diff --git a/magpie/services.py b/magpie/services.py index 1f09c731e..8ca98c65b 100644 --- a/magpie/services.py +++ b/magpie/services.py @@ -1,8 +1,7 @@ from magpie import * from owsrequest import * from definitions.ziggurat_definitions import * -from pyramid.security import Everyone as EVERYONE -from pyramid.security import Allow +from definitions.pyramid_definitions import EVERYONE, ALLOW from api.api_except import * import models @@ -170,7 +169,7 @@ def __acl__(self): netcdf_file = netcdf_file.rsplit('/', 1)[0] else: - return [(Allow, EVERYONE, permission_requested,)] + return [(ALLOW, EVERYONE, permission_requested,)] if netcdf_file: verify_param('outputs/', paramCompare=netcdf_file, httpError=HTTPNotFound, diff --git a/tests/test_magpie_api.py b/tests/test_magpie_api.py index 9adc8789b..d0307893a 100644 --- a/tests/test_magpie_api.py +++ b/tests/test_magpie_api.py @@ -235,6 +235,7 @@ def test_GetUsers(self): check_val_is_in(self.usr, json_body['user_names']) # current test user in users @pytest.mark.users + @pytest.mark.defaults def test_ValidateDefaultUsers(self): resp = test_request(self.url, 'GET', '/users', headers=self.json_headers, cookies=self.cookies) json_body = check_response_basic_info(resp, 200) @@ -294,6 +295,7 @@ def test_GetUserInheritedResources(self): check_val_type(svc_dict['resources'], dict) @pytest.mark.users + @pytest.mark.defaults def test_ValidateDefaultGroups(self): resp = test_request(self.url, 'GET', '/groups', headers=self.json_headers, cookies=self.cookies) json_body = check_response_basic_info(resp, 200) @@ -356,6 +358,18 @@ def setup_DeleteTestServiceResource(cls): check_val_equal(resp.status_code, 200) cls.setup_CheckNonExistingTestResource() + @classmethod + def setup_GetRegisteredServicesList(cls): + resp = test_request(cls.url, 'GET', '/services', headers=cls.json_headers, cookies=cls.cookies) + json_body = check_response_basic_info(resp, 200) + + # prepare a flat list of registered services + services_list = list() + for svc_type in json_body['services']: + services_of_type = json_body['services'][svc_type] + services_list.extend(services_of_type.values()) + return services_list + @pytest.mark.services def test_GetServiceResources(self): route = '/services/{svc}/resources'.format(svc=self.test_service_name) @@ -379,6 +393,20 @@ def test_GetServiceResources(self): check_val_type(svc_dict['permission_names'], list) check_resource_children(svc_dict['resources'], svc_dict['resource_id'], svc_dict['resource_id']) + @pytest.mark.services + def test_GetServicePermissions(self): + services_list = self.setup_GetRegisteredServicesList() + + for svc in services_list: + svc_name = svc['service_name'] + service_perms = service_type_dict[svc['service_type']].permission_names + route = '/services/{svc}/permissions'.format(svc=svc_name) + resp = test_request(self.url, 'GET', route, headers=self.json_headers, cookies=self.cookies) + json_body = check_response_basic_info(resp, 200) + check_val_is_in('permission_names', json_body) + check_val_type(json_body['permission_names'], list) + check_all_equal(json_body['permission_names'], service_perms) + @pytest.mark.services def test_PostServiceResources_DirectResource_NoParentID(self): resources_prior = self.setup_GetExistingTestServiceDirectResources() @@ -457,15 +485,9 @@ def test_PostServiceResources_DirectResource_Conflict(self): paramValue=self.test_resource_name, paramName=u'resource_name') @pytest.mark.services + @pytest.mark.defaults def test_ValidateDefaultServiceProviders(self): - resp = test_request(self.url, 'GET', '/services', headers=self.json_headers, cookies=self.cookies) - json_body = check_response_basic_info(resp, 200) - - # prepare a flat list of registered services - services_list = list() - for svc_type in json_body['services']: - services_of_type = json_body['services'][svc_type] - services_list.extend(services_of_type.values()) + services_list = self.setup_GetRegisteredServicesList() # ensure that registered services information are all matching the providers in config file # ignore registered services not from providers as their are not explicitly required from the config