def list_users_in_repo(repo, base_group_type=None):
"""
List all the users in the repository groups.
If the group type is specified, the list is limited to that group.
Args:
repo (learningresources.models.Repository): repository used to extract
the right group to use
base_group_type (unicode): group type from
roles.permissions.BaseGroupTypes
Returns:
list (list of roles.user_models.UserGroup): list of users in one or
all the repository groups
"""
users_groups = []
if base_group_type is not None:
if not BaseGroupTypes.is_base_group_type(base_group_type):
raise InvalidGroupType
base_group_types = [base_group_type]
else:
base_group_types = BaseGroupTypes.all_base_groups()
for base_group_type in base_group_types:
group = Group.objects.get(
name=GroupTypes.get_repo_groupname_by_base(
base_group_type
).format(repo.slug)
)
users_groups += [
UserGroup(user.username, base_group_type)
for user in group.user_set.all()
]
return users_groups
def list_users_in_repo(repo, base_group_type=None):
"""
List all the users in the repository groups.
If the group type is specified, the list is limited to that group.
Args:
repo (learningresources.models.Repository): repository used to extract
the right group to use
base_group_type (unicode): group type from
roles.permissions.BaseGroupTypes
Returns:
list (list of roles.user_models.UserGroup): list of users in one or
all the repository groups
"""
users_groups = []
if base_group_type is not None:
if not BaseGroupTypes.is_base_group_type(base_group_type):
raise InvalidGroupType
base_group_types = [base_group_type]
else:
base_group_types = BaseGroupTypes.all_base_groups()
for base_group_type in base_group_types:
group = Group.objects.get(name=GroupTypes.get_repo_groupname_by_base(
base_group_type).format(repo.slug))
users_groups += [
UserGroup(user.username, base_group_type)
for user in group.user_set.all()
]
return users_groups
def test_members_get(self):
"""
Tests for members.
Get requests: an user can see members if has at least basic permissions
"""
# add an user to all groups
for group_type in [GroupTypes.REPO_ADMINISTRATOR,
GroupTypes.REPO_CURATOR, GroupTypes.REPO_AUTHOR]:
assign_user_to_repo_group(
self.user, self.repo, group_type)
self.logout()
# as anonymous
self.get_members(urlfor='base', repo_slug=self.repo.slug,
expected_status=HTTP_403_FORBIDDEN)
# list of all groups for an user
self.get_members(urlfor='users', repo_slug=self.repo.slug,
username=self.user.username,
expected_status=HTTP_403_FORBIDDEN)
for group_type in BaseGroupTypes.all_base_groups():
# specific group for an user
self.get_members(urlfor='users', repo_slug=self.repo.slug,
username=self.user.username,
group_type=group_type,
expected_status=HTTP_403_FORBIDDEN)
# list of all users for a group
self.get_members(urlfor='groups', repo_slug=self.repo.slug,
group_type=group_type,
expected_status=HTTP_403_FORBIDDEN)
# specific user for a group
self.get_members(urlfor='groups', repo_slug=self.repo.slug,
username=self.user.username,
group_type=group_type,
expected_status=HTTP_403_FORBIDDEN)
# any kind of user in the repo groups can retrieve infos
for user in [self.author_user.username, self.curator_user.username,
self.user.username]:
self.logout()
self.login(user)
# list of all groups for an user
self.get_members(urlfor='base', repo_slug=self.repo.slug)
# specific group for an user
self.get_members(urlfor='users', repo_slug=self.repo.slug,
username=self.user.username)
for group_type in BaseGroupTypes.all_base_groups():
self.get_members(urlfor='users', repo_slug=self.repo.slug,
username=self.user.username,
group_type=group_type)
# list of all users for a group
self.get_members(urlfor='groups', repo_slug=self.repo.slug,
group_type=group_type)
# specific user for a group
self.get_members(urlfor='groups', repo_slug=self.repo.slug,
username=self.user.username,
group_type=group_type)
def test_is_base_group_type(self):
"""
Checks is_repo_group_type method
"""
self.assertTrue(
BaseGroupTypes.is_base_group_type(BaseGroupTypes.ADMINISTRATORS))
self.assertTrue(
BaseGroupTypes.is_base_group_type(BaseGroupTypes.CURATORS))
self.assertTrue(
BaseGroupTypes.is_base_group_type(BaseGroupTypes.AUTHORS))
self.assertFalse(BaseGroupTypes.is_base_group_type('foo'))
def test_members_delete(self):
"""
Tests for members.
Delete requests: an user can delete members only if s/he is admin
The only URLS where users can be deleted from a group or vice versa are
/api/v1/repositories/<repo>/members/groups/<group_type>/users/<username>
/api/v1/repositories/<repo>/members/users/<username>/groups/<group_type>
"""
for group_type in BaseGroupTypes.all_base_groups():
# as anonymous
self.logout()
self.delete_member(urlfor='users', repo_slug=self.repo.slug,
username=self.user.username,
group_type=group_type,
expected_status=HTTP_403_FORBIDDEN)
self.delete_member(urlfor='groups', repo_slug=self.repo.slug,
username=self.user.username,
group_type=group_type,
expected_status=HTTP_403_FORBIDDEN)
# as author
self.login(self.author_user.username)
self.delete_member(urlfor='users', repo_slug=self.repo.slug,
username=self.user.username,
group_type=group_type,
expected_status=HTTP_403_FORBIDDEN)
self.delete_member(urlfor='groups', repo_slug=self.repo.slug,
username=self.user.username,
group_type=group_type,
expected_status=HTTP_403_FORBIDDEN)
# as curator
self.logout()
self.login(self.curator_user.username)
self.delete_member(urlfor='users', repo_slug=self.repo.slug,
username=self.user.username,
group_type=group_type,
expected_status=HTTP_403_FORBIDDEN)
self.delete_member(urlfor='groups', repo_slug=self.repo.slug,
username=self.user.username,
group_type=group_type,
expected_status=HTTP_403_FORBIDDEN)
# different loop because the actual deletion can impact the other tests
for group_type in BaseGroupTypes.all_base_groups():
# as administrator
# deleting a different username because deleting self from admin is
# a special case (handled in different tests)
self.logout()
self.login(self.user.username)
self.delete_member(urlfor='users', repo_slug=self.repo.slug,
username=self.author_user.username,
group_type=group_type)
self.delete_member(urlfor='groups', repo_slug=self.repo.slug,
username=self.author_user.username,
group_type=group_type)
def test_members_create(self):
"""
Tests for members.
Post requests: an user can create members only if s/he is admin
The only URLS where users can be assigned to group or vice versa are
/api/v1/repositories/<repo>/members/groups/<group_type>/users/
/api/v1/repositories/<repo>/members/users/<username>/groups/
"""
self.logout()
mem_dict_user = {'group_type': 'administrators'}
mem_dict_groups = {'username': self.user_norepo.username}
# as anonymous
self.create_member(urlfor='users', repo_slug=self.repo.slug,
mem_dict=mem_dict_user, username=self.user.username,
expected_status=HTTP_403_FORBIDDEN)
for group_type in BaseGroupTypes.all_base_groups():
self.create_member(urlfor='groups', repo_slug=self.repo.slug,
mem_dict=mem_dict_groups,
group_type=group_type,
expected_status=HTTP_403_FORBIDDEN)
# as author
self.login(self.author_user.username)
self.create_member(urlfor='users', repo_slug=self.repo.slug,
mem_dict=mem_dict_user, username=self.user.username,
expected_status=HTTP_403_FORBIDDEN)
for group_type in BaseGroupTypes.all_base_groups():
self.create_member(urlfor='groups', repo_slug=self.repo.slug,
mem_dict=mem_dict_groups,
group_type=group_type,
expected_status=HTTP_403_FORBIDDEN)
# as curator
self.logout()
self.login(self.curator_user.username)
self.create_member(urlfor='users', repo_slug=self.repo.slug,
mem_dict=mem_dict_user, username=self.user.username,
expected_status=HTTP_403_FORBIDDEN)
for group_type in BaseGroupTypes.all_base_groups():
self.create_member(urlfor='groups', repo_slug=self.repo.slug,
mem_dict=mem_dict_groups,
group_type=group_type,
expected_status=HTTP_403_FORBIDDEN)
# as administrator
self.logout()
self.login(self.user.username)
self.create_member(urlfor='users', repo_slug=self.repo.slug,
mem_dict=mem_dict_user, username=self.user.username)
for group_type in BaseGroupTypes.all_base_groups():
self.create_member(urlfor='groups', repo_slug=self.repo.slug,
mem_dict=mem_dict_groups,
group_type=group_type)
def validate_group_type(self, value):
"""Validate group_type."""
# pylint: disable=no-self-use
if value not in BaseGroupTypes.all_base_groups(): # pragma: no cover
raise ValidationError(
'group "{group}" is not valid'.format(group=value))
return value
def validate_group_type(self, value):
"""Validate group_type."""
# pylint: disable=no-self-use
if value not in BaseGroupTypes.all_base_groups(): # pragma: no cover
raise ValidationError(
'group "{group}" is not valid'.format(group=value)
)
return value
def dispatch(self, request, *args, **kwargs):
"""Pre dispatch"""
username = self.kwargs.get("username")
group_type = self.kwargs.get("group_type")
if username is not None:
get_object_or_404(User, username=username)
if group_type is not None and group_type not in BaseGroupTypes.all_base_groups():
raise Http404("Group type {} is not valid".format(group_type))
return super(CheckValidMemberParamMixin, self).dispatch(request, *args, **kwargs)
def test_all_base_group_names(self):
"""
Checks all_basic_group_names method
"""
self.assertEqual(
sorted(BaseGroupTypes.all_base_groups()),
sorted([
BaseGroupTypes.ADMINISTRATORS, BaseGroupTypes.CURATORS,
BaseGroupTypes.AUTHORS
]))
def test_is_base_group_type(self):
"""
Checks is_repo_group_type method
"""
self.assertTrue(
BaseGroupTypes.is_base_group_type(
BaseGroupTypes.ADMINISTRATORS
)
)
self.assertTrue(
BaseGroupTypes.is_base_group_type(
BaseGroupTypes.CURATORS
)
)
self.assertTrue(
BaseGroupTypes.is_base_group_type(
BaseGroupTypes.AUTHORS
)
)
self.assertFalse(BaseGroupTypes.is_base_group_type('foo'))
def dispatch(self, request, *args, **kwargs):
"""Pre dispatch"""
username = self.kwargs.get('username')
group_type = self.kwargs.get('group_type')
if username is not None:
get_object_or_404(User, username=username)
if (group_type is not None
and group_type not in BaseGroupTypes.all_base_groups()):
raise Http404('Group type {} is not valid'.format(group_type))
return super(CheckValidMemberParamMixin,
self).dispatch(request, *args, **kwargs)
class GroupSerializer(Serializer):
"""
Serializer for base_group_type
"""
group_type = ChoiceField(choices=BaseGroupTypes.all_base_groups())
def validate_group_type(self, value):
"""Validate group_type."""
# pylint: disable=no-self-use
if value not in BaseGroupTypes.all_base_groups(): # pragma: no cover
raise ValidationError(
'group "{group}" is not valid'.format(group=value))
return value
def test_all_base_group_names(self):
"""
Checks all_basic_group_names method
"""
self.assertEqual(
sorted(BaseGroupTypes.all_base_groups()),
sorted(
[
BaseGroupTypes.ADMINISTRATORS,
BaseGroupTypes.CURATORS,
BaseGroupTypes.AUTHORS
]
)
)
def test_members_delete(self):
"""
Tests for members.
Delete requests: an user can delete members only if s/he is admin
The only URLS where users can be deleted from a group or vice versa are
/api/v1/repositories/<repo>/members/groups/<group_type>/users/<username>
/api/v1/repositories/<repo>/members/users/<username>/groups/<group_type>
"""
for group_type in BaseGroupTypes.all_base_groups():
# as anonymous
self.logout()
self.delete_member(urlfor='users',
repo_slug=self.repo.slug,
username=self.user.username,
group_type=group_type,
expected_status=HTTP_403_FORBIDDEN)
self.delete_member(urlfor='groups',
repo_slug=self.repo.slug,
username=self.user.username,
group_type=group_type,
expected_status=HTTP_403_FORBIDDEN)
# as author
self.login(self.author_user.username)
self.delete_member(urlfor='users',
repo_slug=self.repo.slug,
username=self.user.username,
group_type=group_type,
expected_status=HTTP_403_FORBIDDEN)
self.delete_member(urlfor='groups',
repo_slug=self.repo.slug,
username=self.user.username,
group_type=group_type,
expected_status=HTTP_403_FORBIDDEN)
# as curator
self.logout()
self.login(self.curator_user.username)
self.delete_member(urlfor='users',
repo_slug=self.repo.slug,
username=self.user.username,
group_type=group_type,
expected_status=HTTP_403_FORBIDDEN)
self.delete_member(urlfor='groups',
repo_slug=self.repo.slug,
username=self.user.username,
group_type=group_type,
expected_status=HTTP_403_FORBIDDEN)
# different loop because the actual deletion can impact the other tests
for group_type in BaseGroupTypes.all_base_groups():
# as administrator
# deleting a different username because deleting self from admin is
# a special case (handled in different tests)
self.logout()
self.login(self.user.username)
self.delete_member(urlfor='users',
repo_slug=self.repo.slug,
username=self.author_user.username,
group_type=group_type)
self.delete_member(urlfor='groups',
repo_slug=self.repo.slug,
username=self.author_user.username,
group_type=group_type)
def test_members_create(self):
"""
Tests for members.
Post requests: an user can create members only if s/he is admin
The only URLS where users can be assigned to group or vice versa are
/api/v1/repositories/<repo>/members/groups/<group_type>/users/
/api/v1/repositories/<repo>/members/users/<username>/groups/
"""
self.logout()
mem_dict_user = {'group_type': 'administrators'}
mem_dict_groups = {'username': self.user_norepo.username}
# as anonymous
self.create_member(urlfor='users',
repo_slug=self.repo.slug,
mem_dict=mem_dict_user,
username=self.user.username,
expected_status=HTTP_403_FORBIDDEN)
for group_type in BaseGroupTypes.all_base_groups():
self.create_member(urlfor='groups',
repo_slug=self.repo.slug,
mem_dict=mem_dict_groups,
group_type=group_type,
expected_status=HTTP_403_FORBIDDEN)
# as author
self.login(self.author_user.username)
self.create_member(urlfor='users',
repo_slug=self.repo.slug,
mem_dict=mem_dict_user,
username=self.user.username,
expected_status=HTTP_403_FORBIDDEN)
for group_type in BaseGroupTypes.all_base_groups():
self.create_member(urlfor='groups',
repo_slug=self.repo.slug,
mem_dict=mem_dict_groups,
group_type=group_type,
expected_status=HTTP_403_FORBIDDEN)
# as curator
self.logout()
self.login(self.curator_user.username)
self.create_member(urlfor='users',
repo_slug=self.repo.slug,
mem_dict=mem_dict_user,
username=self.user.username,
expected_status=HTTP_403_FORBIDDEN)
for group_type in BaseGroupTypes.all_base_groups():
self.create_member(urlfor='groups',
repo_slug=self.repo.slug,
mem_dict=mem_dict_groups,
group_type=group_type,
expected_status=HTTP_403_FORBIDDEN)
# as administrator
self.logout()
self.login(self.user.username)
self.create_member(urlfor='users',
repo_slug=self.repo.slug,
mem_dict=mem_dict_user,
username=self.user.username)
for group_type in BaseGroupTypes.all_base_groups():
self.create_member(urlfor='groups',
repo_slug=self.repo.slug,
mem_dict=mem_dict_groups,
group_type=group_type)
def test_members_get(self):
"""
Tests for members.
Get requests: an user can see members if has at least basic permissions
"""
# add an user to all groups
for group_type in [
GroupTypes.REPO_ADMINISTRATOR, GroupTypes.REPO_CURATOR,
GroupTypes.REPO_AUTHOR
]:
assign_user_to_repo_group(self.user, self.repo, group_type)
self.logout()
# as anonymous
self.get_members(urlfor='base',
repo_slug=self.repo.slug,
expected_status=HTTP_403_FORBIDDEN)
# list of all groups for an user
self.get_members(urlfor='users',
repo_slug=self.repo.slug,
username=self.user.username,
expected_status=HTTP_403_FORBIDDEN)
for group_type in BaseGroupTypes.all_base_groups():
# specific group for an user
self.get_members(urlfor='users',
repo_slug=self.repo.slug,
username=self.user.username,
group_type=group_type,
expected_status=HTTP_403_FORBIDDEN)
# list of all users for a group
self.get_members(urlfor='groups',
repo_slug=self.repo.slug,
group_type=group_type,
expected_status=HTTP_403_FORBIDDEN)
# specific user for a group
self.get_members(urlfor='groups',
repo_slug=self.repo.slug,
username=self.user.username,
group_type=group_type,
expected_status=HTTP_403_FORBIDDEN)
# any kind of user in the repo groups can retrieve infos
for user in [
self.author_user.username, self.curator_user.username,
self.user.username
]:
self.logout()
self.login(user)
# list of all groups for an user
self.get_members(urlfor='base', repo_slug=self.repo.slug)
# specific group for an user
self.get_members(urlfor='users',
repo_slug=self.repo.slug,
username=self.user.username)
for group_type in BaseGroupTypes.all_base_groups():
self.get_members(urlfor='users',
repo_slug=self.repo.slug,
username=self.user.username,
group_type=group_type)
# list of all users for a group
self.get_members(urlfor='groups',
repo_slug=self.repo.slug,
group_type=group_type)
# specific user for a group
self.get_members(urlfor='groups',
repo_slug=self.repo.slug,
username=self.user.username,
group_type=group_type)