def test_permission_acquisition(self):
from woost.models import (User, Role, ReadPermission)
R = lambda **kwargs: Role(permissions=[ReadPermission()], **kwargs)
r1 = R()
r2 = R()
r3 = R()
r4 = R(base_roles=[r3])
r5 = R(base_roles=[r2, r4])
self.everybody_role.permissions.append(ReadPermission())
self.authenticated_role.permissions.append(ReadPermission())
user = User()
user.roles = [r1, r5]
print list(user.iter_permissions())
assert list(user.iter_permissions()) == [
r1.permissions[0], r5.permissions[0], r2.permissions[0],
r4.permissions[0], r3.permissions[0],
self.authenticated_role.permissions[0],
self.everybody_role.permissions[0]
]
def test_enabled(self):
from woost.models import Publishable, ReadPermission
self.everybody_role.permissions.append(
ReadPermission(matching_items={
"type": "woost.models.publishable.Publishable"
}))
a = Publishable()
a.enabled = True
a.insert()
b = Publishable()
b.enabled = False
b.insert()
c = Publishable()
c.enabled = True
c.insert()
d = Publishable()
d.enabled = False
d.insert()
assert self.accessible_items() == set([a, c])
def test_current(self):
from woost.models import Publishable, ReadPermission
from datetime import datetime, timedelta
self.everybody_role.permissions.append(
ReadPermission(matching_items={
"type": "woost.models.publishable.Publishable"
}))
now = datetime.now()
a = Publishable()
a.enabled = True
a.insert()
b = Publishable()
b.enabled = True
b.start_date = now
b.end_date = now + timedelta(days=1)
b.insert()
c = Publishable()
c.enabled = True
c.start_date = now + timedelta(days=1)
c.insert()
d = Publishable()
d.enabled = True
d.end_date = now - timedelta(days=1)
d.insert()
assert self.accessible_items() == set([a, b])
def test_permission_expression(self):
from woost.models import (Item, Publishable, User, ReadPermission,
PermissionExpression)
self.everybody_role.permissions.append(
ReadPermission(matching_items={
"type": "woost.models.publishable.Publishable"
},
authorized=True))
i1 = Item()
i2 = Item()
d1 = Publishable()
d2 = Publishable()
i1.insert()
i2.insert()
d1.insert()
d2.insert()
results = set(
Item.select(
filters=[PermissionExpression(User(), ReadPermission)]))
assert results == set([d1, d2])
def test_translation_enabled(self):
from cocktail.translations import language_context
from woost.models import (Publishable, ReadPermission,
ReadTranslationPermission)
self.everybody_role.permissions.append(
ReadPermission(matching_items={
"type": "woost.models.publishable.Publishable"
}))
self.everybody_role.permissions.append(ReadTranslationPermission())
self.config.languages = ["en"]
self.config.published_languages = []
with language_context("en"):
a = Publishable()
a.per_language_publication = True
a.translation_enabled = True
a.insert()
b = Publishable()
b.per_language_publication = True
b.translation_enabled = False
b.insert()
c = Publishable()
c.per_language_publication = True
c.translation_enabled = True
c.insert()
d = Publishable()
d.per_language_publication = True
d.set("translation_enabled", True, "de")
d.insert()
e = Publishable()
e.per_language_publication = False
e.enabled = True
e.insert()
accessible = self.accessible_items()
print a in accessible
print b in accessible
print c in accessible
print d in accessible
print e in accessible
assert self.accessible_items() == set([a, c, e])
self.config.published_languages = ["en"]
assert self.accessible_items() == set([a, c, e])
with language_context("de"):
self.config.published_languages = ["de"]
assert self.accessible_items() == set([d, e])
def test_translation_permitted(self):
from cocktail.translations import language_context
from woost.models import (Publishable, ReadPermission,
ReadTranslationPermission, set_current_user)
set_current_user(self.user)
self.everybody_role.permissions.append(
ReadPermission(matching_items={
"type": "woost.models.publishable.Publishable"
}))
self.everybody_role.permissions.append(
ReadTranslationPermission(matching_languages=["ca", "es"]))
self.everybody_role.permissions.append(
ReadTranslationPermission(matching_languages=["en"],
authorized=False))
self.config.languages = ["ca", "es", "en"]
self.config.published_languages = []
a = Publishable()
a.per_language_publication = True
a.insert()
b = Publishable()
b.per_language_publication = False
b.insert()
with language_context("ca"):
a.translation_enabled = True
assert a.is_accessible()
assert b.is_accessible()
assert self.accessible_items() == set([a, b])
for language in "es", "en", "de":
with language_context(language):
assert not a.is_accessible()
assert b.is_accessible()
assert self.accessible_items() == set([b])
def setup_permissions(self):
everybody_role = Role.require_instance(qname="woost.everybody")
qname = "woost.extensions.restrictedaccess.restriction"
restriction = ReadPermission.get_instance(qname=qname)
if restriction is None:
restriction = ReadPermission()
restriction.qname = qname
restriction.authorized = False
restriction.matching_items = {
"type": "woost.models.publishable.Publishable",
"filter": "member-access_restriction",
"filter_operator0": "ne",
"filter_value0": ""
}
restriction.insert()
if restriction not in everybody_role.permissions:
everybody_role.permissions.insert(0, restriction)
def test_allowed(self):
from woost.models import Publishable, ReadPermission
a = Publishable()
a.enabled = True
a.insert()
b = Publishable()
b.enabled = True
b.insert()
self.everybody_role.permissions.append(
ReadPermission(
matching_items={
"type": "woost.models.publishable.Publishable",
"filter": "member-id",
"filter_operator0": "ne",
"filter_value0": str(b.id)
}))
assert self.accessible_items() == set([a])