class BOPTestCase(TestCase):
fixtures = ['users.json', ]
def get_users_and_groups(self):
self.anonuser = User.objects.get(username='******')
self.testuser = User.objects.get(username='******')
self.anons = Group.objects.get(name='bop_anons')
self.someperms = Group.objects.get(name='bop_someperms')
self.superuser = User.objects.filter(is_superuser=True)[0]
self.anonymous = AnonymousUser()
def setUp(self):
self._anonymous_user_id = getattr(settings, 'ANONYMOUS_USER_ID', None)
self._backends = getattr(settings, 'AUTHENTICATION_BACKENDS', None)
self.get_users_and_groups()
self.tablemanager = TableManager()
self.tablemanager.create_table(Thing)
self.thing = Thing(label='a thing')
self.thing.save()
if self._anonymous_user_id:
delattr(settings, 'ANONYMOUS_USER_ID')
def tearDown(self):
if self._anonymous_user_id:
settings.ANONYMOUS_USER_ID = self._anonymous_user_id
settings.AUTHENTICATION_BACKENDS = self._backends
ObjectPermission.objects.filter(
content_type=ContentType.objects.get_for_model(Thing)).delete()
self.tablemanager.drop_table(Thing)
def setUp(self):
self._anonymous_user_id = getattr(settings, 'ANONYMOUS_USER_ID', None)
self._backends = getattr(settings, 'AUTHENTICATION_BACKENDS', None)
self.tablemanager = TableManager()
self.tablemanager.create_table(Thing)
self.thing = Thing(label='a thing')
self.thing.save()
self.content_type = ContentType.objects.get_for_model(Thing)
if self._anonymous_user_id:
delattr(settings, 'ANONYMOUS_USER_ID')
def setUp(self):
self._anonymous_user_id = getattr(settings, 'ANONYMOUS_USER_ID', None)
self._backends = getattr(settings, 'AUTHENTICATION_BACKENDS', None)
self.get_users_and_groups()
self.tablemanager = TableManager()
self.tablemanager.create_table(Thing)
self.thing = Thing(label='a thing')
self.thing.save()
if self._anonymous_user_id:
delattr(settings, 'ANONYMOUS_USER_ID')
def test(self):
from bop.managers import UserObjectManager
UserObjectManager().contribute_to_class(Thing, 'objects')
self.assertEqual(Thing.objects.count(), 1)
self.assertEqual(ObjectPermission.objects.get_for_model(Thing).count(), 0)
self.assertEqual(Thing.objects.get_user_objects(self.testuser).count(), 0)
thinga = Thing(label='thinga')
thinga.save()
thingb = Thing(label='thingb')
thingb.save()
grant(self.testuser, None, 'bop.change_thing', thinga)
self.assertEqual(Thing.objects.get_user_objects(self.testuser).count(), 1)
grant(self.testuser, None, 'bop.do_thing', thinga)
self.assertEqual(Thing.objects.get_user_objects(self.testuser).count(), 1)
grant(self.testuser, None, 'bop.do_thing', thingb)
self.assertEqual(Thing.objects.get_user_objects(self.testuser).count(), 2)
# Now check for a specific perm
self.assertEqual(Thing.objects.get_user_objects(self.testuser, 'bop.do_thing').count(), 2)
self.assertEqual(Thing.objects.get_user_objects(self.testuser, permissions='bop.change_thing').count(), 1)
# And now for something completely different
ct = ContentType.objects.get_for_model(Thing)
permd = Permission.objects.get(codename='delete_thing', content_type=ct)
self.testuser.user_permissions.add(permd)
self.assertEqual(Thing.objects.get_user_objects(self.testuser, 'bop.change_thing').count(), 1)
self.assertEqual(Thing.objects.get_user_objects(self.testuser, permissions='bop.change_thing').count(), 1)
self.assertEqual(Thing.objects.get_user_objects(self.testuser, 'bop.delete_thing', True).count(), 3)
self.assertEqual(Thing.objects.get_user_objects(self.testuser, check_model_perms=True).count(), 3)
self.assertEqual(Thing.objects.get_user_objects(self.testuser, None, True).count(), 3)
class TestAPI(TestCase):
def setUp(self):
self._anonymous_user_id = getattr(settings, 'ANONYMOUS_USER_ID', None)
self._backends = getattr(settings, 'AUTHENTICATION_BACKENDS', None)
self.tablemanager = TableManager()
self.tablemanager.create_table(Thing)
self.thing = Thing(label='a thing')
self.thing.save()
self.content_type = ContentType.objects.get_for_model(Thing)
if self._anonymous_user_id:
delattr(settings, 'ANONYMOUS_USER_ID')
def tearDown(self):
if self._anonymous_user_id:
settings.ANONYMOUS_USER_ID = self._anonymous_user_id
settings.AUTHENTICATION_BACKENDS = self._backends
ObjectPermission.objects.filter(
content_type=ContentType.objects.get_for_model(Thing)).delete()
self.tablemanager.drop_table(Thing)
def testHasModelPerms(self):
from bop.api import has_model_perms, get_model_perms
self.assertEqual(get_model_perms(Thing) ,get_model_perms(self.thing))
testa = User.objects.create_user('test-a', '*****@*****.**', 'test-a')
self.assertFalse(has_model_perms(testa, Thing))
ct = ContentType.objects.get_for_model(Thing)
permd = Permission.objects.get(codename='delete_thing', content_type=ct)
testa.user_permissions.add(permd)
# re-get the user to clear/re-fill the perms-cache
testa = User.objects.get(username='******')
self.assertTrue(has_model_perms(testa, Thing))
testa.delete()
def testGrantRevoke(self):
testa = User.objects.create_user('test-a', '*****@*****.**', 'test-a')
testb = User.objects.create_user('test-b', '*****@*****.**', 'test-b')
testga, _ = Group.objects.get_or_create(name='test-ga')
testgb, _ = Group.objects.get_or_create(name='test-gb')
testa.groups.add(testga)
testb.groups.add(testgb)
perms = Permission.objects.filter(content_type=self.content_type)
objects = self.thing
self.assertEqual(ObjectPermission.objects.count(), 0)
grant([testa], [testga, testgb], perms, objects)
self.assertEqual(ObjectPermission.objects.count(), 15)
revoke(None, [testga, testgb], perms, objects)
revoke(None, [testga, testgb], perms, objects)
self.assertEqual(ObjectPermission.objects.count(), 5)
# Try again (should have no consequences)
revoke(None, [testga, testgb], perms, objects)
self.assertEqual(ObjectPermission.objects.count(), 5)
# arbitrary object
grant([testa], [testga, testgb], perms, object())
self.assertEqual(ObjectPermission.objects.count(), 5)
# Just pass names (except for the objects)
grant(None, testga.name, 'bop.delete_thing', self.thing)
self.assertEqual(ObjectPermission.objects.count(), 6)
# non-existing permisions
grant(None, testga.name, 'bop.wrong_thing', self.thing)
self.assertEqual(ObjectPermission.objects.count(), 6)
revoke(None, testga.name, 'bop.wrong_thing', self.thing)
self.assertEqual(ObjectPermission.objects.count(), 6)
# non-existing group
grant(None, 'InternationalOrganisationOfAnarchists', 'bop.change_thing', self.thing)
self.assertEqual(ObjectPermission.objects.count(), 6)
revoke(None, 'InternationalOrganisationOfAnarchists', 'bop.change_thing', self.thing)
self.assertEqual(ObjectPermission.objects.count(), 6)
# non-existing user
grant(AnonymousUser(), None, 'bop.change_thing', self.thing)
self.assertEqual(ObjectPermission.objects.count(), 6)
revoke(AnonymousUser(), None, 'bop.change_thing', self.thing)
self.assertEqual(ObjectPermission.objects.count(), 6)
revoke(None, testga.name, 'bop.delete_thing', self.thing)
self.assertEqual(ObjectPermission.objects.count(), 5)
# use a queryset: revoke thing-perms (see above) for all users
revoke(User.objects.all(), None, perms, self.thing)
self.assertEqual(ObjectPermission.objects.count(), 0)
testa.delete()
testb.delete()
testga.delete()
testgb.delete()