Skip to content
This repository has been archived by the owner on Nov 13, 2024. It is now read-only.

Commit

Permalink
Merge pull request #965 from WildMeOrg/export_collab_fix2
Browse files Browse the repository at this point in the history
export permissions fixes
  • Loading branch information
TanyaStere42 authored Feb 2, 2024
2 parents a9b8ee6 + 6de1193 commit 9290ef7
Show file tree
Hide file tree
Showing 2 changed files with 26 additions and 5 deletions.
4 changes: 2 additions & 2 deletions app/extensions/__init__.py
Original file line number Diff line number Diff line change
Expand Up @@ -498,7 +498,7 @@ def current_user_has_export_permission(self):
from app.modules.users.permissions.rules import ObjectActionRule
from app.modules.users.permissions.types import AccessOperation

rule = ObjectActionRule(obj=self, action=AccessOperation.READ)
rule = ObjectActionRule(obj=self, action=AccessOperation.EXPORT)
return rule.check()

def current_user_has_edit_permission(self):
Expand All @@ -512,7 +512,7 @@ def user_has_export_permission(self, user):
from app.modules.users.permissions.rules import ObjectActionRule
from app.modules.users.permissions.types import AccessOperation

rule = ObjectActionRule(obj=self, action=AccessOperation.READ, user=user)
rule = ObjectActionRule(obj=self, action=AccessOperation.EXPORT, user=user)
return rule.check()

def user_has_view_permission(self, user):
Expand Down
27 changes: 24 additions & 3 deletions tests/modules/collaborations/resources/test_collaboration_usage.py
Original file line number Diff line number Diff line change
Expand Up @@ -16,7 +16,14 @@
module_unavailable('collaborations'), reason='Collaborations module disabled'
)
def test_use_collaboration(
flask_app_client, researcher_1, researcher_2, admin_user, test_root, db, request
flask_app_client,
researcher_1,
researcher_2,
admin_user,
user_manager_user,
test_root,
db,
request,
):
from app.modules.sightings.models import Sighting

Expand All @@ -33,6 +40,7 @@ def test_use_collaboration(
assert sighting.user_has_export_permission(researcher_1)
assert not sighting.user_has_view_permission(researcher_2)
assert not sighting.user_has_export_permission(researcher_2)
assert not sighting.user_has_export_permission(user_manager_user)

# should not work and should give informative error
ags_resp = asset_group_utils.read_asset_group_sighting(
Expand All @@ -44,7 +52,20 @@ def test_use_collaboration(
)
assert ags_resp['message'] == access_error

# create a (view) collab and approve
# create a (view) collab (between researcher1 and user_manager_user) and approve
create_resp = collab_utils.create_simple_collaboration(
flask_app_client, researcher_1, user_manager_user
)
collab_guid = create_resp.json['guid']
collab = collab_utils.get_collab_object_for_user(researcher_1, collab_guid)
request.addfinalizer(collab.delete)
collab_utils.approve_view_on_collaboration(
flask_app_client, collab_guid, user_manager_user, researcher_1
)
assert sighting.user_has_view_permission(user_manager_user)
assert not sighting.user_has_export_permission(user_manager_user)

# create a (view) collab (between researchers) and approve
create_resp = collab_utils.create_simple_collaboration(
flask_app_client, researcher_1, researcher_2
)
Expand All @@ -58,7 +79,7 @@ def test_use_collaboration(
assert sighting.user_has_view_permission(researcher_1)
assert sighting.user_has_export_permission(researcher_1)
assert sighting.user_has_view_permission(researcher_2)
assert sighting.user_has_export_permission(researcher_2)
assert not sighting.user_has_export_permission(researcher_2)

# Researcher 2 should be able to view all the data but edit none of it
asset_group_utils.read_asset_group(flask_app_client, researcher_2, asset_group_uuid)
Expand Down

0 comments on commit 9290ef7

Please sign in to comment.