From 18e6760a616b65a8328b713addc10c476c561149 Mon Sep 17 00:00:00 2001
From: Timm Fitschen <t.fitschen@indiscale.com>
Date: Wed, 8 Mar 2023 13:49:03 +0100
Subject: [PATCH] TST: test for server issue #196
---
tests/test_issues_server.py | 35 +++++++++++++++++++++++++++++++++++
1 file changed, 35 insertions(+)
diff --git a/tests/test_issues_server.py b/tests/test_issues_server.py
index 6419573..b38faa5 100644
--- a/tests/test_issues_server.py
+++ b/tests/test_issues_server.py
@@ -1176,3 +1176,38 @@ def test_192():
assert count6 == 1
assert count7 == 1
assert count8 == 1
+
+
+def test_196():
+ """See https://gitlab.com/caosdb/caosdb-server/-/issues/196"""
+ admin._insert_role(name=CURATOR_ROLE, description="Desc")
+
+ perms = admin._get_permissions(CURATOR_ROLE)
+ g = admin.PermissionRule(action="Grant", permission="TRANSACTION:*")
+ perms.add(g)
+ admin._set_permissions(CURATOR_ROLE, permission_rules=perms)
+ admin._insert_user(name="TestUser", password="Password1!", status="ACTIVE")
+ admin._set_roles(username="TestUser", roles=[CURATOR_ROLE])
+
+ db.configure_connection(username="TestUser", password_method="plain",
+ password="Password1!")
+ # works
+ db.RecordType(name="TestRT1").insert()
+ db.Property(name="TestProp1", datatype=db.TEXT).insert()
+
+ # Deny TRANSACTION:INSERT:PROPERTY
+ db.configure_connection()
+ perms = admin._get_permissions(CURATOR_ROLE)
+ g = admin.PermissionRule(action="Deny", permission="TRANSACTION:INSERT:PROPERTY")
+ perms.add(g)
+ admin._set_permissions(CURATOR_ROLE, permission_rules=perms)
+
+ db.configure_connection(username="TestUser", password_method="plain",
+ password="Password1!")
+ db.RecordType(name="TestRT2").insert()
+
+ # fails
+ with pytest.raises(TransactionError) as cm:
+ # this should fail because the curator doesn't have TRANSACTION:INSERT:PROPERTY
+ db.Property(name="TestProp2", datatype=db.TEXT).insert()
+ assert cm.value.errors[0].msg == "You are not allowed to do this."
--
GitLab