Skip to content

Commit

Permalink
fix: maintain order of groups (#141)
Browse files Browse the repository at this point in the history
  • Loading branch information
@jnussbaum
jnussbaum authored Sep 12, 2024
1 parent 54d3082 commit 6e68db6
Show file tree
Hide file tree
Showing 4 changed files with 62 additions and 62 deletions.
16 changes: 8 additions & 8 deletions dsp_permissions_scripts/models/scope.py
View file
Original file line number Diff line number Diff line change
Expand Up @@ -120,18 +120,18 @@ def remove(


OPEN = PermissionScope.create(
CR={PROJECT_ADMIN},
D={PROJECT_MEMBER},
V={KNOWN_USER, UNKNOWN_USER},
CR=[PROJECT_ADMIN],
D=[PROJECT_MEMBER],
V=[KNOWN_USER, UNKNOWN_USER],
)

RESTRICTED_VIEW = PermissionScope.create(
CR={PROJECT_ADMIN},
D={PROJECT_MEMBER},
RV={KNOWN_USER, UNKNOWN_USER},
CR=[PROJECT_ADMIN],
D=[PROJECT_MEMBER],
RV=[KNOWN_USER, UNKNOWN_USER],
)

RESTRICTED = PermissionScope.create(
CR={PROJECT_ADMIN},
D={PROJECT_MEMBER},
CR=[PROJECT_ADMIN],
D=[PROJECT_MEMBER],
)
2 changes: 1 addition & 1 deletion tests/test_doap_set.py
View file
Original file line number Diff line number Diff line change
Expand Up @@ -57,7 +57,7 @@ def test_create_new_doap_on_server(
_ = create_new_doap_on_server(
target=NewGroupDoapTarget(group=group.KNOWN_USER),
shortcode="0000",
scope=PermissionScope.create(V={group.UNKNOWN_USER}),
scope=PermissionScope.create(V=[group.UNKNOWN_USER]),
dsp_client=dsp_client,
)
dsp_client.post.assert_called_once_with("/admin/permissions/doap", data=create_new_doap_request)
Expand Down
90 changes: 45 additions & 45 deletions tests/test_scope.py
View file
Original file line number Diff line number Diff line change
Expand Up @@ -15,23 +15,23 @@ def test_valid_scope(self) -> None:
M=frozenset({group.PROJECT_MEMBER, group.KNOWN_USER}),
V=frozenset({group.UNKNOWN_USER}),
)
assert scope.CR == frozenset({group.SYSTEM_ADMIN})
assert scope.D == frozenset({group.PROJECT_ADMIN})
assert scope.M == frozenset({group.PROJECT_MEMBER, group.KNOWN_USER})
assert scope.V == frozenset({group.UNKNOWN_USER})
assert scope.CR == frozenset([group.SYSTEM_ADMIN])
assert scope.D == frozenset([group.PROJECT_ADMIN])
assert scope.M == frozenset([group.PROJECT_MEMBER, group.KNOWN_USER])
assert scope.V == frozenset([group.UNKNOWN_USER])
assert scope.RV == frozenset()

def test_valid_scope_create(self) -> None:
scope = PermissionScope.create(
CR={group.SYSTEM_ADMIN},
D={group.PROJECT_ADMIN},
M={group.PROJECT_MEMBER, group.KNOWN_USER},
V={group.UNKNOWN_USER},
CR=[group.SYSTEM_ADMIN],
D=[group.PROJECT_ADMIN],
M=[group.PROJECT_MEMBER, group.KNOWN_USER],
V=[group.UNKNOWN_USER],
)
assert scope.CR == frozenset({group.SYSTEM_ADMIN})
assert scope.D == frozenset({group.PROJECT_ADMIN})
assert scope.M == frozenset({group.PROJECT_MEMBER, group.KNOWN_USER})
assert scope.V == frozenset({group.UNKNOWN_USER})
assert scope.CR == frozenset([group.SYSTEM_ADMIN])
assert scope.D == frozenset([group.PROJECT_ADMIN])
assert scope.M == frozenset([group.PROJECT_MEMBER, group.KNOWN_USER])
assert scope.V == frozenset([group.UNKNOWN_USER])
assert scope.RV == frozenset()

def test_valid_scope_from_dict(self) -> None:
Expand Down Expand Up @@ -60,39 +60,39 @@ def test_create_empty_scope(self) -> None:
def test_same_group_in_multiple_fields(self) -> None:
with pytest.raises(ValueError, match=re.escape("must not occur in more than one field")):
PermissionScope.create(
CR={group.PROJECT_ADMIN},
D={group.PROJECT_ADMIN},
V={group.UNKNOWN_USER, group.KNOWN_USER},
CR=[group.PROJECT_ADMIN],
D=[group.PROJECT_ADMIN],
V=[group.UNKNOWN_USER, group.KNOWN_USER],
)


class TestAdd:
def test_add_to_scope(self) -> None:
scope = PermissionScope.create(
D={group.SYSTEM_ADMIN},
M={group.PROJECT_MEMBER, group.KNOWN_USER},
D=[group.SYSTEM_ADMIN],
M=[group.PROJECT_MEMBER, group.KNOWN_USER],
)
scope = scope.add("CR", group.PROJECT_ADMIN)
scope_expected = PermissionScope.create(
CR={group.PROJECT_ADMIN},
D={group.SYSTEM_ADMIN},
M={group.PROJECT_MEMBER, group.KNOWN_USER},
CR=[group.PROJECT_ADMIN],
D=[group.SYSTEM_ADMIN],
M=[group.PROJECT_MEMBER, group.KNOWN_USER],
)
assert scope == scope_expected

def test_add_same_group_to_same_permission(self) -> None:
scope = PermissionScope.create(
CR={group.PROJECT_ADMIN},
V={group.UNKNOWN_USER, group.KNOWN_USER},
CR=[group.PROJECT_ADMIN],
V=[group.UNKNOWN_USER, group.KNOWN_USER],
)
rgx = "Group 'val='knora-admin:ProjectAdmin'' is already in permission 'CR'"
with pytest.raises(ValueError, match=re.escape(rgx)):
_ = scope.add("CR", group.PROJECT_ADMIN)

def test_add_same_group_to_different_permission(self) -> None:
scope = PermissionScope.create(
CR={group.PROJECT_ADMIN},
V={group.UNKNOWN_USER, group.KNOWN_USER},
CR=[group.PROJECT_ADMIN],
V=[group.UNKNOWN_USER, group.KNOWN_USER],
)
with pytest.raises(ValueError, match=re.escape("must not occur in more than one field")):
_ = scope.add("RV", group.PROJECT_ADMIN)
Expand All @@ -101,29 +101,29 @@ def test_add_same_group_to_different_permission(self) -> None:
class TestRemove:
def test_remove_from_scope(self) -> None:
scope = PermissionScope.create(
CR={group.PROJECT_ADMIN},
D={group.SYSTEM_ADMIN},
M={group.PROJECT_MEMBER, group.KNOWN_USER},
CR=[group.PROJECT_ADMIN],
D=[group.SYSTEM_ADMIN],
M=[group.PROJECT_MEMBER, group.KNOWN_USER],
)
scope = scope.remove("CR", group.PROJECT_ADMIN)
scope_expected = PermissionScope.create(
D={group.SYSTEM_ADMIN},
M={group.PROJECT_MEMBER, group.KNOWN_USER},
D=[group.SYSTEM_ADMIN],
M=[group.PROJECT_MEMBER, group.KNOWN_USER],
)
assert scope == scope_expected

def test_remove_inexisting_group(self) -> None:
scope = PermissionScope.create(
D={group.SYSTEM_ADMIN},
M={group.PROJECT_MEMBER, group.KNOWN_USER},
D=[group.SYSTEM_ADMIN],
M=[group.PROJECT_MEMBER, group.KNOWN_USER],
)
with pytest.raises(ValueError, match=re.escape("is not in permission 'D'")):
_ = scope.remove("D", group.UNKNOWN_USER)

def test_remove_from_empty_perm(self) -> None:
scope = PermissionScope.create(
D={group.PROJECT_ADMIN},
V={group.PROJECT_MEMBER, group.UNKNOWN_USER},
D=[group.PROJECT_ADMIN],
V=[group.PROJECT_MEMBER, group.UNKNOWN_USER],
)
with pytest.raises(ValueError, match=re.escape("is not in permission 'CR'")):
_ = scope.remove("CR", group.PROJECT_ADMIN)
Expand All @@ -132,23 +132,23 @@ def test_remove_from_empty_perm(self) -> None:
class TestGet:
def test_get(self) -> None:
scope = PermissionScope.create(
CR={group.PROJECT_ADMIN},
D={group.SYSTEM_ADMIN},
M={group.PROJECT_MEMBER, group.KNOWN_USER},
V={group.UNKNOWN_USER},
CR=[group.PROJECT_ADMIN],
D=[group.SYSTEM_ADMIN],
M=[group.PROJECT_MEMBER, group.KNOWN_USER],
V=[group.UNKNOWN_USER],
)
assert scope.get("CR") == frozenset({group.PROJECT_ADMIN})
assert scope.get("D") == frozenset({group.SYSTEM_ADMIN})
assert scope.get("M") == frozenset({group.PROJECT_MEMBER, group.KNOWN_USER})
assert scope.get("V") == frozenset({group.UNKNOWN_USER})
assert scope.get("CR") == frozenset([group.PROJECT_ADMIN])
assert scope.get("D") == frozenset([group.SYSTEM_ADMIN])
assert scope.get("M") == frozenset([group.PROJECT_MEMBER, group.KNOWN_USER])
assert scope.get("V") == frozenset([group.UNKNOWN_USER])
assert scope.get("RV") == frozenset()

def test_get_inexisting_perm(self) -> None:
scope = PermissionScope.create(
CR={group.PROJECT_ADMIN},
D={group.SYSTEM_ADMIN},
M={group.PROJECT_MEMBER, group.KNOWN_USER},
V={group.UNKNOWN_USER},
CR=[group.PROJECT_ADMIN],
D=[group.SYSTEM_ADMIN],
M=[group.PROJECT_MEMBER, group.KNOWN_USER],
V=[group.UNKNOWN_USER],
)
with pytest.raises(ValueError, match=re.escape("Permission 'foo' not in")):
_ = scope.get("foo")
Expand Down
16 changes: 8 additions & 8 deletions tests/test_scope_serialization.py
View file
Original file line number Diff line number Diff line change
Expand Up @@ -53,18 +53,18 @@ class TestScopeSerialization:
V=[group.Group(val="knora-admin:CustomGroup")],
),
PermissionScope.create(
D={group.PROJECT_ADMIN},
RV={group.PROJECT_MEMBER},
D=[group.PROJECT_ADMIN],
RV=[group.PROJECT_MEMBER],
),
PermissionScope.create(
M={group.PROJECT_ADMIN},
V={group.CREATOR, group.KNOWN_USER},
RV={group.UNKNOWN_USER},
M=[group.PROJECT_ADMIN],
V=[group.CREATOR, group.KNOWN_USER],
RV=[group.UNKNOWN_USER],
),
PermissionScope.create(
CR={group.SYSTEM_ADMIN, group.PROJECT_ADMIN},
D={group.CREATOR},
RV={group.UNKNOWN_USER},
CR=[group.SYSTEM_ADMIN, group.PROJECT_ADMIN],
D=[group.CREATOR],
RV=[group.UNKNOWN_USER],
),
)

Expand Down

0 comments on commit 6e68db6

Please sign in to comment.