• 设为首页
  • 点击收藏
  • 手机版
    手机扫一扫访问
    迪恩网络手机版
  • 关注官方公众号
    微信扫一扫关注
    迪恩网络公众号

Python types.PermissionType类代码示例

原作者: [db:作者] 来自: [db:来源] 收藏 邀请

本文整理汇总了Python中st2common.rbac.types.PermissionType的典型用法代码示例。如果您正苦于以下问题:Python PermissionType类的具体用法?Python PermissionType怎么用?Python PermissionType使用的例子?那么恭喜您, 这里精选的类代码示例或许可以为您提供帮助。



在下文中一共展示了PermissionType类的20个代码示例,这些例子默认根据受欢迎程度排序。您可以为喜欢或者感觉有用的代码点赞,您的评价将有助于我们的系统推荐出更棒的Python代码示例。

示例1: main

def main():
    lines = []
    lines.append(HEADER)
    lines.append('')

    for resource_type in RESOURCE_DISPLAY_ORDER:
        resource_title = resource_type.replace('_', ' ').title()  # pylint: disable=no-member
        lines.append('%s' % (resource_title))
        lines.append('~' * len(resource_title))
        lines.append('')

        permission_types = PermissionType.get_valid_permissions_for_resource_type(
            resource_type=resource_type)

        rows = []
        rows.append(TABLE_HEADER)

        for permission_type in permission_types:
            description = PermissionType.get_permission_description(permission_type)
            rows.append([permission_type, description])

        table = as_rest_table(rows, full=True)
        lines.extend(table.split('\n'))
        lines.append('')

    result = '\n'.join(lines)
    with open(DESTINATION_PATH, 'w') as fp:
        fp.write(result)

    print('Generated: %s' % (DESTINATION_PATH))
    return result
开发者ID:alexmakarski,项目名称:st2,代码行数:31,代码来源:generate-available-permission-types-table.py


示例2: main

def main():
    lines = []
    lines.append(HEADER)
    lines.append("")

    for resource_type in RESOURCE_DISPLAY_ORDER:
        resource_title = resource_type.replace("_", " ").title()  # pylint: disable=no-member
        lines.append("%s" % (resource_title))
        lines.append("~" * len(resource_title))
        lines.append("")

        permission_types = PermissionType.get_valid_permissions_for_resource_type(resource_type=resource_type)

        rows = []
        rows.append(TABLE_HEADER)

        for permission_type in permission_types:
            description = PermissionType.get_permission_description(permission_type)
            rows.append(["**%s**" % (permission_type), description])

        table = as_rest_table(rows, full=True)
        lines.extend(table.split("\n"))
        lines.append("")

    result = "\n".join(lines)
    with open(DESTINATION_PATH, "w") as fp:
        fp.write(result)

    print("Generated: %s" % (DESTINATION_PATH))
    return result
开发者ID:jspittman,项目名称:st2,代码行数:30,代码来源:generate-available-permission-types-table.py


示例3: _user_has_resource_permission

    def _user_has_resource_permission(self, user_db, pack_uid, resource_uid, permission_type):
        log_context = {
            'user_db': user_db,
            'pack_uid': pack_uid,
            'resource_uid': resource_uid,
            'resource_type': self.resource_type,
            'permission_type': permission_type,
            'resolver': self.__class__.__name__
        }
        self._log('Checking user resource permissions', extra=log_context)

        # First check the system role permissions
        has_system_role_permission = self._user_has_system_role_permission(
            user_db=user_db, permission_type=permission_type)

        if has_system_role_permission:
            self._log('Found a matching grant via system role', extra=log_context)
            return True

        # Check custom roles
        view_permission_type = PermissionType.get_permission_type(resource_type=self.resource_type,
                                                                  permission_name='view')
        all_permission_type = PermissionType.get_permission_type(resource_type=self.resource_type,
                                                                 permission_name='all')

        if permission_type == view_permission_type:
            # Note: Some permissions such as "create", "modify", "delete" and "execute" also
            # grant / imply "view" permission
            permission_types = self.view_grant_permission_types[:] + [permission_type]
        elif permission_type not in all_permission_type:
            permission_types = [all_permission_type, permission_type]
        else:
            permission_types = [permission_type]

        # Check direct grants on the specified resource
        resource_types = [self.resource_type]
        permission_grants = get_all_permission_grants_for_user(user_db=user_db,
                                                               resource_uid=resource_uid,
                                                               resource_types=resource_types,
                                                               permission_types=permission_types)
        if len(permission_grants) >= 1:
            self._log('Found a direct grant on the action', extra=log_context)
            return True

        # Check grants on the parent pack
        resource_types = [ResourceType.PACK]
        permission_grants = get_all_permission_grants_for_user(user_db=user_db,
                                                               resource_uid=pack_uid,
                                                               resource_types=resource_types,
                                                               permission_types=permission_types)

        if len(permission_grants) >= 1:
            self._log('Found a grant on the action parent pack', extra=log_context)
            return True

        self._log('No matching grants found', extra=log_context)
        return False
开发者ID:hejin,项目名称:st2,代码行数:57,代码来源:resolvers.py


示例4: test_get_permission_type

 def test_get_permission_type(self):
     self.assertEqual(PermissionType.get_permission_type(resource_type=ResourceType.ACTION,
                                                         permission_name='view'),
                     PermissionType.ACTION_VIEW)
     self.assertEqual(PermissionType.get_permission_type(resource_type=ResourceType.ACTION,
                                                         permission_name='all'),
                     PermissionType.ACTION_ALL)
     self.assertEqual(PermissionType.get_permission_type(resource_type=ResourceType.ACTION,
                                                         permission_name='execute'),
                     PermissionType.ACTION_EXECUTE)
     self.assertEqual(PermissionType.get_permission_type(resource_type=ResourceType.RULE,
                                                         permission_name='view'),
                     PermissionType.RULE_VIEW)
     self.assertEqual(PermissionType.get_permission_type(resource_type=ResourceType.RULE,
                                                         permission_name='delete'),
                     PermissionType.RULE_DELETE)
     self.assertEqual(PermissionType.get_permission_type(resource_type=ResourceType.SENSOR,
                                                         permission_name='view'),
                     PermissionType.SENSOR_VIEW)
     self.assertEqual(PermissionType.get_permission_type(resource_type=ResourceType.SENSOR,
                                                         permission_name='all'),
                     PermissionType.SENSOR_ALL)
     self.assertEqual(PermissionType.get_permission_type(resource_type=ResourceType.SENSOR,
                                                         permission_name='modify'),
                     PermissionType.SENSOR_MODIFY)
     self.assertEqual(
         PermissionType.get_permission_type(resource_type=ResourceType.RULE_ENFORCEMENT,
                                            permission_name='view'),
         PermissionType.RULE_ENFORCEMENT_VIEW)
开发者ID:lyandut,项目名称:st2,代码行数:29,代码来源:test_rbac_types.py


示例5: test_get_valid_permission_for_resource_type

    def test_get_valid_permission_for_resource_type(self):
        valid_action_permissions = PermissionType.get_valid_permissions_for_resource_type(
            resource_type=ResourceType.ACTION
        )

        for name in valid_action_permissions:
            self.assertTrue(name.startswith(ResourceType.ACTION + "_"))

        valid_rule_permissions = PermissionType.get_valid_permissions_for_resource_type(resource_type=ResourceType.RULE)

        for name in valid_rule_permissions:
            self.assertTrue(name.startswith(ResourceType.RULE + "_"))
开发者ID:agilee,项目名称:st2,代码行数:12,代码来源:test_rbac.py


示例6: test_user_has_resource_db_permission

    def test_user_has_resource_db_permission(self):
        resolver = WebhookPermissionsResolver()
        all_permission_types = PermissionType.get_valid_permissions_for_resource_type(
            ResourceType.WEBHOOK)

        # Admin user, should always return true
        resource_db = self.resources['webhook_1']
        user_db = self.users['admin']
        self.assertUserHasResourceDbPermissions(
            resolver=resolver,
            user_db=user_db,
            resource_db=resource_db,
            permission_types=all_permission_types)

        # Custom role with "webhook_send" grant on webhook_1
        user_db = self.users['custom_role_webhook_grant']
        self.assertUserHasResourceDbPermission(
            resolver=resolver,
            user_db=user_db,
            resource_db=resource_db,
            permission_type=PermissionType.WEBHOOK_SEND)

        permission_types = [
            PermissionType.WEBHOOK_CREATE,
            PermissionType.WEBHOOK_DELETE,
            PermissionType.WEBHOOK_ALL
        ]
        self.assertUserDoesntHaveResourceDbPermissions(
            resolver=resolver,
            user_db=user_db,
            resource_db=resource_db,
            permission_types=permission_types)
开发者ID:lyandut,项目名称:st2,代码行数:32,代码来源:test_rbac_resolvers_webhook.py


示例7: _user_has_list_permission

    def _user_has_list_permission(self, user_db, permission_type):
        """
        Common method for checking if a user has specific "list" resource permission (e.g.
        rules_list, action_list, etc.).
        """
        assert PermissionType.get_permission_name(permission_type) == 'list'

        log_context = {
            'user_db': user_db,
            'permission_type': permission_type,
            'resolver': self.__class__.__name__
        }
        self._log('Checking user permissions', extra=log_context)

        # First check the system role permissions
        has_system_role_permission = self._user_has_system_role_permission(
            user_db=user_db, permission_type=permission_type)

        if has_system_role_permission:
            self._log('Found a matching grant via system role', extra=log_context)
            return True

        # Check custom roles
        permission_types = [permission_type]

        # Check direct grants
        permission_grants = get_all_permission_grants_for_user(user_db=user_db,
                                                               permission_types=permission_types)
        if len(permission_grants) >= 1:
            self._log('Found a direct grant', extra=log_context)
            return True

        self._log('No matching grants found', extra=log_context)
        return False
开发者ID:hejin,项目名称:st2,代码行数:34,代码来源:resolvers.py


示例8: validate

    def validate(self):
        # Parent JSON schema validation
        cleaned = super(RoleDefinitionFileFormatAPI, self).validate()

        # Custom validation

        # Validate that only the correct permission types are used
        permission_grants = getattr(self, 'permission_grants', [])
        for permission_grant in permission_grants:
            resource_uid = permission_grant.get('resource_uid', None)
            permission_types = permission_grant.get('permission_types', [])

            if resource_uid:
                # Permission types which apply to a resource
                resource_type, _ = parse_uid(uid=resource_uid)
                valid_permission_types = PermissionType.get_valid_permissions_for_resource_type(
                    resource_type=resource_type)

                for permission_type in permission_types:
                    if permission_type not in valid_permission_types:
                        message = ('Invalid permission type "%s" for resource type "%s"' %
                                   (permission_type, resource_type))
                        raise ValueError(message)
            else:
                # Right now we only support single permission type (list) which is global and
                # doesn't apply to a resource
                for permission_type in permission_types:
                    if not permission_type.endswith('_list'):
                        message = ('Invalid permission type "%s". Only "list" permission types '
                                   'can be used without a resource id' % (permission_type))
                        raise ValueError(message)

            return cleaned
开发者ID:KenMercusLai,项目名称:st2,代码行数:33,代码来源:rbac.py


示例9: _get_all_permission_type_for_resource

 def _get_all_permission_type_for_resource(self, resource_db):
     """
     Retrieve "ALL" permission type for the provided resource.
     """
     resource_type = resource_db.get_resource_type()
     permission_type = PermissionType.get_permission_type(resource_type=resource_type,
                                                          permission_name='all')
     return permission_type
开发者ID:hejin,项目名称:st2,代码行数:8,代码来源:resolvers.py


示例10: get_resolver_for_permission_type

def get_resolver_for_permission_type(permission_type):
    """
    Return resolver instance for the provided permission type.

    :rtype: Instance of :class:`PermissionsResolver`
    """
    resource_type = PermissionType.get_resource_type(permission_type=permission_type)
    resolver_instance = get_resolver_for_resource_type(resource_type=resource_type)
    return resolver_instance
开发者ID:hejin,项目名称:st2,代码行数:9,代码来源:resolvers.py


示例11: test_user_has_resource_db_permission

    def test_user_has_resource_db_permission(self):
        resolver = RunnerPermissionsResolver()
        all_permission_types = PermissionType.get_valid_permissions_for_resource_type(
            ResourceType.RUNNER)

        # Admin user, should always return true
        resource_db = self.resources['runner_1']
        user_db = self.users['admin']
        self.assertUserHasResourceDbPermissions(
            resolver=resolver,
            user_db=user_db,
            resource_db=resource_db,
            permission_types=all_permission_types)

        # Custom role with "runner_view" grant on runner_1
        resource_db = self.resources['runner_1']
        user_db = self.users['custom_role_runner_view_grant']
        self.assertUserHasResourceDbPermission(
            resolver=resolver,
            user_db=user_db,
            resource_db=resource_db,
            permission_type=PermissionType.RUNNER_VIEW)

        permission_types = [
            PermissionType.RUNNER_MODIFY,
            PermissionType.RUNNER_ALL
        ]
        self.assertUserDoesntHaveResourceDbPermissions(
            resolver=resolver,
            user_db=user_db,
            resource_db=resource_db,
            permission_types=permission_types)

        # Custom role with "runner_modify" grant on runner_2
        resource_db = self.resources['runner_2']
        user_db = self.users['custom_role_runner_modify_grant']
        self.assertUserHasResourceDbPermission(
            resolver=resolver,
            user_db=user_db,
            resource_db=resource_db,
            permission_type=PermissionType.RUNNER_MODIFY)

        permission_types = [
            PermissionType.RUNNER_VIEW,
            PermissionType.RUNNER_ALL
        ]
        self.assertUserDoesntHaveResourceDbPermissions(
            resolver=resolver,
            user_db=user_db,
            resource_db=resource_db,
            permission_types=permission_types)
开发者ID:Bala96,项目名称:st2,代码行数:51,代码来源:test_rbac_resolvers_runner.py


示例12: _validate_permission_types

def _validate_permission_types(resource_db, permission_types):
    """
    Validate that the permission_types list only contains valid values for the
    provided resource.
    """
    resource_db = _validate_resource_type(resource_db=resource_db)
    resource_type = resource_db.get_resource_type()
    valid_permission_types = PermissionType.get_valid_permissions_for_resource_type(resource_type)

    for permission_type in permission_types:
        if permission_type not in valid_permission_types:
            raise ValueError("Invalid permission type: %s" % (permission_type))

    return permission_types
开发者ID:rlugojr,项目名称:st2,代码行数:14,代码来源:rbac.py


示例13: test_get_permission_name

 def test_get_permission_name(self):
     self.assertEqual(PermissionType.get_permission_name(PermissionType.ACTION_LIST),
                      'list')
     self.assertEqual(PermissionType.get_permission_name(PermissionType.ACTION_CREATE),
                      'create')
     self.assertEqual(PermissionType.get_permission_name(PermissionType.ACTION_DELETE),
                      'delete')
     self.assertEqual(PermissionType.get_permission_name(PermissionType.ACTION_ALL),
                      'all')
     self.assertEqual(PermissionType.get_permission_name(PermissionType.PACK_ALL),
                      'all')
     self.assertEqual(PermissionType.get_permission_name(PermissionType.SENSOR_MODIFY),
                      'modify')
     self.assertEqual(PermissionType.get_permission_name(PermissionType.ACTION_EXECUTE),
                      'execute')
     self.assertEqual(PermissionType.get_permission_name(PermissionType.RULE_ENFORCEMENT_LIST),
                      'list')
开发者ID:lyandut,项目名称:st2,代码行数:17,代码来源:test_rbac_types.py


示例14: test_user_has_resource_db_permissions

    def test_user_has_resource_db_permissions(self):
        # Note: Right now we don't support granting permissions on key value items so we just check
        # that the method always returns True
        resolver = KeyValuePermissionsResolver()

        # No roles
        user_db = self.users['no_roles']
        resource_db = self.resources['kvp_1']

        permission_types = PermissionType.get_valid_permissions_for_resource_type(
            ResourceType.KEY_VALUE_PAIR)
        for permission_type in permission_types:
            self.assertTrue(resolver.user_has_resource_db_permission(
                user_db=user_db,
                resource_db=resource_db,
                permission_type=permission_type))
开发者ID:jspittman,项目名称:st2,代码行数:16,代码来源:test_rbac_resolvers_key_value_pair.py


示例15: _user_has_system_role_permission

    def _user_has_system_role_permission(self, user_db, permission_type):
        """
        Check the user system roles and return True if user has the required permission.

        :rtype: ``bool``
        """
        permission_name = PermissionType.get_permission_name(permission_type)

        user_role_dbs = get_roles_for_user(user_db=user_db)
        user_role_names = [role_db.name for role_db in user_role_dbs]

        if SystemRole.SYSTEM_ADMIN in user_role_names:
            # System admin has all the permissions
            return True
        elif SystemRole.ADMIN in user_role_names:
            # Admin has all the permissions
            return True
        elif SystemRole.OBSERVER in user_role_names and permission_name in READ_PERMISSION_NAMES:
            # Observer role has "view" permission on all the resources
            return True

        return False
开发者ID:hejin,项目名称:st2,代码行数:22,代码来源:resolvers.py


示例16: validate

    def validate(self):
        # Parent JSON schema validation
        super(RoleDefinitionFileFormatAPI, self).validate()

        # Custom validation

        # Validate that only the correct permission types are used
        permission_grants = getattr(self, 'permission_grants', [])
        for permission_grant in permission_grants:
            resource_uid = permission_grant.get('resource_uid', None)
            permission_types = permission_grant.get('permission_types', [])

            if resource_uid:
                resource_type, _ = parse_uid(uid=resource_uid)
                valid_permission_types = PermissionType.get_valid_permissions_for_resource_type(
                    resource_type=resource_type)

                for permission_type in permission_types:
                    if permission_type not in valid_permission_types:
                        message = ('Invalid permission type "%s" for resource type "%s"' %
                                   (permission_type, resource_type))
                        raise ValueError(message)
开发者ID:jspittman,项目名称:st2,代码行数:22,代码来源:rbac.py


示例17: test_user_has_resource_db_permission

    def test_user_has_resource_db_permission(self):
        resolver = RuleEnforcementPermissionsResolver()
        all_permission_types = PermissionType.get_valid_permissions_for_resource_type(
            ResourceType.RULE_ENFORCEMENT)

        # Admin user, should always return true
        resource_db = self.resources['rule_enforcement_1']
        user_db = self.users['admin']
        self.assertUserHasResourceDbPermissions(
            resolver=resolver,
            user_db=user_db,
            resource_db=resource_db,
            permission_types=all_permission_types)

        # Observer, should always return true for VIEW permission
        user_db = self.users['observer']
        self.assertUserHasResourceDbPermission(
            resolver=resolver,
            user_db=user_db,
            resource_db=self.resources['rule_enforcement_1'],
            permission_type=PermissionType.RULE_ENFORCEMENT_VIEW)
        self.assertUserHasResourceDbPermission(
            resolver=resolver,
            user_db=user_db,
            resource_db=self.resources['rule_enforcement_2'],
            permission_type=PermissionType.RULE_ENFORCEMENT_VIEW)

        # No roles, should return false for everything
        user_db = self.users['no_roles']
        self.assertUserDoesntHaveResourceDbPermissions(
            resolver=resolver,
            user_db=user_db,
            resource_db=resource_db,
            permission_types=all_permission_types)

        # Custom role with no permission grants, should return false for everything
        user_db = self.users['1_custom_role_no_permissions']
        self.assertUserDoesntHaveResourceDbPermissions(
            resolver=resolver,
            user_db=user_db,
            resource_db=resource_db,
            permission_types=all_permission_types)

        # Custom role with unrelated permission grant to parent pack
        user_db = self.users['custom_role_pack_grant']
        self.assertUserDoesntHaveResourceDbPermission(
            resolver=resolver,
            user_db=user_db,
            resource_db=self.resources['rule_enforcement_1'],
            permission_type=PermissionType.RULE_ENFORCEMENT_VIEW)
        self.assertUserDoesntHaveResourceDbPermission(
            resolver=resolver,
            user_db=user_db,
            resource_db=self.resources['rule_enforcement_2'],
            permission_type=PermissionType.RULE_ENFORCEMENT_VIEW)

        # Custom role with with grant on the parent pack
        user_db = self.users['custom_role_rule_pack_grant']
        self.assertUserHasResourceDbPermission(
            resolver=resolver,
            user_db=user_db,
            resource_db=self.resources['rule_enforcement_1'],
            permission_type=PermissionType.RULE_ENFORCEMENT_VIEW)
        self.assertUserHasResourceDbPermission(
            resolver=resolver,
            user_db=user_db,
            resource_db=self.resources['rule_enforcement_2'],
            permission_type=PermissionType.RULE_ENFORCEMENT_VIEW)

        # Custom role with a direct grant on rule
        user_db = self.users['custom_role_rule_grant']
        self.assertUserHasResourceDbPermission(
            resolver=resolver,
            user_db=user_db,
            resource_db=self.resources['rule_enforcement_3'],
            permission_type=PermissionType.RULE_ENFORCEMENT_VIEW)

        # Custom role - "rule_all" grant on the rule parent pack
        user_db = self.users['custom_role_pack_rule_all_grant']
        resource_db = self.resources['rule_enforcement_1']
        self.assertUserHasResourceDbPermissions(
            resolver=resolver,
            user_db=user_db,
            resource_db=resource_db,
            permission_types=all_permission_types)

        # Custom role - "rule_all" grant on the rule
        user_db = self.users['custom_role_rule_all_grant']
        resource_db = self.resources['rule_enforcement_1']
        self.assertUserHasResourceDbPermissions(
            resolver=resolver,
            user_db=user_db,
            resource_db=resource_db,
            permission_types=all_permission_types)

        # Custom role - "rule_modify" grant on rule_1
        user_db = self.users['custom_role_rule_modify_grant']
        resource_db = self.resources['rule_enforcement_1']

        # "modify" also grants "view"
#.........这里部分代码省略.........
开发者ID:Bala96,项目名称:st2,代码行数:101,代码来源:test_rbac_resolvers_rule_enforcement.py


示例18: test_get_permission_name

 def test_get_permission_name(self):
     self.assertEqual(PermissionType.get_permission_name(PermissionType.ACTION_CREATE), "create")
     self.assertEqual(PermissionType.get_permission_name(PermissionType.ACTION_DELETE), "delete")
     self.assertEqual(PermissionType.get_permission_name(PermissionType.ACTION_ALL), "all")
     self.assertEqual(PermissionType.get_permission_name(PermissionType.PACK_ALL), "all")
开发者ID:agilee,项目名称:st2,代码行数:5,代码来源:test_rbac.py


示例19: test_get_resource_type

 def test_get_resource_type(self):
     self.assertEqual(PermissionType.get_resource_type(PermissionType.ACTION_CREATE), ResourceType.ACTION)
     self.assertEqual(PermissionType.get_resource_type(PermissionType.ACTION_DELETE), ResourceType.ACTION)
     self.assertEqual(PermissionType.get_resource_type(PermissionType.ACTION_ALL), ResourceType.ACTION)
     self.assertEqual(PermissionType.get_resource_type(PermissionType.PACK_ALL), ResourceType.PACK)
开发者ID:agilee,项目名称:st2,代码行数:5,代码来源:test_rbac.py


示例20: test_user_has_resource_db_permission

    def test_user_has_resource_db_permission(self):
        resolver = InquiryPermissionsResolver()

        all_permission_types = PermissionType.get_valid_permissions_for_resource_type(
            ResourceType.INQUIRY)
        all_permission_types.remove(PermissionType.INQUIRY_LIST)

        # Admin user, should always return true
        user_db = self.users['admin']
        self.assertUserHasResourceDbPermissions(
            resolver=resolver,
            user_db=user_db,
            resource_db=self.resources['inquiry_1'],
            permission_types=all_permission_types)

        # Observer, should always return true for VIEW permission
        user_db = self.users['observer']
        self.assertUserHasResourceDbPermission(
            resolver=resolver,
            user_db=user_db,
            resource_db=self.resources['inquiry_1'],
            permission_type=PermissionType.INQUIRY_VIEW)

        self.assertUserDoesntHaveResourceDbPermission(
            resolver=resolver,
            user_db=user_db,
            resource_db=self.resources['inquiry_1'],
            permission_type=PermissionType.INQUIRY_RESPOND)
        self.assertUserDoesntHaveResourceDbPermission(
            resolver=resolver,
            user_db=user_db,
            resource_db=self.resources['inquiry_1'],
            permission_type=PermissionType.INQUIRY_ALL)

        # No roles, should return false for everything
        user_db = self.users['no_roles']
        self.assertUserDoesntHaveResourceDbPermissions(
            resolver=resolver,
            user_db=user_db,
            resource_db=self.resources['inquiry_1'],
            permission_types=all_permission_types)

        # Custom role with no permission grants, should return false for everything
        user_db = self.users['1_custom_role_no_permissions']
        self.assertUserDoesntHaveResourceDbPermissions(
            resolver=resolver,
            user_db=user_db,
            resource_db=self.resources['inquiry_1'],
            permission_types=all_permission_types)

        # View user should be able to view
        user_db = self.users['custom_role_inquiry_view_grant']
        self.assertUserHasResourceDbPermission(
            resolver=resolver,
            user_db=user_db,
            resource_db=self.resources['inquiry_1'],
            permission_type=PermissionType.INQUIRY_VIEW)

        # Respond user should be able to respond
        user_db = self.users['custom_role_inquiry_respond_grant']
        self.assertUserHasResourceDbPermission(
            resolver=resolver,
            user_db=user_db,
            resource_db=self.resources['inquiry_1'],
            permission_type=PermissionType.INQUIRY_RESPOND)

        # ALL user should have all db perms
        user_db = self.users['custom_role_inquiry_all_grant']
        self.assertUserHasResourceDbPermission(
            resolver=resolver,
            user_db=user_db,
            resource_db=self.resources['inquiry_1'],
            permission_type=PermissionType.INQUIRY_ALL)

        # Now to test inheritance from action_execution for parent workflow.
        # We still have to pass in INQUIRY_RESPOND to permission_type here to keep the resolver
        # enum assert happy, but we haven't granted INQUIRY_RESPOND to this role, proving
        # that the effective permission is inherited.
        user_db = self.users['custom_role_inquiry_inherit']
        self.assertUserHasResourceDbPermission(
            resolver=resolver,
            user_db=user_db,
            resource_db=self.resources['inquiry_2'],
            permission_type=PermissionType.INQUIRY_RESPOND)
开发者ID:lyandut,项目名称:st2,代码行数:84,代码来源:test_rbac_resolvers_inquiry.py



注:本文中的st2common.rbac.types.PermissionType类示例由纯净天空整理自Github/MSDocs等源码及文档管理平台,相关代码片段筛选自各路编程大神贡献的开源项目,源码版权归原作者所有,传播和使用请参考对应项目的License;未经允许,请勿转载。


鲜花

握手

雷人

路过

鸡蛋
该文章已有0人参与评论

请发表评论

全部评论

专题导读
上一篇:
Python router.abort函数代码示例发布时间:2022-05-27
下一篇:
Python trigger.TriggerType类代码示例发布时间:2022-05-27
热门推荐
阅读排行榜

扫描微信二维码

查看手机版网站

随时了解更新最新资讯

139-2527-9053

在线客服(服务时间 9:00~18:00)

在线QQ客服
地址:深圳市南山区西丽大学城创智工业园
电邮:jeky_zhao#qq.com
移动电话:139-2527-9053

Powered by 互联科技 X3.4© 2001-2213 极客世界.|Sitemap