From d5e7709e3d312f1260174e1f6d4a3d777e454698 Mon Sep 17 00:00:00 2001
From: Timm Fitschen <t.fitschen@indiscale.com>
Date: Wed, 16 Mar 2022 11:27:22 +0100
Subject: [PATCH] TST: fix broken tests in test_state.py

---
 tests/test_state.py | 8 ++++++--
 1 file changed, 6 insertions(+), 2 deletions(-)

diff --git a/tests/test_state.py b/tests/test_state.py
index 3d7c465..07fbfd8 100644
--- a/tests/test_state.py
+++ b/tests/test_state.py
@@ -111,7 +111,7 @@ def setup_module():
             "ACL": None})
     state_acl = db.ACL()
     state_acl.grant(role="role1", permission="UPDATE:DESCRIPTION")
-    state_acl.deny(role="anonymous", permission="*")
+    state_acl.deny(role="anonymous", permission="RETRIEVE:ENTITY")
     state_acl = db.State.create_state_acl(state_acl)
     st1.acl = state_acl.combine(st1.acl)
     st1.update_acl()
@@ -483,10 +483,14 @@ def test_transfer_state_acl():
     rec.state = db.State(model="Model1", name="State1")
     insert_rec = rec.insert(flags={"ACL": None})
 
-    state_acl = db.ACL().combine(db.get_global_acl())
+    state_acl = db.ACL()
     state_acl.grant(role="role1", permission="UPDATE:DESCRIPTION")
+    state_acl.deny(role="anonymous", permission="RETRIEVE:ENTITY")
+    state_acl = state_acl.combine(db.get_global_acl())
 
     # the acl has been transfered from the state record
+    assert insert_rec.acl.get_permissions_for_role("role1") == {"UPDATE:DESCRIPTION"}
+    assert "RETRIEVE:ENTITY" not in insert_rec.acl.get_permissions_for_role("anonymous")
     assert insert_rec.acl == state_acl
 
 
-- 
GitLab