def test_can_use_global_permissions(self): # Setup user = UserFactory.create() assign_perm('can_read_forum', user, None) # global permission checker = ForumPermissionChecker(user) # Run & check assert checker.has_perm('can_read_forum', self.forum)
def test_knows_that_alluser_permissions_take_precedence_over_alluser_global_permissions( self): # Setup user = UserFactory.create() # Test globally True but forum level False assign_perm('can_read_forum', ALL_AUTHENTICATED_USERS, None, has_perm=True) assign_perm('can_read_forum', ALL_AUTHENTICATED_USERS, self.forum, has_perm=False) # Test globally False but forum level True assign_perm('can_edit_own_posts', ALL_AUTHENTICATED_USERS, None, has_perm=False) assign_perm('can_edit_own_posts', ALL_AUTHENTICATED_USERS, self.forum, has_perm=True) checker = ForumPermissionChecker(user) # Run & check assert not checker.has_perm('can_read_forum', self.forum) assert checker.has_perm('can_edit_own_posts', self.forum)
def test_can_use_global_permissions(self): # Setup user = UserFactory.create() assign_perm('can_read_forum', user, None) # global permission checker = ForumPermissionChecker(user) # Run & check assert checker.has_perm('can_read_forum', self.forum)
def test_knows_that_an_inactive_user_has_no_permissions(self): # Setup user = UserFactory.create(is_active=False) checker = ForumPermissionChecker(user) # Run & check assert not checker.has_perm('can_see_forum', self.forum) assert not checker.has_perm('can_read_forum', self.forum) assert checker.get_perms(self.forum) == []
def test_knows_that_user_permissions_take_precedence_over_user_global_permissions(self): # Setup user = UserFactory.create() assign_perm('can_read_forum', user, None) # global permission assign_perm('can_read_forum', user, self.forum, has_perm=False) checker = ForumPermissionChecker(user) # Run & check assert not checker.has_perm('can_read_forum', self.forum)
def test_knows_that_an_inactive_user_has_no_permissions(self): # Setup user = UserFactory.create(is_active=False) checker = ForumPermissionChecker(user) # Run & check assert not checker.has_perm('can_see_forum', self.forum) assert not checker.has_perm('can_read_forum', self.forum) assert checker.get_perms(self.forum) == []
def test_knows_that_user_permissions_take_precedence_over_user_global_permissions(self): # Setup user = UserFactory.create() assign_perm('can_read_forum', user, None) # global permission assign_perm('can_read_forum', user, self.forum, has_perm=False) checker = ForumPermissionChecker(user) # Run & check assert not checker.has_perm('can_read_forum', self.forum)
def test_knows_that_a_superuser_has_all_the_permissions(self): # Setup user = UserFactory.create(is_active=True, is_superuser=True) checker = ForumPermissionChecker(user) # Run & check assert checker.has_perm('can_see_forum', self.forum) assert checker.has_perm('can_read_forum', self.forum) assert checker.get_perms(self.forum) == \ list(ForumPermission.objects.values_list('codename', flat=True))
def test_knows_that_a_superuser_has_all_the_permissions(self): # Setup user = UserFactory.create(is_active=True, is_superuser=True) checker = ForumPermissionChecker(user) # Run & check assert checker.has_perm('can_see_forum', self.forum) assert checker.has_perm('can_read_forum', self.forum) assert checker.get_perms(self.forum) == \ list(ForumPermission.objects.values_list('codename', flat=True))
def test_knows_that_user_permissions_take_precedence_over_group_permissions(self): # Setup user = UserFactory.create() group = GroupFactory.create() user.groups.add(group) assign_perm('can_read_forum', user, self.forum, has_perm=False) assign_perm('can_read_forum', group, self.forum, has_perm=True) checker = ForumPermissionChecker(user) # Run & check assert not checker.has_perm('can_read_forum', self.forum)
def test_knows_that_user_permissions_take_precedence_over_group_permissions(self): # Setup user = UserFactory.create() group = GroupFactory.create() user.groups.add(group) assign_perm('can_read_forum', user, self.forum, has_perm=False) assign_perm('can_read_forum', group, self.forum, has_perm=True) checker = ForumPermissionChecker(user) # Run & check assert not checker.has_perm('can_read_forum', self.forum)
def test_knows_that_alluser_permissions_take_precedence_over_default_authenticated_permissions( self): # noqa: E501 user = UserFactory.create() # Negate DEFAULT_AUTHENTICATED_USER_FORUM_PERMISSIONS assign_perm('can_see_forum', ALL_AUTHENTICATED_USERS, self.forum, has_perm=False) checker = ForumPermissionChecker(user) # Run & check assert not checker.has_perm('can_see_forum', self.forum)
def test_knows_that_granted_permissions_should_take_precedence_over_the_same_non_granted_permissions(self): # noqa: E501 # Setup user = UserFactory.create() group_all_users = GroupFactory.create() group_specific_access = GroupFactory.create() user.groups.add(group_all_users) user.groups.add(group_specific_access) assign_perm('can_read_forum', group_all_users, None) # global permission assign_perm('can_read_forum', group_all_users, self.forum, has_perm=False) assign_perm('can_read_forum', group_specific_access, self.forum, has_perm=True) checker = ForumPermissionChecker(user) # Run & check assert checker.has_perm('can_read_forum', self.forum)
def test_knows_that_granted_permissions_should_take_precedence_over_the_same_non_granted_permissions(self): # noqa: E501 # Setup user = UserFactory.create() group_all_users = GroupFactory.create() group_specific_access = GroupFactory.create() user.groups.add(group_all_users) user.groups.add(group_specific_access) assign_perm('can_read_forum', group_all_users, None) # global permission assign_perm('can_read_forum', group_all_users, self.forum, has_perm=False) assign_perm('can_read_forum', group_specific_access, self.forum, has_perm=True) checker = ForumPermissionChecker(user) # Run & check assert checker.has_perm('can_read_forum', self.forum)
def test_permissions_returned_for_alluser_when_not_in_group_for_given_forum( self): """ When all_users permission is set, a user that has no own permissions and is not in a group that has permissions on the given forum, still has a permission (via all_users) on the given forum """ user = UserFactory.create() assign_perm('can_read_forum', ALL_AUTHENTICATED_USERS, self.forum, has_perm=True) checker = ForumPermissionChecker(user) # Run & check assert checker.has_perm('can_read_forum', self.forum)
def test_knows_that_user_permissions_take_precedence_over_group_permissions( self): # Setup machina_settings.DEFAULT_AUTHENTICATED_USER_FORUM_PERMISSIONS = [] user = UserFactory.create() group = GroupFactory.create() user.groups.add(group) # Check on forum level if user permission takes precedence over group permission assign_perm('can_read_forum', group, self.forum, has_perm=True) assign_perm('can_read_forum', user, self.forum, has_perm=False) assign_perm('can_see_forum', group, self.forum, has_perm=False) assign_perm('can_see_forum', user, self.forum, has_perm=True) # Check on global level if user permission takes precedence over group permission assign_perm('can_edit_own_posts', group, None, has_perm=True) assign_perm('can_edit_own_posts', user, None, has_perm=False) assign_perm('can_delete_own_posts', group, None, has_perm=False) assign_perm('can_delete_own_posts', user, None, has_perm=True) checker = ForumPermissionChecker(user) # Run & check assert not checker.has_perm('can_read_forum', self.forum) assert checker.has_perm('can_see_forum', self.forum) assert not checker.has_perm('can_edit_own_posts', self.forum) assert checker.has_perm('can_delete_own_posts', self.forum)
def test_allows_the_use_of_default_permissions(self): # Setup user = UserFactory.create() checker = ForumPermissionChecker(user) # Run & check assert checker.has_perm('can_see_forum', self.forum)
def test_knows_precedence_of_permissions_is_user_group_allusers(self): # Setup machina_settings.DEFAULT_AUTHENTICATED_USER_FORUM_PERMISSIONS = [] user = UserFactory.create() group = GroupFactory.create() user.groups.add(group) # 'res' in the following dict means 'expected result' test_list = [ # Differing user settings, all_auth and group to True { 'level': 'global', 'all_auth': True, 'group': True, 'user': True, 'res': True }, { 'level': 'global', 'all_auth': True, 'group': True, 'user': '******', 'res': True }, { 'level': 'global', 'all_auth': True, 'group': True, 'user': False, 'res': False }, # Differing user settings, all_auto True, group permission False { 'level': 'global', 'all_auth': True, 'group': False, 'user': True, 'res': True }, { 'level': 'global', 'all_auth': True, 'group': False, 'user': '******', 'res': False }, { 'level': 'global', 'all_auth': True, 'group': False, 'user': False, 'res': False }, # Differing user settings, all_auth and group on False { 'level': 'global', 'all_auth': False, 'group': False, 'user': True, 'res': True }, { 'level': 'global', 'all_auth': False, 'group': False, 'user': '******', 'res': False }, { 'level': 'global', 'all_auth': False, 'group': False, 'user': False, 'res': False }, # Differing user settings, all_auth False, group permission True { 'level': 'global', 'all_auth': False, 'group': True, 'user': True, 'res': True }, { 'level': 'global', 'all_auth': False, 'group': True, 'user': '******', 'res': True }, { 'level': 'global', 'all_auth': False, 'group': True, 'user': False, 'res': False }, # Now on forum level instead of global # Differing user settings, all_auth and group to True { 'level': 'forum', 'all_auth': True, 'group': True, 'user': True, 'res': True }, { 'level': 'forum', 'all_auth': True, 'group': True, 'user': '******', 'res': True }, { 'level': 'forum', 'all_auth': True, 'group': True, 'user': False, 'res': False }, # Differing user settings, all_auto True, group permission False { 'level': 'forum', 'all_auth': True, 'group': False, 'user': True, 'res': True }, { 'level': 'forum', 'all_auth': True, 'group': False, 'user': '******', 'res': False }, { 'level': 'forum', 'all_auth': True, 'group': False, 'user': False, 'res': False }, # Differing user settings, all_auth and group on False { 'level': 'forum', 'all_auth': False, 'group': False, 'user': True, 'res': True }, { 'level': 'forum', 'all_auth': False, 'group': False, 'user': '******', 'res': False }, { 'level': 'forum', 'all_auth': False, 'group': False, 'user': False, 'res': False }, # Differing user settings, all_auth False, group permission True { 'level': 'forum', 'all_auth': False, 'group': True, 'user': True, 'res': True }, { 'level': 'forum', 'all_auth': False, 'group': True, 'user': '******', 'res': True }, { 'level': 'forum', 'all_auth': False, 'group': True, 'user': False, 'res': False }, ] # loop over test dict: for dct in test_list: # set each permission as instructed in the dict if dct['level'] == 'global': forum_val = None else: forum_val = self.forum assign_perm('can_read_forum', ALL_AUTHENTICATED_USERS, forum_val, has_perm=dct['all_auth']) assign_perm('can_read_forum', group, forum_val, has_perm=dct['group']) if dct['user'] != 'unset': assign_perm('can_read_forum', user, forum_val, has_perm=dct['user']) checker = ForumPermissionChecker(user) # test if value is as the expected value assert checker.has_perm('can_read_forum', forum_val) == dct['res'] # unset the set permissions so the next iteration goes in blankly remove_perm('can_read_forum', ALL_AUTHENTICATED_USERS, forum_val) remove_perm('can_read_forum', group, forum_val) if dct['user'] != 'unset': remove_perm('can_read_forum', user, forum_val)
def test_allows_the_use_of_default_permissions(self): # Setup user = UserFactory.create() checker = ForumPermissionChecker(user) # Run & check assert checker.has_perm('can_see_forum', self.forum)