Commit 64b261ba authored by HERBERT Ryan's avatar HERBERT Ryan
Browse files

VidjilAuth upload_file with id

The same as with processing files. The permission now depends on an
object_if_action and a record_id
parent 759828f0
......@@ -275,7 +275,7 @@ class VidjilAuth(Auth):
return self.get_permission(PermissionEnum.run.value, object_of_action, id, user=user)\
or self.is_admin(user)
def can_upload_file(self, user = None):
def can_upload_file(self, object_of_action, id=0, user = None):
'''
Returns True iff the current user can upload a sequence file
......
......@@ -259,11 +259,18 @@ class VidjilauthModel(unittest.TestCase):
"User %d is a member of admin group and is missing permissions to process files" % user_id)
def testCanUploadFile(self):
result = auth.can_upload_file()
self.assertFalse(result, "User %d should not have permission to upload files" % auth.user_id)
result = auth.can_upload_file('patient', patient_id_sec)
self.assertFalse(result,
"User %d should not have permission to upload files for patient %d" % (auth.user_id, patient_id_sec))
result = auth.can_upload_file('patient', patient_id, user_id_sec)
self.assertTrue(result,
"User %d should be able to upload files for patient %d" % (user_id_sec, patient_id))
result = auth.can_upload_file('patient', patient_id, user_id)
self.assertTrue(result,
"User %d is a member of admin group and is missing permissions to upload files" % user_id)
result = auth.can_upload_file(user_id_sec)
self.assertTrue(result, "User %d should be able to upload files" % user_id_sec)
result = auth.can_upload_file(user_id)
self.assertTrue(result,
......
Supports Markdown
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment