doc/tutorials/advanced/part02_security.rst
changeset 12384 b2e0b6a8f76c
parent 12383 2dee7a944b3a
child 12385 ec8d3d8a9cf7
--- a/doc/tutorials/advanced/part02_security.rst	Thu Feb 21 15:16:22 2019 +0100
+++ b/doc/tutorials/advanced/part02_security.rst	Thu Feb 21 15:18:09 2019 +0100
@@ -318,7 +318,9 @@
             with self.admin_access.repo_cnx() as cnx:
                 # create a user for later security checks
                 toto = self.create_user(cnx, 'toto')
+
                 cnx.commit()
+
                 # init some data using the default manager connection
                 folder = cnx.create_entity('Folder',
                                            name=u'restricted',
@@ -327,29 +329,40 @@
                                            data_name=u'photo1.jpg',
                                            data=Binary('xxx'),
                                            filed_under=folder)
+
                 cnx.commit()
+
                 # visibility propagation
                 self.assertEquals(photo1.visibility, 'restricted')
+
                 # unless explicitly specified
                 photo2 = cnx.create_entity('File',
                                            data_name=u'photo2.jpg',
                                            data=Binary('xxx'),
                                            visibility=u'public',
                                            filed_under=folder)
+
                 cnx.commit()
+
                 self.assertEquals(photo2.visibility, 'public')
+
             with self.new_access('toto').repo_cnx() as cnx:
                 # test security
                 self.assertEqual(1, len(cnx.execute('File X'))) # only the public one
                 self.assertEqual(0, len(cnx.execute('Folder X'))) # restricted...
+
             with self.admin_access.repo_cnx() as cnx:
                 # may_be_read_by propagation
                 folder = cnx.entity_from_eid(folder.eid)
                 folder.cw_set(may_be_read_by=toto)
+
                 cnx.commit()
+
             with self.new_access('toto').repo_cnx() as cnx:
                 photo1 = cnx.entity_from_eid(photo1.eid)
+
                 self.failUnless(photo1.may_be_read_by)
+
                 # test security with permissions
                 self.assertEquals(2, len(cnx.execute('File X'))) # now toto has access to photo2
                 self.assertEquals(1, len(cnx.execute('Folder X'))) # and to restricted folder