def test_grants_manage_unpublished_visualisations_permission(self): user = factories.UserFactory.create( username='******', is_staff=False, is_superuser=False, ) visualisation = factories.VisualisationCatalogueItemFactory.create( published=False, visualisation_template__gitlab_project_id=1) perm_codename = dataset_type_to_manage_unpublished_permission_codename( DataSetType.VISUALISATION.value) assert user.has_perm(perm_codename) is False with requests_mock.Mocker() as rmock: rmock.get( f'http://127.0.0.1:8007/api/v4/users?extern_uid={user.profile.sso_id}&provider=oauth2_generic', json=[{ "id": 1 }], ) rmock.get( 'http://127.0.0.1:8007/api/v4/projects/1/members/all?user_ids=1', json=[{ "id": 1, "access_level": 50 }], ) has_access = gitlab_has_developer_access( user, visualisation.visualisation_template.gitlab_project_id) # Permissions are cached on the instance so we need to re-fetch it entirely - refresh_from_db insufficient. # https://docs.djangoproject.com/en/3.0/topics/auth/default/#permission-caching user = get_object_or_404(get_user_model(), pk=user.id) assert has_access is True assert user.has_perm(perm_codename) is True
def is_visualisation_preview_and_has_gitlab_developer(): return ( is_preview and visualisation_catalogue_item and gitlab_has_developer_access( request.user, application_template.gitlab_project_id ) )
def visualisation_datasets_html_view(request, gitlab_project_id): if not request.user.has_perm('applications.develop_visualisations'): raise PermissionDenied() gitlab_project = _visualisation_gitlab_project(gitlab_project_id) if not gitlab_has_developer_access(request.user, gitlab_project_id): raise PermissionDenied() if request.method == 'GET': return visualisation_datasets_html_GET(request, gitlab_project) if request.method == 'POST': return visualisation_datasets_html_POST(request, gitlab_project) return HttpResponse(status=405)
def visualisation_users_give_access_html_view(request, gitlab_project_id): if not request.user.has_perm('applications.develop_visualisations'): raise PermissionDenied() gitlab_project = _visualisation_gitlab_project(gitlab_project_id) if not gitlab_has_developer_access(request.user, gitlab_project_id): raise PermissionDenied() token = request.GET.get("token") token_data = decrypt_token(token.encode('utf-8')) if token else {} if request.method == 'GET': return visualisation_users_give_access_html_GET( request, gitlab_project, token_data ) if request.method == 'POST': return visualisation_users_give_access_html_POST( request, gitlab_project, token_data ) return HttpResponse(status=405)
def is_visualisation_preview_and_has_gitlab_developer(): return (is_preview and application_template.application_type == 'VISUALISATION' and gitlab_has_developer_access( request.user, application_template.gitlab_project_id))