Exemple #1
0
 def test_roles_init_new_repo_2(self):
     """
     Groups and permissions created by the repo creations
     """
     repo = Repository.objects.create(
         name=self.repo_name,
         description=self.repo_desc,
         created_by=self.user
     )
     admin = Group.objects.get(name=self.group_admin)
     curator = Group.objects.get(name=self.group_curator)
     author = Group.objects.get(name=self.group_author)
     checker_admin = ObjectPermissionChecker(admin)
     self.assertListEqual(
         sorted(checker_admin.get_perms(repo)),
         sorted(RepoPermission.administrator_permissions())
     )
     checker_curator = ObjectPermissionChecker(curator)
     self.assertListEqual(
         sorted(checker_curator.get_perms(repo)),
         sorted(RepoPermission.curator_permissions())
     )
     checker_author = ObjectPermissionChecker(author)
     self.assertListEqual(
         sorted(checker_author.get_perms(repo)),
         sorted(RepoPermission.author_permissions())
     )
Exemple #2
0
    def test_sync_permissions(self):
        """
        test the syncpermission
        """
        repo = create_repo(self.repo_name, self.repo_desc, self.user.id)

        # Get default permissions before wiping.
        admin = Group.objects.get(name=self.group_admin)
        self.check_group_permission(
            repo,
            admin,
            RepoPermission.administrator_permissions()
        )
        with patch.object(utils, 'roles_init_new_repo') as mock_method:
            mock_method.return_value = None
            utils.sync_groups_permissions()
        # Get default permissions after wiping.
        self.check_group_permission(
            repo,
            admin,
            []
        )
        # Restore permissions the first call of sync_groups_permissions
        # will not do anything because the permissions have been already wiped.
        utils.sync_groups_permissions()
        self.check_group_permission(
            repo,
            admin,
            RepoPermission.administrator_permissions()
        )
Exemple #3
0
 def test_repo_permissions(self):
     """
     Checks repo permissions
     """
     view_repo = ('view_repo', 'Permission to view the repository')
     import_course = ('import_course',
                      'Permission to import course in repository')
     manage_taxonomy = ('manage_taxonomy',
                        'Permission to manage repository taxonomy')
     add_edit_metadata = ('add_edit_metadata',
                          'Permission to add or edit metadata')
     manage_repo_users = ('manage_repo_users',
                          'Permission manage users for the repository')
     self.assertEqual(RepoPermission.view_repo, view_repo)
     self.assertEqual(RepoPermission.import_course, import_course)
     self.assertEqual(RepoPermission.manage_taxonomy, manage_taxonomy)
     self.assertEqual(RepoPermission.add_edit_metadata, add_edit_metadata)
     self.assertEqual(RepoPermission.manage_repo_users, manage_repo_users)
     self.assertListEqual(RepoPermission.administrator_permissions(), [
         view_repo[0], import_course[0], manage_taxonomy[0],
         add_edit_metadata[0], manage_repo_users[0]
     ])
     self.assertListEqual(RepoPermission.curator_permissions(), [
         view_repo[0], import_course[0], manage_taxonomy[0],
         add_edit_metadata[0]
     ])
     self.assertListEqual(RepoPermission.author_permissions(),
                          [view_repo[0], add_edit_metadata[0]])
Exemple #4
0
 def test_repo_permissions(self):
     """
     Checks repo permissions
     """
     view_repo = ('view_repo', 'Permission to view the repository')
     import_course = ('import_course',
                      'Permission to import course in repository')
     manage_taxonomy = ('manage_taxonomy',
                        'Permission to manage repository taxonomy')
     add_edit_metadata = ('add_edit_metadata',
                          'Permission to add or edit metadata')
     manage_repo_users = ('manage_repo_users',
                          'Permission manage users for the repository')
     self.assertEqual(
         RepoPermission.view_repo,
         view_repo
     )
     self.assertEqual(
         RepoPermission.import_course,
         import_course
     )
     self.assertEqual(
         RepoPermission.manage_taxonomy,
         manage_taxonomy
     )
     self.assertEqual(
         RepoPermission.add_edit_metadata,
         add_edit_metadata
     )
     self.assertEqual(
         RepoPermission.manage_repo_users,
         manage_repo_users
     )
     self.assertListEqual(
         RepoPermission.administrator_permissions(),
         [
             view_repo[0],
             import_course[0],
             manage_taxonomy[0],
             add_edit_metadata[0],
             manage_repo_users[0]
         ]
     )
     self.assertListEqual(
         RepoPermission.curator_permissions(),
         [
             view_repo[0],
             import_course[0],
             manage_taxonomy[0],
             add_edit_metadata[0]
         ]
     )
     self.assertListEqual(
         RepoPermission.author_permissions(),
         [
             view_repo[0],
             add_edit_metadata[0]
         ]
     )
Exemple #5
0
def roles_init_new_repo(repo):
    """
    Create new groups for the repository.

    It assumes that there are only 3 types of users:
        - administrator
        - curator
        - author

    Args:
        repo (learningresources.models.Repository): repository used to create
            groups and assign permissions to them
    Returns:
        None
    """
    with transaction.atomic():
        administrator_group, _ = Group.objects.get_or_create(
            name=GroupTypes.REPO_ADMINISTRATOR.format(repo.slug)
        )
        curator_group, _ = Group.objects.get_or_create(
            name=GroupTypes.REPO_CURATOR.format(repo.slug)
        )
        author_group, _ = Group.objects.get_or_create(
            name=GroupTypes.REPO_AUTHOR.format(repo.slug)
        )

    with transaction.atomic():
        # administrator permissions
        for permission in RepoPermission.administrator_permissions():
            try:
                Permission.objects.get(codename=permission)
                assign_perm(permission, administrator_group, repo)
            except Permission.DoesNotExist:
                pass
        # curator permissions
        for permission in RepoPermission.curator_permissions():
            try:
                Permission.objects.get(codename=permission)
                assign_perm(permission, curator_group, repo)
            except Permission.DoesNotExist:
                pass
        # author permissions
        for permission in RepoPermission.author_permissions():
            try:
                Permission.objects.get(codename=permission)
                assign_perm(permission, author_group, repo)
            except Permission.DoesNotExist:
                pass
Exemple #6
0
def roles_init_new_repo(repo):
    """
    Create new groups for the repository.

    It assumes that there are only 3 types of users:
        - administrator
        - curator
        - author

    Args:
        repo (learningresources.models.Repository): repository used to create
            groups and assign permissions to them
    Returns:
        None
    """
    with transaction.atomic():
        administrator_group, _ = Group.objects.get_or_create(
            name=GroupTypes.REPO_ADMINISTRATOR.format(repo.slug))
        curator_group, _ = Group.objects.get_or_create(
            name=GroupTypes.REPO_CURATOR.format(repo.slug))
        author_group, _ = Group.objects.get_or_create(
            name=GroupTypes.REPO_AUTHOR.format(repo.slug))

    with transaction.atomic():
        # administrator permissions
        for permission in RepoPermission.administrator_permissions():
            try:
                Permission.objects.get(codename=permission)
                assign_perm(permission, administrator_group, repo)
            except Permission.DoesNotExist:
                pass
        # curator permissions
        for permission in RepoPermission.curator_permissions():
            try:
                Permission.objects.get(codename=permission)
                assign_perm(permission, curator_group, repo)
            except Permission.DoesNotExist:
                pass
        # author permissions
        for permission in RepoPermission.author_permissions():
            try:
                Permission.objects.get(codename=permission)
                assign_perm(permission, author_group, repo)
            except Permission.DoesNotExist:
                pass
Exemple #7
0
    def test_sync_permissions(self):
        """
        test the syncpermission
        """
        repo = create_repo(self.repo_name, self.repo_desc, self.user.id)

        # Get default permissions before wiping.
        admin = Group.objects.get(name=self.group_admin)
        self.check_group_permission(repo, admin, RepoPermission.administrator_permissions())
        with patch.object(utils, "roles_init_new_repo") as mock_method:
            mock_method.return_value = None
            utils.sync_groups_permissions()
        # Get default permissions after wiping.
        self.check_group_permission(repo, admin, [])
        # Restore permissions the first call of sync_groups_permissions
        # will not do anything because the permissions have been already wiped.
        utils.sync_groups_permissions()
        self.check_group_permission(repo, admin, RepoPermission.administrator_permissions())
Exemple #8
0
 def test_clear_permissions(self):
     """
     Test for roles_clear_repo_permissions
     """
     self.assertListEqual(
         sorted(get_perms(self.user, self.repo)),
         sorted(RepoPermission.administrator_permissions())
     )
     api.roles_clear_repo_permissions(self.repo)
     self.assertListEqual(
         get_perms(self.user, self.repo),
         []
     )