diff options
| -rw-r--r-- | wqflask/tests/unit/wqflask/test_resource_manager.py | 36 | ||||
| -rw-r--r-- | wqflask/wqflask/resource_manager.py | 10 |
2 files changed, 28 insertions, 18 deletions
diff --git a/wqflask/tests/unit/wqflask/test_resource_manager.py b/wqflask/tests/unit/wqflask/test_resource_manager.py index b0b7e6a3..9d5aaf0b 100644 --- a/wqflask/tests/unit/wqflask/test_resource_manager.py +++ b/wqflask/tests/unit/wqflask/test_resource_manager.py @@ -58,18 +58,26 @@ class TestCheckUserAccessRole(unittest.TestCase): """Test cases for `get_user_access_roles`""" def setUp(self): + self.resource_info = { + "owner_id": "8ad942fe-490d-453e-bd37", + "default_mask": { + "data": "no-access", + "metadata": "no-access", + "admin": "not-admin", + }, + "group_masks": { + "7fa95d07-0e2d-4bc5-b47c-448fdc1260b2": { + "metadata": "edit", + "data": "edit", + }}, + "name": "_14329", + "data": { + "dataset": 1, + "trait": 14329, + }, + "type": "dataset-publish", + } conn = mock.MagicMock() - conn.hget.return_value = ( - '{"owner_id": "8ad942fe-490d-453e-bd37", ' - '"default_mask": {"data": "no-access", ' - '"metadata": "no-access", ' - '"admin": "not-admin"}, ' - '"group_masks": ' - '{"7fa95d07-0e2d-4bc5-b47c-448fdc1260b2": ' - '{"metadata": "edit", "data": "edit"}}, ' - '"name": "_14329", "' - 'data": {"dataset": 1, "trait": 14329}, ' - '"type": "dataset-publish"}') conn.hgetall.return_value = { '7fa95d07-0e2d-4bc5-b47c-448fdc1260b2': ( @@ -85,7 +93,7 @@ class TestCheckUserAccessRole(unittest.TestCase): """Test that the right access roles are set""" self.assertEqual(get_user_access_roles( conn=self.conn, - resource_id="", # Can be anything + resource_info=self.resource_info, user_id="8ad942fe-490d-453e-bd37"), {"data": DataRole.EDIT, "metadata": DataRole.EDIT, @@ -94,7 +102,7 @@ class TestCheckUserAccessRole(unittest.TestCase): def test_get_user_access_default_mask(self): self.assertEqual(get_user_access_roles( conn=self.conn, - resource_id="", # Can be anything + resource_info=self.resource_info, user_id=""), {"data": DataRole.NO_ACCESS, "metadata": DataRole.NO_ACCESS, @@ -103,7 +111,7 @@ class TestCheckUserAccessRole(unittest.TestCase): def test_get_user_access_group_mask(self): self.assertEqual(get_user_access_roles( conn=self.conn, - resource_id="", # Can be anything + resource_info=self.resource_info, user_id="8ad942fe-490d-453e-bd37-56f252e41603"), {"data": DataRole.EDIT, "metadata": DataRole.EDIT, diff --git a/wqflask/wqflask/resource_manager.py b/wqflask/wqflask/resource_manager.py index a3a94f9e..57b99296 100644 --- a/wqflask/wqflask/resource_manager.py +++ b/wqflask/wqflask/resource_manager.py @@ -66,16 +66,19 @@ def get_user_membership(conn: redis.Redis, user_id: str, def get_user_access_roles(conn: redis.Redis, - resource_id: str, + resource_info: Dict, user_id: str) -> Dict: """Get the highest access roles for a given user Args: - - conn: A redis connection with `decoded_responses == True`. - - resource_id: The unique id of a given resource. + - conn: A redis connection with the responses decoded. + - resource_info: A dict containing details(metadata) about a + given resource. + - user_id: The unique id of a given user. Returns: A dict indicating the highest access role the user has. + """ # This is the default access role access_role = { @@ -83,7 +86,6 @@ def get_user_access_roles(conn: redis.Redis, "metadata": [DataRole.NO_ACCESS], "admin": [AdminRole.NOT_ADMIN], } - resource_info = json.loads(conn.hget('resources', resource_id)) # Check the resource's default mask if default_mask := resource_info.get("default_mask"): |