1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
|
import pytest
from uuid import uuid4
from leap.soledad.common import couch
from test_soledad.util import CouchDBTestCase
@pytest.mark.needs_couch
class CouchDesignDocsTests(CouchDBTestCase):
def setUp(self):
CouchDBTestCase.setUp(self)
self.create_db()
def create_db(self, dbname=None):
if not dbname:
dbname = ('test-%s' % uuid4().hex)
if dbname not in self.couch_server:
self.couch_server.create(dbname)
self.db = couch.CouchDatabase(
(self.couch_url),
dbname)
def tearDown(self):
self.db.delete_database()
self.db.close()
CouchDBTestCase.tearDown(self)
def test_ensure_security_doc(self):
"""
Ensure_security creates a _security ddoc to ensure that only soledad
will have the lowest privileged access to an user db.
"""
self.assertFalse(self.db._database.resource.get_json('_security')[2])
self.db.ensure_security_ddoc()
security_ddoc = self.db._database.resource.get_json('_security')[2]
self.assertIn('admins', security_ddoc)
self.assertFalse(security_ddoc['admins']['names'])
self.assertIn('members', security_ddoc)
self.assertIn('soledad', security_ddoc['members']['names'])
def test_ensure_security_from_configuration(self):
"""
Given a configuration, follow it to create the security document
"""
configuration = {'members': ['user1', 'user2'],
'members_roles': ['role1', 'role2'],
'admins': ['admin'],
'admins_roles': ['administrators']
}
self.db.ensure_security_ddoc(configuration)
security_ddoc = self.db._database.resource.get_json('_security')[2]
self.assertEquals(configuration['admins'],
security_ddoc['admins']['names'])
self.assertEquals(configuration['admins_roles'],
security_ddoc['admins']['roles'])
self.assertEquals(configuration['members'],
security_ddoc['members']['names'])
self.assertEquals(configuration['members_roles'],
security_ddoc['members']['roles'])
|
