valitydev/redash
14
0
Fork 0
mirror of https://github.com/valitydev/redash.git synced 2024-11-08 01:48:54 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity

Merge pull request #1998 from modomoto/fix_revoke_permissons_bug

Browse Source 
[FIX] Revoke permission should respect to given grantee and access type.
This commit is contained in:
Arik Fraimovich 2017-10-09 09:27:10 +03:00 committed by GitHub
commit 9d3ae2c34a
2 changed files with 22 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
redash/models.py
View File

@ -1041,13 +1041,13 @@ class AccessPermission(GFKBase, db.Model):
cls.object_type == obj.__tablename__) cls.object_type == obj.__tablename__)
if access_type: if access_type:
q.filter(AccessPermission.access_type == access_type) q = q.filter(AccessPermission.access_type == access_type)
if grantee: if grantee:
q.filter(AccessPermission.grantee == grantee) q = q.filter(AccessPermission.grantee == grantee)
if grantor: if grantor:
q.filter(AccessPermission.grantor == grantor) q = q.filter(AccessPermission.grantor == grantor)
return q return q

19
tests/models/test_permissions.py
View File

@ -40,6 +40,25 @@ class TestAccessPermissionRevoke(BaseTestCase):
grantee=self.factory.user) grantee=self.factory.user)
self.assertEqual(1, AccessPermission.revoke(q, self.factory.user, ACCESS_TYPE_MODIFY)) self.assertEqual(1, AccessPermission.revoke(q, self.factory.user, ACCESS_TYPE_MODIFY))
def test_deletes_permission_for_only_given_grantee_on_given_grant_type(self):
q = self.factory.create_query()
first_user = self.factory.create_user()
second_user = self.factory.create_user()
AccessPermission.grant(obj=q, access_type=ACCESS_TYPE_MODIFY,
grantor=self.factory.user,
grantee=first_user)
AccessPermission.grant(obj=q, access_type=ACCESS_TYPE_MODIFY,
grantor=self.factory.user,
grantee=second_user)
AccessPermission.grant(obj=q, access_type=ACCESS_TYPE_VIEW,
grantor=self.factory.user,
grantee=second_user)
self.assertEqual(1, AccessPermission.revoke(q, second_user, ACCESS_TYPE_VIEW))
def test_deletes_all_permissions_if_no_type_given(self): def test_deletes_all_permissions_if_no_type_given(self):
q = self.factory.create_query() q = self.factory.create_query()