def test(self):
from bop.managers import UserObjectManager
UserObjectManager().contribute_to_class(Thing, 'objects')
self.assertEqual(Thing.objects.count(), 1)
self.assertEqual(ObjectPermission.objects.get_for_model(Thing).count(), 0)
self.assertEqual(Thing.objects.get_user_objects(self.testuser).count(), 0)
thinga = Thing(label='thinga')
thinga.save()
thingb = Thing(label='thingb')
thingb.save()
grant(self.testuser, None, 'bop.change_thing', thinga)
self.assertEqual(Thing.objects.get_user_objects(self.testuser).count(), 1)
grant(self.testuser, None, 'bop.do_thing', thinga)
self.assertEqual(Thing.objects.get_user_objects(self.testuser).count(), 1)
grant(self.testuser, None, 'bop.do_thing', thingb)
self.assertEqual(Thing.objects.get_user_objects(self.testuser).count(), 2)
# Now check for a specific perm
self.assertEqual(Thing.objects.get_user_objects(self.testuser, 'bop.do_thing').count(), 2)
self.assertEqual(Thing.objects.get_user_objects(self.testuser, permissions='bop.change_thing').count(), 1)
# And now for something completely different
ct = ContentType.objects.get_for_model(Thing)
permd = Permission.objects.get(codename='delete_thing', content_type=ct)
self.testuser.user_permissions.add(permd)
self.assertEqual(Thing.objects.get_user_objects(self.testuser, 'bop.change_thing').count(), 1)
self.assertEqual(Thing.objects.get_user_objects(self.testuser, permissions='bop.change_thing').count(), 1)
self.assertEqual(Thing.objects.get_user_objects(self.testuser, 'bop.delete_thing', True).count(), 3)
self.assertEqual(Thing.objects.get_user_objects(self.testuser, check_model_perms=True).count(), 3)
self.assertEqual(Thing.objects.get_user_objects(self.testuser, None, True).count(), 3)
def testGrantRevoke(self):
testa = User.objects.create_user('test-a', '*****@*****.**', 'test-a')
testb = User.objects.create_user('test-b', '*****@*****.**', 'test-b')
testga, _ = Group.objects.get_or_create(name='test-ga')
testgb, _ = Group.objects.get_or_create(name='test-gb')
testa.groups.add(testga)
testb.groups.add(testgb)
perms = Permission.objects.filter(content_type=self.content_type)
objects = self.thing
self.assertEqual(ObjectPermission.objects.count(), 0)
grant([testa], [testga, testgb], perms, objects)
self.assertEqual(ObjectPermission.objects.count(), 15)
revoke(None, [testga, testgb], perms, objects)
revoke(None, [testga, testgb], perms, objects)
self.assertEqual(ObjectPermission.objects.count(), 5)
# Try again (should have no consequences)
revoke(None, [testga, testgb], perms, objects)
self.assertEqual(ObjectPermission.objects.count(), 5)
# arbitrary object
grant([testa], [testga, testgb], perms, object())
self.assertEqual(ObjectPermission.objects.count(), 5)
# Just pass names (except for the objects)
grant(None, testga.name, 'bop.delete_thing', self.thing)
self.assertEqual(ObjectPermission.objects.count(), 6)
# non-existing permisions
grant(None, testga.name, 'bop.wrong_thing', self.thing)
self.assertEqual(ObjectPermission.objects.count(), 6)
revoke(None, testga.name, 'bop.wrong_thing', self.thing)
self.assertEqual(ObjectPermission.objects.count(), 6)
# non-existing group
grant(None, 'InternationalOrganisationOfAnarchists', 'bop.change_thing', self.thing)
self.assertEqual(ObjectPermission.objects.count(), 6)
revoke(None, 'InternationalOrganisationOfAnarchists', 'bop.change_thing', self.thing)
self.assertEqual(ObjectPermission.objects.count(), 6)
# non-existing user
grant(AnonymousUser(), None, 'bop.change_thing', self.thing)
self.assertEqual(ObjectPermission.objects.count(), 6)
revoke(AnonymousUser(), None, 'bop.change_thing', self.thing)
self.assertEqual(ObjectPermission.objects.count(), 6)
revoke(None, testga.name, 'bop.delete_thing', self.thing)
self.assertEqual(ObjectPermission.objects.count(), 5)
# use a queryset: revoke thing-perms (see above) for all users
revoke(User.objects.all(), None, perms, self.thing)
self.assertEqual(ObjectPermission.objects.count(), 0)
testa.delete()
testb.delete()
testga.delete()
testgb.delete()