def setUp(self): mock_handler = Mock(**{ 'has_perm.return_value': False, 'get_permissions.return_value': 'permission.add_article', }) mock_request = Mock() mock_request.META = Mock() mock_request.user = Mock() mock_request.user.is_active.return_value = True mock_request.user.is_authenticated.return_value = True mock_request.user.has_perm.side_effect = mock_handler.has_perm self.mock_handler = mock_handler self.mock_request = mock_request # store original registry self._original_registry = registry._registry # clear registry and register mock handler registry._registry = {} registry.register( Article, Mock(return_value=self.mock_handler) ) self.view_func = Mock(return_value=HttpResponse()) self.decorated = permission_required('permission.add_article')(self.view_func) self.decorated_exc = permission_required('permission.add_article', raise_exception=True)(self.view_func)
def setUp(self): mock_handler = Mock(**{ 'has_perm.return_value': False, 'get_permissions.return_value': 'permission.add_article', }) mock_request = Mock() mock_request.META = Mock() mock_request.user = Mock() mock_request.user.is_active.return_value = True mock_request.user.is_authenticated.return_value = True mock_request.user.has_perm.side_effect = mock_handler.has_perm self.mock_handler = mock_handler self.mock_request = mock_request # store original registry self._original_registry = registry._registry # clear registry and register mock handler registry._registry = {} registry.register( Article, Mock(return_value=self.mock_handler) ) self.view_func = Mock(return_value=HttpResponse) view_class = type('MockView', (View,), {}) view_class.dispatch = self.view_func view_class.dispatch = permission_required('permission.add_article')(view_class.dispatch) view_class_exc = type('MockView', (View,), {}) view_class_exc.dispatch = self.view_func view_class_exc.dispatch = permission_required('permission.add_article', raise_exception=True)(view_class_exc.dispatch) self.view_class_exc = view_class_exc
def test_registry_unregister(self): from permission.handlers import Registry from permission.exceptions import NotRegistered registry = Registry() registry.register(Article, PermissionHandler) registry.unregister(Article) self.assertEqual(len(registry._registry), 0) # non registered entry should raise NotRegistered self.assertRaises(NotRegistered, registry.unregister, Article)
def test_registry_register(self): from permission.handlers import Registry from permission.exceptions import AlreadyRegistered registry = Registry() registry.register(Article, PermissionHandler) self.assertEqual(len(registry._registry), 1) self.assertTrue( isinstance(registry._registry[Article], PermissionHandler)) # duplicate entry should raise AlreadyRegistered self.assertRaises(AlreadyRegistered, registry.register, Article, PermissionHandler)
def test_permissionif_tag_with_obj(self): from permission import registry from permission import PermissionHandler from permission.models import Role user = create_user('permission_templatetag_test_user1') role1 = create_role('permission_templatetag_test_role1') role2 = create_role('permission_templatetag_test_role2') perm = create_permission('permission_templatetag_test_perm1') class RolePermissionHandler(PermissionHandler): def has_perm(self, user_obj, perm, obj=None): if perm == 'permission.permission_templatetag_test_perm1': if obj and obj.codename == 'permission_templatetag_test_role2': return True return False registry.register(Role, RolePermissionHandler) self.assertFalse( user.has_perm('permission.permission_templatetag_test_perm1')) self.assertFalse( user.has_perm('permission.permission_templatetag_test_perm1', role1)) self.assertTrue( user.has_perm('permission.permission_templatetag_test_perm1', role2)) context = Context({ 'user': user, 'role1': role1, 'role2': role2, }) out = Template( "{% load permission_tags %}" "{% permission user has 'permission.permission_templatetag_test_perm1' %}" "Fail" "{% elpermission user has 'permission.permission_templatetag_test_perm1' of role1 %}" "Fail" "{% elpermission user has 'permission.permission_templatetag_test_perm1' of role2 %}" "Success" "{% else %}" "Fail" "{% endpermission %}").render(context) self.assertEqual(out, "Success")
def test_registry_register(self): from permission.handlers import Registry from permission.exceptions import AlreadyRegistered registry = Registry() registry.register(Article, PermissionHandler) self.assertEqual(len(registry._registry), 1) self.assertTrue(isinstance( registry._registry[Article], PermissionHandler )) # duplicate entry should raise AlreadyRegistered self.assertRaises( AlreadyRegistered, registry.register, Article, PermissionHandler )
def test_permissionif_tag_with_obj(self): from permission import registry from permission import PermissionHandler from permission.models import Role user = create_user('permission_templatetag_test_user1') role1 = create_role('permission_templatetag_test_role1') role2 = create_role('permission_templatetag_test_role2') perm = create_permission('permission_templatetag_test_perm1') class RolePermissionHandler(PermissionHandler): def has_perm(self, user_obj, perm, obj=None): if perm == 'permission.permission_templatetag_test_perm1': if obj and obj.codename == 'permission_templatetag_test_role2': return True return False registry.register(Role, RolePermissionHandler) self.assertFalse(user.has_perm('permission.permission_templatetag_test_perm1')) self.assertFalse(user.has_perm('permission.permission_templatetag_test_perm1', role1)) self.assertTrue(user.has_perm('permission.permission_templatetag_test_perm1', role2)) context = Context({ 'user': user, 'role1': role1, 'role2': role2, }) out = Template( "{% load permission_tags %}" "{% permission user has 'permission.permission_templatetag_test_perm1' %}" "Fail" "{% elpermission user has 'permission.permission_templatetag_test_perm1' of role1 %}" "Fail" "{% elpermission user has 'permission.permission_templatetag_test_perm1' of role2 %}" "Success" "{% else %}" "Fail" "{% endpermission %}" ).render(context) self.assertEqual(out, "Success")
def has_perm(self, user, perm, obj=None): """ topic.add_topic topic.view_topic topic.change_topic topic.delete_topic topic.moderate_topic topic.add_entry topic.change_entry topic.delete_entry topic.add_comment """ if user.is_authenticated(): if user.is_superuser: return True elif obj and obj.user == user: return True elif perm == 'filizver.add_topic': return True elif obj and perm in ( 'topic.change_topic', 'topic.moderate_topic', 'topic.add_entry' ) and user in obj.topic.moderators: return True # User doesn't have permission of ``perm`` return False registry.register(Topic, TopicPermissionHandler)
from __future__ import with_statement from django.db import models from django.contrib.auth.models import User from permission import registry from permission.handlers import PermissionHandler class Article(models.Model): title = models.CharField('title', max_length=200, default='No title') body = models.TextField('body', blank=True, default='') author = models.ForeignKey(User, verbose_name='user', related_name='articles') created_at = models.DateTimeField('created_at', auto_now_add=True) class Meta: app_label = 'permission' def __unicode__(self): return self.title class ArticlePermissionHandler(PermissionHandler): def has_perm(self, user_obj, perm, obj=None): if user_obj.is_authenticated(): return True return False registry.register(Article, ArticlePermissionHandler)
LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE. """ from __future__ import with_statement from django.db import models from django.contrib.auth.models import User from permission import registry from permission.handlers import PermissionHandler class Article(models.Model): title = models.CharField('title', max_length=200, default='No title') body = models.TextField('body', blank=True, default='') author = models.ForeignKey(User, verbose_name='user', related_name='articles') created_at = models.DateTimeField('created_at', auto_now_add=True) class Meta: app_label = 'permission' def __unicode__(self): return self.title class ArticlePermissionHandler(PermissionHandler): def has_perm(self, user_obj, perm, obj=None): if user_obj.is_authenticated(): return True return False registry.register(Article, ArticlePermissionHandler)
from permission import registry from permission import PermissionHandler from models import YourModel class YourModelPermissionHandler(PermissionHandler): """Permission handler class for ``YourModel``. Similar with AdminSite""" def has_perm(self, user_obj, perm, obj=None): """this is called for checking permission of the model.""" if user_obj.is_authenticated(): if perm == 'yourapp.add_yourmodel': # Authenticated user has add permissions of this model return True elif obj and obj.author == user_obj: # Otherwise (change/delete) user must be an author return True # User doesn't have permission of ``perm`` return False # register this ``YourModelPermissionHandler`` with ``YourModel`` registry.register(YourModel, YourModelPermissionHandler)
from models import * class CharacterAssetListPermissionHandler(PermissionHandler): def has_perm(self, user_obj, perm, obj=None): user_has_permission = False if perm == 'eve.viewAssetList_character': for key in obj.apiKeys.all(): if key.user == user_obj: user_has_permission = True return user_has_permission class CorporationAssetListPermissionHandler(PermissionHandler): def has_perm(self, user_obj, perm, obj=None): user_has_permission = False if perm == 'eve.viewAssetList_corporation': for key in obj.apiKeys.all(): if key.user == user_obj: user_has_permission = True return user_has_permission registry.register(Character, CharacterAssetListPermissionHandler) registry.register(Corporation, CorporationAssetListPermissionHandler)