(core) Remove the old attempt at ACLs implemented in Python.

Summary: The new plans for granular access control are different and handled by node.js. Some of the same tables will be reused, of which we never made real use before except for expecting certain specific initial records. This diff removes the old logic, replacing it with a stub that satisfies the interface expected by other code. It also removes several unused UserActions: AddUser/RemoveUser/ AddInstance/RemoveInstance. Test Plan: Existing tests should pass. Reviewers: paulfitz Reviewed By: paulfitz Differential Revision: https://phab.getgrist.com/D2662
2026-03-02 04:09:24 +00:00 · 2020-11-11 23:56:05 -05:00
parent 5b2de988b5
commit 6b582b9ace
9 changed files with 31 additions and 1245 deletions
--- a/sandbox/grist/test_useractions.py
+++ b/sandbox/grist/test_useractions.py
@@ -731,152 +731,6 @@ class TestUserActions(test_engine.EngineTestCase):

  #----------------------------------------------------------------------

-  def test_acl_principal_actions(self):
-    # Test the AddUser, RemoveUser, AddInstance and RemoveInstance actions.
-
-    self.load_sample(self.sample)
-
-    # Add two users
-    out_actions = self.apply_user_action(['AddUser', 'jake@grist.com', 'Jake', ['i001', 'i002']])
-    self.assertPartialOutActions(out_actions, { "stored": [
-      ["AddRecord", "_grist_ACLPrincipals", 1, {
-        "type": "user",
-        "userEmail": "jake@grist.com",
-        "userName": "Jake"
-      }],
-      ["BulkAddRecord", "_grist_ACLPrincipals", [2, 3], {
-        "instanceId": ["i001", "i002"],
-        "type": ["instance", "instance"]
-      }],
-      ["BulkAddRecord", "_grist_ACLMemberships", [1, 2], {
-        "child": [2, 3],
-        "parent": [1, 1]
-      }]
-    ]})
-    out_actions = self.apply_user_action(['AddUser', 'steve@grist.com', 'Steve', ['i003']])
-    self.assertPartialOutActions(out_actions, { "stored": [
-      ["AddRecord", "_grist_ACLPrincipals", 4, {
-        "type": "user",
-        "userEmail": "steve@grist.com",
-        "userName": "Steve"
-      }],
-      ["AddRecord", "_grist_ACLPrincipals", 5, {
-        "instanceId": "i003",
-        "type": "instance"
-      }],
-      ["AddRecord", "_grist_ACLMemberships", 3, {
-        "child": 5,
-        "parent": 4
-      }]
-    ]})
-    self.assertTableData('_grist_ACLPrincipals', cols="subset", data=[
-      ["id", "type",     "userEmail",       "userName", "groupName", "instanceId"],
-      [1,    "user",     "jake@grist.com",  "Jake",     "",          ""],
-      [2,    "instance", "",                "",         "",          "i001"],
-      [3,    "instance", "",                "",         "",          "i002"],
-      [4,    "user",     "steve@grist.com", "Steve",    "",          ""],
-      [5,    "instance", "",                "",         "",          "i003"],
-    ])
-    self.assertTableData('_grist_ACLMemberships', cols="subset", data=[
-      ["id", "parent", "child"],
-      [1,    1,       2],
-      [2,    1,       3],
-      [3,    4,       5]
-    ])
-
-    # Add an instance to a non-existent user
-    with self.assertRaisesRegexp(ValueError, "Cannot find existing user with email null@grist.com"):
-      self.apply_user_action(['AddInstance', 'null@grist.com', 'i003'])
-
-    # Add an instance to an existing user
-    out_actions = self.apply_user_action(['AddInstance', 'jake@grist.com', 'i004'])
-    self.assertPartialOutActions(out_actions, { "stored": [
-      ["AddRecord", "_grist_ACLPrincipals", 6, {
-        "instanceId": "i004",
-        "type": "instance"
-      }],
-      ["AddRecord", "_grist_ACLMemberships", 4, {
-        "child": 6,
-        "parent": 1
-      }]
-    ]})
-    self.assertTableData('_grist_ACLPrincipals', cols="subset", data=[
-      ["id", "type",     "userEmail",       "userName", "groupName", "instanceId"],
-      [1,    "user",     "jake@grist.com",  "Jake",     "",          ""],
-      [2,    "instance", "",                "",         "",          "i001"],
-      [3,    "instance", "",                "",         "",          "i002"],
-      [4,    "user",     "steve@grist.com", "Steve",    "",          ""],
-      [5,    "instance", "",                "",         "",          "i003"],
-      [6,    "instance", "",                "",         "",          "i004"],
-    ])
-    self.assertTableData('_grist_ACLMemberships', cols="subset", data=[
-      ["id", "parent", "child"],
-      [1,    1,       2],
-      [2,    1,       3],
-      [3,    4,       5],
-      [4,    1,       6]
-    ])
-
-    # Remove a non-existent instance from a user
-    with self.assertRaisesRegexp(ValueError, "Cannot find existing instance id i000"):
-      self.apply_user_action(['RemoveInstance', 'i000'])
-
-    # Remove an instance from a user
-    out_actions = self.apply_user_action(['RemoveInstance', 'i002'])
-    self.assertPartialOutActions(out_actions, { "stored": [
-      ["RemoveRecord", "_grist_ACLMemberships", 2],
-      ["RemoveRecord", "_grist_ACLPrincipals", 3]
-    ]})
-    self.assertTableData('_grist_ACLPrincipals', cols="subset", data=[
-      ["id", "type",     "userEmail",       "userName", "groupName", "instanceId"],
-      [1,    "user",     "jake@grist.com",  "Jake",     "",          ""],
-      [2,    "instance", "",                "",         "",          "i001"],
-      [4,    "user",     "steve@grist.com", "Steve",    "",          ""],
-      [5,    "instance", "",                "",         "",          "i003"],
-      [6,    "instance", "",                "",         "",          "i004"],
-    ])
-    self.assertTableData('_grist_ACLMemberships', cols="subset", data=[
-      ["id", "parent", "child"],
-      [1,    1,       2],
-      [3,    4,       5],
-      [4,    1,       6]
-    ])
-
-    # Remove a non-existent user
-    with self.assertRaisesRegexp(ValueError, "Cannot find existing user with email null@grist.com"):
-      self.apply_user_action(['RemoveUser', 'null@grist.com'])
-
-    # Remove an existing user
-    out_actions = self.apply_user_action(['RemoveUser', 'jake@grist.com'])
-    self.assertPartialOutActions(out_actions, { "stored": [
-      ["BulkRemoveRecord", "_grist_ACLMemberships", [1, 4]],
-      ["BulkRemoveRecord", "_grist_ACLPrincipals", [2, 6, 1]]
-    ]})
-    self.assertTableData('_grist_ACLPrincipals', cols="subset", data=[
-      ["id", "type",     "userEmail",       "userName", "groupName", "instanceId"],
-      [4,    "user",     "steve@grist.com", "Steve",    "",          ""],
-      [5,    "instance", "",                "",         "",          "i003"],
-    ])
-    self.assertTableData('_grist_ACLMemberships', cols="subset", data=[
-      ["id", "parent", "child"],
-      [3,    4,       5]
-    ])
-
-    # Remove the only instance of an existing user, removing that user
-    out_actions = self.apply_user_action(['RemoveInstance', 'i003'])
-    self.assertPartialOutActions(out_actions, { "stored": [
-      ["RemoveRecord", "_grist_ACLMemberships", 3],
-      ["BulkRemoveRecord", "_grist_ACLPrincipals", [4, 5]]
-    ]})
-    self.assertTableData('_grist_ACLPrincipals', cols="subset", data=[
-      ["id", "type",     "userEmail",       "userName", "groupName", "instanceId"]
-    ])
-    self.assertTableData('_grist_ACLMemberships', cols="subset", data=[
-      ["id", "parent", "child"]
-    ])
-
-  #----------------------------------------------------------------------
-
  def test_pages_remove(self):
    # Test that orphan pages get fixed after removing a page