checking permitions of actions

This commit is contained in:
Cayo Puigdefabregas 2021-11-22 12:01:12 +01:00
parent e09073216c
commit 2d5ead7c1b
3 changed files with 65 additions and 15 deletions

View File

@ -79,6 +79,15 @@ class ActionWithMultipleDevices(Action):
collection_class=OrderedSet) collection_class=OrderedSet)
class ActionWithMultipleDevicesCheckingOwner(ActionWithMultipleDevices):
@post_load
def check_owner_of_device(self, data):
for dev in data['devices']:
if dev.owner != g.user:
raise ValidationError("Some Devices not exist")
class Add(ActionWithOneDevice): class Add(ActionWithOneDevice):
__doc__ = m.Add.__doc__ __doc__ = m.Add.__doc__
@ -87,7 +96,7 @@ class Remove(ActionWithOneDevice):
__doc__ = m.Remove.__doc__ __doc__ = m.Remove.__doc__
class Allocate(ActionWithMultipleDevices): class Allocate(ActionWithMultipleDevicesCheckingOwner):
__doc__ = m.Allocate.__doc__ __doc__ = m.Allocate.__doc__
start_time = DateTime(data_key='startTime', required=True, start_time = DateTime(data_key='startTime', required=True,
description=m.Action.start_time.comment) description=m.Action.start_time.comment)
@ -121,7 +130,7 @@ class Allocate(ActionWithMultipleDevices):
device.allocated = True device.allocated = True
class Deallocate(ActionWithMultipleDevices): class Deallocate(ActionWithMultipleDevicesCheckingOwner):
__doc__ = m.Deallocate.__doc__ __doc__ = m.Deallocate.__doc__
start_time = DateTime(data_key='startTime', required=True, start_time = DateTime(data_key='startTime', required=True,
description=m.Action.start_time.comment) description=m.Action.start_time.comment)
@ -412,15 +421,15 @@ class Snapshot(ActionWithOneDevice):
field_names=['elapsed']) field_names=['elapsed'])
class ToRepair(ActionWithMultipleDevices): class ToRepair(ActionWithMultipleDevicesCheckingOwner):
__doc__ = m.ToRepair.__doc__ __doc__ = m.ToRepair.__doc__
class Repair(ActionWithMultipleDevices): class Repair(ActionWithMultipleDevicesCheckingOwner):
__doc__ = m.Repair.__doc__ __doc__ = m.Repair.__doc__
class Ready(ActionWithMultipleDevices): class Ready(ActionWithMultipleDevicesCheckingOwner):
__doc__ = m.Ready.__doc__ __doc__ = m.Ready.__doc__
@ -472,15 +481,15 @@ class Management(ActionStatus):
__doc__ = m.Management.__doc__ __doc__ = m.Management.__doc__
class ToPrepare(ActionWithMultipleDevices): class ToPrepare(ActionWithMultipleDevicesCheckingOwner):
__doc__ = m.ToPrepare.__doc__ __doc__ = m.ToPrepare.__doc__
class Prepare(ActionWithMultipleDevices): class Prepare(ActionWithMultipleDevicesCheckingOwner):
__doc__ = m.Prepare.__doc__ __doc__ = m.Prepare.__doc__
class DataWipe(ActionWithMultipleDevices): class DataWipe(ActionWithMultipleDevicesCheckingOwner):
__doc__ = m.DataWipe.__doc__ __doc__ = m.DataWipe.__doc__
document = NestedOn(s_generic_document.DataWipeDocument, only_query='id') document = NestedOn(s_generic_document.DataWipeDocument, only_query='id')
@ -530,7 +539,7 @@ class Confirm(ActionWithMultipleDevices):
def validate_revoke(self, data: dict): def validate_revoke(self, data: dict):
for dev in data['devices']: for dev in data['devices']:
# if device not exist in the Trade, then this query is wrong # if device not exist in the Trade, then this query is wrong
if not dev in data['action'].devices: if dev not in data['action'].devices:
txt = "Device {} not exist in the trade".format(dev.devicehub_id) txt = "Device {} not exist in the trade".format(dev.devicehub_id)
raise ValidationError(txt) raise ValidationError(txt)
@ -543,13 +552,13 @@ class Revoke(ActionWithMultipleDevices):
def validate_revoke(self, data: dict): def validate_revoke(self, data: dict):
for dev in data['devices']: for dev in data['devices']:
# if device not exist in the Trade, then this query is wrong # if device not exist in the Trade, then this query is wrong
if not dev in data['action'].devices: if dev not in data['action'].devices:
txt = "Device {} not exist in the trade".format(dev.devicehub_id) txt = "Device {} not exist in the trade".format(dev.devicehub_id)
raise ValidationError(txt) raise ValidationError(txt)
for doc in data.get('documents', []): for doc in data.get('documents', []):
# if document not exist in the Trade, then this query is wrong # if document not exist in the Trade, then this query is wrong
if not doc in data['action'].documents: if doc not in data['action'].documents:
txt = "Document {} not exist in the trade".format(doc.file_name) txt = "Document {} not exist in the trade".format(doc.file_name)
raise ValidationError(txt) raise ValidationError(txt)
@ -637,7 +646,7 @@ class RevokeDocument(ActionWithMultipleDocuments):
if not doc.actions: if not doc.actions:
continue continue
if not doc.trading in ['Document Confirmed', 'Confirm']: if doc.trading not in ['Document Confirmed', 'Confirm']:
txt = 'No there are documents to revoke' txt = 'No there are documents to revoke'
raise ValidationError(txt) raise ValidationError(txt)
@ -662,7 +671,6 @@ class ConfirmRevokeDocument(ActionWithMultipleDocuments):
if not doc.actions: if not doc.actions:
continue continue
if not doc.trading == 'Revoke': if not doc.trading == 'Revoke':
txt = 'No there are documents with revoke for confirm' txt = 'No there are documents with revoke for confirm'
raise ValidationError(txt) raise ValidationError(txt)
@ -827,7 +835,7 @@ class TransferOwnershipBlockchain(Trade):
__doc__ = m.TransferOwnershipBlockchain.__doc__ __doc__ = m.TransferOwnershipBlockchain.__doc__
class Delete(ActionWithMultipleDevices): class Delete(ActionWithMultipleDevicesCheckingOwner):
__doc__ = m.Delete.__doc__ __doc__ = m.Delete.__doc__
@post_load @post_load

View File

@ -0,0 +1,29 @@
device:
manufacturer: p1
serialNumber: p1
model: p1
type: Desktop
chassis: Tower
components:
- manufacturer: p1c1m
serialNumber: p1c1s
type: Motherboard
- manufacturer: p1c2m
serialNumber: p1c2s
model: p1c2
speed: 1.23
cores: 2
type: Processor
actions:
- type: BenchmarkProcessor
rate: 1
elapsed: 166
- manufacturer: p1c3m
serialNumber: p1c3s
type: GraphicCard
memory: 1.5
elapsed: 25
software: Workbench
uuid: 77860eca-c3fd-41f6-a801-6af7bd8cf832
version: '11.0'
type: Snapshot

View File

@ -2876,6 +2876,19 @@ def test_delete_devices_check_sync(user: UserClient):
if device1.id in [y.device.id for y in x.actions if hasattr(y, 'device')]]) == 1 if device1.id in [y.device.id for y in x.actions if hasattr(y, 'device')]]) == 1
@pytest.mark.mvp
@pytest.mark.usefixtures(conftest.app_context.__name__)
def test_delete_devices_permitions(user: UserClient, user2: UserClient):
"""This action deactive one device and simulate than one devices is delete."""
file_snap = file('1-device-with-components.snapshot')
snap, _ = user.post(file_snap, res=models.Snapshot)
device = Device.query.filter_by(id=snap['device']['id']).one()
request = {'type': 'Delete', 'devices': [snap['device']['id']], 'name': 'borrado universal', 'severity': 'Info', 'description': 'duplicity of devices', 'endTime': '2021-07-07T22:00:00.000Z'}
action, _ = user2.post(res=models.Action, data=request, status=422)
@pytest.mark.mvp @pytest.mark.mvp
@pytest.mark.usefixtures(conftest.app_context.__name__) @pytest.mark.usefixtures(conftest.app_context.__name__)
def test_moveOnDocument_bug168(user: UserClient, user2: UserClient): def test_moveOnDocument_bug168(user: UserClient, user2: UserClient):