Esempio n. 1
0
 def test_public_for_all_staff_assert_num_queries(self):
     request = self.get_request()
     request.user.is_staff = True
     page = Page()
     page.pk = 1
     pages = [page]
     with self.assertNumQueries(0):
         get_visible_pages(request, pages)
Esempio n. 2
0
 def test_unauthed_no_access_num_queries(self):
     site = Site()
     site.pk = 1
     request = self.get_request()
     page = Page()
     page.pk = 1
     page.level = 0
     page.tree_id = 1
     pages = [page]
     with self.assertNumQueries(1):
         get_visible_pages(request, pages, site)
Esempio n. 3
0
 def test_public_for_all_staff_assert_num_queries(self):
     request = self.get_request()
     request.user.is_staff = True
     page = Page()
     page.pk = 1
     page.level = 0
     page.tree_id = 1
     pages = [page]
     with self.assertNumQueries(1):
         """
             The queries are:
             PagePermission count query
         """    
         get_visible_pages(request, pages)
Esempio n. 4
0
 def test_page_permissions_num_queries(self):
     with SettingsOverride(CMS_PUBLIC_FOR='staff'):
         user = User.objects.create_user('user', '*****@*****.**', 'user')
         request = self.get_request(user)
         page = create_page('A', 'nav_playground.html', 'en')
         PagePermission.objects.create(can_view=True, user=user, page=page)
         pages = [page]
         with self.assertNumQueries(2):
             """
             The queries are:
             PagePermission query for affected pages
             GlobalpagePermission query for user
             """
             get_visible_pages(request, pages)
Esempio n. 5
0
    def test_unauth_non_access(self):
        request = self.get_request()
        with self.assertNumQueries(0):
            self.assertFalse(self.page.has_view_permission(request))

        self.assertEqual(get_visible_pages(request, [self.page], self.page.site),
                         [])
Esempio n. 6
0
    def test_staff_public_staff(self):
        request = self.get_request(self.get_staff_user_with_no_permissions())
        with self.assertNumQueries(0):
            self.assertTrue(self.page.has_view_permission(request))

        self.assertEqual(get_visible_pages(request, [self.page], self.page.site),
                         [self.page.pk])
Esempio n. 7
0
    def assertGrantedVisibility(self,
                                all_pages,
                                expected_granted_pages,
                                username=None):
        """
        helper function to check the expected_granted_pages are
        not in the restricted_pages list and
        all visible pages are in the expected_granted_pages
        """
        # log the user in if present
        user = None
        if username is not None:
            if get_user_model().USERNAME_FIELD == 'email':
                username = username + '@django-cms.org'

            query = dict()
            query[get_user_model().USERNAME_FIELD + '__iexact'] = username
            user = get_user_model().objects.get(**query)
        request = self.get_request(user)
        visible_page_ids = get_visible_pages(request, all_pages, self.site)
        public_page_ids = Page.objects.drafts().filter(
            title_set__title__in=expected_granted_pages).values_list('id',
                                                                     flat=True)
        self.assertEqual(len(visible_page_ids), len(expected_granted_pages))
        restricted_pages = Page.objects.public().exclude(
            title_set__title__in=expected_granted_pages).values_list('id',
                                                                     flat=True)
        self.assertNodeMemberships(visible_page_ids, restricted_pages,
                                   public_page_ids)
Esempio n. 8
0
    def test_unauth_public(self):
        request = self.get_request()
        with self.assertNumQueries(0):
            self.assertTrue(self.page.has_view_permission(request))

        self.assertEqual(get_visible_pages(request, [self.page], self.page.site),
                         [self.page.pk])
Esempio n. 9
0
    def test_normal_basic_auth(self):
        request = self.get_request(self.get_standard_user())
        with self.assertNumQueries(0):
            self.assertTrue(self.page.has_view_permission(request))

        self.assertEqual(get_visible_pages(request, [self.page], self.page.site),
                         [self.page.pk])
 def test_public_pages_anonymous_norestrictions(self):
     """
     All pages are visible to an anonymous user
     """
     all_pages = self._setup_tree_pages()
     request = self.get_request()
     visible_page_ids = get_visible_pages(request, all_pages, self.site)
     self.assertEquals(len(all_pages), len(visible_page_ids))
Esempio n. 11
0
 def test_public_for_all_num_queries(self):
     user = User.objects.create_user('user', '*****@*****.**', 'user')
     request = self.get_request(user)
     site = Site()
     site.pk = 1
     page = Page()
     page.pk = 1
     page.level = 0
     page.tree_id = 1
     pages = [page]
     with self.assertNumQueries(2):
         """
         The queries are:
         PagePermission query for affected pages
         GlobalpagePermission query for user
         """
         get_visible_pages(request, pages, site)
Esempio n. 12
0
 def test_public_pages_anonymous_norestrictions(self):
     """
     All pages are visible to an anonymous user
     """
     all_pages = self._setup_tree_pages()
     request = self.get_request()
     visible_page_ids = get_visible_pages(request, all_pages, self.site)
     self.assertEquals(len(all_pages), len(visible_page_ids))
Esempio n. 13
0
 def test_public_for_all_staff(self):
     request = self.get_request()
     request.user.is_staff = True
     page = Page()
     page.pk = 1
     pages = [page]
     result = get_visible_pages(request, pages)
     self.assertEqual(result, [1])
Esempio n. 14
0
 def test_page_permissions_view_groups_num_queries(self):
     with SettingsOverride(CMS_PUBLIC_FOR='staff'):
         user = User.objects.create_user('user', '*****@*****.**', 'user')
         group = Group.objects.create(name='testgroup')
         group.user_set.add(user)
         request = self.get_request(user)
         page = create_page('A', 'nav_playground.html', 'en')
         PagePermission.objects.create(can_view=True, group=group, page=page)
         pages = [page]
         with self.assertNumQueries(3):
             """
             The queries are:
             PagePermission query for affected pages
             GlobalpagePermission query for user
             Group query via PagePermission
             """
             get_visible_pages(request, pages)
Esempio n. 15
0
 def test_unauthed_num_queries(self):
     request = self.get_request()
     site = Site()
     site.pk = 1
     page = Page()
     page.pk = 1
     page.level = 0
     page.tree_id = 1
     pages = [page]
     with self.assertNumQueries(1):
         """
         The query is:
         PagePermission query for affected pages
         
         global is not executed because it's lazy
         """
         get_visible_pages(request, pages, site)
Esempio n. 16
0
 def test_page_permissions(self):
     with SettingsOverride(CMS_PUBLIC_FOR='staff'):
         user = User.objects.create_user('user', '*****@*****.**', 'user')
         request = self.get_request(user)
         page = create_page('A', 'nav_playground.html', 'en')
         PagePermission.objects.create(can_view=True, user=user, page=page)
         pages = [page]
         result = get_visible_pages(request, pages)
         self.assertEqual(result, [1])
Esempio n. 17
0
 def test_authed_no_access_num_queries(self):
     site = Site()
     site.pk = 1
     with SettingsOverride(CMS_PUBLIC_FOR='staff'):
         user = User.objects.create_user('user', '*****@*****.**', 'user')
         request = self.get_request(user)
         page = Page()
         page.pk = 1
         page.level = 0
         page.tree_id = 1
         pages = [page]
         with self.assertNumQueries(2):
             """
             The queries are:
             View Permission Calculation Query
             globalpagepermissino calculation
             """
             get_visible_pages(request, pages, site)
Esempio n. 18
0
 def test_unauthed(self):
     request = self.get_request()
     page = Page()
     page.pk = 1
     page.level = 0
     page.tree_id = 1
     pages = [page]
     result = get_visible_pages(request, pages)
     self.assertEqual(result, [1])
Esempio n. 19
0
 def test_unauthed_no_access(self):
     with SettingsOverride(CMS_PUBLIC_FOR='staff'):
         request = self.get_request()
         page = Page()
         page.pk = 1
         page.level = 0
         page.tree_id = 1
         pages = [page]
         result = get_visible_pages(request, pages)
         self.assertEqual(result, [])
Esempio n. 20
0
 def test_public_for_all(self):
     user = User.objects.create_user('user', '*****@*****.**', 'user')
     request = self.get_request(user)
     page = Page()
     page.pk = 1
     page.level = 0
     page.tree_id = 1
     pages = [page]
     result = get_visible_pages(request, pages)
     self.assertEqual(result, [1])
Esempio n. 21
0
 def test_page_permissions_view_groups(self):
     with SettingsOverride(CMS_PUBLIC_FOR='staff'):
         user = User.objects.create_user('user', '*****@*****.**', 'user')
         group = Group.objects.create(name='testgroup')
         group.user_set.add(user)
         request = self.get_request(user)
         page = create_page('A', 'nav_playground.html', 'en')
         PagePermission.objects.create(can_view=True, group=group, page=page)
         pages = [page]
         result = get_visible_pages(request, pages)
         self.assertEqual(result, [page.pk])
Esempio n. 22
0
 def test_authed_no_access_num_queries(self):
     site = Site()
     site.pk = 1
     with SettingsOverride(CMS_PUBLIC_FOR='staff'):
         user = User.objects.create_user('user', '*****@*****.**', 'user')
         request = self.get_request(user)
         page = Page()
         page.pk = 1
         page.level = 0
         page.tree_id = 1
         pages = [page]
         with self.assertNumQueries(4):
             """
             The queries are:
             PagePermission query for affected pages
             GlobalpagePermission query for user
             Generic django permission lookup
             content type lookup by permission lookup
             """
             get_visible_pages(request, pages, site)
Esempio n. 23
0
 def test_authed_no_access(self):
     with SettingsOverride(CMS_PUBLIC_FOR='staff'):
         user = User.objects.create_user('user', '*****@*****.**', 'user')
         request = self.get_request(user)
         page = Page()
         page.pk = 1
         page.level = 0
         page.tree_id = 1
         pages = [page]
         result = get_visible_pages(request, pages)
         self.assertEqual(result, [])
Esempio n. 24
0
 def test_global_permission(self):
     with SettingsOverride(CMS_PUBLIC_FOR='staff'):
         user = User.objects.create_user('user', '*****@*****.**', 'user')
         GlobalPagePermission.objects.create(can_view=True, user=user)
         request = self.get_request(user)
         page = Page()
         page.pk = 1
         page.level = 0
         page.tree_id = 1
         pages = [page]
         result = get_visible_pages(request, pages)
         self.assertEqual(result, [1])
Esempio n. 25
0
 def test_authed_basic_perm(self):
     with SettingsOverride(CMS_PUBLIC_FOR='staff'):
         user = User.objects.create_user('user', '*****@*****.**', 'user')
         user.user_permissions.add(Permission.objects.get(codename='view_page'))
         request = self.get_request(user)
         page = Page()
         page.pk = 1
         page.level = 0
         page.tree_id = 1
         pages = [page]
         result = get_visible_pages(request, pages)
         self.assertEqual(result, [1])
Esempio n. 26
0
    def test_page_group_permissions(self):
        user = self.get_standard_user()
        user.groups.add(self.group)
        request = self.get_request(user)
        with self.assertNumQueries(3):
            self.assertTrue(self.page.has_view_permission(request))

        with self.assertNumQueries(0):
            self.assertTrue(self.page.has_view_permission(request))  # test cache

        self.assertEqual(get_visible_pages(request, self.pages, self.page.site),
                         self.expected)
Esempio n. 27
0
 def test_authed_basic_perm_num_queries(self):
     site = Site()
     site.pk = 1
     with SettingsOverride(CMS_PUBLIC_FOR='staff'):
         user = User()
         user.username="******"
         user.is_staff = True
         user.save()
         user.user_permissions.add(Permission.objects.get(codename='view_page'))
         request = self.get_request(user)
         page = Page()
         page.pk = 1
         page.level = 0
         page.tree_id = 1
         pages = [page]
         with self.assertNumQueries(2):
             """
             The queries are:
             PagePermission count query 
             GlobalpagePermission count query
             """
             get_visible_pages(request, pages, site)
Esempio n. 28
0
    def test_unauthed(self):
        request = self.get_request()
        with self.assertNumQueries(1):
            """The queries are:
            PagePermission query for the affected page (is the page restricted?)
            """
            self.assertFalse(self.page.has_view_permission(request))

        with self.assertNumQueries(0):
            self.assertFalse(self.page.has_view_permission(request))  # test cache

        self.assertEqual(get_visible_pages(request, self.pages, self.page.site),
                         [])
Esempio n. 29
0
 def assertGrantedVisibility(self, all_pages, expected_granted_pages, username=None):
     """
     helper function to check the expected_granted_pages are 
     not in the restricted_pages list and 
     all visible pages are in the expected_granted_pages
     """
     # log the user in if present
     user = None
     if username is not None:
         user = User.objects.get(username__iexact=username)
     request = self.get_request(user)
     visible_page_ids = get_visible_pages(request, all_pages, self.site)
     public_page_ids = Page.objects.drafts().filter(title_set__title__in=expected_granted_pages).values_list('id', flat=True)
     self.assertEquals(len(visible_page_ids), len(expected_granted_pages))
     restricted_pages = Page.objects.public().exclude(title_set__title__in=expected_granted_pages).values_list('id', flat=True)
     self.assertNodeMemberships(visible_page_ids, restricted_pages, public_page_ids)
 def assertGrantedVisibility(self, all_pages, expected_granted_pages, username=None):
     """
     helper function to check the expected_granted_pages are 
     not in the restricted_pages list and 
     all visible pages are in the expected_granted_pages
     """
     # log the user in if present
     user = None
     if username is not None:
         user = User.objects.get(username__iexact=username)
     request = self.get_request(user)
     visible_page_ids = get_visible_pages(request, all_pages, self.site)
 	self.assertEquals(len(visible_page_ids), len(expected_granted_pages))
     public_page_ids = Page.objects.filter(title_set__title__in=expected_granted_pages).values_list('id', flat=True)
     restricted_pages = Page.objects.exclude(title_set__title__in=expected_granted_pages).values_list('id', flat=True)
     self.assertNodeMemberships(visible_page_ids, restricted_pages, public_page_ids)
Esempio n. 31
0
    def test_global_access(self):
        user = self.get_standard_user()
        GlobalPagePermission.objects.create(can_view=True, user=user)
        request = self.get_request(user)
        with self.assertNumQueries(2):
            """The queries are:
            PagePermission query for the affected page (is the page restricted?)
            GlobalPagePermission query for the page site
            """
            self.assertTrue(self.page.has_view_permission(request))

        with self.assertNumQueries(0):
            self.assertTrue(self.page.has_view_permission(request))  # test cache

        self.assertEqual(get_visible_pages(request, [self.page], self.page.site),
                         [self.page.pk])
Esempio n. 32
0
    def test_global_permission(self):
        user = self.get_standard_user()
        GlobalPagePermission.objects.create(can_view=True, user=user)
        request = self.get_request(user)
        with self.assertNumQueries(2):
            """
            The queries are:
            PagePermission query (is this page restricted)
            GlobalpagePermission query for user
            """
            self.assertTrue(self.page.has_view_permission(request))

        with self.assertNumQueries(0):
            self.assertTrue(self.page.has_view_permission(request))  # test cache

        self.assertEqual(get_visible_pages(request, self.pages, self.page.site),
                         self.expected)
Esempio n. 33
0
    def test_normal_denied(self):
        request = self.get_request(self.get_standard_user())
        with self.assertNumQueries(4):
            """
            The queries are:
            PagePermission query for the affected page (is the page restricted?)
            GlobalPagePermission query for the page site
            User permissions query
            Content type query
             """
            self.assertFalse(self.page.has_view_permission(request))

        with self.assertNumQueries(0):
            self.assertFalse(self.page.has_view_permission(request))  # test cache

        self.assertEqual(get_visible_pages(request, [self.page], self.page.site),
                         [])