72
72
return factory.make_node(owner=owner, status=NODE_STATUS.ALLOCATED)
75
class TestMaaSAuthorizationBackend(TestCase):
75
class TestMAASAuthorizationBackend(TestCase):
77
77
def test_invalid_check_object(self):
78
backend = MaaSAuthorizationBackend()
78
backend = MAASAuthorizationBackend()
79
79
mac = make_unallocated_node().add_mac_address('AA:BB:CC:DD:EE:FF')
81
81
NotImplementedError, backend.has_perm,
82
82
factory.make_admin(), 'access', mac)
84
84
def test_invalid_check_permission(self):
85
backend = MaaSAuthorizationBackend()
85
backend = MAASAuthorizationBackend()
87
87
NotImplementedError, backend.has_perm,
88
88
factory.make_admin(), 'not-access', make_unallocated_node())
90
90
def test_node_init_user_cannot_access(self):
91
backend = MaaSAuthorizationBackend()
91
backend = MAASAuthorizationBackend()
92
92
self.assertFalse(backend.has_perm(
93
93
get_node_init_user(), 'access', make_unallocated_node()))
95
95
def test_user_can_access_unowned_node(self):
96
backend = MaaSAuthorizationBackend()
96
backend = MAASAuthorizationBackend()
97
97
self.assertTrue(backend.has_perm(
98
98
factory.make_user(), 'access', make_unallocated_node()))
100
100
def test_user_cannot_access_nodes_owned_by_others(self):
101
backend = MaaSAuthorizationBackend()
101
backend = MAASAuthorizationBackend()
102
102
self.assertFalse(backend.has_perm(
103
103
factory.make_user(), 'access', make_allocated_node()))
105
105
def test_owned_status(self):
106
106
# A non-admin user can access nodes he owns.
107
backend = MaaSAuthorizationBackend()
107
backend = MAASAuthorizationBackend()
108
108
node = make_allocated_node()
109
109
self.assertTrue(backend.has_perm(node.owner, 'access', node))