def test_permission_on_contentype(db):
perm_ou = OU.objects.create(slug='perm-ou', name='perm ou')
some_role_dict = {
'name': 'some role',
'slug': 'some-role-slug',
'ou': None,
'service': None
}
some_role_dict['permissions'] = [{
"operation": {
"slug": "admin"
},
"ou": {
"slug": "perm-ou",
"name": "perm-ou"
},
'target_ct': {
"model": "contenttype",
"app_label": "contenttypes"
},
"target": {
"model": "logentry",
"app_label": "admin"
}
}]
import_context = ImportContext()
rd = RoleDeserializer(some_role_dict, import_context)
rd.deserialize()
perm_created, perm_deleted = rd.permissions()
assert len(perm_created) == 1
perm = perm_created[0]
assert perm.target.app_label == 'admin'
assert perm.target.model == 'logentry'
assert perm.ou == perm_ou
def test_permission_on_role(db):
perm_ou = OU.objects.create(slug='perm-ou', name='perm ou')
perm_role = Role.objects.create(slug='perm-role',
ou=perm_ou,
name='perm role')
some_role_dict = {
'name': 'some role',
'slug': 'some-role-slug',
'ou': None,
'service': None
}
some_role_dict['permissions'] = [{
"operation": {
"slug": "admin"
},
"ou": {
"slug": "perm-ou",
"name": "perm-ou"
},
'target_ct': {
'app_label': u'a2_rbac',
'model': u'role'
},
"target": {
"slug": "perm-role",
"ou": {
"slug": "perm-ou",
"name": "perm ou"
},
"service": None,
"name": "perm role"
}
}]
import_context = ImportContext()
rd = RoleDeserializer(some_role_dict, import_context)
rd.deserialize()
perm_created, perm_deleted = rd.permissions()
assert len(perm_created) == 1
perm = perm_created[0]
assert perm.target == perm_role
assert perm.ou == perm_ou
assert perm.operation.slug == 'admin'
def test_role_deserializer_permissions(db):
ou = OU.objects.create(slug='some-ou')
other_role_dict = {
'name': 'other role',
'slug': 'other-role-slug',
'uuid': get_hex_uuid(),
'ou': ou
}
other_role = Role.objects.create(**other_role_dict)
other_role_dict['permisison'] = {
"operation": {
"slug": "admin"
},
"ou": {
"slug": "default",
"name": "Collectivit\u00e9 par d\u00e9faut"
},
'target_ct': {
'app_label': u'a2_rbac',
'model': u'role'
},
"target": {
"slug": "role-deux",
"ou": {
"slug": "default",
"name": "Collectivit\u00e9 par d\u00e9faut"
},
"service": None,
"name": "role deux"
}
}
some_role_dict = {
'name': 'some role',
'slug': 'some-role',
'uuid': get_hex_uuid(),
'ou': None,
'service': None
}
some_role_dict['permissions'] = [{
'operation': {
'slug': 'add'
},
'ou': None,
'target_ct': {
'app_label': u'a2_rbac',
'model': u'role'
},
'target': {
"slug": u'other-role-slug',
'ou': {
'slug': 'some-ou'
},
'service': None
}
}]
import_context = ImportContext()
rd = RoleDeserializer(some_role_dict, import_context)
rd.deserialize()
perm_created, perm_deleted = rd.permissions()
assert len(perm_created) == 1
assert len(perm_deleted) == 0
del some_role_dict['permissions']
role = Role.objects.get(slug=some_role_dict['slug'])
assert role.permissions.count() == 1
perm = role.permissions.first()
assert perm.operation.slug == 'add'
assert not perm.ou
assert perm.target == other_role
# that one should delete permissions
rd = RoleDeserializer(some_role_dict, import_context)
role, _ = rd.deserialize()
perm_created, perm_deleted = rd.permissions()
assert role.permissions.count() == 0
assert len(perm_created) == 0
assert len(perm_deleted) == 1