def test_correctly_sets_values_from_legacy_values(self): me_legacy = Permission(PermissionMocks.get_legacy_me_permission_dict()) meo_legacy = Permission( PermissionMocks.get_legacy_meo_permission_dict()) self.assertEqual(me_legacy.role_type, enums.roles.ME) self.assertEqual(meo_legacy.role_type, enums.roles.MEO)
def save(self, slug, request_user): permissions = Permission(permission_name='%s_perms' % slug, visibility=self.cleaned_data['visibility'], protection=self.cleaned_data['protection']) permissions.save(commit=False) permissions.can_write.add(request_user) permissions.can_read.add(request_user) if self.cleaned_data['protection'] == "2": for user in self.cleaned_data['can_write']: permissions.can_write.add(user) if self.cleaned_data['visibility'] == "2": for user in self.cleaned_data['can_read']: permissions.can_read.add(user) permissions.save(commit=True) return permissions
def test_get(self, rf, mocker): # pylint: disable=no-self-use disable=invalid-name """ test create """ url = reverse('profilepermission-list') permission_test = Permission() permission_test.name = "user_permission_viewset" permission_test.key = "test" permission_test.description = "test" permission_test.save() user_test = ApiUser() user_test.username = "******" user_test.password = "******" user_test.email = "*****@*****.**" user_test.save() data = {"permission": permission_test.id, "user": user_test.id} request = rf.post(url, content_type='application/json', data=json.dumps(data)) mocker.patch.object(UserPermission, 'save') # Renderizamos la vista con nuestro request. response = UserPermissionViewSet.as_view({'post': 'create'})(request).render() permission = Permission.objects.get( id=json.loads(response.content).get('permission')) assert response.status_code == 201 assert str(permission) == 'user_permission_viewset' # Verificamos si efectivamente se llamo el metodo save assert UserPermission.save.called
def test_get(self, rf, mocker): # pylint: disable=no-self-use disable=invalid-name """ test create """ url = reverse('profilepermission-list') profile_test = Profile() profile_test.name = "profile_test_viewset" profile_test.key = "test" profile_test.description = "test" profile_test.save() permission_test = Permission() permission_test.name = "permission_test_viewset" permission_test.key = "test" permission_test.description = "test" permission_test.save() data = {"profile": profile_test.id, "permission": permission_test.id} request = rf.post(url, content_type='application/json', data=json.dumps(data)) mocker.patch.object(ProfilePermission, 'save') # Renderizamos la vista con nuestro request. response = ProfilePermissionViewSet.as_view({'post': 'create' })(request).render() print(response.content) profile = Profile.objects.get( id=json.loads(response.content).get('profile')) assert response.status_code == 201 assert str(profile) == 'profile_test_viewset' # Verificamos si efectivamente se llamo el metodo save assert ProfilePermission.save.called
def get(self, request, user_id, permission_id): status_code = status.HTTP_200_OK permission = Permission.load_by_id(user_id, permission_id, self.user.auth_token) if permission: context = self.__set_edit_permission_context(permission, False) return render(request, self.template, context, status=status_code) return redirect('/users/%s/manage' % self.managed_user.user_id)
def new_permission(): form = PermissionForm() if request.method == "POST" and form.validate(): permission = Permission(name=form.name.data, is_active=True) db.session.add(permission) db.session.flush() db.session.commit() return redirect(url_for('view_permissions')) return render_template('permissions/setup.html', form=form, action='new')
def test_correctly_sets_values_on_init(self): permission = Permission(PermissionMocks.get_meo_permission_dict()) self.assertEqual(permission.user_id, PermissionMocks.get_meo_permission_dict()['userId']) self.assertEqual( permission.permission_id, PermissionMocks.get_meo_permission_dict()['permissionId']) self.assertEqual( permission.location_id, PermissionMocks.get_meo_permission_dict()['locationId']) self.assertEqual(permission.user_role, PermissionMocks.get_meo_permission_dict()['userRole'])
def load_permissions(self, auth_token): response = permissions_request_handler.load_permissions_for_user( self.user_id, auth_token) success = response.status_code == status.HTTP_200_OK if success: self.permissions = response.json()['permissions'] for permission in self.permissions: permission_object = Permission(obj_dict=permission) self.permission_objects.append(permission_object) else: log_api_error('permissions load', response.text)
def create(self, validated_data): instance = self.Meta.model(**validated_data) instance.save() TYPE_CHOICE_LIST = [{ 'id': 1, 'type': 'GET' }, { 'id': 2, 'type': 'LIST' }, { 'id': 3, 'type': 'POST' }, { 'id': 4, 'type': 'PUT' }, { 'id': 5, 'type': 'PATCH' }, { 'id': 6, 'type': 'DELETE' }] for item in TYPE_CHOICE_LIST: item_id = item['id'] item_type = item['type'] permission = Permission() permission.name = "{} | {} | {}".format(item_type, instance.origin.name, instance.api_path) permission.key = "{}{}{}".format(item_type.lower(), instance.origin.host, instance.api_path) permission.description = "Autogenerate permission type {} for {} from {}:{}".format( item_type, instance.api_path, instance.origin.name, instance.origin.port) permission.type = item_id permission.api = instance permission.save() return instance
def post(self, request, user_id, permission_id): post_body = request.POST form = PermissionBuilderForm(post_body) if form.is_valid(): response = self.managed_user.update_permission(form, permission_id, self.user.auth_token) if response.ok: return redirect('/users/%s/manage' % self.managed_user.user_id) else: invalid = True log_api_error('permission creation', response.text) status_code = response.status_code else: invalid = True status_code = status.HTTP_400_BAD_REQUEST permission = Permission.load_by_id(user_id, permission_id, self.user.auth_token) context = self.__set_edit_permission_context(permission, invalid, posted_form=form) return render(request, self.template, context, status=status_code)
def test_update( self, user_permission_factory, ): # pylint: disable=no-self-use """ test updated user_permission """ permission_test = Permission() permission_test.name = "user_permission_test2" permission_test.key = "test" permission_test.description = "test" permission_test.save() user_permission_created = user_permission_factory() user_permission = UserPermission.objects.get( id=user_permission_created.id) user_permission.permission = permission_test user_permission.save() assert user_permission.permission.name == "user_permission_test2", 'name should be user_permission_test2'
def create_permissions(): """ Creates permissions. """ Permission.objects.all().delete() permissions = [] urls = get_urls() for url in urls: for permission in url['permissions']: try: permissions.append( Permission(name=url['name'], url=url['url'], method=permission['method'], description=permission['detail'], app_label=url['app_label'])) except IntegrityError: msg = "It seems multiple urls share same name '{}' and method '{}'. \ Please make sure to override 'base_name' keyword in router.".format( url["name"], permission["method"]) raise Exception(msg) Permission.objects.bulk_create(permissions)
def __init__(self, obj_dict=None): self.auth_token = None self.id_token = None self.index_overview = None self.examinations = [] self.permissions = [] self.permission_objects = [] self.gmc_number = None if obj_dict: self.user_id = obj_dict.get('userId') self.first_name = obj_dict.get('firstName') self.last_name = obj_dict.get('lastName') self.email_address = obj_dict.get('email') self.roles = obj_dict.get('role') self.gmc_number = obj_dict.get('gmcNumber', None) if type(obj_dict.get('permissions')) == list: self.permissions = obj_dict.get('permissions') for permission in self.permissions: permission_object = Permission(obj_dict=permission) self.permission_objects.append(permission_object) else: self.permitted_actions = PermittedActions( obj_dict.get('permissions'))
def flush_permissions(): try: Permission.flush() print("All the permission flushed") except Exception as e: print("Some problem occurred " + str(e))
def update_permission(self, form, permission_id, auth_token): return Permission.update(form.to_dict(self.user_id), self.user_id, permission_id, auth_token)
def add_permission(self, form, auth_token): return Permission.create(form.to_dict(self.user_id), self.user_id, auth_token)
def get(self, request, user_id, permission_id): Permission.delete(user_id, permission_id, auth_token=self.user.auth_token) return self.__redirect_to_manage_user(user_id)
def test_load_examinations_adds_a_list_of_cases_to_the_user(self): user = User(UserMocks.get_filled_user_dict()) user.auth_token = SessionMocks.ACCESS_TOKEN user.permissions.append(Permission(PermissionMocks.get_me_permission_dict())) user.load_examinations(20, 1, None, None, None) self.assertEquals(type(user.examinations), list)
def create_permission(permission: ValidPermissions, *args) -> Permission: permission_obj = Permission() permission_obj.set_permission(permission, *args) permission_obj.save() return permission_obj
def create(request, template_name=None, next=None, action=None): """this method is used to create a page about something""" request_user = request.user if request.method == 'POST': f = ArticleForm(request.POST) if f.is_valid(): title = f.cleaned_data['title'] slug = slugify(title) category = f.cleaned_data['category'] protection = f.cleaned_data['protection'] visibility = f.cleaned_data['visibility'] can_write = f.cleaned_data['can_write'] can_read = f.cleaned_data['can_read'] if Article.objects.filter(slug=slug).count() > 0: slug = slug + str(Article.objects.filter(slug__contains=slug).count()) article = Article(author=request.user, slug=slug, title=title,category=category) #Check every thing related to permissions cal_protection and cal_visibility if article.permissions is None: permissions = Permission(permission_name='%s_perms' % slug, visibility=visibility, protection=protection) permissions.save() article.permissions = permissions article.permissions.can_write.add(request.user) article.permissions.can_read.add(request.user) #@todo change "2" to CUSTOM if protection == "2": for user in can_write: article.permissions.can_write.add(user) if visibility == "2": for user in can_read: article.permissions.can_read.add(user) article.parent = Article.get_root() article.save() if TaggableManager: #tagging the article tags = f.cleaned_data['tags'] if tags: article.tags.set(*tags) #adding the article description only if the user has checked the add_description if not f.cleaned_data['contents'] == '': status = f.cleaned_data['status'] contents = f.cleaned_data['contents'] new_revision = Version(user=request.user, article=article, status=status, contents=contents) new_revision.save() #set the notification object #ToNotify(user=request_user, Article=article).save() if not request.is_ajax(): if next == 'wall_home': return HttpResponseRedirect(reverse(next)) return HttpResponseRedirect(reverse(next, args=(article.get_url(),))) response = {'success':True} else: response = errors_as_json(f) if request.is_ajax(): json = simplejson.dumps(response, ensure_ascii=False) return HttpResponse(json, mimetype="application/json") else: f = ArticleForm() c = RequestContext(request, {'wiki_form': f, 'action':reverse(action), 'wiki_edit_protection':False, 'wiki_write': False, 'wiki_read': False, }) return render_to_response(template_name, c)