def update_role_by_meta_xform_perms(xform): """ Updates users role in a xform based on meta permissions set on the form. """ # load meta xform perms metadata = MetaData.xform_meta_permission(xform) editor_role_list = [EditorRole, EditorMinorRole] editor_role = {role.name: role for role in editor_role_list} dataentry_role_list = [ DataEntryMinorRole, DataEntryOnlyRole, DataEntryRole ] dataentry_role = {role.name: role for role in dataentry_role_list} if metadata: meta_perms = metadata.data_value.split('|') # update roles users = get_xform_users(xform) for user in users: role = users.get(user).get('role') if role in editor_role: role = ROLES.get(meta_perms[0]) role.add(user, xform) if role in dataentry_role: role = ROLES.get(meta_perms[1]) role.add(user, xform)
def test_xform_meta_permission(self): view = MetaDataViewSet.as_view({'post': 'create'}) data = { 'data_type': XFORM_META_PERMS, 'data_value': 'editor-minor|dataentry', 'xform': self.xform.pk } request = self.factory.post('/', data, **self.extra) response = view(request) self.assertEqual(response.status_code, 201) meta = MetaData.xform_meta_permission(self.xform) self.assertEqual(meta.data_value, response.data.get('data_value')) data = { 'data_type': XFORM_META_PERMS, 'data_value': 'editor-minors|invalid_role', 'xform': self.xform.pk } request = self.factory.post('/', data, **self.extra) response = view(request) self.assertEqual(response.status_code, 400) error = u"Format 'role'|'role' or Invalid role" self.assertEqual(response.data, {'non_field_errors': [error]})
def test_role_update_xform_meta_perms(self): alice_data = {'username': '******', 'email': '*****@*****.**'} alice_profile = self._create_user_profile(alice_data) EditorRole.add(alice_profile.user, self.xform) view = MetaDataViewSet.as_view({ 'post': 'create', 'put': 'update' }) data = { 'data_type': XFORM_META_PERMS, 'data_value': 'editor-minor|dataentry', 'xform': self.xform.pk } request = self.factory.post('/', data, **self.extra) response = view(request) self.assertEqual(response.status_code, 201) self.assertFalse( EditorRole.user_has_role(alice_profile.user, self.xform)) self.assertTrue( EditorMinorRole.user_has_role(alice_profile.user, self.xform)) meta = MetaData.xform_meta_permission(self.xform) DataEntryRole.add(alice_profile.user, self.xform) data = { 'data_type': XFORM_META_PERMS, 'data_value': 'editor|dataentry-only', 'xform': self.xform.pk } request = self.factory.put('/', data, **self.extra) response = view(request, pk=meta.pk) self.assertEqual(response.status_code, 200) self.assertFalse( DataEntryRole.user_has_role(alice_profile.user, self.xform)) self.assertTrue( DataEntryOnlyRole.user_has_role(alice_profile.user, self.xform))
def test_xform_meta_perms_duplicates(self): view = MetaDataViewSet.as_view({ 'post': 'create', 'put': 'update' }) ct = ContentType.objects.get_for_model(self.xform) data = { 'data_type': XFORM_META_PERMS, 'data_value': 'editor-minor|dataentry', 'xform': self.xform.pk } request = self.factory.post('/', data, **self.extra) response = view(request) self.assertEqual(response.status_code, 201) count = MetaData.objects.filter(data_type=XFORM_META_PERMS, object_id=self.xform.pk, content_type=ct.pk).count() self.assertEqual(1, count) data = { 'data_type': XFORM_META_PERMS, 'data_value': 'editor-minor|dataentry-only', 'xform': self.xform.pk } request = self.factory.post('/', data, **self.extra) response = view(request) self.assertEqual(response.status_code, 201) count = MetaData.objects.filter(data_type=XFORM_META_PERMS, object_id=self.xform.pk, content_type=ct.pk).count() self.assertEqual(1, count) metadata = MetaData.xform_meta_permission(self.xform) self.assertEqual(metadata.data_value, "editor-minor|dataentry-only")