[PATCH 1 of 4 saem] [security] Test and fix permissions for ARK NAA

Sylvain Thénault sylvain.thenault at logilab.fr
Fri Apr 14 10:36:59 CEST 2017



Le 14/04/2017 à 09:45, Denis Laxalde a écrit :
> Sylvain Thenault a écrit :
>> # HG changeset patch
>> # User Sylvain Thénault <sylvain.thenault at logilab.fr>
>> # Date 1492069848 -7200
>> #      Thu Apr 13 09:50:48 2017 +0200
>> # Node ID 5c0cbe8138b54b1a2eb599c0b52def7b425049e0
>> # Parent  55db28377169afbfb6155eea138dcab1a1bf4468
>> [security] Test and fix permissions for ARK NAA
>>
>> Should be only editable by managers
>>
>
>> diff --git a/test/testutils.py b/test/testutils.py
>> --- a/test/testutils.py
>> +++ b/test/testutils.py
>> @@ -98,11 +98,12 @@ def seda_transfer(cnx, **kwargs):
>>
>>  def naa(cnx):
>>      try:
>>          return cnx.find('ArkNameAssigningAuthority').one()
>>      except NoResultError:
>> -        return cnx.create_entity('ArkNameAssigningAuthority',
>> who=u'TEST', what=0)
>> +        with cnx.security_enabled(False, False):
>> +            return cnx.create_entity('ArkNameAssigningAuthority',
>> who=u'TEST', what=0)
>>
>>
>
> Can you explain this change? Wouldn't it be better to use a manager
> account to create this entity in test?
I've detailled the commit message to explain this.

-- 
Sylvain Thénault, LOGILAB, Paris (01.45.32.03.12) - Toulouse (05.62.17.16.42)
Formations Python, Debian, Méth. Agiles: http://www.logilab.fr/formations
Développement logiciel sur mesure:       http://www.logilab.fr/services
CubicWeb, the semantic web framework:    http://www.cubicweb.org



More information about the saem-devel mailing list