Mercurial Mercurial > pub > hg > cubicweb / comparison
summary | shortlog | changelog | graph | tags | bookmarks | branches | files | changeset | file | latest | revisions | annotate | diff | comparison | raw | help
Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
server/test/unittest_security.py
changeset 7398 26695dd703d8
parent 7244 a918f76441ce
child 7791 31bb51ea5485
equal deleted inserted replaced
7397:6a9e66d788b3 7398:26695dd703d8 
   219         cnx.commit()
 
   219         cnx.commit()
 
   220         # to actually get Unauthorized exception, try to insert a relation were we can read both entities
 
   220         # to actually get Unauthorized exception, try to insert a relation were we can read both entities
 
   221         rset = cu.execute('Personne P')
 
   221         rset = cu.execute('Personne P')
 
   222         self.assertEqual(len(rset), 1)
 
   222         self.assertEqual(len(rset), 1)
 
   223         ent = rset.get_entity(0, 0)
 
   223         ent = rset.get_entity(0, 0)
 
   224         session.set_pool() # necessary
 
   224         session.set_cnxset() # necessary
 
   225         self.assertRaises(Unauthorized, ent.cw_check_perm, 'update')
 
   225         self.assertRaises(Unauthorized, ent.cw_check_perm, 'update')
 
   226         self.assertRaises(Unauthorized,
 
   226         self.assertRaises(Unauthorized,
 
   227                           cu.execute, "SET P travaille S WHERE P is Personne, S is Societe")
 
   227                           cu.execute, "SET P travaille S WHERE P is Personne, S is Societe")
 
   228         self.assertRaises(QueryError, cnx.commit) # can't commit anymore
 
   228         self.assertRaises(QueryError, cnx.commit) # can't commit anymore
 
   229         cnx.rollback()
 
   229         cnx.rollback()
 
   577         eid = self.execute('INSERT Affaire X: X ref "ARCT01"')[0][0]
 
   577         eid = self.execute('INSERT Affaire X: X ref "ARCT01"')[0][0]
 
   578         self.commit()
 
   578         self.commit()
 
   579         cnx = self.login('iaminusersgrouponly')
 
   579         cnx = self.login('iaminusersgrouponly')
 
   580         session = self.session
 
   580         session = self.session
 
   581         # needed to avoid check_perm error
 
   581         # needed to avoid check_perm error
 
   582         session.set_pool()
 
   582         session.set_cnxset()
 
   583         # needed to remove rql expr granting update perm to the user
 
   583         # needed to remove rql expr granting update perm to the user
 
   584         affaire_perms = self.schema['Affaire'].permissions.copy()
 
   584         affaire_perms = self.schema['Affaire'].permissions.copy()
 
   585         self.schema['Affaire'].set_action_permissions('update', self.schema['Affaire'].get_groups('update'))
 
   585         self.schema['Affaire'].set_action_permissions('update', self.schema['Affaire'].get_groups('update'))
 
   586         try:
 
   586         try:
 
   587             self.assertRaises(Unauthorized,
 
   587             self.assertRaises(Unauthorized,
cubicweb