Commit d2b8b1cb authored by HERBERT Ryan's avatar HERBERT Ryan

VidjilAuth user groups refactor

Refactored get_user_groups to returns only direct links to users.
Added method to obtain all parent groups of user
parent 153bc323
......@@ -461,14 +461,19 @@ class VidjilAuth(Auth):
(db.auth_membership.user_id == user) &
(db.auth_membership.group_id == db.auth_group.id)
).select(db.auth_group.id, db.auth_group.role, groupby=db.auth_group.id)
return group_list
def get_user_group_parents(self, user = None):
is_current_user = user == None
if is_current_user:
user = self.user_id
parent_list = db(
(db.auth_membership.user_id == user) &
(db.auth_membership.group_id == db.group_assoc.second_group_id) &
(db.group_assoc.first_group_id == db.auth_group.id)
).select(db.auth_group.id, db.auth_group.role, groupby=db.auth_group.id)
return group_list | parent_list
return parent_list
def vidjil_accessible_query(self, name, table, user_id=None):
"""
......
......@@ -31,7 +31,7 @@ class VidjilauthModel(unittest.TestCase):
# Load the to-be-tested file
execfile("applications/vidjil/models/VidjilAuth.py", globals())
# set up default session/request/auth/...
global auth, group, group_sec, group_ter, group_qua, my_user_id, user_id_sec, count, patient_id, patient_id_sec, parent_user_id, admin_patient_id, sample_set_id, sample_set_id_sec, sample_set_id_ter
global auth, group, group_sec, group_ter, group_qua, group_qui, my_user_id, user_id_sec, count, patient_id, patient_id_sec, parent_user_id, admin_patient_id, sample_set_id, sample_set_id_sec, sample_set_id_ter
auth = VidjilAuth(globals(), db)
my_user_id = db.auth_user.insert(
......@@ -105,7 +105,10 @@ class VidjilauthModel(unittest.TestCase):
group_qua = db.auth_group.insert(role="group4", description="fourth group")
db.auth_membership.insert(user_id=my_user_id, group_id=group_qua)
group_qui = db.auth_group.insert(role="group5", description="fifth group")
db.group_assoc.insert(first_group_id = fake_group_id, second_group_id = group_sec)
db.group_assoc.insert(first_group_id = group_qui, second_group_id = group)
db.auth_permission.insert(name=PermissionEnum.upload.value, table_name='sample_set', group_id=group_qua, record_id=0)
db.auth_permission.insert(name=PermissionEnum.run.value, table_name='sample_set', group_id=group_qua, record_id=0)
......@@ -406,10 +409,19 @@ class VidjilauthModel(unittest.TestCase):
result = [g.id for g in auth.get_user_groups()]
self.assertEqual(Counter(expected), Counter(result), "Expected: %s, but got: %s" % (str(expected), str(result)))
expected = [group_sec, fake_group_id]
expected = [group_sec]
result = [g.id for g in auth.get_user_groups(user_id_sec)]
self.assertEqual(Counter(expected), Counter(result), "Expected: %s, but got: %s" % (str(expected), str(result)))
def testGetUserGroupParents(self):
expected = [group_qui]
result = [g.id for g in auth.get_user_group_parents()]
self.assertEqual(Counter(expected), Counter(result), "Expected: %s, but got: %s" % (str(expected), str(result)))
expected = [fake_group_id]
result = [g.id for g in auth.get_user_group_parents(user_id_sec)]
self.assertEqual(Counter(expected), Counter(result), "Expected: %s, but got: %s" % (str(expected), str(result)))
def testVidjilAccessibleQuery(self):
expected = [patient_id_sec, admin_patient_id]
result = [p.id for p in db(auth.vidjil_accessible_query(PermissionEnum.read.value, 'patient', auth.user_id)).select()]
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment