def test_user(self): from woost.models import ContentTrigger, Item, Role, User r1 = Role() r2 = Role() r3 = Role(base_roles=[r2]) u1 = User(roles=[r1]) u2 = User(roles=[r2]) u3 = User(roles=[r3]) self.assert_match(ContentTrigger(matching_roles=[r2]), (Item(), u2, {}, True), (Item(), u3, {}, True), (Item(), None, {}, False), (Item(), u1, {}, False))
def submit(self): mailing = self.context["cms_item"] if self.mailer_action == "test": # Send a test email mailing._v_template_values = { "cms": self.context["cms"], "base_url": unicode(Location.get_current_host()).rstrip("/") } test_email = self.params.read(schema.String("test_email")) # Create a fake user receiver = User(email = test_email) set_language(mailing.language) mailing.send_message(self.smtp_server, receiver) elif self.mailer_action == "send": # Send the mailing self.task_id = mailing.id template_values = { "cms": self.context["cms"], "base_url": unicode(Location.get_current_host()).rstrip("/") } mailing.send(self.smtp_server, template_values, self.context.copy()) else: EditController.submit(self)
def test_permission_acquisition(self): from woost.models import (User, Role, ReadPermission) R = lambda **kwargs: Role(permissions=[ReadPermission()], **kwargs) r1 = R() r2 = R() r3 = R() r4 = R(base_roles=[r3]) r5 = R(base_roles=[r2, r4]) self.everybody_role.permissions.append(ReadPermission()) self.authenticated_role.permissions.append(ReadPermission()) user = User() user.roles = [r1, r5] print list(user.iter_permissions()) assert list(user.iter_permissions()) == [ r1.permissions[0], r5.permissions[0], r2.permissions[0], r4.permissions[0], r3.permissions[0], self.authenticated_role.permissions[0], self.everybody_role.permissions[0] ]
def test_permission_expression(self): from woost.models import (Item, Publishable, User, ReadPermission, PermissionExpression) self.everybody_role.permissions.append( ReadPermission(matching_items={ "type": "woost.models.publishable.Publishable" }, authorized=True)) i1 = Item() i2 = Item() d1 = Publishable() d2 = Publishable() i1.insert() i2.insert() d1.insert() d2.insert() results = set( Item.select( filters=[PermissionExpression(User(), ReadPermission)])) assert results == set([d1, d2])
def setUp(self): from cocktail.persistence import datastore from woost.models import (triggerresponse, TriggerResponse, User, set_current_user) BaseTestCase.setUp(self) class TestTriggerResponse(TriggerResponse): def __init__(self, response_log, *args, **kwargs): TriggerResponse.__init__(self, *args, **kwargs) self.response_log = response_log def execute(self, items, user, batch=False, **context): self.response_log.append({ "trigger": self.trigger, "items": items, "user": user, "batch": batch, "context": context }) self.TestTriggerResponse = TestTriggerResponse # ZODB requires classes to be accessible, so TestTriggerResponse is # added to the same module of its base class: triggerresponse.TestTriggerResponse = TestTriggerResponse TestTriggerResponse.__module__ = TriggerResponse.__module__ self.user = User() set_current_user(self.user) datastore.commit()
def process_user_data(self, data): id = data[self.user_data_id_field] email = data.get(self.user_data_email_field) user = ( User.get_instance(**{self.user_identifier: id}) or ( email and User.get_instance(email = email) ) ) if user is None: user = User() if not user.get(self.user_identifier): user.set(self.user_identifier, id) if not user.email: user.email = email first_login = True else: first_login = False self.user_authenticated( user = user, data = data, first_login = first_login ) user.insert() return user
def test_delete(self): from datetime import datetime from woost.models import (Item, User, ChangeSet, changeset_context) author = User() author.insert() item = Item() item.insert() with changeset_context(author) as changeset: item.delete() assert list(ChangeSet.select()) == [changeset] assert changeset.author is author assert isinstance(changeset.date, datetime) assert changeset.changes.keys() == [item.id] change = changeset.changes[item.id] assert change.target is item assert change.action == "delete" assert change.changeset is changeset assert item.changes == [change] assert not item.id in Item.index
def test_modify(self): from time import sleep from datetime import datetime from woost.models import (Document, User, ChangeSet, changeset_context) author = User() author.insert() with changeset_context(author) as creation: item = Document() item.set("title", u"Foo!", "en") item.resource_type = u"text/foo" item.hidden = True item.insert() # Make sure creation_time and last_update_time don't match sleep(0.1) with changeset_context(author) as modification: item.set("title", u"Bar!", "en") item.resource_type = u"text/bar" item.hidden = True assert list(ChangeSet.select()) == [creation, modification] assert modification.author is author assert isinstance(modification.date, datetime) assert modification.changes.keys() == [item.id] change = modification.changes[item.id] assert change.target is item assert change.action == "modify" assert change.changeset is modification assert change.changed_members == set(["title", "resource_type"]) assert item.changes == [creation.changes[item.id], change] for key in "id", "changes", "creation_time", "last_update_time": assert not key in change.item_state assert change.item_state["title"] == {"en": u"Bar!"} assert change.item_state["resource_type"] == u"text/bar" assert change.item_state["hidden"] == True assert change.item_state["translation_enabled"] == \ {"en": item.get("translation_enabled", "en")} assert item.author is author assert item.creation_time assert item.last_update_time assert not item.creation_time == item.last_update_time
def test_member_permissions(self): from woost.models import (Item, Publishable, User, Role, Permission, ReadMemberPermission, ModifyMemberPermission) class TestPermission(Permission): pass prefix = "woost.models.publishable.Publishable." m1 = Publishable.resource_type m2 = Publishable.parent m3 = Publishable.controller for permission_type in [ReadMemberPermission, ModifyMemberPermission]: role = Role() user = User(roles=[role]) # No permissions by default self.assert_not_authorized(user, permission_type, member=m1) self.assert_not_authorized(user, permission_type, member=m2) self.assert_not_authorized(user, permission_type, member=m3) # Positive permission role.permissions.append( permission_type( matching_members=[prefix + m1.name, prefix + m2.name], authorized=True)) self.assert_authorized(user, permission_type, member=m1) self.assert_authorized(user, permission_type, member=m2) self.assert_not_authorized(user, permission_type, member=m3) # Permission denied (wrong permission type) self.assert_not_authorized(user, TestPermission) # Negative permission role.permissions.insert( 0, permission_type(matching_members=[prefix + m1.name], authorized=False)) self.assert_not_authorized(user, permission_type, member=m1) self.assert_authorized(user, permission_type, member=m2) self.assert_not_authorized(user, permission_type, member=m3)
def test_content_permissions(self): from woost.models import (Item, Publishable, User, Role, Permission, CreatePermission, ReadPermission, ModifyPermission, DeletePermission) class TestPermission(Permission): pass item = Item() doc = Publishable() for permission_type in [ CreatePermission, ReadPermission, ModifyPermission, DeletePermission ]: role = Role() user = User(roles=[role]) # Permission denied (no permissions defined) self.assert_not_authorized(user, permission_type, target=doc) # Permission granted role.permissions.append( permission_type(matching_items={ "type": "woost.models.publishable.Publishable" }, authorized=True)) self.assert_authorized(user, permission_type, target=doc) # Permission denied (wrong target) self.assert_not_authorized(user, permission_type, target=item) # Permission denied (wrong permission type) self.assert_not_authorized(user, TestPermission) # Permission denied (prevailing negative permission) role.permissions.insert( 0, permission_type( matching_items={"type": "woost.models.item.Item"}, authorized=False)) self.assert_not_authorized(user, permission_type, target=doc)
def test_translation_permissions(self): from woost.models import (Item, Publishable, User, Role, Permission, CreateTranslationPermission, ReadTranslationPermission, ModifyTranslationPermission, DeleteTranslationPermission) class TestPermission(Permission): pass l1 = "en" l2 = "fr" l3 = "ru" for permission_type in [ CreateTranslationPermission, ReadTranslationPermission, ModifyTranslationPermission, DeleteTranslationPermission ]: role = Role() user = User(roles=[role]) # No permissions by default self.assert_not_authorized(user, permission_type, language=l1) self.assert_not_authorized(user, permission_type, language=l2) self.assert_not_authorized(user, permission_type, language=l3) # Permission granted role.permissions.append( permission_type(matching_languages=[l1, l2], authorized=True)) self.assert_authorized(user, permission_type, language=l1) self.assert_authorized(user, permission_type, language=l2) self.assert_not_authorized(user, permission_type, language=l3) # Permission denied (wrong permission type) self.assert_not_authorized(user, TestPermission) # Negative permission role.permissions.insert( 0, permission_type(matching_languages=[l1], authorized=False)) self.assert_not_authorized(user, permission_type, language=l1) self.assert_authorized(user, permission_type, language=l2) self.assert_not_authorized(user, permission_type, language=l3)
def test_insert(self): from datetime import datetime from woost.models import (Document, User, ChangeSet, changeset_context) author = User() author.insert() with changeset_context(author) as changeset: item = Document() item.set("title", u"Foo!", "en") item.resource_type = u"text/foo" item.hidden = True assert not changeset.changes item.insert() assert list(ChangeSet.select()) == [changeset] assert changeset.author is author assert isinstance(changeset.date, datetime) assert changeset.changes.keys() == [item.id] change = changeset.changes[item.id] assert change.target is item assert change.action == "create" assert change.changeset is changeset assert item.changes == [change] for key in "id", "changes", "creation_time", "last_update_time": assert not key in change.item_state print change.item_state assert change.item_state["title"] == {"en": u"Foo!"} assert change.item_state["resource_type"] == u"text/foo" assert change.item_state["hidden"] == True assert change.item_state["translation_enabled"] == \ {"en": item.get("translation_enabled", "en")} assert item.author is author assert item.creation_time assert item.last_update_time assert item.creation_time == item.last_update_time
def setUp(self): from woost import app from woost.models import Configuration, User, Role from woost.models.trigger import get_triggers_enabled, set_triggers_enabled from woost.controllers.installer import Installer self.__prev_installation_id = app.installation_id self.__prev_triggers_enabled = get_triggers_enabled() app.installation_id = "TEST" set_triggers_enabled(False) TempStorageMixin.setUp(self) app.root = os.path.join(self._temp_dir, "test_project") installer = Installer() installer.create_project({"project_path": app.root}) # Configuration self.config = Configuration(qname = "woost.configuration") self.config.insert() # Roles and users self.anonymous_role = Role(qname = "woost.anonymous") self.anonymous_role.insert() self.anonymous_user = User(qname = "woost.anonymous_user") self.anonymous_user.roles.append(self.anonymous_role) self.anonymous_user.insert() self.everybody_role = Role(qname = "woost.everybody") self.everybody_role.insert() self.authenticated_role = Role(qname = "woost.authenticated") self.authenticated_role.insert() set_triggers_enabled(True)
def test_target(self): from woost.models import (ContentTrigger, Item, Publishable, StandardPage, User, set_current_user) self.assert_match( ContentTrigger(matching_items={ "type": "woost.models.publishable.Publishable" }), (Publishable(), None, {}, True), (StandardPage(), None, {}, True), (Item(), None, {}, False), (ContentTrigger(), None, {}, False)) user = User() set_current_user(user) self.assert_match( ContentTrigger( matching_items={ "type": "woost.models.publishable.Publishable", "filter": "member-qname", "filter_operator0": "eq", "filter_value0": "foobar" }), (Publishable(), user, {}, False), (Publishable(qname="foobar"), user, {}, True))
def setUp(self): from woost.models import User BaseTestCase.setUp(self) set_language("en") self.user = User() self.user.insert()