def test_correctly_sets_values_from_legacy_values(self):
me_legacy = Permission(PermissionMocks.get_legacy_me_permission_dict())
meo_legacy = Permission(
PermissionMocks.get_legacy_meo_permission_dict())
self.assertEqual(me_legacy.role_type, enums.roles.ME)
self.assertEqual(meo_legacy.role_type, enums.roles.MEO)
def save(self, slug, request_user):
permissions = Permission(permission_name='%s_perms' % slug,
visibility=self.cleaned_data['visibility'],
protection=self.cleaned_data['protection'])
permissions.save(commit=False)
permissions.can_write.add(request_user)
permissions.can_read.add(request_user)
if self.cleaned_data['protection'] == "2":
for user in self.cleaned_data['can_write']:
permissions.can_write.add(user)
if self.cleaned_data['visibility'] == "2":
for user in self.cleaned_data['can_read']:
permissions.can_read.add(user)
permissions.save(commit=True)
return permissions
def test_get(self, rf, mocker): # pylint: disable=no-self-use disable=invalid-name
"""
test create
"""
url = reverse('profilepermission-list')
permission_test = Permission()
permission_test.name = "user_permission_viewset"
permission_test.key = "test"
permission_test.description = "test"
permission_test.save()
user_test = ApiUser()
user_test.username = "******"
user_test.password = "******"
user_test.email = "*****@*****.**"
user_test.save()
data = {"permission": permission_test.id, "user": user_test.id}
request = rf.post(url,
content_type='application/json',
data=json.dumps(data))
mocker.patch.object(UserPermission, 'save')
# Renderizamos la vista con nuestro request.
response = UserPermissionViewSet.as_view({'post':
'create'})(request).render()
permission = Permission.objects.get(
id=json.loads(response.content).get('permission'))
assert response.status_code == 201
assert str(permission) == 'user_permission_viewset'
# Verificamos si efectivamente se llamo el metodo save
assert UserPermission.save.called
def test_get(self, rf, mocker): # pylint: disable=no-self-use disable=invalid-name
"""
test create
"""
url = reverse('profilepermission-list')
profile_test = Profile()
profile_test.name = "profile_test_viewset"
profile_test.key = "test"
profile_test.description = "test"
profile_test.save()
permission_test = Permission()
permission_test.name = "permission_test_viewset"
permission_test.key = "test"
permission_test.description = "test"
permission_test.save()
data = {"profile": profile_test.id, "permission": permission_test.id}
request = rf.post(url,
content_type='application/json',
data=json.dumps(data))
mocker.patch.object(ProfilePermission, 'save')
# Renderizamos la vista con nuestro request.
response = ProfilePermissionViewSet.as_view({'post': 'create'
})(request).render()
print(response.content)
profile = Profile.objects.get(
id=json.loads(response.content).get('profile'))
assert response.status_code == 201
assert str(profile) == 'profile_test_viewset'
# Verificamos si efectivamente se llamo el metodo save
assert ProfilePermission.save.called
def get(self, request, user_id, permission_id):
status_code = status.HTTP_200_OK
permission = Permission.load_by_id(user_id, permission_id, self.user.auth_token)
if permission:
context = self.__set_edit_permission_context(permission, False)
return render(request, self.template, context, status=status_code)
return redirect('/users/%s/manage' % self.managed_user.user_id)
def new_permission():
form = PermissionForm()
if request.method == "POST" and form.validate():
permission = Permission(name=form.name.data, is_active=True)
db.session.add(permission)
db.session.flush()
db.session.commit()
return redirect(url_for('view_permissions'))
return render_template('permissions/setup.html', form=form, action='new')
def test_correctly_sets_values_on_init(self):
permission = Permission(PermissionMocks.get_meo_permission_dict())
self.assertEqual(permission.user_id,
PermissionMocks.get_meo_permission_dict()['userId'])
self.assertEqual(
permission.permission_id,
PermissionMocks.get_meo_permission_dict()['permissionId'])
self.assertEqual(
permission.location_id,
PermissionMocks.get_meo_permission_dict()['locationId'])
self.assertEqual(permission.user_role,
PermissionMocks.get_meo_permission_dict()['userRole'])
def load_permissions(self, auth_token):
response = permissions_request_handler.load_permissions_for_user(
self.user_id, auth_token)
success = response.status_code == status.HTTP_200_OK
if success:
self.permissions = response.json()['permissions']
for permission in self.permissions:
permission_object = Permission(obj_dict=permission)
self.permission_objects.append(permission_object)
else:
log_api_error('permissions load', response.text)
def create(self, validated_data):
instance = self.Meta.model(**validated_data)
instance.save()
TYPE_CHOICE_LIST = [{
'id': 1,
'type': 'GET'
}, {
'id': 2,
'type': 'LIST'
}, {
'id': 3,
'type': 'POST'
}, {
'id': 4,
'type': 'PUT'
}, {
'id': 5,
'type': 'PATCH'
}, {
'id': 6,
'type': 'DELETE'
}]
for item in TYPE_CHOICE_LIST:
item_id = item['id']
item_type = item['type']
permission = Permission()
permission.name = "{} | {} | {}".format(item_type,
instance.origin.name,
instance.api_path)
permission.key = "{}{}{}".format(item_type.lower(),
instance.origin.host,
instance.api_path)
permission.description = "Autogenerate permission type {} for {} from {}:{}".format(
item_type, instance.api_path, instance.origin.name,
instance.origin.port)
permission.type = item_id
permission.api = instance
permission.save()
return instance
def save(self, slug, request_user):
permissions = Permission(permission_name='%s_perms' % slug,
visibility=self.cleaned_data['visibility'],
protection=self.cleaned_data['protection'])
permissions.save(commit=False)
permissions.can_write.add(request_user)
permissions.can_read.add(request_user)
if self.cleaned_data['protection'] == "2":
for user in self.cleaned_data['can_write']:
permissions.can_write.add(user)
if self.cleaned_data['visibility'] == "2":
for user in self.cleaned_data['can_read']:
permissions.can_read.add(user)
permissions.save(commit=True)
return permissions
def post(self, request, user_id, permission_id):
post_body = request.POST
form = PermissionBuilderForm(post_body)
if form.is_valid():
response = self.managed_user.update_permission(form, permission_id, self.user.auth_token)
if response.ok:
return redirect('/users/%s/manage' % self.managed_user.user_id)
else:
invalid = True
log_api_error('permission creation', response.text)
status_code = response.status_code
else:
invalid = True
status_code = status.HTTP_400_BAD_REQUEST
permission = Permission.load_by_id(user_id, permission_id, self.user.auth_token)
context = self.__set_edit_permission_context(permission, invalid, posted_form=form)
return render(request, self.template, context, status=status_code)
def test_update(
self,
user_permission_factory,
): # pylint: disable=no-self-use
"""
test updated user_permission
"""
permission_test = Permission()
permission_test.name = "user_permission_test2"
permission_test.key = "test"
permission_test.description = "test"
permission_test.save()
user_permission_created = user_permission_factory()
user_permission = UserPermission.objects.get(
id=user_permission_created.id)
user_permission.permission = permission_test
user_permission.save()
assert user_permission.permission.name == "user_permission_test2", 'name should be user_permission_test2'
def create_permissions():
"""
Creates permissions.
"""
Permission.objects.all().delete()
permissions = []
urls = get_urls()
for url in urls:
for permission in url['permissions']:
try:
permissions.append(
Permission(name=url['name'],
url=url['url'],
method=permission['method'],
description=permission['detail'],
app_label=url['app_label']))
except IntegrityError:
msg = "It seems multiple urls share same name '{}' and method '{}'. \
Please make sure to override 'base_name' keyword in router.".format(
url["name"], permission["method"])
raise Exception(msg)
Permission.objects.bulk_create(permissions)
def __init__(self, obj_dict=None):
self.auth_token = None
self.id_token = None
self.index_overview = None
self.examinations = []
self.permissions = []
self.permission_objects = []
self.gmc_number = None
if obj_dict:
self.user_id = obj_dict.get('userId')
self.first_name = obj_dict.get('firstName')
self.last_name = obj_dict.get('lastName')
self.email_address = obj_dict.get('email')
self.roles = obj_dict.get('role')
self.gmc_number = obj_dict.get('gmcNumber', None)
if type(obj_dict.get('permissions')) == list:
self.permissions = obj_dict.get('permissions')
for permission in self.permissions:
permission_object = Permission(obj_dict=permission)
self.permission_objects.append(permission_object)
else:
self.permitted_actions = PermittedActions(
obj_dict.get('permissions'))
def flush_permissions():
try:
Permission.flush()
print("All the permission flushed")
except Exception as e:
print("Some problem occurred " + str(e))
def update_permission(self, form, permission_id, auth_token):
return Permission.update(form.to_dict(self.user_id), self.user_id,
permission_id, auth_token)
def add_permission(self, form, auth_token):
return Permission.create(form.to_dict(self.user_id), self.user_id,
auth_token)
def get(self, request, user_id, permission_id):
Permission.delete(user_id, permission_id, auth_token=self.user.auth_token)
return self.__redirect_to_manage_user(user_id)
def test_load_examinations_adds_a_list_of_cases_to_the_user(self):
user = User(UserMocks.get_filled_user_dict())
user.auth_token = SessionMocks.ACCESS_TOKEN
user.permissions.append(Permission(PermissionMocks.get_me_permission_dict()))
user.load_examinations(20, 1, None, None, None)
self.assertEquals(type(user.examinations), list)
def create_permission(permission: ValidPermissions, *args) -> Permission:
permission_obj = Permission()
permission_obj.set_permission(permission, *args)
permission_obj.save()
return permission_obj
def create(request, template_name=None, next=None, action=None):
"""this method is used to create a page about something"""
request_user = request.user
if request.method == 'POST':
f = ArticleForm(request.POST)
if f.is_valid():
title = f.cleaned_data['title']
slug = slugify(title)
category = f.cleaned_data['category']
protection = f.cleaned_data['protection']
visibility = f.cleaned_data['visibility']
can_write = f.cleaned_data['can_write']
can_read = f.cleaned_data['can_read']
if Article.objects.filter(slug=slug).count() > 0:
slug = slug + str(Article.objects.filter(slug__contains=slug).count())
article = Article(author=request.user, slug=slug, title=title,category=category)
#Check every thing related to permissions cal_protection and cal_visibility
if article.permissions is None:
permissions = Permission(permission_name='%s_perms' % slug,
visibility=visibility,
protection=protection)
permissions.save()
article.permissions = permissions
article.permissions.can_write.add(request.user)
article.permissions.can_read.add(request.user)
#@todo change "2" to CUSTOM
if protection == "2":
for user in can_write:
article.permissions.can_write.add(user)
if visibility == "2":
for user in can_read:
article.permissions.can_read.add(user)
article.parent = Article.get_root()
article.save()
if TaggableManager:
#tagging the article
tags = f.cleaned_data['tags']
if tags:
article.tags.set(*tags)
#adding the article description only if the user has checked the add_description
if not f.cleaned_data['contents'] == '':
status = f.cleaned_data['status']
contents = f.cleaned_data['contents']
new_revision = Version(user=request.user, article=article, status=status,
contents=contents)
new_revision.save()
#set the notification object
#ToNotify(user=request_user, Article=article).save()
if not request.is_ajax():
if next == 'wall_home':
return HttpResponseRedirect(reverse(next))
return HttpResponseRedirect(reverse(next, args=(article.get_url(),)))
response = {'success':True}
else:
response = errors_as_json(f)
if request.is_ajax():
json = simplejson.dumps(response, ensure_ascii=False)
return HttpResponse(json, mimetype="application/json")
else:
f = ArticleForm()
c = RequestContext(request, {'wiki_form': f,
'action':reverse(action),
'wiki_edit_protection':False,
'wiki_write': False,
'wiki_read': False,
})
return render_to_response(template_name, c)
