search

inveniosoftware / invenio-records-permissions

Permissions for Invenio's records REST API.
https://invenio-records-permissions.readthedocs.io
MIT License
0 stars 25 forks source link

tests: implement superuser query_filter test #80

Closed ppanero closed 1 year ago

ppanero commented 1 year ago

This PR is merely to showcase the fact that the generator is wrong. It is checking for an action need in a list of role needs. This will result in an error in the tests as follows, since it will return [] no a Q(...) object.

FAILED tests/test_generators.py::test_superuser - AttributeError: 'list' object has no attribute 'to_dict'
Screenshot 2022-10-04 at 10 56 25

kudos to @ntarocco for finding out!

Extra question, why do we return [], I guess because there is a noop in the DSL and None would mean extra checks in the policy.

----- More -----

self._load_permissions() is not called anywhere in the query_filters generation. On the other hand, it is used for needs and excludes and that's why it works for permissions (but not for search).

ntarocco commented 1 year ago

Changes implemented in https://github.com/inveniosoftware/invenio-records-permissions/pull/75