How to use the kotti.security.set_groups function in Kotti
To help you get started, we’ve selected a few Kotti examples, based on popular ways it is used in public projects.
Secure your code as it's written. Use Snyk Code to scan source code in minutes - no build needed - and fix issues immediately.
Kotti / Kotti / kotti / tests.py View on Github 
def test_principals_with_local_roles(self):
session = DBSession()
root = get_root()
child = root[u'child'] = Node()
session.flush()
self.assertEqual(principals_with_local_roles(root), [])
self.assertEqual(principals_with_local_roles(child), [])
self.assertEqual(map_principals_with_local_roles(root), [])
self.assertEqual(map_principals_with_local_roles(child), [])
set_groups('group:bobsgroup', child, ['role:editor'])
set_groups('bob', root, ['group:bobsgroup'])
set_groups('group:franksgroup', root, ['role:editor'])
self.assertEqual(
set(principals_with_local_roles(child)),
set(['bob', 'group:bobsgroup', 'group:franksgroup'])
)
self.assertEqual(
set(principals_with_local_roles(child, inherit=False)),
set(['group:bobsgroup'])
)
self.assertEqual(
set(principals_with_local_roles(root)),
set(['bob', 'group:franksgroup'])
)# group:franksgroup -> role:editor
# child:
# group:bobsgroup -> group:franksgroup
# grandchild:
# group:franksgroup -> role:admin
# group:franksgroup -> group:bobsgroup
# bob and frank are a site-wide members of their respective groups:
set_groups('bob', root, ['group:bobsgroup'])
set_groups('frank', root, ['group:franksgroup'])
# franksgroup has a site-wide editor role:
set_groups('group:franksgroup', root, ['role:editor'])
# bobsgroup is part of franksgroup on the child level:
set_groups('group:bobsgroup', child, ['group:franksgroup'])
# franksgroup has the admin role on the grandchild.
# and finally, to test recursion, we make franksgroup part of
# bobsgroup on the grandchild level:
set_groups('group:franksgroup', grandchild,
['role:owner', 'group:bobsgroup'])def test_principals_with_local_roles(self):
session = DBSession()
root = get_root()
child = root[u'child'] = Node()
session.flush()
self.assertEqual(principals_with_local_roles(root), [])
self.assertEqual(principals_with_local_roles(child), [])
self.assertEqual(map_principals_with_local_roles(root), [])
self.assertEqual(map_principals_with_local_roles(child), [])
set_groups('group:bobsgroup', child, ['role:editor'])
set_groups('bob', root, ['group:bobsgroup'])
set_groups('group:franksgroup', root, ['role:editor'])
self.assertEqual(
set(principals_with_local_roles(child)),
set(['bob', 'group:bobsgroup', 'group:franksgroup'])
)
self.assertEqual(
set(principals_with_local_roles(child, inherit=False)),
set(['group:bobsgroup'])
)
self.assertEqual(
set(principals_with_local_roles(root)),
set(['bob', 'group:franksgroup'])
)def test_principals_with_local_roles(self):
session = DBSession()
root = get_root()
child = root[u'child'] = Node()
session.flush()
self.assertEqual(principals_with_local_roles(root), [])
self.assertEqual(principals_with_local_roles(child), [])
self.assertEqual(map_principals_with_local_roles(root), [])
self.assertEqual(map_principals_with_local_roles(child), [])
set_groups('group:bobsgroup', child, ['role:editor'])
set_groups('bob', root, ['group:bobsgroup'])
set_groups('group:franksgroup', root, ['role:editor'])
self.assertEqual(
set(principals_with_local_roles(child)),
set(['bob', 'group:bobsgroup', 'group:franksgroup'])
)
self.assertEqual(
set(principals_with_local_roles(child, inherit=False)),
set(['group:bobsgroup'])
)
self.assertEqual(
set(principals_with_local_roles(root)),
set(['bob', 'group:franksgroup'])
)self.add_some_principals()
# Search for "Bob", which will return both the user and the
# group, both of which have no roles:
request.params['search'] = u''
request.params['query'] = u'Bob'
entries = share_node(root, request)['entries']
self.assertEqual(len(entries), 2)
self.assertEqual(entries[0][0], P['bob'])
self.assertEqual(entries[0][1], ([], []))
self.assertEqual(entries[1][0], P['group:bobsgroup'])
self.assertEqual(entries[1][1], ([], []))
# We make Bob an Editor in this context, and Bob's Group
# becomes global Admin:
set_groups(u'bob', root, [u'role:editor'])
P[u'group:bobsgroup'].groups = [u'role:admin']
entries = share_node(root, request)['entries']
self.assertEqual(len(entries), 2)
self.assertEqual(entries[0][0], P['bob'])
self.assertEqual(entries[0][1], ([u'role:editor'], []))
self.assertEqual(entries[1][0], P['group:bobsgroup'])
self.assertEqual(entries[1][1], ([u'role:admin'], [u'role:admin']))
# A search that doesn't return any items will still include
# entries with existing local roles:
request.params['query'] = u'Weeee'
entries = share_node(root, request)['entries']
self.assertEqual(len(entries), 1)
self.assertEqual(entries[0][0], P[u'bob'])
self.assertEqual(entries[0][1], ([u'role:editor'], []))
self.assertEqual(request.session.pop_flash('notice'),['system.Everyone', 'system.Authenticated', 'bob']
)
# Define that bob belongs to bobsgroup on the root level:
set_groups('bob', root, ['group:bobsgroup'])
request.context = child
self.assertEqual(
set(auth.effective_principals(request)), set([
'system.Everyone', 'system.Authenticated',
'bob', 'group:bobsgroup'
])
)
# define that bob belongs to franksgroup in the user db:
get_principals()[u'bob'].groups = [u'group:franksgroup']
set_groups('group:franksgroup', child, ['group:anothergroup'])
self.assertEqual(
set(auth.effective_principals(request)), set([
'system.Everyone', 'system.Authenticated',
'bob', 'group:bobsgroup', 'group:franksgroup',
'group:anothergroup',
])
)
# And lastly test that circular group defintions are not a
# problem here either:
get_principals()[u'group:franksgroup'] = dict(
name=u'group:franksgroup',
title=u"Frank's group",
groups=[u'group:funnygroup', u'group:bobsgroup'],
)
self.assertEqual(child = root[u'child'] = Node()
grandchild = child[u'grandchild'] = Node()
session.flush()
# root:
# bob -> group:bobsgroup
# frank -> group:franksgroup
# group:franksgroup -> role:editor
# child:
# group:bobsgroup -> group:franksgroup
# grandchild:
# group:franksgroup -> role:admin
# group:franksgroup -> group:bobsgroup
# bob and frank are a site-wide members of their respective groups:
set_groups('bob', root, ['group:bobsgroup'])
set_groups('frank', root, ['group:franksgroup'])
# franksgroup has a site-wide editor role:
set_groups('group:franksgroup', root, ['role:editor'])
# bobsgroup is part of franksgroup on the child level:
set_groups('group:bobsgroup', child, ['group:franksgroup'])
# franksgroup has the admin role on the grandchild.
# and finally, to test recursion, we make franksgroup part of
# bobsgroup on the grandchild level:
set_groups('group:franksgroup', grandchild,
['role:owner', 'group:bobsgroup'])# root:
# bob -> group:bobsgroup
# frank -> group:franksgroup
# group:franksgroup -> role:editor
# child:
# group:bobsgroup -> group:franksgroup
# grandchild:
# group:franksgroup -> role:admin
# group:franksgroup -> group:bobsgroup
# bob and frank are a site-wide members of their respective groups:
set_groups('bob', root, ['group:bobsgroup'])
set_groups('frank', root, ['group:franksgroup'])
# franksgroup has a site-wide editor role:
set_groups('group:franksgroup', root, ['role:editor'])
# bobsgroup is part of franksgroup on the child level:
set_groups('group:bobsgroup', child, ['group:franksgroup'])
# franksgroup has the admin role on the grandchild.
# and finally, to test recursion, we make franksgroup part of
# bobsgroup on the grandchild level:
set_groups('group:franksgroup', grandchild,
['role:owner', 'group:bobsgroup'])Kotti
A high-level, Pythonic web application framework based on Pyramid and SQLAlchemy. It includes an extensible Content Management System called the Kotti CMS.
Package Health Score
51 / 100Popular Kotti functions
- kotti.DBSession
- kotti.DBSession.query
- kotti.events.ObjectEvent
- kotti.fanstatic.NeededGroup
- kotti.get_settings
- kotti.main
- kotti.resources.Content
- kotti.resources.Document
- kotti.resources.get_root
- kotti.resources.Node
- kotti.security.get_principals
- kotti.security.list_groups
- kotti.security.list_groups_ext
- kotti.security.principals_with_local_roles
- kotti.security.set_groups
- kotti.tests.DummyRequest
- kotti.tests.UnitTestBase
- kotti.util._
- kotti.util.ActionButton
- kotti.workflow.get_workflow