diff --git a/gluon/tests/test_tools.py b/gluon/tests/test_tools.py index 8befce19..e325f4b5 100644 --- a/gluon/tests/test_tools.py +++ b/gluon/tests/test_tools.py @@ -785,15 +785,62 @@ class TestAuth(unittest.TestCase): self.assertEqual(self.auth.user_group(user_id=1), 1) # Bart should be user 1 and it unique group should be 1, 'user_1' - # TODO: def test_user_group_role(self): - # TODO: def test_has_membership(self): - # TODO: def test_add_membership(self): - # TODO: def test_del_membership(self): + def test_user_group_role(self): + self.auth.login_user(self.db(self.db.auth_user.username == 'bart').select().first()) # bypass login_bare() + user_group_role = 'user_%s' % self.db(self.db.auth_user.username == 'bart' + ).select(self.db.auth_user.id).first().id + self.assertEqual(self.auth.user_group_role(), user_group_role) + self.auth.logout_bare() + # with user_id args + self.assertEqual(self.auth.user_group_role(user_id=1), 'user_1') + # test None + self.auth.settings.create_user_groups = None + self.assertEqual(self.auth.user_group_role(user_id=1), None) def test_has_membership(self): self.auth.login_user(self.db(self.db.auth_user.username == 'bart').select().first()) # bypass login_bare() + self.assertTrue(self.auth.has_membership('user_1')) + self.assertFalse(self.auth.has_membership('user_555')) self.assertTrue(self.auth.has_membership(group_id=1)) - self.assertTrue(self.auth.has_membership(role='user_1')) + self.auth.logout_bare() + self.assertTrue(self.auth.has_membership(role='user_1', user_id=1)) + self.assertTrue(self.auth.has_membership(group_id=1, user_id=1)) + # check that event is logged + count_log_event_test_before = self.db(self.db.auth_event.id > 0).count() + self.assertTrue(self.auth.has_membership(group_id=1, user_id=1)) + count_log_event_test_after = self.db(self.db.auth_event.id > 0).count() + self.assertEqual(count_log_event_test_after, count_log_event_test_before) + + # Waiting guidance : https://github.com/web2py/web2py/issues/1300 + # def test_add_membership(self): + # self.auth.login_user(self.db(self.db.auth_user.username == 'bart').select().first()) # bypass login_bare() + # # failing case + # rtn = self.auth.add_membership('not_existing_role_name') + # # self.assertEqual(rtn, 'test') + # self.assertEqual(self.db(self.db.auth_group.role == 'not_existing_role_name').select().first(), 'test') + + def test_del_membership(self): + self.auth.login_user(self.db(self.db.auth_user.username == 'bart').select().first()) # bypass login_bare() + count_log_event_test_before = self.db(self.db.auth_event.id > 0).count() + user_1_role_id = self.db(self.db.auth_membership.group_id == self.auth.id_group('user_1') + ).select(self.db.auth_membership.id).first().id + self.assertEqual(self.auth.del_membership('user_1'), user_1_role_id) + count_log_event_test_after = self.db(self.db.auth_event.id > 0).count() + # check that event is logged + self.assertEqual(count_log_event_test_after, count_log_event_test_before) + # not logged in test case + group_id = self.auth.add_group('some_test_group') + membership_id = self.auth.add_membership('some_test_group') + self.assertEqual(self.auth.user_groups[group_id], 'some_test_group') + self.auth.logout_bare() + # not deleted + self.assertFalse(self.auth.del_membership('some_test_group')) + self.assertEqual(set(self.db.auth_membership(membership_id).as_dict().items()), + set({'group_id': 2L, 'user_id': 1L, 'id': 2L}.items())) # is not deleted + # deleted + bart_id = self.db(self.db.auth_user.username == 'bart').select(self.db.auth_user.id).first().id + self.assertTrue(self.auth.del_membership('some_test_group', user_id=bart_id)) + self.assertEqual(self.db.auth_membership(membership_id), None) # is really deleted # TODO: def test_add_permission(self): # TODO: def test_del_permission(self): diff --git a/gluon/tools.py b/gluon/tools.py index e8cd4d10..2b3188f1 100644 --- a/gluon/tools.py +++ b/gluon/tools.py @@ -2576,8 +2576,7 @@ class Auth(object): user_id = table_user.insert(**vars) user = table_user[user_id] if self.settings.create_user_groups: - group_id = self.add_group( - self.settings.create_user_groups % user) + group_id = self.add_group(self.settings.create_user_groups % user) self.add_membership(group_id, user_id) if self.settings.everybody_group_id: self.add_membership(self.settings.everybody_group_id, user_id) @@ -3343,7 +3342,7 @@ class Auth(object): key = web2py_uuid() if self.settings.registration_requires_approval: - key = 'pending-'+key + key = 'pending-' + key table_user.registration_key.default = key if form.accepts(request, session if self.csrf_prevention else None, @@ -3352,12 +3351,10 @@ class Auth(object): hideerror=self.settings.hideerror): description = self.messages.group_description % form.vars if self.settings.create_user_groups: - group_id = self.add_group( - self.settings.create_user_groups % form.vars, description) + group_id = self.add_group(self.settings.create_user_groups % form.vars, description) self.add_membership(group_id, form.vars.id) if self.settings.everybody_group_id: - self.add_membership( - self.settings.everybody_group_id, form.vars.id) + self.add_membership(self.settings.everybody_group_id, form.vars.id) if self.settings.registration_requires_verification: link = self.url( self.settings.function, args=('verify_email', key), scheme=True) @@ -4312,11 +4309,8 @@ class Auth(object): """ Creates a group associated to a role """ - - group_id = self.table_group().insert( - role=role, description=description) - self.log_event(self.messages['add_group_log'], - dict(group_id=group_id, role=role)) + group_id = self.table_group().insert(role=role, description=description) + self.log_event(self.messages['add_group_log'], dict(group_id=group_id, role=role)) return group_id def del_group(self, group_id): @@ -4326,7 +4320,8 @@ class Auth(object): self.db(self.table_group().id == group_id).delete() self.db(self.table_membership().group_id == group_id).delete() self.db(self.table_permission().group_id == group_id).delete() - if group_id in self.user_groups: del self.user_groups[group_id] + if group_id in self.user_groups: + del self.user_groups[group_id] self.log_event(self.messages.del_group_log, dict(group_id=group_id)) def id_group(self, role): @@ -4358,7 +4353,6 @@ class Auth(object): """ Checks if user is member of group_id or role """ - group_id = group_id or self.id_group(role) try: group_id = int(group_id) @@ -4367,8 +4361,8 @@ class Auth(object): if not user_id and self.user: user_id = self.user.id membership = self.table_membership() - if group_id and user_id and self.db((membership.user_id == user_id) - & (membership.group_id == group_id)).select(): + if group_id and user_id and self.db((membership.user_id == user_id) & + (membership.group_id == group_id)).select(): r = True else: r = False @@ -4415,6 +4409,10 @@ class Auth(object): """ group_id = group_id or self.id_group(role) + try: + group_id = int(group_id) + except: + group_id = self.id_group(group_id) # interpret group_id as a role if not user_id and self.user: user_id = self.user.id membership = self.table_membership() @@ -6424,10 +6422,9 @@ class Wiki(object): args += value['args'] db.define_table(key, *args, **value['vars']) - if self.settings.templates is None and not \ - self.settings.manage_permissions: - self.settings.templates = db.wiki_page.tags.contains('template') & \ - db.wiki_page.can_read.contains('everybody') + if self.settings.templates is None and not self.settings.manage_permissions: + self.settings.templates = \ + db.wiki_page.tags.contains('template') & db.wiki_page.can_read.contains('everybody') def update_tags_insert(page, id, db=db): for tag in page.tags or []: @@ -6450,8 +6447,10 @@ class Wiki(object): 'wiki_editor' not in auth.user_groups.values() and self.settings.groups == auth.user_groups.values()): group = db.auth_group(role='wiki_editor') - gid = group.id if group else db.auth_group.insert( - role='wiki_editor') + if group: + gid = group.id + else: + db.auth_group.insert(role='wiki_editor') auth.add_membership(gid) settings.lock_keys = True