def setUp(self):
mock_handler = Mock(**{
'has_perm.return_value': False,
'get_permissions.return_value': 'permission.add_article',
})
mock_request = Mock()
mock_request.META = Mock()
mock_request.user = Mock()
mock_request.user.is_active.return_value = True
mock_request.user.is_authenticated.return_value = True
mock_request.user.has_perm.side_effect = mock_handler.has_perm
self.mock_handler = mock_handler
self.mock_request = mock_request
# store original registry
self._original_registry = registry._registry
# clear registry and register mock handler
registry._registry = {}
registry.register(
Article,
Mock(return_value=self.mock_handler)
)
self.view_func = Mock(return_value=HttpResponse())
self.decorated = permission_required('permission.add_article')(self.view_func)
self.decorated_exc = permission_required('permission.add_article',
raise_exception=True)(self.view_func)
def setUp(self):
mock_handler = Mock(**{
'has_perm.return_value': False,
'get_permissions.return_value': 'permission.add_article',
})
mock_request = Mock()
mock_request.META = Mock()
mock_request.user = Mock()
mock_request.user.is_active.return_value = True
mock_request.user.is_authenticated.return_value = True
mock_request.user.has_perm.side_effect = mock_handler.has_perm
self.mock_handler = mock_handler
self.mock_request = mock_request
# store original registry
self._original_registry = registry._registry
# clear registry and register mock handler
registry._registry = {}
registry.register(
Article,
Mock(return_value=self.mock_handler)
)
self.view_func = Mock(return_value=HttpResponse)
view_class = type('MockView', (View,), {})
view_class.dispatch = self.view_func
view_class.dispatch = permission_required('permission.add_article')(view_class.dispatch)
view_class_exc = type('MockView', (View,), {})
view_class_exc.dispatch = self.view_func
view_class_exc.dispatch = permission_required('permission.add_article',
raise_exception=True)(view_class_exc.dispatch)
self.view_class_exc = view_class_exc
def test_registry_unregister(self):
from permission.handlers import Registry
from permission.exceptions import NotRegistered
registry = Registry()
registry.register(Article, PermissionHandler)
registry.unregister(Article)
self.assertEqual(len(registry._registry), 0)
# non registered entry should raise NotRegistered
self.assertRaises(NotRegistered, registry.unregister, Article)
def test_registry_unregister(self):
from permission.handlers import Registry
from permission.exceptions import NotRegistered
registry = Registry()
registry.register(Article, PermissionHandler)
registry.unregister(Article)
self.assertEqual(len(registry._registry), 0)
# non registered entry should raise NotRegistered
self.assertRaises(NotRegistered, registry.unregister, Article)
def test_registry_register(self):
from permission.handlers import Registry
from permission.exceptions import AlreadyRegistered
registry = Registry()
registry.register(Article, PermissionHandler)
self.assertEqual(len(registry._registry), 1)
self.assertTrue(
isinstance(registry._registry[Article], PermissionHandler))
# duplicate entry should raise AlreadyRegistered
self.assertRaises(AlreadyRegistered, registry.register, Article,
PermissionHandler)
def test_permissionif_tag_with_obj(self):
from permission import registry
from permission import PermissionHandler
from permission.models import Role
user = create_user('permission_templatetag_test_user1')
role1 = create_role('permission_templatetag_test_role1')
role2 = create_role('permission_templatetag_test_role2')
perm = create_permission('permission_templatetag_test_perm1')
class RolePermissionHandler(PermissionHandler):
def has_perm(self, user_obj, perm, obj=None):
if perm == 'permission.permission_templatetag_test_perm1':
if obj and obj.codename == 'permission_templatetag_test_role2':
return True
return False
registry.register(Role, RolePermissionHandler)
self.assertFalse(
user.has_perm('permission.permission_templatetag_test_perm1'))
self.assertFalse(
user.has_perm('permission.permission_templatetag_test_perm1',
role1))
self.assertTrue(
user.has_perm('permission.permission_templatetag_test_perm1',
role2))
context = Context({
'user': user,
'role1': role1,
'role2': role2,
})
out = Template(
"{% load permission_tags %}"
"{% permission user has 'permission.permission_templatetag_test_perm1' %}"
"Fail"
"{% elpermission user has 'permission.permission_templatetag_test_perm1' of role1 %}"
"Fail"
"{% elpermission user has 'permission.permission_templatetag_test_perm1' of role2 %}"
"Success"
"{% else %}"
"Fail"
"{% endpermission %}").render(context)
self.assertEqual(out, "Success")
def test_registry_register(self):
from permission.handlers import Registry
from permission.exceptions import AlreadyRegistered
registry = Registry()
registry.register(Article, PermissionHandler)
self.assertEqual(len(registry._registry), 1)
self.assertTrue(isinstance(
registry._registry[Article],
PermissionHandler
))
# duplicate entry should raise AlreadyRegistered
self.assertRaises(
AlreadyRegistered,
registry.register,
Article, PermissionHandler
)
def test_permissionif_tag_with_obj(self):
from permission import registry
from permission import PermissionHandler
from permission.models import Role
user = create_user('permission_templatetag_test_user1')
role1 = create_role('permission_templatetag_test_role1')
role2 = create_role('permission_templatetag_test_role2')
perm = create_permission('permission_templatetag_test_perm1')
class RolePermissionHandler(PermissionHandler):
def has_perm(self, user_obj, perm, obj=None):
if perm == 'permission.permission_templatetag_test_perm1':
if obj and obj.codename == 'permission_templatetag_test_role2':
return True
return False
registry.register(Role, RolePermissionHandler)
self.assertFalse(user.has_perm('permission.permission_templatetag_test_perm1'))
self.assertFalse(user.has_perm('permission.permission_templatetag_test_perm1', role1))
self.assertTrue(user.has_perm('permission.permission_templatetag_test_perm1', role2))
context = Context({
'user': user,
'role1': role1,
'role2': role2,
})
out = Template(
"{% load permission_tags %}"
"{% permission user has 'permission.permission_templatetag_test_perm1' %}"
"Fail"
"{% elpermission user has 'permission.permission_templatetag_test_perm1' of role1 %}"
"Fail"
"{% elpermission user has 'permission.permission_templatetag_test_perm1' of role2 %}"
"Success"
"{% else %}"
"Fail"
"{% endpermission %}"
).render(context)
self.assertEqual(out, "Success")
def has_perm(self, user, perm, obj=None):
"""
topic.add_topic
topic.view_topic
topic.change_topic
topic.delete_topic
topic.moderate_topic
topic.add_entry
topic.change_entry
topic.delete_entry
topic.add_comment
"""
if user.is_authenticated():
if user.is_superuser:
return True
elif obj and obj.user == user:
return True
elif perm == 'filizver.add_topic':
return True
elif obj and perm in (
'topic.change_topic',
'topic.moderate_topic',
'topic.add_entry'
) and user in obj.topic.moderators:
return True
# User doesn't have permission of ``perm``
return False
registry.register(Topic, TopicPermissionHandler)
from __future__ import with_statement
from django.db import models
from django.contrib.auth.models import User
from permission import registry
from permission.handlers import PermissionHandler
class Article(models.Model):
title = models.CharField('title', max_length=200, default='No title')
body = models.TextField('body', blank=True, default='')
author = models.ForeignKey(User,
verbose_name='user',
related_name='articles')
created_at = models.DateTimeField('created_at', auto_now_add=True)
class Meta:
app_label = 'permission'
def __unicode__(self):
return self.title
class ArticlePermissionHandler(PermissionHandler):
def has_perm(self, user_obj, perm, obj=None):
if user_obj.is_authenticated():
return True
return False
registry.register(Article, ArticlePermissionHandler)
LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING
FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS
IN THE SOFTWARE.
"""
from __future__ import with_statement
from django.db import models
from django.contrib.auth.models import User
from permission import registry
from permission.handlers import PermissionHandler
class Article(models.Model):
title = models.CharField('title', max_length=200, default='No title')
body = models.TextField('body', blank=True, default='')
author = models.ForeignKey(User, verbose_name='user',
related_name='articles')
created_at = models.DateTimeField('created_at', auto_now_add=True)
class Meta:
app_label = 'permission'
def __unicode__(self):
return self.title
class ArticlePermissionHandler(PermissionHandler):
def has_perm(self, user_obj, perm, obj=None):
if user_obj.is_authenticated():
return True
return False
registry.register(Article, ArticlePermissionHandler)
from permission import registry
from permission import PermissionHandler
from models import YourModel
class YourModelPermissionHandler(PermissionHandler):
"""Permission handler class for ``YourModel``. Similar with AdminSite"""
def has_perm(self, user_obj, perm, obj=None):
"""this is called for checking permission of the model."""
if user_obj.is_authenticated():
if perm == 'yourapp.add_yourmodel':
# Authenticated user has add permissions of this model
return True
elif obj and obj.author == user_obj:
# Otherwise (change/delete) user must be an author
return True
# User doesn't have permission of ``perm``
return False
# register this ``YourModelPermissionHandler`` with ``YourModel``
registry.register(YourModel, YourModelPermissionHandler)
from models import *
class CharacterAssetListPermissionHandler(PermissionHandler):
def has_perm(self, user_obj, perm, obj=None):
user_has_permission = False
if perm == 'eve.viewAssetList_character':
for key in obj.apiKeys.all():
if key.user == user_obj:
user_has_permission = True
return user_has_permission
class CorporationAssetListPermissionHandler(PermissionHandler):
def has_perm(self, user_obj, perm, obj=None):
user_has_permission = False
if perm == 'eve.viewAssetList_corporation':
for key in obj.apiKeys.all():
if key.user == user_obj:
user_has_permission = True
return user_has_permission
registry.register(Character, CharacterAssetListPermissionHandler)
registry.register(Corporation, CorporationAssetListPermissionHandler)
