def test_has_permission3(self): user = self.login(usertype="normal") self.assertFalse( has_permission(self.instance2, permit_view=user, permit_edit=user)) user.groups.add(self.user_group) user.save() self.assertTrue( has_permission(self.instance2, permit_view=user, permit_edit=user))
def test_has_permission1(self): anonymous = AnonymousUser() self.assertTrue( has_permission(self.instance1, permit_view=anonymous) ) self.assertFalse( has_permission(self.instance1, permit_edit=anonymous) )
def test_has_permission3(self): user = self.login(usertype="normal") self.assertFalse( has_permission(self.instance2, permit_view=user, permit_edit=user) ) user.groups.add(self.user_group) user.save() self.assertTrue( has_permission(self.instance2, permit_view=user, permit_edit=user) )
def test_has_permission2(self): anonymous = AnonymousUser() self.assertFalse( has_permission(self.instance2, permit_view=anonymous, permit_edit=anonymous))
def _why_cant_vote(request, poll): """ return a message why the user can't vote or return False if he can vote. Reasons are: * poll is not active * user has no permission * user has vote in the past * To many votes from this IP """ if not poll.active: return _("This poll is not active.") if not limit_to_usergroups.has_permission(poll, permit_vote=request.user): msg = _("You have no permission to vote this poll.") if settings.DEBUG: verbose_limit_name = limit_to_usergroups.get_verbose_limit_name( poll.permit_vote) msg += " (Limited to: %s)" % verbose_limit_name return msg if CHECK_COOKIES and _get_cookie_name(poll) in request.COOKIES: # Save that this user hase vote to this poll msg = _("You have vote for this in the past.") if settings.DEBUG: msg += " (Info from cookie)" return msg if CHECK_SESSION and poll.id in request.session.get("has_vote_polls", []): msg = _("You have vote for this in the past.") if settings.DEBUG: msg += " (Info from session)" return msg if request.user.is_authenticated(): # Save that this user hase vote to this poll if UserVotes.objects.filter(poll=poll, user=request.user).count() > 0: msg = _("You have vote for this in the past.") if settings.DEBUG: msg += " (Info from UserVotes model)" return msg if _ip_limit_reached(request, poll): msg = _("No more votes allowed.") if settings.DEBUG: ip = request.META['REMOTE_ADDR'] msg += " (Limit of %i votes from %s reached.)" % (poll.limit_ip, ip) return msg return False # user can vote
def _why_cant_vote(request, poll): """ return a message why the user can't vote or return False if he can vote. Reasons are: * poll is not active * user has no permission * user has vote in the past * To many votes from this IP """ if not poll.active: return _("This poll is not active.") if not limit_to_usergroups.has_permission(poll, permit_vote=request.user): msg = _("You have no permission to vote this poll.") if settings.DEBUG: verbose_limit_name = limit_to_usergroups.get_verbose_limit_name(poll.permit_vote) msg += " (Limited to: %s)" % verbose_limit_name return msg if CHECK_COOKIES and _get_cookie_name(poll) in request.COOKIES: # Save that this user hase vote to this poll msg = _("You have vote for this in the past.") if settings.DEBUG: msg += " (Info from cookie)" return msg if CHECK_SESSION and poll.id in request.session.get("has_vote_polls", []): msg = _("You have vote for this in the past.") if settings.DEBUG: msg += " (Info from session)" return msg if request.user.is_authenticated(): # Save that this user hase vote to this poll if UserVotes.objects.filter(poll=poll, user=request.user).count() > 0: msg = _("You have vote for this in the past.") if settings.DEBUG: msg += " (Info from UserVotes model)" return msg if _ip_limit_reached(request, poll): msg = _("No more votes allowed.") if settings.DEBUG: ip = request.META['REMOTE_ADDR'] msg += " (Limit of %i votes from %s reached.)" % (poll.limit_ip, ip) return msg return False # user can vote
def lucidTag(request, id=None): """ Add a poll to the page content. {% lucidTag poll %} Display the newest, voteable poll. {% lucidTag poll id=X %} Display a specific poll. (Look into admin changelist to the the right ID) {% lucidTag poll.all_polls %} Display all existing polls. Filter with 'hide_deactivated' and/or 'not_voteable' example: {% lucidTag poll id=23 %} {% lucidTag poll.all_polls hide_deactivated=True %} {% lucidTag poll.all_polls not_voteable=True %} {% lucidTag poll.all_polls hide_deactivated=True not_voteable=True %} """ if id is None: # Display the newest, voteable poll queryset = Poll.on_site.filter(active=True).order_by("createtime") polls = limit_to_usergroups.filter_permission(queryset, permit_vote=request.user) if not polls: return render_to_response( "poll/no_active_poll.html", context_instance=RequestContext(request) ) poll = polls[0] else: # Display a definite poll poll = _get_poll_or_404(id) if not limit_to_usergroups.has_permission(poll, permit_view=request.user): if settings.DEBUG: return "[No permissions to see this poll]" return "" response = _get_poll_content(request, poll) return response
def lucidTag(request, id=None): """ Add a poll to the page content. {% lucidTag poll %} Display the newest, voteable poll. {% lucidTag poll id=X %} Display a specific poll. (Look into admin changelist to the the right ID) {% lucidTag poll.all_polls %} Display all existing polls. Filter with 'hide_deactivated' and/or 'not_voteable' example: {% lucidTag poll id=23 %} {% lucidTag poll.all_polls hide_deactivated=True %} {% lucidTag poll.all_polls not_voteable=True %} {% lucidTag poll.all_polls hide_deactivated=True not_voteable=True %} """ if id is None: # Display the newest, voteable poll queryset = Poll.on_site.filter(active=True).order_by("createtime") polls = limit_to_usergroups.filter_permission(queryset, permit_vote=request.user) if not polls: return render_to_response("poll/no_active_poll.html", context_instance=RequestContext(request)) poll = polls[0] else: # Display a definite poll poll = _get_poll_or_404(id) if not limit_to_usergroups.has_permission(poll, permit_view=request.user): if settings.DEBUG: return "[No permissions to see this poll]" return "" response = _get_poll_content(request, poll) return response
def _vote(request): id = request.GET["id"] poll = _get_poll_or_404(id) if not poll.active: messages.error(request, _("This poll is not active!")) return HttpResponseRedirect(request.path) if not limit_to_usergroups.has_permission(poll, permit_vote=request.user): msg = _("You have no permission to vote this poll.") if settings.DEBUG: verbose_limit_name = limit_to_usergroups.get_verbose_limit_name(poll.permit_vote) msg += " (Vote limited to: %s)" % verbose_limit_name messages.error(request, msg) return HttpResponseRedirect(request.path) if not limit_to_usergroups.has_permission(poll, permit_view=request.user): msg = _("You have no permission to vote this poll.") if settings.DEBUG: verbose_limit_name = limit_to_usergroups.get_verbose_limit_name(poll.permit_vote) msg += " (View limited to: %s)" % verbose_limit_name messages.error(request, msg) return HttpResponseRedirect(request.path) if _ip_limit_reached(request, poll): # debug message are created messages.error(request, _("No more votes allowed.")) return HttpResponseRedirect(request.path) try: choice = request.POST["choice"] except KeyError: messages.error(request, _("You didn't select a choice.")) return HttpResponseRedirect(request.path) try: selected_choice = poll.choice_set.get(pk=choice) except Choice.DoesNotExist: messages.error(request, _("Choice is not valid.")) return HttpResponseRedirect(request.path) selected_choice.votes += 1 selected_choice.save() messages.success(request, _("You choice was saved")) if "has_vote_polls" in request.session: request.session["has_vote_polls"].append(poll.id) else: request.session["has_vote_polls"] = [poll.id] if request.user.is_authenticated(): # Save that this user hase vote to this poll UserVotes.objects.create(poll=poll, user=request.user) if poll.limit_ip > 0: # Save that this IP has vote to this poll. ip = request.META['REMOTE_ADDR'] ipvotes, created = IPVotes.objects.get_or_create(poll=poll, ip=ip) if not created: ipvotes.count += 1 ipvotes.save() response = HttpResponseRedirect(request.path) # Save that this user hase vote to this poll response.set_cookie(_get_cookie_name(poll), value="1") return response
def _vote(request): id = request.GET["id"] poll = _get_poll_or_404(id) if not poll.active: messages.error(request, _("This poll is not active!")) return HttpResponseRedirect(request.path) if not limit_to_usergroups.has_permission(poll, permit_vote=request.user): msg = _("You have no permission to vote this poll.") if settings.DEBUG: verbose_limit_name = limit_to_usergroups.get_verbose_limit_name( poll.permit_vote) msg += " (Vote limited to: %s)" % verbose_limit_name messages.error(request, msg) return HttpResponseRedirect(request.path) if not limit_to_usergroups.has_permission(poll, permit_view=request.user): msg = _("You have no permission to vote this poll.") if settings.DEBUG: verbose_limit_name = limit_to_usergroups.get_verbose_limit_name( poll.permit_vote) msg += " (View limited to: %s)" % verbose_limit_name messages.error(request, msg) return HttpResponseRedirect(request.path) if _ip_limit_reached(request, poll): # debug message are created messages.error(request, _("No more votes allowed.")) return HttpResponseRedirect(request.path) try: choice = request.POST["choice"] except KeyError: messages.error(request, _("You didn't select a choice.")) return HttpResponseRedirect(request.path) try: selected_choice = poll.choice_set.get(pk=choice) except Choice.DoesNotExist: messages.error(request, _("Choice is not valid.")) return HttpResponseRedirect(request.path) selected_choice.votes += 1 selected_choice.save() messages.success(request, _("You choice was saved")) if "has_vote_polls" in request.session: request.session["has_vote_polls"].append(poll.id) else: request.session["has_vote_polls"] = [poll.id] if request.user.is_authenticated(): # Save that this user hase vote to this poll UserVotes.objects.create(poll=poll, user=request.user) if poll.limit_ip > 0: # Save that this IP has vote to this poll. ip = request.META['REMOTE_ADDR'] ipvotes, created = IPVotes.objects.get_or_create(poll=poll, ip=ip) if not created: ipvotes.count += 1 ipvotes.save() response = HttpResponseRedirect(request.path) # Save that this user hase vote to this poll response.set_cookie(_get_cookie_name(poll), value="1") return response