#1733 allow tag or target permissions as appropriate (on master)
Merged 2 years ago by tkopecek. Opened 2 years ago by cobrien.
cobrien/koji issue_1729_master  into  master

file modified
+16 -16
@@ -64,8 +64,8 @@ 

      group = args[1]

  

      activate_session(session, goptions)

-     if not session.hasPerm('admin'):

-         print("This action requires admin privileges")

+     if not (session.hasPerm('admin') or session.hasPerm('tag')):

+         print("This action requires tag or admin privileges")

          return 1

  

      dsttag = session.getTag(tag)
@@ -95,8 +95,8 @@ 

      group = args[1]

  

      activate_session(session, goptions)

-     if not session.hasPerm('admin'):

-         print("This action requires admin privileges")

+     if not (session.hasPerm('admin') or session.hasPerm('tag')):

+         print("This action requires tag or admin privileges")

          return 1

  

      dsttag = session.getTag(tag)
@@ -3397,8 +3397,8 @@ 

          assert False  # pragma: no cover

      activate_session(session, goptions)

  

-     if not session.hasPerm('admin') and not options.test:

-         parser.error(_("This action requires admin privileges"))

+     if not options.test and not (session.hasPerm('admin') or session.hasPerm('tag')):

+         parser.error(_("This action requires tag or admin privileges"))

  

      if args[0] == args[1]:

          parser.error(_('Source and destination tags must be different.'))
@@ -3850,8 +3850,8 @@ 

          #most targets have the same name as their destination

          dest_tag = name

      activate_session(session, goptions)

-     if not session.hasPerm('admin'):

-         print("This action requires admin privileges")

+     if not (session.hasPerm('admin') or session.hasPerm('target')):

+         print("This action requires target or admin privileges")

          return 1

  

      chkbuildtag = session.getTag(build_tag)
@@ -3885,8 +3885,8 @@ 

          assert False  # pragma: no cover

      activate_session(session, goptions)

  

-     if not session.hasPerm('admin'):

-         print("This action requires admin privileges")

+     if not (session.hasPerm('admin') or session.hasPerm('target')):

+         print("This action requires target or admin privileges")

          return

  

      targetInfo = session.getBuildTarget(args[0])
@@ -3928,8 +3928,8 @@ 

          assert False  # pragma: no cover

      activate_session(session, goptions)

  

-     if not session.hasPerm('admin'):

-         print("This action requires admin privileges")

+     if not (session.hasPerm('admin') or session.hasPerm('target')):

+         print("This action requires target or admin privileges")

          return

  

      target = args[0]
@@ -3953,8 +3953,8 @@ 

          assert False  # pragma: no cover

      activate_session(session, goptions)

  

-     if not session.hasPerm('admin'):

-         print("This action requires admin privileges")

+     if not (session.hasPerm('admin') or session.hasPerm('tag')):

+         print("This action requires tag or admin privileges")

          return

  

      tag = args[0]
@@ -4953,8 +4953,8 @@ 

          parser.error(_("Please specify a name for the tag"))

          assert False  # pragma: no cover

      activate_session(session, goptions)

-     if not session.hasPerm('admin'):

-         print("This action requires admin privileges")

+     if not (session.hasPerm('admin') or session.hasPerm('tag')):

+         print("This action requires tag or admin privileges")

          return

      opts = {}

      if options.parent:

@@ -129,12 +129,13 @@ 

          # Run it and check immediate output

          rv = handle_add_group(options, session, arguments)

          actual = stdout.getvalue()

-         expected = 'This action requires admin privileges\n'

+         expected = 'This action requires tag or admin privileges\n'

          self.assertMultiLineEqual(actual, expected)

  

          # Finally, assert that things were called as we expected.

          activate_session_mock.assert_called_once_with(session, options)

-         session.hasPerm.assert_called_once_with('admin')

+         session.hasPerm.assert_has_calls([mock.call('admin'),

+                                           mock.call('tag')])

          session.getTag.assert_not_called()

          session.getTagGroups.assert_not_called()

          session.groupListAdd.assert_not_called()

@@ -44,7 +44,7 @@ 

              activate_session=None)

  

          # Case 2. not admin account

-         expected = "This action requires admin privileges\n"

+         expected = "This action requires tag or admin privileges\n"

          session.hasPerm.return_value = None

          handle_add_tag(options, session, ['test-tag'])

          self.assert_console_message(stdout, expected)

@@ -123,6 +123,6 @@ 

          session.hasPerm.return_value = False

          rv = handle_block_group(options, session, ['tag', 'grp'])

          self.assert_console_message(

-             stdout, 'This action requires admin privileges\n')

+             stdout, 'This action requires tag or admin privileges\n')

          self.assertEqual(rv, 1)

          activate_session_mock.assert_called_with(session, options)

@@ -59,10 +59,10 @@ 

              self.session,

              args,

              stderr=self.format_error_message(

-                 "This action requires admin privileges"),

+                 "This action requires tag or admin privileges"),

              activate_session=None)

          self.activate_session.assert_called_once()

-         self.session.hasPerm.assert_called_once_with('admin')

+         self.session.hasPerm.assert_has_calls([call('admin'), call('tag')])

  

      def test_handle_clone_tag_same_tag(self):

          args = ['src-tag', 'src-tag']