def get_context_data(self, *args, **kwargs): context = super(UserContactInfoView, self).get_context_data(*args, **kwargs) viewer_profile = models.UserProfile.get_profile(self.request.user) context["username"] = self.kwargs.get("username", None) context["user_profile"] = get_user_profile_or_404(context["username"]) if self.object: owner_profile = self.object.profile # pass in can_edit flag if viewer of the profile is also the owner # it will then be used as a conditional to render edit buttons context["can_edit"] = owner_profile == viewer_profile # check access for both the profile and the contact valid_profile_access = can_access(owner_profile, viewer_profile, owner_profile.profile_access) valid_contact_access = can_access(owner_profile, viewer_profile, self.object.access) # only let the page be viewed if there is valid access if not (valid_profile_access and valid_contact_access): raise PermissionDenied self.username = context["username"] self.profile = context["user_profile"] return context
def test_private(self): """ Any combination of owner/viewer at the private level except when the owner/viewer is the same returns False. """ # only true case # test self viewing self.assertTrue(can_access(self.member1_profile, self.member1_profile, constants.PRIVATE_ACCESS)) # test member/anonymous viewing self.assertFalse(can_access(self.member1_profile, None, constants.PRIVATE_ACCESS)) # test member/registered viewing self.assertFalse(can_access(self.member1_profile, self.registered1_profile, constants.PRIVATE_ACCESS)) # test member/member viewing self.assertFalse(can_access(self.member1_profile, self.member2_profile, constants.PRIVATE_ACCESS)) # test admin/member viewing self.assertFalse(can_access(self.admin1_profile, self.member1_profile, constants.PRIVATE_ACCESS)) # test member/admin viewing self.assertFalse(can_access(self.member1_profile, self.admin1_profile, constants.PRIVATE_ACCESS)) # test admin/admin viewing self.assertFalse(can_access(self.admin1_profile, self.admin2_profile, constants.PRIVATE_ACCESS))
def test_admin(self): """ If the viewer is an admin, this should return True. """ # test member/anonymous viewing self.assertFalse(can_access(self.member1_profile, None, constants.ADMIN_ACCESS)) # test member/registered viewing self.assertFalse(can_access(self.member1_profile, self.registered1_profile, constants.ADMIN_ACCESS)) # test member/member viewing self.assertFalse(can_access(self.member1_profile, self.member2_profile, constants.ADMIN_ACCESS)) # test admin/member viewing self.assertFalse(can_access(self.admin1_profile, self.member1_profile, constants.ADMIN_ACCESS)) # test self viewing -- the one member level that is true because # you can view your own things self.assertTrue(can_access(self.member1_profile, self.member1_profile, constants.ADMIN_ACCESS)) # test member/admin viewing self.assertTrue(can_access(self.member1_profile, self.admin1_profile, constants.ADMIN_ACCESS)) # test admin/admin viewing self.assertTrue(can_access(self.admin1_profile, self.admin2_profile, constants.ADMIN_ACCESS))
def test_member(self): """ If the viewer is a member, this should return True. """ # test member/anonymous viewing self.assertFalse(can_access(self.member1_profile, None, constants.MEMBERS_ACCESS)) # test member/registered viewing self.assertFalse(can_access(self.member1_profile, self.registered1_profile, constants.MEMBERS_ACCESS)) # test member/member viewing self.assertTrue(can_access(self.member1_profile, self.member2_profile, constants.MEMBERS_ACCESS)) # test self viewing self.assertTrue(can_access(self.member1_profile, self.member1_profile, constants.MEMBERS_ACCESS)) # test admin/member viewing self.assertTrue(can_access(self.admin1_profile, self.member1_profile, constants.MEMBERS_ACCESS)) # test member/admin viewing self.assertTrue(can_access(self.member1_profile, self.admin1_profile, constants.MEMBERS_ACCESS)) # test admin/admin viewing self.assertTrue(can_access(self.admin1_profile, self.admin2_profile, constants.MEMBERS_ACCESS))
def test_registered(self): """ If the viewer is anonymous, this should return False. """ # only false case # test member/anonymous viewing self.assertFalse(can_access(self.member1_profile, None, constants.REGISTERED_ACCESS)) # test member/registered viewing self.assertTrue(can_access(self.member1_profile, self.registered1_profile, constants.REGISTERED_ACCESS)) # test member/member viewing self.assertTrue(can_access(self.member1_profile, self.member2_profile, constants.REGISTERED_ACCESS)) # test self viewing self.assertTrue(can_access(self.member1_profile, self.member1_profile, constants.REGISTERED_ACCESS)) # test admin/member viewing self.assertTrue(can_access(self.admin1_profile, self.member1_profile, constants.REGISTERED_ACCESS)) # test member/admin viewing self.assertTrue(can_access(self.member1_profile, self.admin1_profile, constants.REGISTERED_ACCESS)) # test admin/admin viewing self.assertTrue(can_access(self.admin1_profile, self.admin2_profile, constants.REGISTERED_ACCESS))
def test_public(self): """ Any combination of owner/viewer at the public level should be True. """ # test member/anonymous viewing self.assertTrue(can_access(self.member1_profile, None, constants.PUBLIC_ACCESS)) # test member/registered viewing self.assertTrue(can_access(self.member1_profile, self.registered1_profile, constants.PUBLIC_ACCESS)) # test member/member viewing self.assertTrue(can_access(self.member1_profile, self.member2_profile, constants.PUBLIC_ACCESS)) # test self viewing self.assertTrue(can_access(self.member1_profile, self.member1_profile, constants.PUBLIC_ACCESS)) # test admin/member viewing self.assertTrue(can_access(self.admin1_profile, self.member1_profile, constants.PUBLIC_ACCESS)) # test member/admin viewing self.assertTrue(can_access(self.member1_profile, self.admin1_profile, constants.PUBLIC_ACCESS)) # test admin/admin viewing self.assertTrue(can_access(self.admin1_profile, self.admin2_profile, constants.PUBLIC_ACCESS))
def test_private(self): """ Any combination of owner/viewer at the private level except when the owner/viewer is the same returns False. """ # only true case # test self viewing self.assertTrue( can_access(self.member1_profile, self.member1_profile, constants.PRIVATE_ACCESS)) # test member/anonymous viewing self.assertFalse( can_access(self.member1_profile, None, constants.PRIVATE_ACCESS)) # test member/registered viewing self.assertFalse( can_access(self.member1_profile, self.registered1_profile, constants.PRIVATE_ACCESS)) # test member/member viewing self.assertFalse( can_access(self.member1_profile, self.member2_profile, constants.PRIVATE_ACCESS)) # test admin/member viewing self.assertFalse( can_access(self.admin1_profile, self.member1_profile, constants.PRIVATE_ACCESS)) # test member/admin viewing self.assertFalse( can_access(self.member1_profile, self.admin1_profile, constants.PRIVATE_ACCESS)) # test admin/admin viewing self.assertFalse( can_access(self.admin1_profile, self.admin2_profile, constants.PRIVATE_ACCESS))
def test_admin(self): """ If the viewer is an admin, this should return True. """ # test member/anonymous viewing self.assertFalse( can_access(self.member1_profile, None, constants.ADMIN_ACCESS)) # test member/registered viewing self.assertFalse( can_access(self.member1_profile, self.registered1_profile, constants.ADMIN_ACCESS)) # test member/member viewing self.assertFalse( can_access(self.member1_profile, self.member2_profile, constants.ADMIN_ACCESS)) # test admin/member viewing self.assertFalse( can_access(self.admin1_profile, self.member1_profile, constants.ADMIN_ACCESS)) # test self viewing -- the one member level that is true because # you can view your own things self.assertTrue( can_access(self.member1_profile, self.member1_profile, constants.ADMIN_ACCESS)) # test member/admin viewing self.assertTrue( can_access(self.member1_profile, self.admin1_profile, constants.ADMIN_ACCESS)) # test admin/admin viewing self.assertTrue( can_access(self.admin1_profile, self.admin2_profile, constants.ADMIN_ACCESS))
def test_member(self): """ If the viewer is a member, this should return True. """ # test member/anonymous viewing self.assertFalse( can_access(self.member1_profile, None, constants.MEMBERS_ACCESS)) # test member/registered viewing self.assertFalse( can_access(self.member1_profile, self.registered1_profile, constants.MEMBERS_ACCESS)) # test member/member viewing self.assertTrue( can_access(self.member1_profile, self.member2_profile, constants.MEMBERS_ACCESS)) # test self viewing self.assertTrue( can_access(self.member1_profile, self.member1_profile, constants.MEMBERS_ACCESS)) # test admin/member viewing self.assertTrue( can_access(self.admin1_profile, self.member1_profile, constants.MEMBERS_ACCESS)) # test member/admin viewing self.assertTrue( can_access(self.member1_profile, self.admin1_profile, constants.MEMBERS_ACCESS)) # test admin/admin viewing self.assertTrue( can_access(self.admin1_profile, self.admin2_profile, constants.MEMBERS_ACCESS))
def test_registered(self): """ If the viewer is anonymous, this should return False. """ # only false case # test member/anonymous viewing self.assertFalse( can_access(self.member1_profile, None, constants.REGISTERED_ACCESS)) # test member/registered viewing self.assertTrue( can_access(self.member1_profile, self.registered1_profile, constants.REGISTERED_ACCESS)) # test member/member viewing self.assertTrue( can_access(self.member1_profile, self.member2_profile, constants.REGISTERED_ACCESS)) # test self viewing self.assertTrue( can_access(self.member1_profile, self.member1_profile, constants.REGISTERED_ACCESS)) # test admin/member viewing self.assertTrue( can_access(self.admin1_profile, self.member1_profile, constants.REGISTERED_ACCESS)) # test member/admin viewing self.assertTrue( can_access(self.member1_profile, self.admin1_profile, constants.REGISTERED_ACCESS)) # test admin/admin viewing self.assertTrue( can_access(self.admin1_profile, self.admin2_profile, constants.REGISTERED_ACCESS))
def test_public(self): """ Any combination of owner/viewer at the public level should be True. """ # test member/anonymous viewing self.assertTrue( can_access(self.member1_profile, None, constants.PUBLIC_ACCESS)) # test member/registered viewing self.assertTrue( can_access(self.member1_profile, self.registered1_profile, constants.PUBLIC_ACCESS)) # test member/member viewing self.assertTrue( can_access(self.member1_profile, self.member2_profile, constants.PUBLIC_ACCESS)) # test self viewing self.assertTrue( can_access(self.member1_profile, self.member1_profile, constants.PUBLIC_ACCESS)) # test admin/member viewing self.assertTrue( can_access(self.admin1_profile, self.member1_profile, constants.PUBLIC_ACCESS)) # test member/admin viewing self.assertTrue( can_access(self.member1_profile, self.admin1_profile, constants.PUBLIC_ACCESS)) # test admin/admin viewing self.assertTrue( can_access(self.admin1_profile, self.admin2_profile, constants.PUBLIC_ACCESS))
def test_func(self, user): """ Test for the given user's ability to access based on the access field. """ detail_object = self.get_object() access = getattr(detail_object, self.access_field_name, None) profile = models.UserProfile.get_profile(user) logger.debug("testing access %s for %s" % (access, str(profile))) if can_access(None, profile, access): return True elif user.is_authenticated(): raise PermissionDenied()