def get_or_create_product(product_name=None, product_type_name=None, auto_create_context=None): # try to find the product (withing the provided product_type) product = get_target_product_if_exists(product_name, product_type_name) if product: return product # not found .... create it if not auto_create_context: raise ValueError('auto_create_context not True, unable to create non-existing product') else: product_type, created = Product_Type.objects.get_or_create(name=product_type_name) if created: member = Product_Type_Member() member.user = get_current_user() member.product_type = product_type member.role = Role.objects.get(is_owner=True) member.save() product = Product.objects.create(name=product_name, prod_type=product_type) member = Product_Member() member.user = get_current_user() member.product = product member.role = Role.objects.get(is_owner=True) member.save() return product
def add_product_type_member(request, uid): user = get_object_or_404(Dojo_User, id=uid) memberform = Add_Product_Type_Member_UserForm(initial={'user': user.id}) if request.method == 'POST': memberform = Add_Product_Type_Member_UserForm( request.POST, initial={'user': user.id}) if memberform.is_valid(): if 'product_types' in memberform.cleaned_data and len( memberform.cleaned_data['product_types']) > 0: for product_type in memberform.cleaned_data['product_types']: existing_members = Product_Type_Member.objects.filter( product_type=product_type, user=user) if existing_members.count() == 0: product_type_member = Product_Type_Member() product_type_member.product_type = product_type product_type_member.user = user product_type_member.role = memberform.cleaned_data[ 'role'] product_type_member.save() messages.add_message( request, messages.SUCCESS, 'Product type members added successfully.', extra_tags='alert-success') return HttpResponseRedirect(reverse('view_user', args=(uid, ))) add_breadcrumb(title="Add Product Type Member", top_level=False, request=request) return render(request, 'dojo/new_product_type_member_user.html', { 'user': user, 'form': memberform, })
def add_product_type(request): form = Product_TypeForm() if request.method == 'POST': form = Product_TypeForm(request.POST) if form.is_valid(): product_type = form.save() member = Product_Type_Member() member.user = request.user member.product_type = product_type member.role = Role.objects.get(is_owner=True) member.save() messages.add_message(request, messages.SUCCESS, 'Product type added successfully.', extra_tags='alert-success') create_notification(event='product_type_added', title=product_type.name, product_type=product_type, url=reverse('view_product_type', args=(product_type.id, ))) return HttpResponseRedirect(reverse('product_type')) add_breadcrumb(title="Add Product Type", top_level=False, request=request) return render(request, 'dojo/new_product_type.html', { 'name': 'Add Product Type', 'form': form, })
def add_product_type_member(request, ptid): pt = get_object_or_404(Product_Type, pk=ptid) memberform = Add_Product_Type_MemberForm(initial={'product_type': pt.id}) if request.method == 'POST': memberform = Add_Product_Type_MemberForm(request.POST, initial={'product_type': pt.id}) if memberform.is_valid(): if memberform.cleaned_data['role'].is_owner and not user_has_permission(request.user, pt, Permissions.Product_Type_Member_Add_Owner): messages.add_message(request, messages.WARNING, 'You are not permitted to add users as owners.', extra_tags='alert-warning') else: if 'users' in memberform.cleaned_data and len(memberform.cleaned_data['users']) > 0: for user in memberform.cleaned_data['users']: members = Product_Type_Member.objects.filter(product_type=pt, user=user) if members.count() == 0: product_type_member = Product_Type_Member() product_type_member.product_type = pt product_type_member.user = user product_type_member.role = memberform.cleaned_data['role'] product_type_member.save() messages.add_message(request, messages.SUCCESS, 'Product type members added successfully.', extra_tags='alert-success') return HttpResponseRedirect(reverse('view_product_type', args=(ptid, ))) add_breadcrumb(title="Add Product Type Member", top_level=False, request=request) return render(request, 'dojo/new_product_type_member.html', { 'pt': pt, 'form': memberform, })
def test_user_has_permission_product_type_member_success(self, mock_get): other_user = User() other_user.id = 2 product_type_member_other_user = Product_Type_Member() product_type_member_other_user.id = 2 product_type_member_other_user.user = other_user product_type_member_other_user.product_type = self.product_type product_type_member_other_user.role = Roles.Owner mock_get.return_value = product_type_member_other_user result = user_has_permission(other_user, self.product_type_member_reader, Permissions.Product_Type_Member_Delete) self.assertTrue(result) self.assertEqual(mock_get.call_args[1]['user'], other_user) self.assertEqual(mock_get.call_args[1]['product_type'], self.product_type)
def test_user_has_permission_product_type_member_success(self, mock_foo): other_user = User() other_user.id = 2 product_type_member_other_user = Product_Type_Member() product_type_member_other_user.id = 2 product_type_member_other_user.user = other_user product_type_member_other_user.product_type = self.product_type product_type_member_other_user.role = Role.objects.get(id=Roles.Owner) mock_foo.select_related.return_value = mock_foo mock_foo.select_related.return_value = mock_foo mock_foo.filter.return_value = [product_type_member_other_user] result = user_has_permission(other_user, self.product_type_member_reader, Permissions.Product_Type_Member_Delete) self.assertTrue(result) mock_foo.filter.assert_called_with(user=other_user)
def test_user_has_permission_product_type_member_no_permission( self, mock_get): other_user = User() product_type_member_other_user = Product_Type_Member() product_type_member_other_user.user = other_user product_type_member_other_user.product_type = self.product_type product_type_member_other_user.role = Roles.Reader mock_get.return_value = product_type_member_other_user result = user_has_permission(other_user, self.product_type_member_owner, Permissions.Product_Type_Remove_Member) self.assertFalse(result) self.assertEqual(mock_get.call_args[1]['user'], other_user) self.assertEqual(mock_get.call_args[1]['product_type'], self.product_type)
def handle(self, *args, **options): logger.info('Started migrating users for authorization v2 ...') authorized_user_exists = False # Staff users have had all permissions for all product types and products, # so they will be get a global role as Owner. # Superusers will have all permissions anyway, so they must not be set as members. staff_users = Dojo_User.objects.filter(is_staff=True, is_superuser=False) for staff_user in staff_users: global_role = staff_user.global_role if hasattr( staff_user, 'global_role') else None if global_role is None: global_role = Global_Role() global_role.user = staff_user if global_role.role is None: global_role.role = self.owner_role global_role.save() logger.info('Global_Role Owner added for staff user {}'.format( staff_user)) else: logger.info('Staff user {} already has Global_Role {}'.format( staff_user, global_role.role)) # Authorized users for product types will be converted to product type members # with a role according to the settings product_types = Product_Type.objects.all().prefetch_related( 'authorized_users') for product_type in product_types: for authorized_user in product_type.authorized_users.all(): # If the product type member already exists, it won't be changed if Product_Type_Member.objects.filter( product_type=product_type, user=authorized_user).count() == 0: authorized_user_exists = True product_type_member = Product_Type_Member() product_type_member.product_type = product_type product_type_member.user = authorized_user product_type_member.role = self.get_role() product_type_member.save() logger.info( 'Product_Type_Member added: {} / {} / {}'.format( product_type, authorized_user, product_type_member.role)) else: logger.info( 'Product_Type_Member already exists: {} / {}'.format( product_type, authorized_user)) # Authorized users for products will be converted to product members # with a role according to the settings products = Product.objects.all().prefetch_related('authorized_users') for product in products: for authorized_user in product.authorized_users.all(): # If the product member already exists, it won't be changed if Product_Member.objects.filter( product=product, user=authorized_user).count() == 0: authorized_user_exists = True product_member = Product_Member() product_member.product = product product_member.user = authorized_user product_member.role = self.get_role() product_member.save() logger.info('Product_Member added: {} / {} / {}'.format( product, authorized_user, product_member.role)) else: logger.info( 'Product_Member already exists: {} / {}'.format( product, authorized_user)) if authorized_user_exists and not settings.AUTHORIZED_USERS_ALLOW_STAFF and \ (settings.AUTHORIZED_USERS_ALLOW_CHANGE or settings.AUTHORIZED_USERS_ALLOW_DELETE): logger.warn( 'Authorized users have more permissions than before, because there is no equivalent for AUTHORIZED_USERS_ALLOW_CHANGE and AUTHORIZED_USERS_ALLOW_DELETE' ) logger.info('Finished migrating users for authorization v2')