Commits

Anonymous committed 03766c9

0.13dev: Show an error when trying to remove a permission from an unknown user, or a permission that a known user doesn't have.

Closes #2157.

Comments (0)

Files changed (3)

trac/admin/tests/console-tests.txt

  VERSIONCONTROL_ADMIN, WIKI_ADMIN, WIKI_CREATE, WIKI_DELETE, WIKI_MODIFY,
  WIKI_RENAME, WIKI_VIEW
 
+===== test_permission_remove_all_actions_for_user =====
+
+User           Action
+----------------------------
+authenticated  TICKET_CREATE
+authenticated  TICKET_MODIFY
+authenticated  WIKI_CREATE
+authenticated  WIKI_MODIFY
+
+
+Available actions:
+ BROWSER_VIEW, CHANGESET_VIEW, CONFIG_VIEW, EMAIL_VIEW, FILE_VIEW,
+ LOG_VIEW, MILESTONE_ADMIN, MILESTONE_CREATE, MILESTONE_DELETE,
+ MILESTONE_MODIFY, MILESTONE_VIEW, PERMISSION_ADMIN, PERMISSION_GRANT,
+ PERMISSION_REVOKE, REPORT_ADMIN, REPORT_CREATE, REPORT_DELETE,
+ REPORT_MODIFY, REPORT_SQL_VIEW, REPORT_VIEW, ROADMAP_ADMIN, ROADMAP_VIEW,
+ SEARCH_VIEW, TICKET_ADMIN, TICKET_APPEND, TICKET_CHGPROP, TICKET_CREATE,
+ TICKET_EDIT_CC, TICKET_EDIT_COMMENT, TICKET_EDIT_DESCRIPTION,
+ TICKET_MODIFY, TICKET_VIEW, TIMELINE_VIEW, TRAC_ADMIN,
+ VERSIONCONTROL_ADMIN, WIKI_ADMIN, WIKI_CREATE, WIKI_DELETE, WIKI_MODIFY,
+ WIKI_RENAME, WIKI_VIEW
+
+===== test_permission_remove_action_for_all_users =====
+
+User           Action
+------------------------------
+anonymous      BROWSER_VIEW
+anonymous      CHANGESET_VIEW
+anonymous      FILE_VIEW
+anonymous      LOG_VIEW
+anonymous      MILESTONE_VIEW
+anonymous      REPORT_SQL_VIEW
+anonymous      REPORT_VIEW
+anonymous      ROADMAP_VIEW
+anonymous      SEARCH_VIEW
+anonymous      TICKET_VIEW
+anonymous      TIMELINE_VIEW
+anonymous      WIKI_VIEW
+authenticated  TICKET_MODIFY
+authenticated  WIKI_CREATE
+authenticated  WIKI_MODIFY
+
+
+Available actions:
+ BROWSER_VIEW, CHANGESET_VIEW, CONFIG_VIEW, EMAIL_VIEW, FILE_VIEW,
+ LOG_VIEW, MILESTONE_ADMIN, MILESTONE_CREATE, MILESTONE_DELETE,
+ MILESTONE_MODIFY, MILESTONE_VIEW, PERMISSION_ADMIN, PERMISSION_GRANT,
+ PERMISSION_REVOKE, REPORT_ADMIN, REPORT_CREATE, REPORT_DELETE,
+ REPORT_MODIFY, REPORT_SQL_VIEW, REPORT_VIEW, ROADMAP_ADMIN, ROADMAP_VIEW,
+ SEARCH_VIEW, TICKET_ADMIN, TICKET_APPEND, TICKET_CHGPROP, TICKET_CREATE,
+ TICKET_EDIT_CC, TICKET_EDIT_COMMENT, TICKET_EDIT_DESCRIPTION,
+ TICKET_MODIFY, TICKET_VIEW, TIMELINE_VIEW, TRAC_ADMIN,
+ VERSIONCONTROL_ADMIN, WIKI_ADMIN, WIKI_CREATE, WIKI_DELETE, WIKI_MODIFY,
+ WIKI_RENAME, WIKI_VIEW
+
+===== test_permission_remove_unknown_user =====
+Error: Cannot remove permission TICKET_VIEW for user joe.
+===== test_permission_remove_action_not_granted =====
+Error: Cannot remove permission TICKET_CREATE for user anonymous.
 ===== test_component_list_ok =====
 
 Name        Owner   

trac/admin/tests/console.py

         self.assertEqual(0, rv)
         self.assertEqual(self.expected_results[test_name], output)
 
+    def test_permission_remove_all_actions_for_user(self):
+        """
+        Tests the 'permission remove' command in trac-admin.  This particular
+        test removes all permissions for anonymous.
+        """
+        test_name = sys._getframe().f_code.co_name
+        self._execute('permission remove anonymous *')
+        rv, output = self._execute('permission list')
+        self.assertEqual(0, rv)
+        self.assertEqual(self.expected_results[test_name], output)
+
+    def test_permission_remove_action_for_all_users(self):
+        """
+        Tests the 'permission remove' command in trac-admin.  This particular
+        test removes the TICKET_CREATE permission from all users.
+        """
+        test_name = sys._getframe().f_code.co_name
+        self._execute('permission add anonymous TICKET_CREATE')
+        self._execute('permission remove * TICKET_CREATE')
+        rv, output = self._execute('permission list')
+        self.assertEqual(0, rv)
+        self.assertEqual(self.expected_results[test_name], output)
+
+    def test_permission_remove_unknown_user(self):
+        """
+        Tests the 'permission remove' command in trac-admin.  This particular
+        test tries removing a permission from an unknown user.
+        """
+        test_name = sys._getframe().f_code.co_name
+        rv, output = self._execute('permission remove joe TICKET_VIEW')
+        self.assertEqual(2, rv)
+        self.assertEqual(self.expected_results[test_name], output)
+
+    def test_permission_remove_action_not_granted(self):
+        """
+        Tests the 'permission remove' command in trac-admin.  This particular
+        test tries removing TICKET_CREATE from user anonymous, who doesn't
+        have that permission.
+        """
+        test_name = sys._getframe().f_code.co_name
+        rv, output = self._execute('permission remove anonymous TICKET_CREATE')
+        self.assertEqual(2, rv)
+        self.assertEqual(self.expected_results[test_name], output)
+
     # Component tests
 
     def test_component_list_ok(self):
         permsys = PermissionSystem(self.env)
         rows = permsys.get_all_permissions()
         for action in actions:
-            if action == '*':
-                for row in rows:
-                    if user != '*' and user != row[0]:
-                        continue
-                    permsys.revoke_permission(row[0], row[1])
-            else:
-                for row in rows:
-                    if action != row[1]:
-                        continue
-                    if user != '*' and user != row[0]:
-                        continue
-                    permsys.revoke_permission(row[0], row[1])
+            found = False
+            for u, a in rows:
+                if user in (u, '*') and action in (a, '*'):
+                    permsys.revoke_permission(u, a)
+                    found = True
+            if not found:
+                raise AdminCommandError(
+                    _("Cannot remove permission %(action)s for user %(user)s.",
+                      action=action, user=user))
Tip: Filter by directory path e.g. /media app.js to search for public/media/app.js.
Tip: Use camelCasing e.g. ProjME to search for ProjectModifiedEvent.java.
Tip: Filter by extension type e.g. /repo .js to search for all .js files in the /repo directory.
Tip: Separate your search with spaces e.g. /ssh pom.xml to search for src/ssh/pom.xml.
Tip: Use ↑ and ↓ arrow keys to navigate and return to view the file.
Tip: You can also navigate files with Ctrl+j (next) and Ctrl+k (previous) and view the file with Ctrl+o.
Tip: You can also navigate files with Alt+j (next) and Alt+k (previous) and view the file with Alt+o.