def setUp(self):
super(TestAuthenticationOnlyPermissionPolicy, self).setUp()
self.policy = AuthenticationOnlyPermissionPolicy(Image)
class TestAuthenticationOnlyPermissionPolicy(PermissionPolicyTestCase):
def setUp(self):
super(TestAuthenticationOnlyPermissionPolicy, self).setUp()
self.policy = AuthenticationOnlyPermissionPolicy(Image)
def test_user_has_permission(self):
# All active authenticated users have permission to do everything;
# inactive and anonymous users have permission to do nothing
self.assertUserPermissionMatrix([
(self.superuser, True, True, True, True),
(self.inactive_superuser, False, False, False, False),
(self.image_adder, True, True, True, True),
(self.oneoff_image_adder, True, True, True, True),
(self.inactive_image_adder, False, False, False, False),
(self.image_changer, True, True, True, True),
(self.oneoff_image_changer, True, True, True, True),
(self.inactive_image_changer, False, False, False, False),
(self.oneoff_image_deleter, True, True, True, True),
(self.useless_user, True, True, True, True),
(self.anonymous_user, False, False, False, False),
])
def test_user_has_any_permission(self):
self.assertTrue(
self.policy.user_has_any_permission(self.superuser, ['add', 'change'])
)
self.assertFalse(
self.policy.user_has_any_permission(self.inactive_superuser, ['add', 'change'])
)
self.assertTrue(
self.policy.user_has_any_permission(self.useless_user, ['add', 'change'])
)
self.assertFalse(
self.policy.user_has_any_permission(self.anonymous_user, ['add', 'change'])
)
def test_users_with_permission(self):
# all active users have permission
users_with_add_permission = self.policy.users_with_permission('add')
self.assertResultSetEqual(users_with_add_permission, [
self.superuser,
self.image_adder,
self.oneoff_image_adder,
self.image_changer,
self.oneoff_image_changer,
self.oneoff_image_deleter,
self.useless_user,
])
def test_users_with_any_permission(self):
# all active users have permission
users_with_add_or_change_permission = self.policy.users_with_any_permission(
['add', 'change']
)
self.assertResultSetEqual(users_with_add_or_change_permission, [
self.superuser,
self.image_adder,
self.oneoff_image_adder,
self.image_changer,
self.oneoff_image_changer,
self.oneoff_image_deleter,
self.useless_user,
])
def test_user_has_permission_for_instance(self):
# Permissions for this policy are applied at the model level,
# so rules for a specific instance will match rules for the
# model as a whole
self.assertUserInstancePermissionMatrix(self.adder_image, [
(self.superuser, True, True, True),
(self.inactive_superuser, False, False, False),
(self.image_adder, True, True, True),
(self.oneoff_image_adder, True, True, True),
(self.inactive_image_adder, False, False, False),
(self.image_changer, True, True, True),
(self.oneoff_image_changer, True, True, True),
(self.inactive_image_changer, False, False, False),
(self.oneoff_image_deleter, True, True, True),
(self.useless_user, True, True, True),
(self.anonymous_user, False, False, False),
])
def test_user_has_any_permission_for_instance(self):
# superuser has permission
self.assertTrue(
self.policy.user_has_any_permission_for_instance(
self.superuser, ['change', 'delete'], self.adder_image
)
)
# inactive user has no permission
self.assertFalse(
self.policy.user_has_any_permission_for_instance(
self.inactive_superuser, ['change', 'delete'], self.adder_image
)
)
# ordinary user has permission
self.assertTrue(
self.policy.user_has_any_permission_for_instance(
self.useless_user, ['change', 'delete'], self.adder_image
)
)
# anonymous user has no permission
self.assertFalse(
self.policy.user_has_any_permission_for_instance(
self.anonymous_user, ['change', 'delete'], self.adder_image
)
)
def test_instances_user_has_permission_for(self):
all_images = [
self.adder_image, self.useless_image, self.anonymous_image
]
no_images = []
# the set of images editable by superuser includes all images
self.assertResultSetEqual(
self.policy.instances_user_has_permission_for(
self.superuser, 'change'
),
all_images
)
# the set of images editable by inactive superuser includes no images
self.assertResultSetEqual(
self.policy.instances_user_has_permission_for(
self.inactive_superuser, 'change'
),
no_images
)
# the set of images editable by ordinary user includes all images
self.assertResultSetEqual(
self.policy.instances_user_has_permission_for(
self.useless_user, 'change'
),
all_images
)
# the set of images editable by anonymous user includes no images
self.assertResultSetEqual(
self.policy.instances_user_has_permission_for(
self.anonymous_user, 'change'
),
no_images
)
def test_instances_user_has_any_permission_for(self):
all_images = [
self.adder_image, self.useless_image, self.anonymous_image
]
no_images = []
# the set of images editable by superuser includes all images
self.assertResultSetEqual(
self.policy.instances_user_has_any_permission_for(
self.superuser, ['change', 'delete']
),
all_images
)
# the set of images editable by inactive superuser includes no images
self.assertResultSetEqual(
self.policy.instances_user_has_any_permission_for(
self.inactive_superuser, ['change', 'delete']
),
no_images
)
# the set of images editable by ordinary user includes all images
self.assertResultSetEqual(
self.policy.instances_user_has_any_permission_for(
self.useless_user, ['change', 'delete']
),
all_images
)
# the set of images editable by anonymous user includes no images
self.assertResultSetEqual(
self.policy.instances_user_has_any_permission_for(
self.anonymous_user, ['change', 'delete']
),
no_images
)
def test_users_with_permission_for_instance(self):
# all active users have permission
users_with_change_permission = self.policy.users_with_permission_for_instance(
'change', self.useless_image
)
self.assertResultSetEqual(users_with_change_permission, [
self.superuser,
self.image_adder,
self.oneoff_image_adder,
self.image_changer,
self.oneoff_image_changer,
self.oneoff_image_deleter,
self.useless_user,
])
def test_users_with_any_permission_for_instance(self):
# all active users have permission
users_with_change_or_del_permission = self.policy.users_with_any_permission_for_instance(
['change', 'delete'], self.useless_image
)
self.assertResultSetEqual(users_with_change_or_del_permission, [
self.superuser,
self.image_adder,
self.oneoff_image_adder,
self.image_changer,
self.oneoff_image_changer,
self.oneoff_image_deleter,
self.useless_user,
])
