def test_RegistrationAuthority_name_change(self):
ra = models.RegistrationAuthority.objects.create(name="Test RA")
user = get_user_model().objects.create_user('*****@*****.**','registrar')
# User isn't in RA... yet
self.assertFalse(perms.user_is_registrar(user,ra))
# Add user to RA, assert user is in RA
ra.giveRoleToUser('registrar',user)
# Caching issue, refresh from DB with correct permissions
user = get_user_model().objects.get(pk=user.pk)
self.assertTrue(perms.user_is_registrar(user,ra))
# Change name of RA, assert user is still in RA
ra.name = "Test RA2"
ra.save()
user = get_user_model().objects.get(pk=user.pk)
self.assertTrue(perms.user_is_registrar(user,ra))
# Add new RA with old RA's name, assert user is not in the new RA
newRA = models.RegistrationAuthority.objects.create(name="Test RA")
user = get_user_model().objects.get(pk=user.pk)
self.assertFalse(perms.user_is_registrar(user,newRA))
# Remove user to RA, assert user is no longer in RA
ra.removeRoleFromUser('registrar',user)
# Caching issue, refresh from DB with correct permissions
user = get_user_model().objects.get(pk=user.pk)
self.assertFalse(perms.user_is_registrar(user,ra))
def setUp(self):
super(TestSearch, self).setUp()
import haystack
haystack.connections.reload('default')
self.ra = models.RegistrationAuthority.objects.create(name="Kelly Act")
self.ra1 = models.RegistrationAuthority.objects.create(name="Superhuman Registration Act") # Anti-registration!
self.registrar = User.objects.create_user('stryker','*****@*****.**','mutantsMustDie')
self.ra.giveRoleToUser('registrar',self.registrar)
self.assertTrue(perms.user_is_registrar(self.registrar,self.ra))
xmen = "professorX cyclops iceman angel beast phoenix wolverine storm nightcrawler"
self.xmen_wg = models.Workgroup.objects.create(name="X Men")
self.xmen_wg.registrationAuthorities.add(self.ra)
self.xmen_wg.save()
self.item_xmen = [
models.ObjectClass.objects.create(name=t,description="known xman",workgroup=self.xmen_wg,readyToReview=True)\
for t in xmen.split() ]
for item in self.item_xmen:
self.ra.register(item,models.STATES.standard,self.registrar)
self.assertTrue(item.is_public())
avengers = "thor spiderman ironman hulk captainAmerica"
self.avengers_wg = models.Workgroup.objects.create(name="Avengers")
self.avengers_wg.registrationAuthorities.add(self.ra1)
self.item_avengers = [
models.ObjectClass.objects.create(name=t,workgroup=self.avengers_wg)
for t in avengers.split() ]
def test_registrar_search(self):
self.logout()
response = self.client.post(reverse('django.contrib.auth.views.login'),
{'username': '******', 'password': '******'})
self.assertEqual(response.status_code,302) # logged in
self.assertTrue(perms.user_is_registrar(self.registrar,self.ra))
dp = models.ObjectClass.objects.create(name="deadpool",
description="not really an xman, no matter how much he tries",
workgroup=self.xmen_wg,readyToReview=False)
dp = models.ObjectClass.objects.get(pk=dp.pk) # Un-cache
self.assertFalse(perms.user_can_view(self.registrar,dp))
self.assertFalse(dp.is_public())
response = self.client.get(reverse('aristotle:search')+"?q=xman")
self.assertFalse(dp in [x.object for x in response.context['page'].object_list])
for i in response.context['page'].object_list:
self.assertTrue(perms.user_can_view(self.registrar,i.object))
response = self.client.get(reverse('aristotle:search')+"?q=deadpool")
self.assertEqual(len(response.context['page'].object_list),0)
dp.readyToReview = True
dp.save()
dp = models.ObjectClass.objects.get(pk=dp.pk) # Un-cache
self.assertTrue(perms.user_can_view(self.registrar,dp))
# Stryker should be able to find items that are "ready for review" in his RA only.
response = self.client.get(reverse('aristotle:search')+"?q=deadpool")
self.assertEqual(len(response.context['page'].object_list),1)
self.assertEqual(response.context['page'].object_list[0].object.item,dp)
self.assertTrue(perms.user_can_view(self.registrar,response.context['page'].object_list[0].object))
def test_current_statuses_only_in_search_results_and_index(self):
# See issue #327
self.logout()
response = self.client.post(reverse('friendly_login'),
{'username': '******', 'password': '******'})
self.assertEqual(response.status_code,302) # logged in
self.assertTrue(perms.user_is_registrar(self.registrar,self.ra))
with reversion.create_revision():
dp = models.ObjectClass.objects.create(name="deadpool",
definition="not really an xman, no matter how much he tries",
workgroup=self.xmen_wg,readyToReview=True)
dp = models.ObjectClass.objects.get(pk=dp.pk) # Un-cache
self.assertTrue(perms.user_can_view(self.registrar,dp))
self.assertFalse(dp.is_public())
from django.utils import timezone
import datetime
self.ra.register(dp,models.STATES.incomplete,self.registrar,
registrationDate=timezone.now()+datetime.timedelta(days=-7)
)
self.ra.register(dp,models.STATES.standard,self.registrar,
registrationDate=timezone.now()+datetime.timedelta(days=-1)
)
response = self.client.get(reverse('aristotle:search')+"?q=deadpool")
self.assertEqual(len(response.context['page'].object_list),1)
dp_result = response.context['page'].object_list[0]
self.assertTrue(dp_result.object.name=="deadpool")
self.assertTrue(len(dp_result.statuses) == 1)
self.assertTrue(int(dp_result.statuses[0]) == int(models.STATES.standard))
def setUp(self):
super(TestSearch, self).setUp()
import haystack
haystack.connections.reload('default')
self.ra = models.RegistrationAuthority.objects.create(name="Kelly Act")
self.ra1 = models.RegistrationAuthority.objects.create(name="Superhuman Registration Act") # Anti-registration!
self.registrar = get_user_model().objects.create_user('stryker','*****@*****.**','mutantsMustDie')
self.ra.giveRoleToUser('registrar',self.registrar)
self.assertTrue(perms.user_is_registrar(self.registrar,self.ra))
xmen = "professorX cyclops iceman angel beast phoenix wolverine storm nightcrawler"
self.xmen_wg = models.Workgroup.objects.create(name="X Men")
# self.xmen_wg.registrationAuthorities.add(self.ra)
self.xmen_wg.save()
self.item_xmen = [
models.ObjectClass.objects.create(name=t,definition="known xman",workgroup=self.xmen_wg)\
for t in xmen.split()]
for item in self.item_xmen:
registered = self.ra.register(item,models.STATES.standard,self.su)
self.assertTrue(item in registered['success'])
item = models._concept.objects.get(pk=item.pk).item # Stupid cache
self.assertTrue(item.is_public())
avengers = "thor spiderman ironman hulk captainAmerica"
self.avengers_wg = models.Workgroup.objects.create(name="Avengers")
# self.avengers_wg.registrationAuthorities.add(self.ra1)
self.item_avengers = [
models.ObjectClass.objects.create(name=t,workgroup=self.avengers_wg)
for t in avengers.split()]
def get_context_data(self, *args, **kwargs):
kwargs = super().get_context_data(*args, **kwargs)
kwargs.update({
'review':
self.review,
'can_approve_review':
perms.user_can_approve_review(self.request.user, self.review),
'can_open_close_review':
perms.user_can_close_or_reopen_review(self.request.user,
self.review),
'can_edit_review':
perms.user_can_edit_review(self.request.user, self.review),
'is_registrar':
perms.user_is_registrar(self.request.user)
})
if hasattr(self, "active_tab_name"):
kwargs['active_tab'] = self.active_tab_name
if self.review.concepts.count() == 1:
# It's for a single item review, display in breadcrumbs
kwargs.update({
'single_item_review': True,
'item_under_review': self.review.concepts.first()
})
return kwargs
def test_visibility_restriction_facets(self):
# See issue #351
self.logout()
response = self.client.get(reverse('aristotle:search') + "?q=xman")
self.assertNotContains(response, 'Restriction')
response = self.client.post(reverse('friendly_login'), {
'username': '******',
'password': '******'
})
self.assertEqual(response.status_code, 302) # logged in
self.assertTrue(perms.user_is_registrar(self.registrar, self.ra))
with reversion.create_revision():
dp = models.ObjectClass.objects.create(
name="deadpool",
definition="not really an xman, no matter how much he tries",
workgroup=self.xmen_wg)
review = models.ReviewRequest.objects.create(
requester=self.su,
registration_authority=self.ra,
state=self.ra.public_state,
registration_date=datetime.date(2010, 1, 1))
review.concepts.add(dp)
dp = models.ObjectClass.objects.get(pk=dp.pk) # Un-cache
self.assertTrue(perms.user_can_view(self.registrar, dp))
self.assertFalse(dp.is_public())
self.ra.register(dp,
models.STATES.candidate,
self.registrar,
registrationDate=timezone.now() +
datetime.timedelta(days=-7))
response = self.client.get(reverse('aristotle:search') + "?q=xman")
self.assertContains(response, 'Restriction')
response = self.client.get(
reverse('aristotle:search') + "?q=xman&res=1")
self.assertNotContains(response, 'Restriction')
self.assertContains(response, 'Item visibility state is Locked')
self.assertEqual(len(response.context['page'].object_list), 1)
dp_result = response.context['page'].object_list[0]
self.assertTrue(dp_result.object.name == "deadpool")
self.assertTrue(len(dp_result.statuses) == 1)
self.assertTrue(dp_result.object.is_locked())
self.assertFalse(dp_result.object.is_public())
self.assertTrue(
int(dp_result.statuses[0]) == int(models.STATES.candidate))
def test_concept_autocomplete_statuses(self):
# see also
# tests.main.test_search.test_current_statuses_only_in_search_results_and_index
from django.contrib.auth.models import User
self.registrar = User.objects.create_user(
'stryker', '*****@*****.**', 'mutantsMustDie')
self.ra.giveRoleToUser('registrar', self.registrar)
self.logout()
response = self.client.post(reverse('friendly_login'), {
'username': '******',
'password': '******'
})
self.assertEqual(response.status_code, 302) # logged in
self.assertTrue(perms.user_is_registrar(self.registrar, self.ra))
dp = models.ObjectClass.objects.create(
name="deadpool",
definition="not really an xman, no matter how much he tries",
workgroup=self.wg1)
review = models.ReviewRequest.objects.create(
requester=self.su,
registration_authority=self.ra,
state=self.ra.public_state,
registration_date=datetime.date(2010, 1, 1))
review.concepts.add(dp)
dp = models.ObjectClass.objects.get(pk=dp.pk) # Un-cache
self.assertTrue(perms.user_can_view(self.registrar, dp))
self.assertFalse(dp.is_public())
self.ra.register(dp,
models.STATES.incomplete,
self.su,
registrationDate=timezone.now() +
datetime.timedelta(days=-7))
self.ra.register(dp,
models.STATES.standard,
self.su,
registrationDate=timezone.now() +
datetime.timedelta(days=-1))
response = self.client.get(
reverse('aristotle-autocomplete:concept',
args=['aristotle_mdr', 'objectclass']), {
'q': 'deadpoo',
})
self.assertContains(response, 'Standard')
self.assertNotContains(response, 'Incomplete')
def test_visibility_restriction_facets(self):
# See issue #351
self.logout()
response = self.client.get(reverse('aristotle:search')+"?q=xman")
self.assertTrue('Restriction' not in response.content)
response = self.client.post(reverse('friendly_login'),
{'username': '******', 'password': '******'})
self.assertEqual(response.status_code,302) # logged in
self.assertTrue(perms.user_is_registrar(self.registrar,self.ra))
with reversion.create_revision():
dp = models.ObjectClass.objects.create(name="deadpool",
definition="not really an xman, no matter how much he tries",
workgroup=self.xmen_wg)
review = models.ReviewRequest.objects.create(requester=self.su,registration_authority=self.ra)
review.concepts.add(dp)
dp = models.ObjectClass.objects.get(pk=dp.pk) # Un-cache
self.assertTrue(perms.user_can_view(self.registrar,dp))
self.assertFalse(dp.is_public())
from django.utils import timezone
import datetime
self.ra.register(dp,models.STATES.candidate,self.registrar,
registrationDate=timezone.now()+datetime.timedelta(days=-7)
)
response = self.client.get(reverse('aristotle:search')+"?q=xman")
self.assertTrue('Restriction' in response.content)
response = self.client.get(reverse('aristotle:search')+"?q=xman&res=1")
self.assertTrue('Restriction' not in response.content)
self.assertTrue('Item visibility state is Locked' in response.content)
self.assertEqual(len(response.context['page'].object_list),1)
dp_result = response.context['page'].object_list[0]
self.assertTrue(dp_result.object.name=="deadpool")
self.assertTrue(len(dp_result.statuses) == 1)
self.assertTrue(dp_result.object.is_locked())
self.assertFalse(dp_result.object.is_public())
self.assertTrue(int(dp_result.statuses[0]) == int(models.STATES.candidate))
def test_current_statuses_only_in_search_results_and_index(self):
# See issue #327
self.logout()
response = self.client.post(reverse('friendly_login'), {
'username': '******',
'password': '******'
})
self.assertEqual(response.status_code, 302) # logged in
self.assertTrue(perms.user_is_registrar(self.registrar, self.ra))
with reversion.create_revision():
dp = models.ObjectClass.objects.create(
name="deadpool",
definition="not really an xman, no matter how much he tries",
workgroup=self.xmen_wg)
review = models.ReviewRequest.objects.create(
requester=self.su, registration_authority=self.ra)
review.concepts.add(dp)
dp = models.ObjectClass.objects.get(pk=dp.pk) # Un-cache
self.assertTrue(perms.user_can_view(self.registrar, dp))
self.assertFalse(dp.is_public())
from django.utils import timezone
import datetime
self.ra.register(dp,
models.STATES.incomplete,
self.registrar,
registrationDate=timezone.now() +
datetime.timedelta(days=-7))
self.ra.register(dp,
models.STATES.standard,
self.registrar,
registrationDate=timezone.now() +
datetime.timedelta(days=-1))
response = self.client.get(reverse('aristotle:search') + "?q=deadpool")
self.assertEqual(len(response.context['page'].object_list), 1)
dp_result = response.context['page'].object_list[0]
self.assertTrue(dp_result.object.name == "deadpool")
self.assertTrue(len(dp_result.statuses) == 1)
self.assertTrue(
int(dp_result.statuses[0]) == int(models.STATES.standard))
def test_concept_autocomplete_statuses(self):
# see also
# tests.main.test_search.test_current_statuses_only_in_search_results_and_index
from django.contrib.auth.models import User
self.registrar = User.objects.create_user('stryker','*****@*****.**','mutantsMustDie')
self.ra.giveRoleToUser('registrar',self.registrar)
self.logout()
response = self.client.post(reverse('friendly_login'),
{'username': '******', 'password': '******'})
self.assertEqual(response.status_code,302) # logged in
self.assertTrue(perms.user_is_registrar(self.registrar,self.ra))
dp = models.ObjectClass.objects.create(name="deadpool",
definition="not really an xman, no matter how much he tries",
workgroup=self.wg1)
review = models.ReviewRequest.objects.create(requester=self.su,registration_authority=self.ra)
review.concepts.add(dp)
dp = models.ObjectClass.objects.get(pk=dp.pk) # Un-cache
self.assertTrue(perms.user_can_view(self.registrar,dp))
self.assertFalse(dp.is_public())
self.ra.register(dp,models.STATES.incomplete,self.su,
registrationDate=timezone.now()+datetime.timedelta(days=-7)
)
self.ra.register(dp,models.STATES.standard,self.su,
registrationDate=timezone.now()+datetime.timedelta(days=-1)
)
response = self.client.get(
reverse(
'aristotle-autocomplete:concept',
args=['aristotle_mdr', 'objectclass']
),
{
'q': 'deadpoo',
}
)
self.assertTrue('standard' in response.content.lower())
self.assertTrue('incomplete' not in response.content.lower())
def test_registrar_search(self):
self.logout()
response = self.client.post(reverse('friendly_login'), {
'username': '******',
'password': '******'
})
self.assertEqual(response.status_code, 302) # logged in
self.assertTrue(perms.user_is_registrar(self.registrar, self.ra))
with reversion.create_revision():
dp = models.ObjectClass.objects.create(
name="deadpool",
definition="not really an xman, no matter how much he tries",
workgroup=self.xmen_wg,
readyToReview=False)
dp = models.ObjectClass.objects.get(pk=dp.pk) # Un-cache
self.assertFalse(perms.user_can_view(self.registrar, dp))
self.assertFalse(dp.is_public())
response = self.client.get(reverse('aristotle:search') + "?q=xman")
self.assertFalse(
dp in [x.object for x in response.context['page'].object_list])
for i in response.context['page'].object_list:
self.assertTrue(perms.user_can_view(self.registrar, i.object))
response = self.client.get(reverse('aristotle:search') + "?q=deadpool")
self.assertEqual(len(response.context['page'].object_list), 0)
with reversion.create_revision():
dp.readyToReview = True
dp.save()
dp = models.ObjectClass.objects.get(pk=dp.pk) # Un-cache
self.assertTrue(perms.user_can_view(self.registrar, dp))
# Stryker should be able to find items that are "ready for review" in his RA only.
response = self.client.get(reverse('aristotle:search') + "?q=deadpool")
self.assertEqual(len(response.context['page'].object_list), 1)
self.assertEqual(response.context['page'].object_list[0].object.item,
dp)
self.assertTrue(
perms.user_can_view(
self.registrar,
response.context['page'].object_list[0].object))
def get_context_data(self, *args, **kwargs):
context = super().get_context_data(*args, **kwargs)
if self.request.user.is_anonymous:
context['isFavourite'] = False
else:
context['isFavourite'] = self.request.user.profile.is_favourite(
self.item)
aristotle_settings = fetch_aristotle_settings()
links_from, links_to = self.get_links()
context.update({
'last_edit':
Version.objects.get_for_object(self.item).first(),
# Only display viewable slots
'slots':
Slot.objects.get_item_allowed(self.item, self.user),
'item':
self.item,
'statuses':
self.item.current_statuses,
'discussions':
self.item.relatedDiscussions.all(),
'activetab':
'item',
'has_links':
links_from or links_to,
'links_from':
links_from,
'links_to':
links_to,
'custom_values':
self.get_custom_values(),
'submitting_organizations':
self.item.submitting_organizations,
'responsible_organizations':
self.item.responsible_organizations,
'infobox_identifier_name':
aristotle_settings['INFOBOX_IDENTIFIER_NAME']
})
# Add a list of viewable concept ids for fast visibility checks in
# templates
# Since its lazy we can do this every time :)
lazy_viewable_ids = SimpleLazyObject(lambda: list(
MDR._concept.objects.visible(self.user).values_list('id',
flat=True)))
context['viewable_ids'] = lazy_viewable_ids
# Permissions (so they are looked up once)
context.update({
'can_edit':
user_can_edit(self.user, self.item),
'can_publish':
user_can_publish_object(self.user, self.item),
'can_supersede':
user_can_supersede(self.user, self.item),
'can_add_status':
user_can_add_status(self.user, self.item),
'is_registrar':
user_is_registrar(self.user)
})
return context
def has_add_permission(self, request):
if perms.user_is_registrar(request.user):
return True
return super(StatusInline, self).has_add_permission(request)
def has_perm(self, user_obj, perm, obj=None):
if not user_obj.is_active:
return False
if user_obj.is_superuser:
return True
app_label, perm_name = perm.split('.', 1)
extensions = fetch_aristotle_settings().get('CONTENT_EXTENSIONS', [])
if app_label == "aristotle_mdr" and hasattr(perms, perm_name):
return getattr(perms, perm_name)(user_obj, obj)
from django.apps import apps
from aristotle_mdr.models import _concept
perm_parts = perm_name.split("_")
if len(perm_parts) == 2:
model = apps.get_model(app_label, perm_parts[1])
elif obj is not None:
model = type(obj)
else:
model = int
if app_label in extensions + ["aristotle_mdr"] and issubclass(model, _concept):
# This is required so that a user can correctly delete the 'concept' parent class in the admin site.
# This is a rough catch all, and is designed to indicate a user could
# delete an item type, but not a specific item.
if (
perm_name.startswith('delete_') or
perm_name.startswith('create_') or
perm_name.startswith('add_')
):
if obj is None:
return perms.user_is_editor(user_obj)
else:
return perms.user_can_edit(user_obj, obj)
if app_label in extensions + ["aristotle_mdr"]:
if perm_name == "delete_concept_from_admin":
return obj is None or perms.user_can_edit(user_obj, obj)
if perm == "aristotle_mdr.can_create_metadata":
return perms.user_is_editor(user_obj)
if perm == "aristotle_mdr.view_workgroup":
return perms.user_in_workgroup(user_obj, obj)
if perm == "aristotle_mdr.can_leave_workgroup":
return perms.user_in_workgroup(user_obj, obj)
if perm == "aristotle_mdr.change_workgroup_memberships":
return perms.user_is_workgroup_manager(user_obj, obj)
if perm == "aristotle_mdr.change_workgroup":
return perms.user_is_workgroup_manager(user_obj, obj)
if perm == "aristotle_mdr.can_archive_workgroup":
return perms.user_is_workgroup_manager(user_obj, obj)
if perm == "aristotle_mdr.can_view_discussions_in_workgroup":
return perms.user_in_workgroup(user_obj, obj)
if perm == "aristotle_mdr.can_post_discussion_in_workgroup":
return perms.user_in_workgroup(user_obj, obj)
if perm == "aristotle_mdr.can_view_discussion_post":
return perms.user_in_workgroup(user_obj, obj.workgroup)
if perm == "aristotle_mdr.view_registrationauthority_details":
return (
perms.user_is_registation_authority_manager(user_obj, obj) or
perms.user_is_registrar(user_obj, obj)
)
if perm == "aristotle_mdr.change_registrationauthority":
return perms.user_is_registation_authority_manager(user_obj, obj)
if perm == "aristotle_mdr.change_registrationauthority_memberships":
return perms.user_is_registation_authority_manager(user_obj, obj)
from aristotle_mdr.contrib.links import perms as link_perms
if perm == "aristotle_mdr_links.add_link":
return link_perms.user_can_make_link(user_obj)
return super().has_perm(user_obj, perm, obj)
def is_registrar(self):
return perms.user_is_registrar(self.user)
def has_perm(self, user_obj, perm, obj=None):
if not user_obj.is_active:
return False
if user_obj.is_superuser:
return True
app_label, perm_name = perm.split('.', 1)
extensions = fetch_aristotle_settings().get('CONTENT_EXTENSIONS', [])
if app_label == "aristotle_mdr" and hasattr(perms, perm_name):
return getattr(perms, perm_name)(user_obj, obj)
from django.apps import apps
from aristotle_mdr.models import _concept
perm_parts = perm_name.split("_")
if len(perm_parts) == 2:
model = apps.get_model(app_label, perm_parts[1])
else:
model = int
if app_label in extensions + ["aristotle_mdr"] and issubclass(
model, _concept):
# This is required so that a user can correctly delete the 'concept' parent class in the admin site.
# This is a rough catch all, and is designed to indicate a user could
# delete an item type, but not a specific item.
if (perm_name.startswith('delete_')
or perm_name.startswith('create_')
or perm_name.startswith('add_')):
if obj is None:
return perms.user_is_editor(user_obj)
else:
return perms.user_can_edit(user_obj, obj)
if app_label in extensions + ["aristotle_mdr"]:
if perm_name == "delete_concept_from_admin":
return obj is None or perms.user_can_edit(user_obj, obj)
if perm == "aristotle_mdr.can_create_metadata":
return perms.user_is_editor(user_obj)
if perm == "aristotle_mdr.view_workgroup":
return perms.user_in_workgroup(user_obj, obj)
if perm == "aristotle_mdr.can_leave_workgroup":
return perms.user_in_workgroup(user_obj, obj)
if perm == "aristotle_mdr.change_workgroup_memberships":
return perms.user_is_workgroup_manager(user_obj, obj)
if perm == "aristotle_mdr.change_workgroup":
return perms.user_is_workgroup_manager(user_obj, obj)
if perm == "aristotle_mdr.can_archive_workgroup":
return perms.user_is_workgroup_manager(user_obj, obj)
if perm == "aristotle_mdr.can_view_discussions_in_workgroup":
return perms.user_in_workgroup(user_obj, obj)
if perm == "aristotle_mdr.can_post_discussion_in_workgroup":
return perms.user_in_workgroup(user_obj, obj)
if perm == "aristotle_mdr.can_view_discussion_post":
return perms.user_in_workgroup(user_obj, obj.workgroup)
if perm == "aristotle_mdr.view_registrationauthority_details":
return (perms.user_is_registation_authority_manager(user_obj, obj)
or perms.user_is_registrar(user_obj, obj))
if perm == "aristotle_mdr.change_registrationauthority":
return perms.user_is_registation_authority_manager(user_obj, obj)
if perm == "aristotle_mdr.change_registrationauthority_memberships":
return perms.user_is_registation_authority_manager(user_obj, obj)
from aristotle_mdr.contrib.links import perms as link_perms
if perm == "aristotle_mdr_links.add_link":
return link_perms.user_can_make_link(user_obj)
return super(AristotleBackend, self).has_perm(user_obj, perm, obj)
def has_add_permission(self, request):
if perms.user_is_registrar(request.user):
return True
return super().has_add_permission(request)
def test_is_registrar(self):
self.assertTrue(perms.user_is_registrar(self.su))
def test_is_registrar(self):
self.assertTrue(perms.user_is_registrar(self.su))
ra = models.RegistrationAuthority.objects.create(name="Test RA")
self.assertTrue(perms.user_is_registrar(self.su,ra))
def can_use(cls, user):
return user_is_registrar(user)
def can_use(cls, user):
return user_is_registrar(user)
def is_registrar(self):
return perms.user_is_registrar(self.user)
def test_is_registrar(self):
self.assertTrue(perms.user_is_registrar(self.su))
ra = models.RegistrationAuthority.objects.create(name="Test RA", stewardship_organisation=self.steward_org_1)
self.assertTrue(perms.user_is_registrar(self.su,ra))
