def test_assign_permissions(self):
""" test if the permissions assignment works fine """
# Assign the role and try to use a permission denied by default.
assign_role(self.john, Teacher, self.bob)
assign_role(self.john, Teacher, self.julie)
self.assertFalse(
has_permission(self.john, 'testapp1.delete_user', self.bob))
self.assertFalse(
has_permission(self.john, 'testapp1.delete_user', self.julie))
# Explicitly assign the permission using access=True and the object.
assign_permission(self.john, Teacher, 'testapp1.delete_user', True,
self.bob)
# Result: Only the specified object was affected.
self.assertTrue(
has_permission(self.john, 'testapp1.delete_user', self.bob))
self.assertFalse(
has_permission(self.john, 'testapp1.delete_user', self.julie))
# Assign the role and try to use a permission allowed by default
assign_role(self.mike, Teacher, self.bob)
assign_role(self.mike, Teacher, self.julie)
self.assertTrue(
has_permission(self.mike, 'testapp1.add_user', self.bob))
self.assertTrue(
has_permission(self.mike, 'testapp1.add_user', self.julie))
# Explicitly assign the permission using access=False but without an object.
assign_permission(self.mike, Teacher, 'testapp1.add_user', False)
# Result: All the user's role instances were affected
self.assertFalse(
has_permission(self.mike, 'testapp1.add_user', self.bob))
self.assertFalse(
has_permission(self.mike, 'testapp1.add_user', self.julie))
# Trying to assign a wrong permission.
with self.assertRaises(InvalidPermissionAssignment):
assign_permission(self.mike,
Secretary,
'testapp1.add_user',
access=False)
# Expliciting a permission to a role using ALL_MODELS.
assign_role(self.julie, SubCoordenator)
self.assertFalse(has_permission(self.julie, 'testapp1.delete_user'))
assign_permission(self.julie,
SubCoordenator,
'testapp1.delete_user',
access=True)
self.assertTrue(has_permission(self.julie, 'testapp1.delete_user'))
# Other permissions are still False.
self.assertFalse(has_permission(self.julie, 'testapp1.add_user'))
remove_role(self.julie, SubCoordenator)
self.assertFalse(has_permission(self.julie, 'testapp1.delete_user'))
def test_remove_roles(self):
""" test if the remove_roles method works fine """
assign_role(self.john, Teacher, self.bob)
remove_role(self.john, Teacher, self.bob)
users_list = get_users(Teacher)
self.assertEqual(list(users_list), [])
assign_roles([self.john, self.mike], Teacher, self.bob)
remove_roles([self.john, self.mike], Teacher)
users_list = get_users(Teacher)
self.assertEqual(list(users_list), [])
assign_role(self.julie, Coordenator)
self.assertTrue(has_permission(self.julie, 'testapp1.add_user'))
remove_role(self.julie)
self.assertFalse(has_permission(self.julie, 'testapp1.add_user'))
# Remove all roles from the project.
assign_roles([self.john, self.mike], Teacher, self.bob)
remove_all(Coordenator)
remove_all(Teacher)
self.assertEqual(list(get_users(Coordenator)), [])
self.assertEqual(list(get_users(Teacher)), [])
def remove_role(self, user, role_class=None):
return shortcuts.remove_role(user, role_class, self)
def remove_role(self, role_class=None, obj=None):
return shortcuts.remove_role(self, role_class, obj)
