def test_has_perm_delete_with_obj(self): permission_logic = StaffPermissionLogic() add_permission_logic(self.article.__class__, permission_logic) self.assertTrue( permission_logic.has_perm(self.user1, self.perm3, self.article)) self.assertFalse( permission_logic.has_perm(self.user2, self.perm3, self.article))
def test_has_perm_change_without_obj_without_any_permission(self): permission_logic = GroupInPermissionLogic('admin', any_permission=False) add_permission_logic(self.article.__class__, permission_logic) self.assertTrue(permission_logic.has_perm(self.user1, self.perm2)) self.assertFalse(permission_logic.has_perm(self.user2, self.perm2)) self.assertFalse(permission_logic.has_perm(self.user3, self.perm2))
def test_has_perm_delete_with_obj(self): permission_logic = StaffPermissionLogic() add_permission_logic(self.article.__class__, permission_logic) self.assertTrue( permission_logic.has_perm(self.user1, self.perm3, self.article)) self.assertFalse( permission_logic.has_perm(self.user2, self.perm3, self.article))
def test_constructor_with_specifing_delete_permission(self): permission_logic = GroupInPermissionLogic('admin', delete_permission=False) add_permission_logic(self.article.__class__, permission_logic) self.assertTrue(isinstance(permission_logic, GroupInPermissionLogic)) self.assertEqual(permission_logic.delete_permission, False)
def test_has_perm_change_with_obj_without_any(self): permission_logic = StaffPermissionLogic(any_permission=False) add_permission_logic(self.article.__class__, permission_logic) self.assertTrue( permission_logic.has_perm(self.user1, self.perm2, self.article)) self.assertFalse( permission_logic.has_perm(self.user2, self.perm2, self.article))
def test_has_perm_delete_without_obj(self): permission_logic = GroupInPermissionLogic('admin') add_permission_logic(self.article.__class__, permission_logic) self.assertTrue(permission_logic.has_perm(self.user1, self.perm3)) self.assertFalse(permission_logic.has_perm(self.user2, self.perm3)) self.assertFalse(permission_logic.has_perm(self.user3, self.perm3))
def test_has_perm_change_with_obj_without_any(self): permission_logic = StaffPermissionLogic(any_permission=False) add_permission_logic(self.article.__class__, permission_logic) self.assertTrue( permission_logic.has_perm(self.user1, self.perm2, self.article)) self.assertFalse( permission_logic.has_perm(self.user2, self.perm2, self.article))
def test_has_perm_delete_with_obj_with_two_groups(self): permission_logic = GroupInPermissionLogic(["admin", "staff"]) add_permission_logic(self.article.__class__, permission_logic) self.assertTrue(permission_logic.has_perm(self.user1, self.perm3, self.article)) self.assertTrue(permission_logic.has_perm(self.user2, self.perm3, self.article)) self.assertFalse(permission_logic.has_perm(self.user3, self.perm3, self.article))
def test_has_perm_change_with_obj(self): permission_logic = GroupInPermissionLogic("admin") add_permission_logic(self.article.__class__, permission_logic) self.assertTrue(permission_logic.has_perm(self.user1, self.perm2, self.article)) self.assertFalse(permission_logic.has_perm(self.user2, self.perm2, self.article)) self.assertFalse(permission_logic.has_perm(self.user3, self.perm2, self.article))
def test_has_perm_change_without_obj_with_two_groups(self): permission_logic = GroupInPermissionLogic(['admin', 'staff']) add_permission_logic(self.article.__class__, permission_logic) self.assertTrue(permission_logic.has_perm(self.user1, self.perm2)) self.assertTrue(permission_logic.has_perm(self.user2, self.perm2)) self.assertFalse(permission_logic.has_perm(self.user3, self.perm2))
def test_has_perm_delete_without_obj(self): permission_logic = GroupInPermissionLogic('admin') add_permission_logic(self.article.__class__, permission_logic) self.assertTrue(permission_logic.has_perm(self.user1, self.perm3)) self.assertFalse(permission_logic.has_perm(self.user2, self.perm3)) self.assertFalse(permission_logic.has_perm(self.user3, self.perm3))
def test_has_perm_change_without_obj_without_any_permission(self): permission_logic = GroupInPermissionLogic('admin', any_permission=False) add_permission_logic(self.article.__class__, permission_logic) self.assertTrue(permission_logic.has_perm(self.user1, self.perm2)) self.assertFalse(permission_logic.has_perm(self.user2, self.perm2)) self.assertFalse(permission_logic.has_perm(self.user3, self.perm2))
def test_has_perm_change_without_obj_with_two_groups(self): permission_logic = GroupInPermissionLogic(['admin', 'staff']) add_permission_logic(self.article.__class__, permission_logic) self.assertTrue(permission_logic.has_perm(self.user1, self.perm2)) self.assertTrue(permission_logic.has_perm(self.user2, self.perm2)) self.assertFalse(permission_logic.has_perm(self.user3, self.perm2))
def test_constructor(self): permission_logic = StaffPermissionLogic() add_permission_logic(self.article.__class__, permission_logic) self.assertTrue(isinstance(permission_logic, StaffPermissionLogic)) self.assertEqual(permission_logic.any_permission, True) self.assertEqual(permission_logic.add_permission, True) self.assertEqual(permission_logic.change_permission, True) self.assertEqual(permission_logic.delete_permission, True)
def test_constructor(self): permission_logic = StaffPermissionLogic() add_permission_logic(self.article.__class__, permission_logic) self.assertTrue(isinstance(permission_logic, StaffPermissionLogic)) self.assertEqual(permission_logic.any_permission, True) self.assertEqual(permission_logic.add_permission, True) self.assertEqual(permission_logic.change_permission, True) self.assertEqual(permission_logic.delete_permission, True)
def test_add_permission_logic_registry(self): m = self.mock_logic # nothing have been registered in registry self.assertEqual(registry._registry, {}) # but after add permission logic, they will be appeared add_permission_logic(Article, m) self.assertEqual(Article._permission_logics, set([m])) self.assertTrue( isinstance(registry._registry[Article], LogicalPermissionHandler))
def test_add_permission_logic_registry(self): m = self.mock_logic # nothing have been registered in registry self.assertEqual(registry._registry, {}) # but after add permission logic, they will be appeared add_permission_logic(Article, m) self.assertEqual(Article._permission_logics, set([m])) self.assertTrue(isinstance(registry._registry[Article], LogicalPermissionHandler))
def test_remove_permission_logic_exception(self): m = self.mock_logic add_permission_logic(Article, m) remove_permission_logic(Article, m) # it shuld not raise exception remove_permission_logic(Article, m) # it should raise exception if fail_silently is False self.assertRaises(KeyError, remove_permission_logic, Article, m, fail_silently=False)
def test_remove_permission_logic_private_attributes(self): m = self.mock_logic add_permission_logic(Article, m) self.assertTrue(hasattr(Article, '_permission_logics')) self.assertTrue(hasattr(Article, '_permission_handler')) # private attribute should not be disappeared remove_permission_logic(Article, m) self.assertTrue(hasattr(Article, '_permission_logics')) self.assertTrue(hasattr(Article, '_permission_handler'))
def test_add_permission_logic_private_attributes(self): m = self.mock_logic # the following private attribute should not be exists in Article model self.assertFalse(hasattr(Article, '_permission_logics')) self.assertFalse(hasattr(Article, '_permission_handler')) # but after add permission logic, they will be appeared add_permission_logic(Article, m) self.assertTrue(hasattr(Article, '_permission_logics')) self.assertTrue(hasattr(Article, '_permission_handler'))
def test_remove_permission_logic_private_attributes(self): m = self.mock_logic add_permission_logic(Article, m) self.assertTrue(hasattr(Article, '_permission_logics')) self.assertTrue(hasattr(Article, '_permission_handler')) # private attribute should not be disappeared remove_permission_logic(Article, m) self.assertTrue(hasattr(Article, '_permission_logics')) self.assertTrue(hasattr(Article, '_permission_handler'))
def test_add_permission_logic_private_attributes(self): m = self.mock_logic # the following private attribute should not be exists in Article model self.assertFalse(hasattr(Article, '_permission_logics')) self.assertFalse(hasattr(Article, '_permission_handler')) # but after add permission logic, they will be appeared add_permission_logic(Article, m) self.assertTrue(hasattr(Article, '_permission_logics')) self.assertTrue(hasattr(Article, '_permission_handler'))
def test_remove_permission_logic_exception(self): m = self.mock_logic add_permission_logic(Article, m) remove_permission_logic(Article, m) # it shuld not raise exception remove_permission_logic(Article, m) # it should raise exception if fail_silently is False self.assertRaises(KeyError, remove_permission_logic, Article, m, fail_silently=False)
def test_remove_permission_logic_registry(self): m = self.mock_logic add_permission_logic(Article, m) self.assertEqual(Article._permission_logics, set([m])) self.assertTrue( isinstance(registry._registry[Article], LogicalPermissionHandler)) # permission_logics should be changed but registry # should not be changed remove_permission_logic(Article, m) self.assertEqual(Article._permission_logics, set()) self.assertTrue( isinstance(registry._registry[Article], LogicalPermissionHandler))
def test_remove_permission_logic_registry(self): m = self.mock_logic add_permission_logic(Article, m) self.assertEqual(Article._permission_logics, set([m])) self.assertTrue(isinstance(registry._registry[Article], LogicalPermissionHandler)) # permission_logics should be changed but registry # should not be changed remove_permission_logic(Article, m) self.assertEqual(Article._permission_logics, set()) self.assertTrue(isinstance(registry._registry[Article], LogicalPermissionHandler))
def test_user_can_create_customer_if_he_is_not_staff_if_settings_are_tweaked( self): add_permission_logic(Customer, OWNER_CAN_MANAGE_CUSTOMER_LOGICS) self.client.force_authenticate(user=self.users['not_owner']) response = self.client.post(reverse('customer-list'), self._get_valid_payload()) self.assertEqual(response.status_code, status.HTTP_201_CREATED) # User became owner of created customer self.assertEqual(response.data['owners'][0]['uuid'], self.users['not_owner'].uuid.hex) remove_permission_logic(Customer, OWNER_CAN_MANAGE_CUSTOMER_LOGICS)
def test_constructor(self): permission_logic = GroupInPermissionLogic('admin') add_permission_logic(self.article.__class__, permission_logic) self.assertTrue(isinstance(permission_logic, GroupInPermissionLogic)) self.assertEqual(permission_logic.group_names, ['admin']) self.assertEqual(permission_logic.any_permission, True) self.assertEqual(permission_logic.add_permission, True) self.assertEqual(permission_logic.change_permission, True) self.assertEqual(permission_logic.delete_permission, True) permission_logic = GroupInPermissionLogic(['admin', 'staff']) self.assertTrue(isinstance(permission_logic, GroupInPermissionLogic)) self.assertEqual(permission_logic.group_names, ['admin', 'staff']) self.assertEqual(permission_logic.any_permission, True) self.assertEqual(permission_logic.add_permission, True) self.assertEqual(permission_logic.change_permission, True) self.assertEqual(permission_logic.delete_permission, True)
def test_constructor(self): permission_logic = GroupInPermissionLogic('admin') add_permission_logic(self.article.__class__, permission_logic) self.assertTrue(isinstance(permission_logic, GroupInPermissionLogic)) self.assertEqual(permission_logic.group_names, ['admin']) self.assertEqual(permission_logic.any_permission, True) self.assertEqual(permission_logic.add_permission, True) self.assertEqual(permission_logic.change_permission, True) self.assertEqual(permission_logic.delete_permission, True) permission_logic = GroupInPermissionLogic(['admin', 'staff']) self.assertTrue(isinstance(permission_logic, GroupInPermissionLogic)) self.assertEqual(permission_logic.group_names, ['admin', 'staff']) self.assertEqual(permission_logic.any_permission, True) self.assertEqual(permission_logic.add_permission, True) self.assertEqual(permission_logic.change_permission, True) self.assertEqual(permission_logic.delete_permission, True)
def discover(app, module_name=None): """ Automatically apply the permission logics written in the specified module. Examples -------- Assume if you have a ``perms.py`` in ``your_app`` as:: from permission.logics import AuthorPermissionLogic PERMISSION_LOGICS = ( ('your_app.your_model', AuthorPermissionLogic), ) Use this method to apply the permission logics enumerated in ``PERMISSION_LOGICS`` variable like: >>> discover('your_app') """ from permission.compat import import_module from permission.compat import get_model from permission.conf import settings from permission.utils.logics import add_permission_logic variable_name = settings.PERMISSION_AUTODISCOVER_VARIABLE_NAME module_name = module_name or settings.PERMISSION_AUTODISCOVER_MODULE_NAME # import the module m = import_module('%s.%s' % (app, module_name)) # check if the module have PERMISSION_LOGICS variable if hasattr(m, variable_name): # apply permission logics automatically permission_logic_set = getattr(m, variable_name) for model, permission_logic in permission_logic_set: if isinstance(model, six.string_types): # convert model string to model instance model = get_model(*model.split('.', 1)) add_permission_logic(model, permission_logic)
def discover(app, module_name=None): """ Automatically apply the permission logics written in the specified module. Examples -------- Assume if you have a ``perms.py`` in ``your_app`` as:: from permission.logics import AuthorPermissionLogic PERMISSION_LOGICS = ( ('your_app.your_model', AuthorPermissionLogic), ) Use this method to apply the permission logics enumerated in ``PERMISSION_LOGICS`` variable like: >>> discover('your_app') """ from permission.compat import import_module from permission.compat import get_model from permission.conf import settings from permission.utils.logics import add_permission_logic variable_name = settings.PERMISSION_AUTODISCOVER_VARIABLE_NAME module_name = module_name or settings.PERMISSION_AUTODISCOVER_MODULE_NAME # import the module m = import_module('%s.%s' % (app, module_name)) # check if the module have PERMISSION_LOGICS variable if hasattr(m, variable_name): # apply permission logics automatically permission_logic_set = getattr(m, variable_name) for model, permission_logic in permission_logic_set: if isinstance(model, basestring): # convert model string to model instance model = get_model(*model.split('.', 1)) add_permission_logic(model, permission_logic)
def test_has_perm_delete_with_obj_with_anonymous(self): permission_logic = GroupInPermissionLogic('admin') add_permission_logic(self.article.__class__, permission_logic) self.assertFalse( permission_logic.has_perm(self.anonymous, self.perm3, self.article))
def test_constructor_with_specifing_change_permission(self): permission_logic = GroupInPermissionLogic('admin', change_permission=False) add_permission_logic(self.article.__class__, permission_logic) self.assertTrue(isinstance(permission_logic, GroupInPermissionLogic)) self.assertEqual(permission_logic.change_permission, False)
def test_constructor_with_specifing_change_permission(self): permission_logic = StaffPermissionLogic(change_permission=False) add_permission_logic(self.article.__class__, permission_logic) self.assertTrue(isinstance(permission_logic, StaffPermissionLogic)) self.assertEqual(permission_logic.change_permission, False)
def test_has_perm_change_with_obj_with_anonymous(self): permission_logic = GroupInPermissionLogic('admin') add_permission_logic(self.article.__class__, permission_logic) self.assertFalse( permission_logic.has_perm(self.anonymous, self.perm2, self.article))
def test_has_perm_delete_with_obj_with_anonymous(self): permission_logic = StaffPermissionLogic() add_permission_logic(self.article.__class__, permission_logic) self.assertFalse( permission_logic.has_perm(self.anonymous, self.perm3, self.article))
def test_has_perm_change_with_obj_with_anonymous(self): permission_logic = StaffPermissionLogic() add_permission_logic(self.article.__class__, permission_logic) self.assertFalse( permission_logic.has_perm(self.anonymous, self.perm2, self.article))
def test_constructor_with_specifing_delete_permission(self): permission_logic = StaffPermissionLogic(delete_permission=False) add_permission_logic(self.article.__class__, permission_logic) self.assertTrue(isinstance(permission_logic, StaffPermissionLogic)) self.assertEqual(permission_logic.delete_permission, False)
def test_has_perm_change_without_obj_with_anonymous(self): permission_logic = GroupInPermissionLogic("admin") add_permission_logic(self.article.__class__, permission_logic) self.assertFalse(permission_logic.has_perm(self.anonymous, self.perm2))