def test_add_permission_permission_denied_is_403(self): user = get_user_model().objects.create( username="******", email="*****@*****.**", ) user.set_password("pw") user.save() assert self.client.login(username="******", password="******") url = reverse( "authority-add-permission-request", kwargs={ "app_label": "foo", "module_name": "Bar", "pk": 1, }, ) r = self.client.get(url) self.assertEqual(r.status_code, 403)
def test_add_permission_permission_denied_is_403(self): user = get_user_model().objects.create( username='******', email='*****@*****.**', ) user.set_password('pw') user.save() assert self.client.login(username='******', password='******') url = reverse( 'authority-add-permission-request', kwargs={ 'app_label': 'foo', 'module_name': 'Bar', 'pk': 1, }, ) r = self.client.get(url) self.assertEqual(r.status_code, 403)
from django import template from django.core.exceptions import ImproperlyConfigured from django.core.urlresolvers import reverse from django.contrib.auth.models import AnonymousUser from authority.utils import get_check from authority import permissions from authority.compat import get_user_model from authority.models import Permission from authority.forms import UserPermissionForm User = get_user_model() register = template.Library() @register.simple_tag def url_for_obj(view_name, obj): return reverse(view_name, kwargs={ 'app_label': obj._meta.app_label, 'module_name': obj._meta.module_name, 'pk': obj.pk} ) @register.simple_tag def add_url_for_obj(obj): return url_for_obj('authority-add-permission', obj) @register.simple_tag
from django import forms from django.utils.translation import ugettext_lazy as _ from django.contrib.contenttypes.models import ContentType from django.contrib.auth.models import Group from django.utils.safestring import mark_safe from authority import permissions from authority.utils import get_choices_for from authority.models import Permission from authority.compat import get_user_model User = get_user_model() class BasePermissionForm(forms.ModelForm): codename = forms.CharField(label=_("Permission")) class Meta: model = Permission exclude = [] def __init__(self, perm=None, obj=None, approved=False, *args, **kwargs): self.perm = perm self.obj = obj self.approved = approved if obj and perm: self.base_fields["codename"].widget = forms.HiddenInput() elif obj and (not perm or not approved): perms = get_choices_for(self.obj) self.base_fields["codename"].widget = forms.Select(choices=perms)