import repository from arizona
[raven.git] / lib / ravenlib / acl / testAcl.py
1 import unittest
2
3 from baseacl import *
4 from mysqlacl import *
5
6 class TestAcl():
7     def setUp(self):
8         pass
9
10     def createAclManager(self):
11         pass
12
13     def testEmpty(self):
14         manager = self.createAclManager()
15
16         self.assertRaises(AclDoesNotExistError, manager.get_acl, "foo")
17         self.assertRaises(AclDoesNotExistError, manager.test_acl, "foo", "user1", "u1a")
18
19     def testCreateAcl(self):
20         manager = self.createAclManager()
21
22         acl_foo = manager.create_acl("foo")
23         acl_bar = manager.create_acl("bar")
24
25         self.assertRaises(AclExistsError, manager.create_acl, "foo");
26
27     def testCreateAndSetRights(self):
28         manager = self.createAclManager()
29
30         acl_foo = manager.create_acl("foo")
31         acl_bar = manager.create_acl("bar")
32
33         acl_foo.add_right("user1", "u1a")
34         acl_foo.add_right("user1", "u1b")
35         acl_foo.add_right("user2", "u2a")
36
37         # read the acl back in and test the rights. This ought to make sure
38         # they get written to storage.
39         acl_foo = manager.get_acl("foo")
40         acl_foo.test_right("user1", "u1a")
41         acl_foo.test_right("user1", "u1b")
42         acl_foo.test_right("user2", "u2a")
43         self.assertRaises(AclPermissionError, acl_foo.test_right, "user1", "u2a")
44         self.assertRaises(AclPermissionError, acl_foo.test_right, "user2", "u1a")
45         self.assertRaises(AclPermissionError, acl_foo.test_right, "user2", "u1b")
46
47         # 'bar' didn't get any rights
48         acl_bar = manager.get_acl("bar")
49         self.assertRaises(AclPermissionError, acl_bar.test_right, "user1", "u1a")
50
51         # check using the manager test_acl function, which is really just a
52         # wrapper around acl.test_right
53         manager.test_acl("foo", "user1", "u1a")
54         manager.test_acl("foo", "user1", "u1b")
55         manager.test_acl("foo", "user2", "u2a")
56         self.assertRaises(AclPermissionError, manager.test_acl, "foo", "user1", "u2a")
57         self.assertRaises(AclPermissionError, manager.test_acl, "foo", "user2", "u1a")
58         self.assertRaises(AclPermissionError, manager.test_acl, "foo", "user2", "u1b")
59         self.assertRaises(AclPermissionError, manager.test_acl, "bar", "user1", "u1a")
60
61     def testDeleteAcl(self):
62         manager = self.createAclManager()
63
64         acl_foo = manager.create_acl("foo")
65         manager.delete_acl("foo")
66
67         self.assertRaises(AclDoesNotExistError, manager.get_acl, "foo")
68
69     def testCreateAclIfNotExist(self):
70         manager = self.createAclManager()
71
72         rights = {"user1": ["u1a","u1b"],
73                   "user2": ["u2a"]};
74
75         acl = manager.create_acl_if_not_exist("foo", rights)
76
77         self.assertTrue(acl != None)
78
79         manager.test_acl("foo", "user1", "u1a")
80         manager.test_acl("foo", "user1", "u1b")
81         manager.test_acl("foo", "user2", "u2a")
82
83     def testWildcard(self):
84         manager = self.createAclManager()
85
86         acl_foo = manager.create_acl("foo")
87         acl_foo.add_right("*", "read")
88         acl_foo.add_right("user2", "write")
89
90         acl_foo.add_right("admin", "create")
91         acl_foo.add_right("admin", "read")
92         acl_foo.add_right("admin", "write")
93
94         acl_foo.add_right("root", "delete")
95
96         manager.test_acl("foo", "user1", "read")
97         self.assertRaises(AclPermissionError, manager.test_acl, "foo", "user1", "write")
98         self.assertRaises(AclPermissionError, manager.test_acl, "foo", "user1", "create")
99         self.assertRaises(AclPermissionError, manager.test_acl, "foo", "user1", "delete")
100
101         manager.test_acl("foo", "user2", "read")
102         manager.test_acl("foo", "user2", "write")
103         self.assertRaises(AclPermissionError, manager.test_acl, "foo", "user2", "create")
104         self.assertRaises(AclPermissionError, manager.test_acl, "foo", "user2", "delete")
105
106
107 class TestMysqlAcl(unittest.TestCase, TestAcl):
108     def setUp(self):
109         TestAcl.setUp(self)
110
111     def createAclManager(self):
112         return MysqlAclManager(dbaddress="localhost", dbuser="gacks", dbname="gacks", dbpasswd="gackspassword", prefix = "acltest_", nuke=True)
113
114 if __name__ == "__main__":
115     unittest.main()