AUDIT: Review !49

d96fa19b · Florian Spreckelsen · a42b60f2 · d96fa19b · d96fa19b
Commit d96fa19b authored 3 years ago by Florian Spreckelsen
--- a/src/caosdb/common/models.py
+++ b/src/caosdb/common/models.py
@@ -305,6 +305,7 @@ class Entity(object):
            Whether a contradicting denial (with same priority flag) in this
            ACL will be revoked.
        """
+        # @review Florian Spreckelsen 2022-03-17
        self.acl.grant(realm=realm, username=username, role=role,
                       permission=permission, priority=priority,
                       revoke_denial=revoke_denial)
@@ -339,6 +340,7 @@ class Entity(object):
            Whether a contradicting grant (with same priority flag) in this
            ACL will be revoked.
        """
+        # @review Florian Spreckelsen 2022-03-17
        self.acl.deny(realm=realm, username=username, role=role,
                      permission=permission, priority=priority,
                      revoke_grant=revoke_grant)
@@ -3762,6 +3764,7 @@ class ACL():
            The xml element containing the ACL rules, i.e. <Grant> and <Deny>
            rules.
        """
+        # @review Florian Spreckelsen 2022-03-17
        for e in xml:
            role = e.get("role")
            username = e.get("username")
@@ -3887,6 +3890,7 @@ class ACL():
            Whether a contradicting denial (with same priority flag) in this
            ACL will be revoked.
        """
+        # @review Florian Spreckelsen 2022-03-17
        priority = self._get_boolean_priority(priority)
        item = ACI(role=role, username=username,
                   realm=realm, permission=permission)
@@ -3928,6 +3932,7 @@ class ACL():
            Whether a contradicting grant (with same priority flag) in this
            ACL will be revoked.
        """
+        # @review Florian Spreckelsen 2022-03-17
        priority = self._get_boolean_priority(priority)
        item = ACI(role=role, username=username,
                   realm=realm, permission=permission)

--- a/unittests/test_acl.py
+++ b/unittests/test_acl.py
@@ -23,6 +23,7 @@ from lxml import etree
 def test_parse_xml():
+    # @review Florian Spreckelsen 2022-03-17
    xml_str = """
        <EntityACL>
          <Grant priority="False" role="role1">
@@ -42,9 +43,13 @@ def test_parse_xml():
    left_acl = db.ACL(xml)
    right_acl = db.ACL()
-    right_acl.grant(role="role1", permission="RETRIEVE:ENTITY", revoke_denial=False)
+    right_acl.grant(role="role1", permission="RETRIEVE:ENTITY",
-    right_acl.deny(role="role1", permission="RETRIEVE:ENTITY", revoke_grant=False)
+                    revoke_denial=False)
-    right_acl.grant(role="role1", permission="RETRIEVE:ENTITY", priority=True, revoke_denial=False)
+    right_acl.deny(role="role1", permission="RETRIEVE:ENTITY",
-    right_acl.deny(role="role1", permission="RETRIEVE:ENTITY", priority=True, revoke_grant=False)
+                   revoke_grant=False)
+    right_acl.grant(role="role1", permission="RETRIEVE:ENTITY",
+                    priority=True, revoke_denial=False)
+    right_acl.deny(role="role1", permission="RETRIEVE:ENTITY",
+                   priority=True, revoke_grant=False)
    assert left_acl == right_acl