def get_role_permissions(role, unrestricted=False):
"""
:param role: string(natural key value) or instance of HacsRoleModel
:param unrestricted:
:return: list of HacsPermissionModel
"""
role_cls = get_role_model()
if isinstance(role, six.string_types):
role = role_cls.objects.get_by_natural_key(role)
if not isinstance(role, role_cls):
raise ValueError("%s must be instance of %s class" %
(role, role_cls.__name__))
roles = set()
normalize_role(roles, role)
permissions = set()
for role in roles:
if unrestricted:
q_set = role.hacs_rlm_permissions.unrestricted()
else:
q_set = role.hacs_rlm_permissions.all()
for permission in q_set:
permissions.add(permission)
return permissions
def get_role_permissions(role, unrestricted=False):
"""
:param role: string(natural key value) or instance of HacsRoleModel
:param unrestricted:
:return: list of HacsPermissionModel
"""
role_cls = get_role_model()
if isinstance(role, six.string_types):
role = role_cls.objects.get_by_natural_key(role)
if not isinstance(role, role_cls):
raise ValueError("%s must be instance of %s class" % (role, role_cls.__name__))
roles = set()
normalize_role(roles, role)
permissions = set()
for role in roles:
if unrestricted:
q_set = role.hacs_rlm_permissions.unrestricted()
else:
q_set = role.hacs_rlm_permissions.all()
for permission in q_set:
permissions.add(permission)
return permissions
def test_get_roles_permissions(self, role_permissions_fn):
"""
:param role_permissions_fn
:return:
"""
backend = HacsAuthorizerBackend()
role_cls = get_role_model()
# Test by Using natural key
cache_key1 = get_cache_key(role_cls.__hacs_base_content_type__, klass=role_cls.__name__,
_id=hash(('Guest', 'Manager')))
permissions = backend.get_roles_permissions('Guest', 'Manager')
self.assertEqual(HacsPermissionModel.objects.count(), len(permissions))
self.assertEqual(HacsPermissionModel.objects.count(), len(self.cache.get(cache_key1)))
# Test by Using instance
cache_key2 = get_cache_key(
role_cls.__hacs_base_content_type__,
klass=role_cls.__name__,
_id=hash((role_cls.objects.get_by_natural_key('Guest'), role_cls.objects.get_by_natural_key('Manager'))))
self.assertNotEqual(cache_key1, cache_key2)
permissions = backend.get_roles_permissions(role_cls.objects.get_by_natural_key('Guest'), role_cls.objects.get_by_natural_key('Manager'))
self.assertEqual(HacsPermissionModel.objects.count(), len(permissions))
self.assertEqual(HacsPermissionModel.objects.count(), len(self.cache.get(cache_key2)))
# Test Mix with natural key and instance
cache_key3 = get_cache_key(
role_cls.__hacs_base_content_type__,
klass=role_cls.__name__, _id=hash(('Guest', role_cls.objects.get_by_natural_key('Manager'))))
permissions = backend.get_roles_permissions('Guest', role_cls.objects.get_by_natural_key('Manager'))
self.assertEqual(HacsPermissionModel.objects.count(), len(permissions))
self.assertEqual(HacsPermissionModel.objects.count(), len(self.cache.get(cache_key3)))
def get_roles_permissions(self, *roles):
"""
:param roles: list of natural key of HacsRoleModel or instance of HacsRoleModel
:return:
"""
assert len(roles) > 0, "At least one argument is required!"
if len(roles) == 1:
return self.get_role_permissions(roles[0])
role_cls = get_role_model()
cache_key = get_cache_key(role_cls.__hacs_base_content_type__,
klass=role_cls.__name__,
_id=hash(roles))
permissions = self.cache.get(cache_key)
if permissions:
return permissions
else:
permissions = set()
for role in roles:
permissions = permissions.union(self.get_role_permissions(role))
permissions = tuple(permissions)
self.cache.set(cache_key, permissions)
return permissions
def get_role_permissions(self, role):
"""
:param role:
:return:
list all permissions those are belongs to a certain role and also permissions from parent role if
applicable
"""
if isinstance(role, six.string_types):
# OK role's natural key is provided
role_cls = get_role_model()
cache_key = get_cache_key(role_cls.__hacs_base_content_type__,
klass=role_cls.__name__,
_id=role)
else:
cache_key = get_cache_key(role.__hacs_base_content_type__, role)
permissions = self.cache.get(cache_key)
if permissions:
return permissions
permissions = tuple(
map(lambda x: x.name, get_role_permissions(role,
unrestricted=True)))
self.cache.set(cache_key, permissions)
return permissions
def test_get_role_permissions(self):
"""
:return:
"""
backend = HacsAuthorizerBackend()
# Test Manager role with object
manager = get_role_model().objects.get_by_natural_key('Manager')
manager_cache_key = get_cache_key(manager.__hacs_base_content_type__, manager)
permissions = backend.get_role_permissions(manager)
# should have all permissions
self.assertEqual(len(HacsPermissionModel.objects.all()), len(permissions))
self.assertIsNotNone(self.cache.get(manager_cache_key))
# Test Guest Role with natural key
guest_cache_key = get_cache_key(get_role_model().__hacs_base_content_type__, klass=get_role_model().__name__, _id='Guest')
permissions = backend.get_role_permissions('Guest')
self.assertEqual(1, len(permissions))
self.assertEqual(1, len(self.cache.get(guest_cache_key)))
def test_get_role_permissions(self):
"""
:return:
"""
backend = HacsAuthorizerBackend()
# Test Manager role with object
manager = get_role_model().objects.get_by_natural_key('Manager')
manager_cache_key = get_cache_key(manager.__hacs_base_content_type__,
manager)
permissions = backend.get_role_permissions(manager)
# should have all permissions
self.assertEqual(len(HacsPermissionModel.objects.all()),
len(permissions))
self.assertIsNotNone(self.cache.get(manager_cache_key))
# Test Guest Role with natural key
guest_cache_key = get_cache_key(
get_role_model().__hacs_base_content_type__,
klass=get_role_model().__name__,
_id='Guest')
permissions = backend.get_role_permissions('Guest')
self.assertEqual(1, len(permissions))
self.assertEqual(1, len(self.cache.get(guest_cache_key)))
def test_get_role_permissions(self):
"""
:return:
"""
# test using role natural key
permissions = get_role_permissions('Guest')
# Guest should have one permission
self.assertEqual(1, len(permissions))
# test using object
manager_role = get_role_model().objects.get_by_natural_key('Manager')
permissions = get_role_permissions(manager_role)
self.assertEqual(len(get_permission_model().objects.all()),
len(permissions))
def test_get_roles_permissions(self, role_permissions_fn):
"""
:param role_permissions_fn
:return:
"""
backend = HacsAuthorizerBackend()
role_cls = get_role_model()
# Test by Using natural key
cache_key1 = get_cache_key(role_cls.__hacs_base_content_type__,
klass=role_cls.__name__,
_id=hash(('Guest', 'Manager')))
permissions = backend.get_roles_permissions('Guest', 'Manager')
self.assertEqual(HacsPermissionModel.objects.count(), len(permissions))
self.assertEqual(HacsPermissionModel.objects.count(),
len(self.cache.get(cache_key1)))
# Test by Using instance
cache_key2 = get_cache_key(
role_cls.__hacs_base_content_type__,
klass=role_cls.__name__,
_id=hash((role_cls.objects.get_by_natural_key('Guest'),
role_cls.objects.get_by_natural_key('Manager'))))
self.assertNotEqual(cache_key1, cache_key2)
permissions = backend.get_roles_permissions(
role_cls.objects.get_by_natural_key('Guest'),
role_cls.objects.get_by_natural_key('Manager'))
self.assertEqual(HacsPermissionModel.objects.count(), len(permissions))
self.assertEqual(HacsPermissionModel.objects.count(),
len(self.cache.get(cache_key2)))
# Test Mix with natural key and instance
cache_key3 = get_cache_key(
role_cls.__hacs_base_content_type__,
klass=role_cls.__name__,
_id=hash(
('Guest', role_cls.objects.get_by_natural_key('Manager'))))
permissions = backend.get_roles_permissions(
'Guest', role_cls.objects.get_by_natural_key('Manager'))
self.assertEqual(HacsPermissionModel.objects.count(), len(permissions))
self.assertEqual(HacsPermissionModel.objects.count(),
len(self.cache.get(cache_key3)))