def test_selected_permissions_get(self):
"""
Test getting the set permissions from the form.
Expected result: The `permissions` property returns all permissions that are selected in the form.
"""
class PermissionTestForm(BasePermissionForm):
"""
A simple form to which permission fields will be added.
"""
pass
# The preselected permissions.
form = create_permission_form(PermissionTestForm, self.permissions)
self.assertEqual(self.permissions, form.permissions)
# Changed permissions with some selected.
form = create_permission_form(PermissionTestForm, self.permissions)
form.edituser.data = True
form.editglobalsettings.data = False
self.assertEqual(Permission.EditRole | Permission.EditUser, form.permissions)
# No selection of permissions.
form = create_permission_form(PermissionTestForm, self.permissions)
form.editglobalsettings.data = False
form.editrole.data = False
self.assertEqual(Permission(0), form.permissions)
def test_selected_permissions_get(self):
"""
Test getting the set permissions from the form.
Expected result: The `permissions` property returns all permissions that are selected in the form.
"""
class PermissionTestForm(BasePermissionForm):
"""
A simple form to which permission fields will be added.
"""
pass
# The preselected permissions.
form = create_permission_form(PermissionTestForm, self.permissions)
self.assertEqual(self.permissions, form.permissions)
# Changed permissions with some selected.
form = create_permission_form(PermissionTestForm, self.permissions)
form.edituser.data = True
form.editglobalsettings.data = False
self.assertEqual(Permission.EditRole | Permission.EditUser,
form.permissions)
# No selection of permissions.
form = create_permission_form(PermissionTestForm, self.permissions)
form.editglobalsettings.data = False
form.editrole.data = False
self.assertEqual(Permission(0), form.permissions)
def role_permissions(name: str) -> str:
"""
Show a form to a role's permissions.
:param name: The name of the role.
:return: The HTML response.
"""
role = Role.load_from_name(name)
if role is None:
abort(404)
disabled_permissions = None
if role.is_only_role_allowed_to_edit_roles():
disabled_permissions = Permission.EditRole
permission_form = create_permission_form(PermissionForm, role.permissions,
disabled_permissions=disabled_permissions)
if permission_form.validate_on_submit():
role.permissions = permission_form.permissions
db.session.commit()
flash(_('The role\'s permissions have been updated.'))
return redirect(url_for('.role_permissions', name=role.name))
return render_template('administration/role_permissions.html', role=name, permission_form=permission_form)
def test_field_order_after_other_field(self):
"""
Test the field order of the permissions if they are to be inserted after another field.
Expected results: The permission fields appear after the email field and before the submit field.
"""
class PermissionTestForm(BasePermissionForm):
"""
A simple form to which permission fields will be added.
"""
permission_fields_after = 'email'
name = StringField('Name')
email = StringField('Email')
submit = SubmitField('Submit')
form = create_permission_form(PermissionTestForm, self.permissions)
# The permission field are sorted by their label.
permission_fields = [form._fields[field_name] for field_name in form.permission_fields]
sorted_permission_fields = sorted(permission_fields, key=lambda f: f.label.text)
self.assertListEqual(sorted_permission_fields, permission_fields)
# The expected fields are in the front, followed by the remaining field, the submit button.
expected_fields = [form.name, form.email]
expected_fields.extend(permission_fields)
expected_fields.append(form.submit)
actual_fields = list(form)
self.assertListEqual(expected_fields, actual_fields)
def test_field_order_at_beginning_with_csrf(self):
"""
Test the field order of the permissions if they are to be inserted before all other fields, with the CSRF
field enabled.
Expected results: The permission fields appear before all other fields, but after the CSRF field, and are in
themselves ordered alphabetically by their label.
"""
self.app.config['WTF_CSRF_ENABLED'] = True
class PermissionTestForm(BasePermissionForm):
"""
A simple form to which permission fields will be added.
"""
permission_fields_after = None
submit = SubmitField('Submit')
form = create_permission_form(PermissionTestForm, self.permissions)
# The permission field are sorted by their label.
permission_fields = [form._fields[field_name] for field_name in form.permission_fields]
sorted_permission_fields = sorted(permission_fields, key=lambda f: f.label.text)
self.assertListEqual(sorted_permission_fields, permission_fields)
# The expected fields are in the front, followed by the remaining field, the submit button.
expected_fields = [form.csrf_token]
expected_fields.extend(permission_fields)
expected_fields.append(form.submit)
actual_fields = list(form)
self.assertListEqual(expected_fields, actual_fields)
def test_incorrect_base_class(self):
"""
Test that the creation is aborted if the given form does not inherit from BasePermissionForm.
Expected result: A value error is raised.
"""
class IncorrectBaseClassForm(FlaskForm):
"""
A form not inheriting from BasePermissionForm.
"""
pass
with self.assertRaises(ValueError) as exception_cm:
create_permission_form(IncorrectBaseClassForm, self.permissions)
self.assertEqual('The form does not inherit from BasePermissionForm', str(exception_cm.exception))
def role_permissions(name: str) -> ResponseType:
"""
Show and process a form to change a role's permissions.
:param name: The name of the role.
:return: The response for this view.
"""
role = Role.load_from_name(name)
if role is None:
abort(404)
disabled_permissions = None
if role.is_only_role_allowed_to_edit_roles():
disabled_permissions = Permission.EditRole
permission_form = create_permission_form(PermissionForm, role.permissions,
disabled_permissions=disabled_permissions)
if permission_form.validate_on_submit():
role.permissions = permission_form.permissions
db.session.commit()
flash(_('The role\'s permissions have been updated.'))
return redirect(url_for('.role_permissions', name=role.name))
return render_template('administration/role_permissions.html', role=name, permission_form=permission_form)
def test_field_order_after_other_field(self):
"""
Test the field order of the permissions if they are to be inserted after another field.
Expected results: The permission fields appear after the email field and before the submit field.
"""
class PermissionTestForm(BasePermissionForm):
"""
A simple form to which permission fields will be added.
"""
permission_fields_after = 'email'
name = StringField('Name')
email = StringField('Email')
submit = SubmitField('Submit')
form = create_permission_form(PermissionTestForm, self.permissions)
# The permission field are sorted by their label.
permission_fields = [
form._fields[field_name] for field_name in form.permission_fields
]
sorted_permission_fields = sorted(permission_fields,
key=lambda f: f.label.text)
self.assertListEqual(sorted_permission_fields, permission_fields)
# The expected fields are in the front, followed by the remaining field, the submit button.
expected_fields = [form.name, form.email]
expected_fields.extend(permission_fields)
expected_fields.append(form.submit)
actual_fields = list(form)
self.assertListEqual(expected_fields, actual_fields)
def test_field_order_at_beginning(self):
"""
Test the field order of the permissions if they are to be inserted before all other fields.
Expected results: The permission fields appear before all other fields and are in themselves ordered
alphabetically by their label.
"""
class PermissionTestForm(BasePermissionForm):
"""
A simple form to which permission fields will be added.
"""
permission_fields_after = None
submit = SubmitField('Submit')
form = create_permission_form(PermissionTestForm, self.permissions)
# The permission field are sorted by their label.
permission_fields = [
form._fields[field_name] for field_name in form.permission_fields
]
sorted_permission_fields = sorted(permission_fields,
key=lambda f: f.label.text)
self.assertListEqual(sorted_permission_fields, permission_fields)
# The expected fields are in the front, followed by the remaining field, the submit button.
expected_fields = permission_fields
expected_fields.append(form.submit)
actual_fields = list(form)
self.assertListEqual(expected_fields, actual_fields)
def test_incorrect_base_class(self):
"""
Test that the creation is aborted if the given form does not inherit from BasePermissionForm.
Expected result: A value error is raised.
"""
class IncorrectBaseClassForm(FlaskForm):
"""
A form not inheriting from BasePermissionForm.
"""
pass
with self.assertRaises(ValueError) as exception_cm:
create_permission_form(IncorrectBaseClassForm, self.permissions)
self.assertEqual(
'The form does not inherit from BasePermissionForm',
str(exception_cm.exception))
def test_field_existence(self):
"""
Test that the fields for the permissions are correctly added.
Expected result: For each permission, a field is added and correctly preset. The permissions field
dictionary is filled. Permissions given as disabled result in their fields being disabled.
"""
class PermissionTestForm(BasePermissionForm):
"""
A simple form to which permission fields will be added.
"""
pass
disabled_permissions = Permission.EditRole
form = create_permission_form(PermissionTestForm, self.permissions, disabled_permissions=disabled_permissions)
self.assertIsNotNone(form)
self.assertTrue(isinstance(form, PermissionTestForm))
# Test that all permissions have got a field.
# noinspection PyTypeChecker
permissions = list(Permission)
for permission in permissions:
field_name = permission.name.lower()
field = getattr(form, field_name, None)
self.assertIsNotNone(field, msg=f'No field for permission {permission}')
# The label and description are set according to the permission.
self.assertEqual(permission.title, field.label.text,
msg=f'Label wrong for permission {permission}')
self.assertEqual(permission.description, field.description,
msg=f'Description wrong for permission {permission}')
# The field is selected if the permission is given as a preset permission.
if permission & self.permissions == permission:
self.assertTrue(field.default, msg=f'Field for permission {permission} not preselected')
else:
self.assertFalse(field.default, msg=f'Field for permission {permission} incorrectly preselected')
# The field is disabled if the permission is given as a disabled permission.
if permission & disabled_permissions == permission:
self.assertTrue(field.render_kw.get('disabled', False),
msg=f'Field for permission {permission} is not disabled')
else:
self.assertFalse(field.render_kw.get('disabled', False),
msg=f'Field for permission {permission} is incorrectly disabled')
# The field to permission relation is remembered in the dictionary.
self.assertEqual(permission, form.permission_fields.get(field_name, None))
# Ensure that there not more or less fields in the field to permission dictionary than there are permissions.
self.assertEqual(len(permissions), len(form.permission_fields))
def role_new() -> str:
"""
Show a form to create a new role.
:return: The HTML response.
"""
new_role_form = create_permission_form(RoleNewForm, Permission(0))
if new_role_form.validate_on_submit():
role = Role(name=new_role_form.name.data)
role.permissions = new_role_form.permissions
db.session.add(role)
db.session.commit()
flash(_('The new role has been created.'))
return redirect(url_for('.roles_list'))
return render_template('administration/role_new.html', new_role_form=new_role_form)
def role_new() -> ResponseType:
"""
Show and process a form to create a new role.
:return: The response for this view.
"""
new_role_form = create_permission_form(RoleNewForm, Permission(0))
if new_role_form.validate_on_submit():
role = Role(name=new_role_form.name.data)
role.permissions = new_role_form.permissions
db.session.add(role)
db.session.commit()
flash(_('The new role has been created.'))
return redirect(url_for('.roles_list'))
return render_template('administration/role_new.html', new_role_form=new_role_form)
def test_field_existence(self):
"""
Test that the fields for the permissions are correctly added.
Expected result: For each permission, a field is added and correctly preset. The permissions field
dictionary is filled. Permissions given as disabled result in their fields being disabled.
"""
class PermissionTestForm(BasePermissionForm):
"""
A simple form to which permission fields will be added.
"""
pass
disabled_permissions = Permission.EditRole
form = create_permission_form(
PermissionTestForm,
self.permissions,
disabled_permissions=disabled_permissions)
self.assertIsNotNone(form)
self.assertTrue(isinstance(form, PermissionTestForm))
# Test that all permissions have got a field.
# noinspection PyTypeChecker
permissions = list(Permission)
for permission in permissions:
field_name = permission.name.lower()
field = getattr(form, field_name, None)
self.assertIsNotNone(field,
msg=f'No field for permission {permission}')
# The label and description are set according to the permission.
self.assertEqual(permission.title,
field.label.text,
msg=f'Label wrong for permission {permission}')
self.assertEqual(
permission.description,
field.description,
msg=f'Description wrong for permission {permission}')
# The field is selected if the permission is given as a preset permission.
if permission & self.permissions == permission:
self.assertTrue(
field.default,
msg=f'Field for permission {permission} not preselected')
else:
self.assertFalse(
field.default,
msg=
f'Field for permission {permission} incorrectly preselected'
)
# The field is disabled if the permission is given as a disabled permission.
if permission & disabled_permissions == permission:
self.assertTrue(
field.render_kw.get('disabled', False),
msg=f'Field for permission {permission} is not disabled')
else:
self.assertFalse(
field.render_kw.get('disabled', False),
msg=
f'Field for permission {permission} is incorrectly disabled'
)
# The field to permission relation is remembered in the dictionary.
self.assertEqual(permission,
form.permission_fields.get(field_name, None))
# Ensure that there not more or less fields in the field to permission dictionary than there are permissions.
self.assertEqual(len(permissions), len(form.permission_fields))