def test_clear_permissions_on_staff_role(self):
role = PermafrostRole(name="Bobs Staff Group", category="staff")
role.save()
role.permissions_add(self.perm_view_permafrostrole)
role.permissions_clear()
role.users_add(self.staffuser) # Add user to the Group
perms = list(self.staffuser.get_all_permissions())
self.assertEqual([perm.name for perm in role.group.permissions.all()], ['Can view Role']) # Make sure the required permission is present in the group
self.assertEqual(role.group.name, "1_staff_bobs-staff-group") # Checks that the user is created
self.assertListEqual(perms, ['permafrost.view_permafrostrole'])
def test_clear_permissions_on_administration_role(self):
role = PermafrostRole(name="Bobs Administration Group", category="administration")
role.save()
role.permissions_add(self.perm_view_permafrostrole)
role.permissions_clear()
role.users_add(self.administrationuser) # Add user to the Group
perms = list(self.administrationuser.get_all_permissions())
perms.sort()
self.assertListEqual([perm.name for perm in role.group.permissions.all()], ['Can add Role', 'Can change Role', 'Can view Role']) # Make sure the required permission is present in the group
self.assertEqual(role.group.name, "1_administration_bobs-administration-group") # Checks that the user is created
self.assertListEqual(perms, ['permafrost.add_permafrostrole', 'permafrost.change_permafrostrole', 'permafrost.view_permafrostrole'])
def test_clear_permissions_on_user_role(self):
'''
Test that clearning permissions restores them to just the required.
'''
role = PermafrostRole(name="Bobs Super Group", category="user")
role.save()
role.permissions_add(self.perm_view_permafrostrole)
role.permissions_clear()
role.users_add(self.user)
perms = list(self.user.get_all_permissions())
self.assertEqual(list(role.group.permissions.all()), []) # Check the permissions on the group
self.assertEqual(role.group.name, "1_user_bobs-super-group") # Checks that the user is created
self.assertListEqual(perms, [])
def test_add_not_allowed_to_user_role(self):
'''
Test that a permission that is not optional or required can be added
'''
role = PermafrostRole(name="Bobs Super Group", category="user")
role.save()
role.permissions_add(self.perm_delete_permafrostrole)
role.users_add(self.user)
perms = list(self.user.get_all_permissions())
self.assertEqual(list(role.group.permissions.all()), []) # Check the permissions on the group
self.assertEqual(role.group.name, "1_user_bobs-super-group") # Checks that the user is created
self.assertListEqual(perms, [])
def test_add_optional_to_user_role(self):
'''
Test that the optional role can be added
'''
role = PermafrostRole(name="Bobs Super Group", category="user")
role.save()
role.permissions_add(self.perm_view_permafrostrole)
role.users_add(self.user)
perms = list(self.user.get_all_permissions())
self.assertListEqual(list(role.group.permissions.all()), [self.perm_view_permafrostrole]) # Check the permissions on the group
self.assertEqual(role.group.name, "1_user_bobs-super-group") # Checks that the user is created
self.assertListEqual(perms, ["permafrost.view_permafrostrole"])
def test_add_not_allowed_to_staff_role(self):
'''
Test that a permission that is not optional or required can be added
'''
role = PermafrostRole(name="Bobs Staff Group", category="staff")
role.save()
role.permissions_add(self.perm_delete_permafrostrole)
role.users_add(self.staffuser)
perms = list(self.staffuser.get_all_permissions())
self.assertEqual([perm.name for perm in role.group.permissions.all()], ['Can view Role']) # Make sure the required permission is present in the group
self.assertEqual(role.group.name, "1_staff_bobs-staff-group") # Checks that the user is created
self.assertListEqual(perms, ['permafrost.view_permafrostrole'])
def test_add_optional_to_staff_role(self):
'''
Test that the optional role can be added
'''
role = PermafrostRole(name="Bobs Staff Group", category="staff")
role.save()
role.permissions_add(self.perm_change_permafrostrole)
role.users_add(self.staffuser) # Add user to the Group
perms = list(self.staffuser.get_all_permissions())
perms.sort()
self.assertListEqual(list(role.group.permissions.all()), [self.perm_change_permafrostrole, self.perm_view_permafrostrole]) # Check the permissions on the group
self.assertEqual(role.group.name, "1_staff_bobs-staff-group") # Checks that the user is created
self.assertListEqual(perms, ['permafrost.change_permafrostrole', 'permafrost.view_permafrostrole'])
def test_role_rename_updates_group(self):
'''
Make sure renaming the PermafrostRole properly renames the Django Group model.
'''
role = PermafrostRole(name="Awesome Students", category="user")
role.save()
pk_check = role.group.pk
self.assertEqual(role.group.name, "1_user_awesome-students")
role.name = "OK Students"
role.save()
new_role_group = Group.objects.get(name=role.get_group_name())
self.assertEqual(role.group.name, "1_user_ok-students")
self.assertEqual(role.group.pk, pk_check) # Make sure a new group was not generated
def test_create_user_role(self):
'''
Test that creating a PermafrostRole creates a matching Group
'''
role = PermafrostRole(name="Bobs Super Group", category="user")
role.save()
role.users_add(self.user)
perms = list(self.user.get_all_permissions())
self.assertEqual(list(role.group.permissions.all()), []) # Check the permissions on the group
self.assertEqual(role.group.name, "1_user_bobs-super-group") # Checks that the user is created
self.assertEqual(perms, [])
def test_delete_role_deletes_group(self):
role = PermafrostRole(name="Awesome Students", category="user")
role.save()
group = role.group
group_name = group.name
self.assertEqual(role.group.name, "1_user_awesome-students")
role.delete()
with self.assertRaises(Group.DoesNotExist):
group = Group.objects.get(name=group_name)
def test_create_duplicate_role(self):
'''
Test that creating a PermafrostRole of the same name producers and error
'''
role_a = PermafrostRole(name="Bobs Super Group",
site=self.site_1,
category="user")
role_a.save()
role_c = PermafrostRole(name="Bobs Super Group",
site=self.site_2,
category="user")
role_c.save()
with self.assertRaises(IntegrityError):
with transaction.atomic():
role_b = PermafrostRole(name="Bobs Super Group",
site=self.site_2,
category="user")
role_b.save()
with transaction.atomic():
role_d = PermafrostRole(name="Bobs Super Group",
site=self.site_2,
category="staff")
role_d.save()