next       coverage.py v7.11.0, created at 2025-10-16 23:09 +0200

1from typing import Optional, cast 

2 

3import gws 

4import gws.test.util as u 

5 

6from gws.base.auth import method, provider, user 

7 

8mock_provider = cast(gws.AuthProvider, gws.Data(uid='mock_provider')) 

9mock_user = user.from_record(mock_provider, dict(localUid='mock', roles=['a', 'b'])) 

10 

11root = u.gws_root() 

12 

13 

14def make_obj(acl): 

15 return root.create(gws.Node, permissions=gws.Data(read=gws.u.parse_acl(acl))) 

16 

17 

18def test_access_direct(): 

19 obj = make_obj('allow a') 

20 assert mock_user.can_use(obj) is True 

21 

22 obj = make_obj('deny a') 

23 assert mock_user.can_use(obj) is False 

24 

25 obj = make_obj('deny x, allow b') 

26 assert mock_user.can_use(obj) is True 

27 

28 obj = make_obj('deny x, deny b') 

29 assert mock_user.can_use(obj) is False 

30 

31 obj = make_obj('deny x') 

32 assert mock_user.can_use(obj) is False 

33 

34 

35def test_access_context(): 

36 x = make_obj('allow x') 

37 y = make_obj('allow y') 

38 z = make_obj('allow z') 

39 a = make_obj('allow a') 

40 

41 assert mock_user.can_use(x) is False 

42 assert mock_user.can_use(x, y, z) is False 

43 assert mock_user.can_use(x, y, z, a) is True 

44 

45 

46def test_access_context_and_parent(): 

47 x = make_obj('allow x') 

48 y = make_obj('allow y') 

49 z = make_obj('allow z') 

50 a = make_obj('allow a') 

51 

52 assert mock_user.can_use(x) is False 

53 

54 x.parent = y 

55 y.parent = a 

56 

57 assert mock_user.can_use(x) is True