From 610335cb3c3030cf39e91ad3232d468b388fc340 Mon Sep 17 00:00:00 2001
From: BonfaceKilz
Date: Fri, 15 Oct 2021 08:51:46 +0300
Subject: Get a users access mask

If a user has several access roles, select the highest role.
---
 .../tests/unit/wqflask/test_resource_manager.py    | 59 ++++++++++++++++++++++
 1 file changed, 59 insertions(+)

(limited to 'wqflask/tests')

diff --git a/wqflask/tests/unit/wqflask/test_resource_manager.py b/wqflask/tests/unit/wqflask/test_resource_manager.py
index a27f40e1..b0b7e6a3 100644
--- a/wqflask/tests/unit/wqflask/test_resource_manager.py
+++ b/wqflask/tests/unit/wqflask/test_resource_manager.py
@@ -3,6 +3,9 @@ import unittest
 
 from unittest import mock
 from wqflask.resource_manager import get_user_membership
+from wqflask.resource_manager import get_user_access_roles
+from wqflask.resource_manager import DataRole
+from wqflask.resource_manager import AdminRole
 
 
 class TestGetUserMembership(unittest.TestCase):
@@ -49,3 +52,59 @@ class TestGetUserMembership(unittest.TestCase):
                 group_id="7fa95d07-0e2d-4bc5-b47c-448fdc1260b2"),
             {"member": True,
              "admin": True})
+
+
+class TestCheckUserAccessRole(unittest.TestCase):
+    """Test cases for `get_user_access_roles`"""
+
+    def setUp(self):
+        conn = mock.MagicMock()
+        conn.hget.return_value = (
+            '{"owner_id": "8ad942fe-490d-453e-bd37", '
+            '"default_mask": {"data": "no-access", '
+            '"metadata": "no-access", '
+            '"admin": "not-admin"}, '
+            '"group_masks": '
+            '{"7fa95d07-0e2d-4bc5-b47c-448fdc1260b2": '
+            '{"metadata": "edit", "data": "edit"}}, '
+            '"name": "_14329", "'
+            'data": {"dataset": 1, "trait": 14329}, '
+            '"type": "dataset-publish"}')
+
+        conn.hgetall.return_value = {
+            '7fa95d07-0e2d-4bc5-b47c-448fdc1260b2': (
+                '{"name": "editors", '
+                '"admins": ["8ad942fe-490d-453e-bd37-56f252e41604", "rand"], '
+                '"members": ["8ad942fe-490d-453e-bd37-56f252e41603", '
+                '"rand"], '
+                '"changed_timestamp": "Oct 06 2021 06:39PM", '
+                '"created_timestamp": "Oct 06 2021 06:39PM"}')}
+        self.conn = conn
+
+    def test_get_user_access_when_owner(self):
+        """Test that the right access roles are set"""
+        self.assertEqual(get_user_access_roles(
+            conn=self.conn,
+            resource_id="",  # Can be anything
+            user_id="8ad942fe-490d-453e-bd37"),
+                         {"data": DataRole.EDIT,
+                          "metadata": DataRole.EDIT,
+                          "admin": AdminRole.EDIT_ACCESS})
+
+    def test_get_user_access_default_mask(self):
+        self.assertEqual(get_user_access_roles(
+            conn=self.conn,
+            resource_id="",  # Can be anything
+            user_id=""),
+                         {"data": DataRole.NO_ACCESS,
+                          "metadata": DataRole.NO_ACCESS,
+                          "admin": AdminRole.NOT_ADMIN})
+
+    def test_get_user_access_group_mask(self):
+        self.assertEqual(get_user_access_roles(
+            conn=self.conn,
+            resource_id="",  # Can be anything
+            user_id="8ad942fe-490d-453e-bd37-56f252e41603"),
+                         {"data": DataRole.EDIT,
+                          "metadata": DataRole.EDIT,
+                          "admin": AdminRole.NOT_ADMIN})
-- 
cgit v1.2.3