Exemple #1
0
 def test(self):
     from bop.managers import UserObjectManager
     UserObjectManager().contribute_to_class(Thing, 'objects')
     self.assertEqual(Thing.objects.count(), 1)
     self.assertEqual(ObjectPermission.objects.get_for_model(Thing).count(), 0)
     self.assertEqual(Thing.objects.get_user_objects(self.testuser).count(), 0)
     thinga = Thing(label='thinga')
     thinga.save()
     thingb = Thing(label='thingb')
     thingb.save()
     grant(self.testuser, None, 'bop.change_thing', thinga)
     self.assertEqual(Thing.objects.get_user_objects(self.testuser).count(), 1)
     grant(self.testuser, None, 'bop.do_thing', thinga)
     self.assertEqual(Thing.objects.get_user_objects(self.testuser).count(), 1)
     grant(self.testuser, None, 'bop.do_thing', thingb)
     self.assertEqual(Thing.objects.get_user_objects(self.testuser).count(), 2)
     # Now check for a specific perm
     self.assertEqual(Thing.objects.get_user_objects(self.testuser, 'bop.do_thing').count(), 2)
     self.assertEqual(Thing.objects.get_user_objects(self.testuser, permissions='bop.change_thing').count(), 1)
     # And now for something completely different
     ct = ContentType.objects.get_for_model(Thing)
     permd = Permission.objects.get(codename='delete_thing', content_type=ct)
     self.testuser.user_permissions.add(permd)
     self.assertEqual(Thing.objects.get_user_objects(self.testuser, 'bop.change_thing').count(), 1)
     self.assertEqual(Thing.objects.get_user_objects(self.testuser, permissions='bop.change_thing').count(), 1)
     self.assertEqual(Thing.objects.get_user_objects(self.testuser, 'bop.delete_thing', True).count(), 3)
     self.assertEqual(Thing.objects.get_user_objects(self.testuser, check_model_perms=True).count(), 3)
     self.assertEqual(Thing.objects.get_user_objects(self.testuser, None, True).count(), 3)
Exemple #2
0
class BOPTestCase(TestCase):
    fixtures = ['users.json', ]

    def get_users_and_groups(self):
        self.anonuser  = User.objects.get(username='******')
        self.testuser  = User.objects.get(username='******')
        self.anons     = Group.objects.get(name='bop_anons')
        self.someperms = Group.objects.get(name='bop_someperms')
        self.superuser = User.objects.filter(is_superuser=True)[0]
        self.anonymous = AnonymousUser()

    def setUp(self):
        self._anonymous_user_id = getattr(settings, 'ANONYMOUS_USER_ID', None)
        self._backends = getattr(settings, 'AUTHENTICATION_BACKENDS', None)
        self.get_users_and_groups()
        self.tablemanager = TableManager()
        self.tablemanager.create_table(Thing)
        self.thing = Thing(label='a thing')
        self.thing.save()

        if self._anonymous_user_id:
            delattr(settings, 'ANONYMOUS_USER_ID')

    def tearDown(self):
        if self._anonymous_user_id:
            settings.ANONYMOUS_USER_ID = self._anonymous_user_id
        settings.AUTHENTICATION_BACKENDS = self._backends
        ObjectPermission.objects.filter(
            content_type=ContentType.objects.get_for_model(Thing)).delete()
        self.tablemanager.drop_table(Thing)
Exemple #3
0
class TestAPI(TestCase):
    def setUp(self):
        self._anonymous_user_id = getattr(settings, 'ANONYMOUS_USER_ID', None)
        self._backends = getattr(settings, 'AUTHENTICATION_BACKENDS', None)
        self.tablemanager = TableManager()
        self.tablemanager.create_table(Thing)
        self.thing = Thing(label='a thing')
        self.thing.save()
        self.content_type = ContentType.objects.get_for_model(Thing)
        if self._anonymous_user_id:
            delattr(settings, 'ANONYMOUS_USER_ID')

    def tearDown(self):
        if self._anonymous_user_id:
            settings.ANONYMOUS_USER_ID = self._anonymous_user_id
        settings.AUTHENTICATION_BACKENDS = self._backends
        ObjectPermission.objects.filter(
            content_type=ContentType.objects.get_for_model(Thing)).delete()
        self.tablemanager.drop_table(Thing)

    def testHasModelPerms(self):
        from bop.api import has_model_perms, get_model_perms
        self.assertEqual(get_model_perms(Thing) ,get_model_perms(self.thing))
        testa = User.objects.create_user('test-a', '*****@*****.**', 'test-a')
        self.assertFalse(has_model_perms(testa, Thing))
        ct = ContentType.objects.get_for_model(Thing)
        permd = Permission.objects.get(codename='delete_thing', content_type=ct)
        testa.user_permissions.add(permd)
        # re-get the user to clear/re-fill the perms-cache
        testa = User.objects.get(username='******')
        self.assertTrue(has_model_perms(testa, Thing))
        testa.delete()
        

    def testGrantRevoke(self):
        testa = User.objects.create_user('test-a', '*****@*****.**', 'test-a')
        testb = User.objects.create_user('test-b', '*****@*****.**', 'test-b')
        testga, _ = Group.objects.get_or_create(name='test-ga')
        testgb, _ = Group.objects.get_or_create(name='test-gb')
        testa.groups.add(testga)
        testb.groups.add(testgb)
        perms = Permission.objects.filter(content_type=self.content_type)
        objects = self.thing
        self.assertEqual(ObjectPermission.objects.count(), 0)
        grant([testa], [testga, testgb], perms, objects)
        self.assertEqual(ObjectPermission.objects.count(), 15)
        revoke(None, [testga, testgb], perms, objects)
        revoke(None, [testga, testgb], perms, objects)
        self.assertEqual(ObjectPermission.objects.count(), 5)
        # Try again (should have no consequences)
        revoke(None, [testga, testgb], perms, objects)
        self.assertEqual(ObjectPermission.objects.count(), 5)
        # arbitrary object
        grant([testa], [testga, testgb], perms, object())
        self.assertEqual(ObjectPermission.objects.count(), 5)
        # Just pass names (except for  the objects)
        grant(None, testga.name, 'bop.delete_thing', self.thing)
        self.assertEqual(ObjectPermission.objects.count(), 6)
        # non-existing permisions
        grant(None, testga.name, 'bop.wrong_thing', self.thing)
        self.assertEqual(ObjectPermission.objects.count(), 6)
        revoke(None, testga.name, 'bop.wrong_thing', self.thing)
        self.assertEqual(ObjectPermission.objects.count(), 6)
        # non-existing group
        grant(None, 'InternationalOrganisationOfAnarchists', 'bop.change_thing', self.thing)
        self.assertEqual(ObjectPermission.objects.count(), 6)
        revoke(None, 'InternationalOrganisationOfAnarchists', 'bop.change_thing', self.thing)
        self.assertEqual(ObjectPermission.objects.count(), 6)
        # non-existing user
        grant(AnonymousUser(), None, 'bop.change_thing', self.thing)
        self.assertEqual(ObjectPermission.objects.count(), 6)
        revoke(AnonymousUser(), None, 'bop.change_thing', self.thing)
        self.assertEqual(ObjectPermission.objects.count(), 6)
        revoke(None, testga.name, 'bop.delete_thing', self.thing)
        self.assertEqual(ObjectPermission.objects.count(), 5)
        # use a queryset: revoke thing-perms (see above) for all users
        revoke(User.objects.all(), None, perms, self.thing)
        self.assertEqual(ObjectPermission.objects.count(), 0)
        testa.delete()
        testb.delete()
        testga.delete()
        testgb.delete()