def test_no_profile(self): """ Check for warning when there is no profile """ # TODO: Dirty! Currently we check for the warning by getting a 100% # test coverage, meaning that it dit output some warning. user = Account.objects.create_user(**self.user_info) # remove the profile of this user get_profile_model().objects.get(user=user).delete() # run the command to check for the warning. call_command('check_permissions', test=True)
def check_permissions(self): """ Checks that all permissions are set correctly for the users. :return: A set of users whose permissions was wrong. """ # Variable to supply some feedback changed_permissions = [] changed_users = [] warnings = [] # Check that all the permissions are available. for model, perms in ASSIGNED_PERMISSIONS.items(): if model == 'profile': model_obj = get_profile_model() else: model_obj = User model_content_type = ContentType.objects.get_for_model(model_obj) for perm in perms: try: Permission.objects.get(codename=perm[0], content_type=model_content_type) except Permission.DoesNotExist: changed_permissions.append(perm[1]) Permission.objects.create(name=perm[1], codename=perm[0], content_type=model_content_type) for user in User.objects.all(): if not user.username == 'AnonymousUser': try: user_profile = user.get_profile() except get_profile_model().DoesNotExist: warnings.append(_("No profile found for %(username)s") \ % {'username': user.username}) else: all_permissions = get_perms(user, user_profile) + get_perms(user, user) for model, perms in ASSIGNED_PERMISSIONS.items(): if model == 'profile': perm_object = user.get_profile() else: perm_object = user for perm in perms: if perm[0] not in all_permissions: assign(perm[0], user, perm_object) changed_users.append(user) return (changed_permissions, changed_users, warnings)
def create_user(self, username, email, password, active=False, send_email=True): """ A simple wrapper that creates a new :class:`User`. :param username: String containing the username of the new user. :param email: String containing the email address of the new user. :param password: String containing the password for the new user. :param active: Boolean that defines if the user requires activation by clicking on a link in an e-mail. Defauts to ``True``. :param send_email: Boolean that defines if the user should be send an email. You could set this to ``False`` when you want to create a user in your own code, but don't want the user to activate through email. :return: :class:`User` instance representing the new user. """ now = datetime.datetime.now() new_user = User.objects.create_user(username, email, password) new_user.is_active = active new_user.save() accounts_profile = self.create_accounts_profile(new_user) # All users have an empty profile profile_model = get_profile_model() try: new_profile = new_user.get_profile() except profile_model.DoesNotExist: new_profile = profile_model(user=new_user) new_profile.save(using=self._db) # Give permissions to view and change profile for perm in ASSIGNED_PERMISSIONS['profile']: assign(perm[0], new_user, new_profile) # Give permissions to view and change itself for perm in ASSIGNED_PERMISSIONS['user']: assign(perm[0], new_user, new_user) if send_email: accounts_profile.send_activation_email() return new_user
def test_incomplete_permissions(self): # Delete the neccesary permissions profile_model_obj = get_profile_model() content_type_profile = ContentType.objects.get_for_model(profile_model_obj) content_type_user = ContentType.objects.get_for_model(User) for model, perms in ASSIGNED_PERMISSIONS.items(): if model == "profile": content_type = content_type_profile else: content_type = content_type_user for perm in perms: Permission.objects.get(name=perm[1], content_type=content_type).delete() # Check if they are they are back for model, perms in ASSIGNED_PERMISSIONS.items(): if model == "profile": content_type = content_type_profile else: content_type = content_type_user for perm in perms: try: perm = Permission.objects.get(name=perm[1], content_type=content_type) except Permission.DoesNotExist: pass else: self.fail("Found %s: " % perm) # Repair them call_command('check_permissions', test=True) # Check if they are they are back for model, perms in ASSIGNED_PERMISSIONS.items(): if model == "profile": content_type = content_type_profile else: content_type = content_type_user for perm in perms: try: perm = Permission.objects.get(name=perm[1], content_type=content_type) except Permission.DoesNotExist: self.fail()
def profile_list(request, page=1, template_name='accounts/profile_list.html', paginate_by=50, extra_context=None, **kwargs): """ Returns a list of all profiles that are public. It's possible to disable this by changing ``ACCOUNTS_DISABLE_PROFILE_LIST`` to ``True`` in your settings. :param page: Integer of the active page used for pagination. Defaults to the first page. :param template_name: String defining the name of the template that is used to render the list of all users. Defaults to ``accounts/list.html``. :param paginate_by: Integer defining the amount of displayed profiles per page. Defaults to 50 profiles per page. :param extra_context: Dictionary of variables that are passed on to the ``template_name`` template. **Context** ``profile_list`` A list of profiles. ``is_paginated`` A boolean representing whether the results are paginated. If the result is paginated. It will also contain the following variables. ``paginator`` An instance of ``django.core.paginator.Paginator``. ``page_obj`` An instance of ``django.core.paginator.Page``. """ try: page = int(request.GET.get('page', None)) except (TypeError, ValueError): page = page if accounts_settings.ACCOUNTS_DISABLE_PROFILE_LIST \ and not request.user.is_staff: raise Http404 profile_model = get_profile_model() queryset = profile_model.objects.get_visible_profiles(request.user) if not extra_context: extra_context = dict() return list_detail.object_list(request, queryset=queryset, paginate_by=paginate_by, page=page, template_name=template_name, extra_context=extra_context, template_object_name='profile', **kwargs)
fail_silently=True) if success_url: redirect_to = success_url else: redirect_to = reverse('accounts_profile_detail', kwargs={'username': username}) return redirect(redirect_to) if not extra_context: extra_context = dict() extra_context['form'] = form extra_context['account'] = account return direct_to_template(request, template_name, extra_context=extra_context, **kwargs) @secure_required @permission_required_or_403('change_profile', (get_profile_model(), 'user__username', 'username')) def profile_edit(request, username, edit_profile_form=EditProfileForm, template_name='accounts/profile_form.html', success_url=None, extra_context=None, **kwargs): """ Edit profile. Edits a profile selected by the supplied username. First checks permissions if the user is allowed to edit this profile, if denied will show a 404. When the profile is succesfully edited will redirect to ``success_url``. :param username: Username of the user which profile should be edited. :param edit_profile_form: