def get_required_permissions(self):
return (
get_permissions_from_urls(self.get_urls()) |
get_default_model_permissions(Contact) |
get_default_model_permissions(Order) |
get_default_model_permissions(Product)
)
def test_valid_permissions_for_all_modules():
"""
If a module requires permissions, make sure all url and module-
level permissions are valid.
"""
for module in get_modules():
url_permissions = set(get_permissions_from_urls(module.get_urls()))
module_permissions = set(module.get_required_permissions())
for permission in (url_permissions | module_permissions):
assert get_permission_object_from_string(permission)
def test_valid_permissions_for_all_modules():
"""
If a module requires permissions, make sure all url and module-
level permissions are valid.
"""
for module in get_modules():
url_permissions = set(get_permissions_from_urls(module.get_urls()))
module_permissions = set(module.get_required_permissions())
for permission in (url_permissions | module_permissions):
assert get_permission_object_from_string(permission)
def __init__(self, *args, **kwargs):
super(PermissionGroupForm, self).__init__(*args, **kwargs)
self.fields["name"].help_text = _("The permission group name.")
initial_members = self._get_initial_members()
members_field = Select2MultipleField(
model=get_user_model(),
initial=[member.pk for member in initial_members],
required=False,
label=_("Members"),
help_text=_("Set the users that belong to this permission group.")
)
members_field.widget.choices = [(member.pk, force_text(member)) for member in initial_members]
self.fields["members"] = members_field
initial_permissions = list(get_permissions_from_group(self.instance.pk)) if self.instance.pk else []
self.admin_modules = self._get_module_choices()
for admin_module in self.admin_modules:
all_permissions_granted = True
partial_permissions_granted = False
admin_module.required_permissions_fields = []
admin_module.per_view_permissions_fields = []
for required_permission in admin_module.get_required_permissions():
field_id = "perm:{}".format(required_permission)
self.fields[field_id] = forms.BooleanField(
required=False,
label=required_permission,
initial=(required_permission in initial_permissions)
)
admin_module.required_permissions_fields.append(field_id)
if required_permission in initial_permissions:
partial_permissions_granted = True
else:
all_permissions_granted = False
extra_permissions = (
list(get_permissions_from_urls(admin_module.get_urls())) +
list(admin_module.get_extra_permissions())
)
for permission in extra_permissions:
field_id = "perm:{}".format(permission)
self.fields[field_id] = forms.BooleanField(
required=False,
label=permission,
initial=(permission in initial_permissions)
)
admin_module.per_view_permissions_fields.append(field_id)
if permission in initial_permissions:
partial_permissions_granted = True
else:
all_permissions_granted = False
admin_module.all_permissions_granted = all_permissions_granted
admin_module.partial_permissions_granted = False if all_permissions_granted else partial_permissions_granted
def __init__(self, *args, **kwargs):
super(PermissionGroupForm, self).__init__(*args, **kwargs)
self.fields["name"].help_text = _("The Permission Group name.")
initial_members = self._get_initial_members()
members_field = Select2MultipleField(
model=get_user_model(),
initial=[member.pk for member in initial_members],
required=False,
label=_("Members"),
help_text=_("Set the users that belong to this Permission Group."),
)
members_field.widget.choices = [(member.pk, force_text(member))
for member in initial_members]
self.fields["members"] = members_field
initial_permissions = list(get_permissions_from_group(
self.instance.pk)) if self.instance.pk else []
self.admin_modules = self._get_module_choices()
for admin_module in self.admin_modules:
all_permissions_granted = True
partial_permissions_granted = False
admin_module.required_permissions_fields = []
admin_module.per_view_permissions_fields = []
for required_permission in admin_module.get_required_permissions():
field_id = "perm:{}".format(required_permission)
self.fields[field_id] = forms.BooleanField(
required=False,
label=required_permission,
initial=(required_permission in initial_permissions))
admin_module.required_permissions_fields.append(field_id)
if required_permission in initial_permissions:
partial_permissions_granted = True
else:
all_permissions_granted = False
extra_permissions = list(
get_permissions_from_urls(admin_module.get_urls())) + list(
admin_module.get_extra_permissions())
for permission in extra_permissions:
field_id = "perm:{}".format(permission)
self.fields[field_id] = forms.BooleanField(
required=False,
label=permission,
initial=(permission in initial_permissions))
admin_module.per_view_permissions_fields.append(field_id)
if permission in initial_permissions:
partial_permissions_granted = True
else:
all_permissions_granted = False
admin_module.all_permissions_granted = all_permissions_granted
admin_module.partial_permissions_granted = False if all_permissions_granted else partial_permissions_granted
def test_valid_permissions_for_all_modules():
"""
If a module requires permissions, make sure all url and module-
level permissions are valid.
Modules that add permissions using migrations must be checked
manually since their permissions will not be in the test database.
"""
for module in get_modules():
url_permissions = set(get_permissions_from_urls(module.get_urls()))
module_permissions = set(module.get_required_permissions())
for permission in (url_permissions | module_permissions):
# Only requirement for permissions are that they
# are list of strings
assert isinstance(permission, six.string_types)
def test_valid_permissions_for_all_modules():
"""
If a module requires permissions, make sure all url and module-
level permissions are valid.
Modules that add permissions using migrations must be checked
manually since their permissions will not be in the test database.
"""
for module in get_modules():
url_permissions = set(get_permissions_from_urls(module.get_urls()))
module_permissions = set(module.get_required_permissions())
for permission in (url_permissions | module_permissions):
# Only requirement for permissions are that they
# are list of strings
assert isinstance(permission, six.string_types)
def test_valid_permissions_for_all_modules():
"""
If a module requires permissions, make sure all url and module-
level permissions are valid.
Modules that add permissions using migrations must be checked
manually since their permissions will not be in the test database.
"""
for module in get_modules():
url_permissions = set(get_permissions_from_urls(module.get_urls()))
module_permissions = set(module.get_required_permissions())
for permission in (url_permissions | module_permissions):
if module.__class__ in migrated_permissions:
assert permission in migrated_permissions[module.__class__]
else:
assert get_permission_object_from_string(permission)
def test_valid_permissions_for_all_modules():
"""
If a module requires permissions, make sure all url and module-
level permissions are valid.
Modules that add permissions using migrations must be checked
manually since their permissions will not be in the test database.
"""
for module in get_modules():
url_permissions = set(get_permissions_from_urls(module.get_urls()))
module_permissions = set(module.get_required_permissions())
for permission in (url_permissions | module_permissions):
if module.__class__ in migrated_permissions:
assert permission in migrated_permissions[module.__class__]
else:
assert get_permission_object_from_string(permission)
def __init__(self, *args, **kwargs):
super(PermissionGroupForm, self).__init__(*args, **kwargs)
self.fields["name"].help_text = _("The Permission Group name.")
initial_permissions = list(get_permissions_from_group(
self.instance.pk)) if self.instance.pk else []
self.admin_modules = self._get_module_choices()
for admin_module in self.admin_modules:
all_permissions_granted = True
partial_permissions_granted = False
admin_module.required_permissions_fields = []
admin_module.per_view_permissions_fields = []
help_texts = admin_module.get_permissions_help_texts()
for required_permission in admin_module.get_required_permissions():
field_id = "perm:{}".format(required_permission)
self.fields[field_id] = forms.BooleanField(
required=False,
label=required_permission,
initial=(required_permission in initial_permissions),
help_text=help_texts.get(required_permission),
)
admin_module.required_permissions_fields.append(field_id)
if required_permission in initial_permissions:
partial_permissions_granted = True
else:
all_permissions_granted = False
extra_permissions = list(
get_permissions_from_urls(admin_module.get_urls())) + list(
admin_module.get_extra_permissions())
for permission in extra_permissions:
field_id = "perm:{}".format(permission)
self.fields[field_id] = forms.BooleanField(
required=False,
label=permission,
initial=(permission in initial_permissions),
help_text=help_texts.get(permission),
)
admin_module.per_view_permissions_fields.append(field_id)
if permission in initial_permissions:
partial_permissions_granted = True
else:
all_permissions_granted = False
admin_module.all_permissions_granted = all_permissions_granted
admin_module.partial_permissions_granted = False if all_permissions_granted else partial_permissions_granted
def test_browser_config_as_shop_staff(rf):
shop = factories.get_default_shop()
staff_user = factories.UserFactory(is_staff=True)
permission_group = factories.get_default_permission_group()
staff_user.groups.add(permission_group)
shop.staff_members.add(staff_user)
request = apply_request_middleware(rf.post("/"), user=staff_user)
urls = get_browser_urls(request)
# staff does not have media permission
assert urls["media"] is None
set_permissions_for_group(permission_group, ["media.browse"])
urls = get_browser_urls(request)
assert urls["media"] == reverse("shuup_admin:media.browse")
media_module_permission_urls = set(get_permissions_from_urls(MediaModule().get_urls()))
assert "media.browse" in media_module_permission_urls
assert "shuup_admin:media.browse" not in media_module_permission_urls
def get_required_permissions(self):
return get_permissions_from_urls(self.get_urls())
def get_required_permissions(self):
return get_permissions_from_urls(self.get_urls())
def get_required_permissions(self):
return get_permissions_from_urls(
self.get_urls()) | get_default_model_permissions(Contact)
def get_required_permissions(self):
return get_permissions_from_urls(self.get_urls()) | get_default_model_permissions(Product)