Skip to content

Commit

Permalink
Move split_user_and_role_names to authz
Browse files Browse the repository at this point in the history
  • Loading branch information
@index-git
index-git committed Nov 30, 2023
1 parent 3f63021 commit 056af0f
Show file tree
Hide file tree
Showing 4 changed files with 21 additions and 20 deletions.
6 changes: 6 additions & 0 deletions src/layman/authz/__init__.py
View file
Original file line number Diff line number Diff line change
Expand Up @@ -149,3 +149,9 @@ def complete_access_rights(access_rights_to_complete, full_access_rights):
if right_type not in access_rights_to_complete:
access_rights_to_complete[right_type] = full_access_rights[right_type]
return access_rights_to_complete


def split_user_and_role_names(user_and_role_names):
user_names = [name for name in user_and_role_names if any(letter.islower() for letter in name)]
role_names = [name for name in user_and_role_names if name not in user_names]
return user_names, role_names
15 changes: 14 additions & 1 deletion src/layman/authz/authz_test.py
View file
Original file line number Diff line number Diff line change
Expand Up @@ -5,7 +5,7 @@
from layman import app, settings, LaymanError
from test_tools import process_client
from test_tools.util import url_for
from . import authorize_workspace_publications_decorator
from . import authorize_workspace_publications_decorator, split_user_and_role_names


@authorize_workspace_publications_decorator
Expand Down Expand Up @@ -165,3 +165,16 @@ def test_authorize_publications_decorator_on_rest_api(
self.assert_response(response, authz_status_code, authz_response)
response = requests.get(rest_url, timeout=settings.DEFAULT_CONNECTION_TIMEOUT)
self.assert_response(response, authz_status_code, authz_response)


@pytest.mark.parametrize('roles_and_users, exp_users, exp_roles', [
pytest.param([], [], [], id='no-names'),
pytest.param(['user1', 'user2'], ['user1', 'user2'], [], id='only-users'),
pytest.param(['ROLE1', 'EVERYONE'], [], ['ROLE1', 'EVERYONE'], id='only-roles'),
pytest.param(['ROLE2', 'user1', 'EVERYONE', 'user2'], ['user1', 'user2'], ['ROLE2', 'EVERYONE'],
id='more-users-and-roles'),
])
def test_split_user_and_role_names(roles_and_users, exp_users, exp_roles):
user_names, role_names = split_user_and_role_names(roles_and_users)
assert user_names == exp_users
assert role_names == exp_roles
7 changes: 1 addition & 6 deletions src/layman/common/prime_db_schema/publications.py
View file
Original file line number Diff line number Diff line change
Expand Up @@ -6,6 +6,7 @@
from db import util as db_util, TableUri
from layman import settings, LaymanError
from layman.authn import is_user_with_name
from layman.authz import split_user_and_role_names
from layman.common import get_publications_consts as consts, bbox as bbox_util
from . import workspaces, users, rights

Expand Down Expand Up @@ -374,12 +375,6 @@ def owner_can_still_write(owner,
raise LaymanError(43, f'Owner of the personal workspace have to keep write right.')


def split_user_and_role_names(user_and_role_names):
user_names = [name for name in user_and_role_names if any(letter.islower() for letter in name)]
role_names = [name for name in user_and_role_names if name not in user_names]
return user_names, role_names


def check_rights_axioms(can_read,
can_write,
actor_name,
Expand Down
13 changes: 0 additions & 13 deletions src/layman/common/prime_db_schema/publications_test.py
View file
Original file line number Diff line number Diff line change
Expand Up @@ -501,16 +501,3 @@ def test_validation(self, username, pre_publication_update_info, publication_upd
publication_update_info,
)
assert exc_info.value.code == 43


@pytest.mark.parametrize('roles_and_users, exp_users, exp_roles', [
pytest.param([], [], [], id='no-names'),
pytest.param(['user1', 'user2'], ['user1', 'user2'], [], id='only-users'),
pytest.param(['ROLE1', 'EVERYONE'], [], ['ROLE1', 'EVERYONE'], id='only-roles'),
pytest.param(['ROLE2', 'user1', 'EVERYONE', 'user2'], ['user1', 'user2'], ['ROLE2', 'EVERYONE'],
id='more-users-and-roles'),
])
def test_split_user_and_role_names(roles_and_users, exp_users, exp_roles):
user_names, role_names = publications.split_user_and_role_names(roles_and_users)
assert user_names == exp_users
assert role_names == exp_roles

0 comments on commit 056af0f

Please sign in to comment.