def test_get_perms_user_is_superuser(self):
user = User.objects.create_user(username='******',
password='******',
is_superuser=True)
checker = utils.GraphPermissionChecker(user)
self.assertListEqual(sorted(checker.get_perms(user)),
['add_user', 'change_user', 'delete_user'])
def test_get_user_perms(self):
user = User.objects.create_user(username='******',
password='******')
user.user_permissions.add(*Permission.objects.filter(
codename__in=['add_user', 'change_user']))
checker = utils.GraphPermissionChecker(user)
self.assertListEqual(sorted(list(checker.get_user_perms(user))),
['add_user', 'change_user'])
def test_get_user_filters(self):
user = User.objects.create_user(username='******',
password='******')
user.user_permissions.add(*Permission.objects.filter(
codename__in=['add_user', 'change_user']))
# Get user filters for user
checker = utils.GraphPermissionChecker(user)
filters = checker.get_user_filters()
permissions = Permission.objects.filter(**filters)
self.assertIsInstance(permissions, QuerySet)
self.assertEqual(permissions.count(), 2)
def test_get_group_filters(self):
group = Group.objects.create(name='test group')
group.permissions.add(*Permission.objects.filter(
codename__in=['add_user', 'change_user']))
user = User.objects.create_user(username='******',
password='******')
user.groups.add(group)
# Get group filters for group
checker = utils.GraphPermissionChecker(group)
filters = checker.get_group_filters()
permissions = Permission.objects.filter(**filters)
self.assertIsInstance(permissions, QuerySet)
self.assertEqual(permissions.count(), 2)
# Get group filters for use
checker = utils.GraphPermissionChecker(user)
filters = checker.get_group_filters()
permissions = Permission.objects.filter(**filters)
self.assertIsInstance(permissions, QuerySet)
self.assertEqual(permissions.count(), 2)
def test_get_perms_user_in_group(self):
group = Group.objects.create(name='test group')
group.permissions.add(Permission.objects.get(codename='add_user'))
user = User.objects.create_user(username='******',
password='******')
user.user_permissions.add(
Permission.objects.get(codename='change_user'))
user.groups.add(group)
# Make sure we get user and group permissions combined
checker = utils.GraphPermissionChecker(user)
self.assertListEqual(sorted(checker.get_perms(user)),
['add_user', 'change_user'])
def test_checker_has_perm_authorized_user(self):
author = AuthorFixture(Author).create_one()
user = author.user
perm = Permission.objects.get(
content_type=utils.get_content_type(author),
codename='change_author')
access_rule = AccessRule.objects.create(
ctype_source=utils.get_content_type(user),
ctype_target=utils.get_content_type(author),
relation_types=[{
'AUTHOR': None
}])
user.user_permissions.add(perm)
access_rule.permissions.add(perm)
checker = utils.GraphPermissionChecker(user)
self.assertTrue(checker.has_perm(perm.codename, author))
def test_checker_has_perm_authorized_group(self):
group = Group.objects.create(name='test group')
user = User.objects.create_user(username='******',
password='******')
perm = Permission.objects.get(
content_type=utils.get_content_type(user), codename='change_user')
access_rule = AccessRule.objects.create(
ctype_source=utils.get_content_type(group),
ctype_target=utils.get_content_type(user),
relation_types=[{
'USER_SET': None
}])
user.groups.add(group)
group.permissions.add(perm)
access_rule.permissions.add(perm)
checker = utils.GraphPermissionChecker(group)
# self.assertTrue(checker.has_perm(perm.codename, user))
self.assertRaises(NotImplementedError, checker.has_perm, perm.codename,
user)
def test_get_perms_group(self):
group = Group.objects.create(name='test group')
group.permissions.add(Permission.objects.get(codename='add_group'))
checker = utils.GraphPermissionChecker(group)
self.assertListEqual(sorted(checker.get_perms(group)), ['add_group'])
def test_get_perms_user_is_inactive(self):
user = User.objects.create_user(username='******',
password='******',
is_active=False)
checker = utils.GraphPermissionChecker(user)
self.assertListEqual(checker.get_perms(user), [])
def test_checker_has_perm_is_superuser(self):
user = User.objects.create_user(username='******',
password='******',
is_superuser=True)
checker = utils.GraphPermissionChecker(user)
self.assertTrue(checker.has_perm(perm=None, obj=None))