From 265e10a036b545d9d4e15bebef17e38e4b013af3 Mon Sep 17 00:00:00 2001 From: thuva4 Date: Tue, 14 Nov 2017 15:38:56 +0530 Subject: Create functionality and e2e tests for project Implemented the create function for the projects. Wrote the e2e tests for the create function. Change-Id: Iceac650573ca31b6246350c4d60033b42e0ffb0f Signed-off-by: thuva4 --- testapi/opnfv_testapi/common/check.py | 8 +++++++- 1 file changed, 7 insertions(+), 1 deletion(-) (limited to 'testapi/opnfv_testapi/common/check.py') diff --git a/testapi/opnfv_testapi/common/check.py b/testapi/opnfv_testapi/common/check.py index 667578f..432a6c1 100644 --- a/testapi/opnfv_testapi/common/check.py +++ b/testapi/opnfv_testapi/common/check.py @@ -21,7 +21,7 @@ from opnfv_testapi.db import api as dbapi def is_authorized(method): @functools.wraps(method) def wrapper(self, *args, **kwargs): - if CONF.api_authenticate and self.table in ['pods']: + if CONF.api_authenticate and self.table in ['pods', 'projects']: testapi_id = self.get_secure_cookie(constants.TESTAPI_ID) if not testapi_id: raises.Unauthorized(message.not_login()) @@ -29,6 +29,12 @@ def is_authorized(method): if not user_info: raises.Unauthorized(message.not_lfid()) kwargs['owner'] = testapi_id + if self.table in ['projects']: + query = kwargs.get('query') + query_data = query() + group = "opnfv-gerrit-" + query_data['name'] + "-submitters" + if group not in user_info['groups']: + raises.Unauthorized(message.no_permission()) ret = yield gen.coroutine(method)(self, *args, **kwargs) raise gen.Return(ret) return wrapper -- cgit 1.2.3-korg