def test_permission_on_contentype(db): perm_ou = OU.objects.create(slug='perm-ou', name='perm ou') some_role_dict = { 'name': 'some role', 'slug': 'some-role-slug', 'ou': None, 'service': None } some_role_dict['permissions'] = [{ "operation": { "slug": "admin" }, "ou": { "slug": "perm-ou", "name": "perm-ou" }, 'target_ct': { "model": "contenttype", "app_label": "contenttypes" }, "target": { "model": "logentry", "app_label": "admin" } }] import_context = ImportContext() rd = RoleDeserializer(some_role_dict, import_context) rd.deserialize() perm_created, perm_deleted = rd.permissions() assert len(perm_created) == 1 perm = perm_created[0] assert perm.target.app_label == 'admin' assert perm.target.model == 'logentry' assert perm.ou == perm_ou
def test_permission_on_role(db): perm_ou = OU.objects.create(slug='perm-ou', name='perm ou') perm_role = Role.objects.create(slug='perm-role', ou=perm_ou, name='perm role') some_role_dict = { 'name': 'some role', 'slug': 'some-role-slug', 'ou': None, 'service': None } some_role_dict['permissions'] = [{ "operation": { "slug": "admin" }, "ou": { "slug": "perm-ou", "name": "perm-ou" }, 'target_ct': { 'app_label': u'a2_rbac', 'model': u'role' }, "target": { "slug": "perm-role", "ou": { "slug": "perm-ou", "name": "perm ou" }, "service": None, "name": "perm role" } }] import_context = ImportContext() rd = RoleDeserializer(some_role_dict, import_context) rd.deserialize() perm_created, perm_deleted = rd.permissions() assert len(perm_created) == 1 perm = perm_created[0] assert perm.target == perm_role assert perm.ou == perm_ou assert perm.operation.slug == 'admin'
def test_role_deserializer_permissions(db): ou = OU.objects.create(slug='some-ou') other_role_dict = { 'name': 'other role', 'slug': 'other-role-slug', 'uuid': get_hex_uuid(), 'ou': ou } other_role = Role.objects.create(**other_role_dict) other_role_dict['permisison'] = { "operation": { "slug": "admin" }, "ou": { "slug": "default", "name": "Collectivit\u00e9 par d\u00e9faut" }, 'target_ct': { 'app_label': u'a2_rbac', 'model': u'role' }, "target": { "slug": "role-deux", "ou": { "slug": "default", "name": "Collectivit\u00e9 par d\u00e9faut" }, "service": None, "name": "role deux" } } some_role_dict = { 'name': 'some role', 'slug': 'some-role', 'uuid': get_hex_uuid(), 'ou': None, 'service': None } some_role_dict['permissions'] = [{ 'operation': { 'slug': 'add' }, 'ou': None, 'target_ct': { 'app_label': u'a2_rbac', 'model': u'role' }, 'target': { "slug": u'other-role-slug', 'ou': { 'slug': 'some-ou' }, 'service': None } }] import_context = ImportContext() rd = RoleDeserializer(some_role_dict, import_context) rd.deserialize() perm_created, perm_deleted = rd.permissions() assert len(perm_created) == 1 assert len(perm_deleted) == 0 del some_role_dict['permissions'] role = Role.objects.get(slug=some_role_dict['slug']) assert role.permissions.count() == 1 perm = role.permissions.first() assert perm.operation.slug == 'add' assert not perm.ou assert perm.target == other_role # that one should delete permissions rd = RoleDeserializer(some_role_dict, import_context) role, _ = rd.deserialize() perm_created, perm_deleted = rd.permissions() assert role.permissions.count() == 0 assert len(perm_created) == 0 assert len(perm_deleted) == 1