Exemplo n.º 1
0
    def test_user_role_integration(self):
        """
        Basic smoke test of integration of PRBAC with django.contrib.auth
        """
        user = arbitrary.user()
        role = arbitrary.role()
        priv = arbitrary.role()
        arbitrary.grant(from_role=role, to_role=priv)
        user_role = arbitrary.user_role(user=user, role=role)

        self.assertEqual(user.prbac_role, user_role)
        self.assertTrue(user.prbac_role.has_privilege(role))
        self.assertTrue(user.prbac_role.has_privilege(priv))
Exemplo n.º 2
0
    def test_user_role_integration(self):
        """
        Basic smoke test of integration of PRBAC with django.contrib.auth
        """
        user = arbitrary.user()
        role = arbitrary.role()
        priv = arbitrary.role()
        arbitrary.grant(from_role=role, to_role=priv)
        user_role = arbitrary.user_role(user=user, role=role)

        self.assertEqual(user.prbac_role, user_role)
        self.assertTrue(user.prbac_role.has_privilege(role))
        self.assertTrue(user.prbac_role.has_privilege(priv))
Exemplo n.º 3
0
    def test_requires_privilege_role_on_user_ok(self):
        """
        Verify that privilege is recognized when the request user has the prbac_role, but request.role is not set.
        """

        @requires_privilege(self.zazzle_privilege.slug, domain='zizzle')
        def view(request, *args, **kwargs):
            pass

        user = arbitrary.user()
        requestor_role = arbitrary.role()
        arbitrary.grant(from_role=requestor_role, to_role=self.zazzle_privilege, assignment=dict(domain='zizzle'))
        arbitrary.user_role(user=user, role=requestor_role)

        request = HttpRequest()
        request.user = user
        view(request)
Exemplo n.º 4
0
    def test_requires_privilege_role_on_user_ok(self):
        """
        Verify that privilege is recognized when the request user has the prbac_role, but request.role is not set.
        """
        @requires_privilege(self.zazzle_privilege.slug, domain='zizzle')
        def view(request, *args, **kwargs):
            pass

        user = arbitrary.user()
        requestor_role = arbitrary.role()
        arbitrary.grant(from_role=requestor_role,
                        to_role=self.zazzle_privilege,
                        assignment=dict(domain='zizzle'))
        arbitrary.user_role(user=user, role=requestor_role)

        request = HttpRequest()
        request.user = user
        view(request)