You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@allura.apache.org by je...@apache.org on 2015/05/15 12:29:52 UTC
[08/10] allura git commit: [#7633] ticket:768 Add has_access API for
ForgeActivity
[#7633] ticket:768 Add has_access API for ForgeActivity
Project: http://git-wip-us.apache.org/repos/asf/allura/repo
Commit: http://git-wip-us.apache.org/repos/asf/allura/commit/fe2133d0
Tree: http://git-wip-us.apache.org/repos/asf/allura/tree/fe2133d0
Diff: http://git-wip-us.apache.org/repos/asf/allura/diff/fe2133d0
Branch: refs/heads/ib/7633
Commit: fe2133d019883305f7d46da05f33a3328b46e873
Parents: d9a51a3
Author: Igor Bondarenko <je...@gmail.com>
Authored: Fri May 15 09:22:16 2015 +0000
Committer: Igor Bondarenko <je...@gmail.com>
Committed: Fri May 15 09:22:16 2015 +0000
----------------------------------------------------------------------
ForgeActivity/forgeactivity/main.py | 3 +-
.../forgeactivity/tests/functional/test_rest.py | 56 ++++++++++++++++++++
2 files changed, 58 insertions(+), 1 deletion(-)
----------------------------------------------------------------------
http://git-wip-us.apache.org/repos/asf/allura/blob/fe2133d0/ForgeActivity/forgeactivity/main.py
----------------------------------------------------------------------
diff --git a/ForgeActivity/forgeactivity/main.py b/ForgeActivity/forgeactivity/main.py
index e0b22c8..9bb6029 100644
--- a/ForgeActivity/forgeactivity/main.py
+++ b/ForgeActivity/forgeactivity/main.py
@@ -32,6 +32,7 @@ from allura.app import Application
from allura import version
from allura import model as M
from allura.controllers import BaseController
+from allura.controllers.rest import AppRestControllerMixin
from allura.lib.security import require_authenticated, require_access
from allura.model.timeline import perm_check, get_activity_object
from allura.lib import helpers as h
@@ -206,7 +207,7 @@ class ForgeActivityController(BaseController):
following=follow)
-class ForgeActivityRestController(BaseController):
+class ForgeActivityRestController(BaseController, AppRestControllerMixin):
def __init__(self, app, *args, **kw):
super(ForgeActivityRestController, self).__init__(*args, **kw)
http://git-wip-us.apache.org/repos/asf/allura/blob/fe2133d0/ForgeActivity/forgeactivity/tests/functional/test_rest.py
----------------------------------------------------------------------
diff --git a/ForgeActivity/forgeactivity/tests/functional/test_rest.py b/ForgeActivity/forgeactivity/tests/functional/test_rest.py
new file mode 100644
index 0000000..4a26d0c
--- /dev/null
+++ b/ForgeActivity/forgeactivity/tests/functional/test_rest.py
@@ -0,0 +1,56 @@
+from datadiff.tools import assert_equal
+
+from tg import config
+from alluratest.controller import TestRestApiBase
+
+
+class TestActivityHasAccessAPI(TestRestApiBase):
+
+ def setUp(self, *args, **kwargs):
+ super(TestActivityHasAccessAPI, self).setUp(*args, **kwargs)
+ self._enabled = config.get('activitystream.enabled', 'false')
+ config['activitystream.enabled'] = 'true'
+
+ def tearDown(self, *args, **kwargs):
+ super(TestActivityHasAccessAPI, self).tearDown(*args, **kwargs)
+ config['activitystream.enabled'] = self._enabled
+
+ def test_has_access_no_params(self):
+ r = self.api_get('/rest/p/test/activity/has_access', status=404)
+ r = self.api_get('/rest/p/test/activity/has_access?user=root', status=404)
+ r = self.api_get('/rest/p/test/activity/has_access?perm=read', status=404)
+
+ def test_has_access_unknown_params(self):
+ """Unknown user and/or permission always False for has_access API"""
+ r = self.api_get(
+ '/rest/p/test/activity/has_access?user=babadook&perm=read',
+ user='root')
+ assert_equal(r.status_int, 200)
+ assert_equal(r.json['result'], False)
+ r = self.api_get(
+ '/rest/p/test/activity/has_access?user=test-user&perm=jump',
+ user='root')
+ assert_equal(r.status_int, 200)
+ assert_equal(r.json['result'], False)
+
+ def test_has_access_not_admin(self):
+ """
+ User which has no 'admin' permission on neighborhood can't use
+ has_access API
+ """
+ self.api_get(
+ '/rest/p/test/activity/has_access?user=test-admin&perm=admin',
+ user='test-user',
+ status=403)
+
+ def test_has_access(self):
+ r = self.api_get(
+ '/rest/p/test/activity/has_access?user=test-admin&perm=admin',
+ user='root')
+ assert_equal(r.status_int, 200)
+ assert_equal(r.json['result'], True)
+ r = self.api_get(
+ '/rest/p/test/activity/has_access?user=test-user&perm=admin',
+ user='root')
+ assert_equal(r.status_int, 200)
+ assert_equal(r.json['result'], False)