Ejemplo n.º 1
0
    def handle(self, *args, **options):
        verbose = options.get("verbose", True)

        permissions = args
        ## Check if there are any assignments, optionally skip those?
        ## if the state is published, fix view perm XXX
        ## (or even better: properly define and consult workflow)
        for m in models.get_models(include_auto_created=True):
            if not issubclass(m, Content) or not type_registry.get(m.get_name()):
                continue

            for c in m.objects.all():
                s = c.spoke()
                wf = s.workflow()
                state = c.state
                wfassignment = wf.permission_assignment.get(state)

                for permission in map(auth.Permission, permissions):
                    classassignment = getattr(s, "permission_assignment", {}).get(permission)
                    if not classassignment:
                        continue

                    assignments = RolePermission.assignments(c).filter(permission=permission)
                    if assignments.count() == 0:
                        if verbose:
                            print c.title, s, "has no assignment for", permission
                        for role in classassignment:
                            RolePermission.assign(c, role, permission).save()

                        if wfassignment and wfassignment.get(permission):
                            s.update_perms(c, {permission: wfassignment[permission]})
Ejemplo n.º 2
0
    def test_assign_perms_explicit(self, pp, client):
        t = Type1Type.create()
        t.save()

        assign_perms(t.instance, {p.view_content: (roles.owner,)})

        assert RolePermission.assignments(t.instance).exists()
        a = RolePermission.assignments(t.instance).all()[0]

        assert a.role == roles.owner
        assert a.permission == p.view_content
Ejemplo n.º 3
0
    def test_update_perms(self, pp, client):
        t = Type1Type.create()
        t.save()

        assign_perms(t.instance, {Permission("p"): (Role("r"),)})
        update_perms(t.instance, {Permission("p"): (Role("r1"),)})

        assert RolePermission.assignments(t.instance).count() == 1
        a = RolePermission.assignments(t.instance).all()[0]
        assert a.role == Role("r1")
        assert a.permission == Permission("p")
Ejemplo n.º 4
0
    def test_assign_perms_twice(self, pp, client):
        t = Type1Type.create()
        t.save()

        assign_perms(t.instance, {Permission("p1"): (Role("r1"),)})
        assign_perms(t.instance, {Permission("p2"): (Role("r2"),)})

        assert RolePermission.assignments(t.instance).count() == 2
        a = RolePermission.assignments(t.instance).all()

        assert set((x.role for x in a)) == set((Role("r1"), Role("r2")))
        assert set((x.permission for x in a)) == \
               set((Permission("p1"), Permission("p2")))
Ejemplo n.º 5
0
    def auth(self, handler, request, action):
        ##
        ## If post, handle/reset perm changes

        if request.method == "POST":
            existing = RolePermission.assignments(self.instance)
            assignments = request.POST.getlist('assignment')
            for e in existing:
                if "{0}/{1}".format(e.permission, e.role) not in assignments:
                    e.delete()

            for assignment in assignments:
                perm, role = assignment.split('/', 1)
                RolePermission.assign(self.instance, Role(role),
                                      Permission(perm)).save()

        ctx = {'spoke':self}


        roles = Role.all()
        permissions = []

        ## order roles, permissions (alphabetically?)
        for perm in Permission.all():
            d = dict(perm=perm, roles=[])
            perms_per_role = RolePermission.assignments(
                                        self.instance).filter(
                                        permission=perm.id,
                                        ).values_list('role', flat=True)
            r = []
            for role in roles:
                r.append(dict(role=role, checked=role.id in perms_per_role))

            d['roles'] = r

            permissions.append(d)

        ctx['roles'] = roles
        ctx['permissions'] = permissions
        return handler.template("wheelcms_axle/edit_permissions.html", **ctx)
Ejemplo n.º 6
0
    def test_update_perms_add(self, pp, client):
        t = Type1Type.create()
        t.save()

        assign_perms(t.instance, {Permission("p"): (Role("r"),)})
        update_perms(t.instance, {Permission("p1"): (Role("r1"),)})

        rp = RolePermission.assignments(t.instance)
        assert rp.count() == 2

        assert set((i.permission, i.role) for i in rp) == \
               set(((Permission("p"), Role("r")),
                    (Permission("p1"), Role("r1"))))
Ejemplo n.º 7
0
    def test_assignment(self, pp, client):
        t = Type1Type.create()
        t.save()

        assert RolePermission.assignments(t.instance).count() == 1
Ejemplo n.º 8
0
    def test_assignment_blank(self, pp, client):
        t = Type1Type.create()
        t.save()

        # import pytest; pytest.set_trace()
        assert not RolePermission.assignments(t.instance).exists()
Ejemplo n.º 9
0
def update_perms(instance, permdict):
    for permission, roles in permdict.iteritems():
        RolePermission.clear(instance, permission)
        for role in roles:
            RolePermission.assign(instance, role, permission).save()
Ejemplo n.º 10
0
def assign_perms(instance, permdict):
    """ invoked by a signal handler upon creation: Set initial
        permissions """
    for permission, roles in permdict.iteritems():
        for role in roles:
            RolePermission.assign(instance, role, permission).save()