def test_permission_forms(self): page = create_page("page_b", "nav_playground.html", "en", created_by=self.get_superuser()) normal_user = self._create_user("randomuser", is_staff=True, add_default_permissions=True) assign_user_to_page(page, normal_user, can_view=True, can_change=True) with self.login_user_context(self.get_superuser()): response = self.client.get("/en/admin/cms/page/%s/permission-settings/" % page.pk) self.assertEqual(response.status_code, 200) response = self.client.get("/en/admin/cms/page/%s/permissions/" % page.pk) self.assertEqual(response.status_code, 200) with self.settings(CMS_RAW_ID_USERS=True): data = {"page": page.pk, "grant_on": "hello"} form = PagePermissionInlineAdminForm(data=data, files=None) self.assertFalse(form.is_valid()) data = {"page": page.pk, "grant_on": ACCESS_PAGE} form = PagePermissionInlineAdminForm(data=data, files=None) self.assertTrue(form.is_valid()) form.save() data = {"page": page.pk, "grant_on": ACCESS_PAGE_AND_CHILDREN, "can_add": "1", "can_change": ""} form = PagePermissionInlineAdminForm(data=data, files=None) self.assertFalse(form.is_valid()) self.assertTrue("<li>Add page permission also requires edit page " "permission.</li>" in str(form.errors)) data = {"page": page.pk, "grant_on": ACCESS_PAGE, "can_add": "1"} form = PagePermissionInlineAdminForm(data=data, files=None) self.assertFalse(form.is_valid()) self.assertTrue( "<li>Add page permission requires also access to children, or " "descendants, otherwise added page can't be changed by its " "creator.</li>" in str(form.errors) )
def creausuario(sender,user,request,**kwargs): if user.is_superuser == False: #Activar idioma activate('en') #Lista de permisos permisos=['Can add article','Can view article','Can change article','Can delete article','Can add cms plugin','Can view cms plugin','Can change cms plugin','Can delete cms plugin','Can add placeholder','Can view placeholder','Can change placeholder','Can delete placeholder','Can use Structure mode','Can add placeholder reference','Can change placeholder reference','Can add content type','Can change content type','Can delete content type','Can view content type'] #Al usuario que se está registrando se le añaden los permisos, y se guarda usuario=User.objects.get(username=user.username) for p in permisos: per=Permission.objects.get(name=str(p)) usuario.user_permissions.add(per) usuario.save() #Crearmos la Userpage, el blog para el usuario y la página del usuario, luego #asignaremos permisos y finalmente publicaremos la página. try: Page.objects.get(created_by=usuario) except Page.DoesNotExist: #Crear UserPage api.create_page_user(created_by=usuario,user=usuario,can_add_page=True) #Crear Blog blog=NewsBlogConfig() blog.app_title=usuario.username blog.namespace=usuario.username blog.save() #Crear pagina del usuario pagina=api.create_page(title=usuario.username,language='en',template=TEMPLATE_INHERITANCE_MAGIC,parent=None,created_by=usuario,apphook='NewsBlogApp',apphook_namespace=usuario.username) #Permisos de usuario api.assign_user_to_page(pagina,usuario,can_add=True,can_change=True,can_delete=True) pagina.publish('en') pagina.save()
def setUp(self): # create super user self.user_super = self._create_user("super", is_superuser=True) self.user_staff = self._create_user("staff") self.user_master = self._create_user("master") self.user_slave = self._create_user("slave") self.user_normal = self._create_user("normal", is_staff=False) self.user_normal.user_permissions.add( Permission.objects.get(codename='publish_page')) with self.login_user_context(self.user_super): self.home_page = create_page("home", "nav_playground.html", "en", created_by=self.user_super) # master page & master user self.master_page = create_page("master", "nav_playground.html", "en") # create non global, non staff user self.user_non_global = User(username="******", is_active=True) self.user_non_global.set_password("nonglobal") self.user_non_global.save() # assign master user under home page assign_user_to_page(self.home_page, self.user_master, grant_on=ACCESS_DESCENDANTS, grant_all=True) # and to master page assign_user_to_page(self.master_page, self.user_master, grant_on=ACCESS_PAGE_AND_DESCENDANTS, grant_all=True) # slave page & slave user self.slave_page = create_page("slave-home", "nav_playground.html", "en", parent=self.master_page, created_by=self.user_super) assign_user_to_page(self.slave_page, self.user_slave, grant_all=True) # create page_b page_b = create_page("pageB", "nav_playground.html", "en", created_by=self.user_super) # Normal user # it's allowed for the normal user to view the page assign_user_to_page(page_b, self.user_normal, can_view=True) # create page_a - sample page from master page_a = create_page("pageA", "nav_playground.html", "en", created_by=self.user_super) assign_user_to_page(page_a, self.user_master, can_add=True, can_change=True, can_delete=True, can_publish=True, can_move_page=True) # publish after creating all drafts publish_page(self.home_page, self.user_super) publish_page(self.master_page, self.user_super) self.page_b = publish_page(page_b, self.user_super)
def test_add_page_twice(self): user1 = self._create_user("user1", is_staff=True, is_superuser=False, add_default_permissions=True) home = create_page("home", "nav_playground.html", "en", published=True) home.set_as_homepage() assign_user_to_page(home, user1, grant_on=ACCESS_PAGE_AND_DESCENDANTS, can_add=True, can_change=True, can_publish=True) with self.login_user_context(user1): response = self.client.post( f'{URL_CMS_PAGE_ADD}?parent_node={home.node.pk}', self.get_new_page_data(parent_id=home.node.pk)) self.assertEqual(response.status_code, 302) child = home.reload().get_child_pages().first() self.assertIsNotNone(child) # Ignore cached_func User = get_user_model() user1 = User.objects.get(pk=user1.pk) self.assertTrue(user_can_add_subpage(user1, child))
def test_edit_title_is_allowed_for_staff_user(self): """ We check here both the permission on a single page, and the global permissions """ user = self._create_user('user', is_staff=True) another_user = self._create_user('another_user', is_staff=True) page = create_page('A', 'nav_playground.html', 'en') admin_url = reverse("admin:cms_page_edit_title", args=( page.pk, 'en' )) page_admin = PageAdmin(Page, None) page_admin._current_page = page self.client.login(username=user.username, password=user.username) response = self.client.get(admin_url) self.assertEqual(response.status_code, HttpResponseForbidden.status_code) assign_user_to_page(page, user, grant_all=True) self.client.login(username=user.username, password=user.username) response = self.client.get(admin_url) self.assertEqual(response.status_code, HttpResponse.status_code) self._give_cms_permissions(another_user) self.client.login(username=another_user.username, password=another_user.username) response = self.client.get(admin_url) self.assertEqual(response.status_code, HttpResponse.status_code)
def dispatch(self, request, *args, **kwargs): # check if logged in user has already created a page try: self.page = Page.objects.get(created_by=request.user, in_navigation=True, publisher_is_draft=True, is_home = False, template=settings.PROJECT_PAGE_TEMPLATE) except: # else, create page and hook plugins to placeholders : page_name = 'home-%s' % (request.user) self.page = create_page(page_name, settings.PROJECT_PAGE_TEMPLATE, 'fr', created_by=request.user, published=True, in_navigation=True) # assign user to created page assign_user_to_page(self.page, request.user, can_add=True, can_change=True, can_change_advanced_settings=True, can_publish=True) # logo logo_ph = self.page.placeholders.get(slot='logo') add_plugin(logo_ph, 'PicturePlugin', 'fr') # project_description descr_ph = self.page.placeholders.get(slot='project_description') add_plugin(descr_ph, 'TextPlugin', 'fr', body='Cliquez pour ajouter la description du projet') # project_pictures pic_ph = self.page.placeholders.get(slot='project_pictures') add_plugin(pic_ph, 'BackgroundImagesPlugin', 'fr') # news_block news_ph = self.page.placeholders.get(slot='news_block') add_plugin(news_ph, 'CMSNewsPlugin', 'fr') # carto carto_ph = self.page.placeholders.get(slot='carto') add_plugin(carto_ph, 'CartoPlugin', 'fr') return super(CMSRedirectView, self).dispatch(request, *args, **kwargs)
def test_user_globalpermission(self): # Global user with self.login_user_context(self.user_super): user_global = User(username="******", is_active=True) user_global.set_password("global") user_global.save() user_global = create_page_user(user_global, user_global) user_global.is_staff = False user_global.save() # Prevent is_staff permission global_page = create_page("global", "nav_playground.html", "en", published=True) global_page = publish_page(global_page, user_global, approve=True) # it's allowed for the normal user to view the page assign_user_to_page(global_page, user_global, global_permission=True, can_view=True) url = global_page.get_absolute_url('en') with self.login_user_context(user_global): response = self.client.get(url) self.assertEqual(response.status_code, 200) with self.login_user_context(self.user_non_global): response = self.client.get(url) self.assertEqual(response.status_code, 404)
def test_permission_manager(self): """ Test page permission manager working on a subpage """ page_b = create_page("page_b", "nav_playground.html", "en", created_by=self.user_super) assign_user_to_page(page_b, self.user_normal, can_view=True, can_change=True) cached_permissions = get_permission_cache(self.user_normal, "can_change") self.assertIsNone(cached_permissions) live_permissions = Page.permissions.get_change_id_list( self.user_normal, Site.objects.get_current()) cached_permissions_permissions = get_permission_cache( self.user_normal, "can_change") self.assertEqual(live_permissions, [page_b.id]) self.assertEqual(cached_permissions_permissions, live_permissions) self.home_page.save() cached_permissions = get_permission_cache(self.user_normal, "can_change") self.assertIsNone(cached_permissions)
def creasitios(sender, user, request, **kwargs): #Comprobamos que el usuario que se conecta no es el administrador, para evitar que se dispare el script en tal caso if user.username != "Administracion": #Indicamos que queremos utilizar el idioma español en la creacion activate('es') #Probamos a comprobar si ese usuario tiene una pagina o no try: Page.objects.get(created_by=user.username) #Si no la tiene pasamos a asignarle los permisos al usuario y crearle la página, ya que damos por supuesto que dicho usuario no existia except Page.DoesNotExist: #Indicamos la lista de permisos permisos = [ 'Can add boostrap3 panel body plugin', 'Can change boostrap3 panel body plugin', 'Can add boostrap3 panel plugin', 'Can change boostrap3 panel plugin', 'Can add article', 'Can change article', 'Can delete article', 'Can add cms plugin', 'Can change cms plugin', 'Can delete cms plugin', 'Can add placeholder', 'Can change placeholder', 'Can delete placeholder', 'Can use Structure mode', 'Can add placeholder reference', 'Can change placeholder reference', 'Can add content type', 'Can change content type', 'Can delete content type' ] usuario = User.objects.get(username=user.username) #Le añadimos los permisos al usuario que estamos creando for ele in permisos: per = Permission.objects.get(name=str(ele)) usuario.user_permissions.add(per) #Guardamos el usuario usuario.save() #Creamos el usuario de página api.create_page_user(created_by=usuario, user=usuario, can_add_page=True) #Creamos el blog y lo configuramos blog = NewsBlogConfig() blog.app_title = usuario.username blog.namespace = usuario.username #Guardamos el blog en nuestra base de datos blog.save() #Le creamos una página al usuario pagina = api.create_page(title=usuario.username, language='es', template=TEMPLATE_INHERITANCE_MAGIC, parent=None, created_by=usuario, apphook='NewsBlogApp', apphook_namespace=usuario.username) #Se la asignamos api.assign_user_to_page(pagina, usuario, can_add=True, can_change=True, can_delete=True) #Publicamos la página para que sea visile por el resto de usuarios. pagina.publish('es')
def test_permission_forms(self): page = create_page("page_b", "nav_playground.html", "en", created_by=self.get_superuser()) normal_user = self._create_user("randomuser", is_staff=True, add_default_permissions=True) assign_user_to_page(page, normal_user, can_view=True, can_change=True) with self.login_user_context(self.get_superuser()): response = self.client.get( "/en/admin/cms/page/%s/permission-settings/" % page.pk) self.assertEqual(response.status_code, 200) response = self.client.get("/en/admin/cms/page/%s/permissions/" % page.pk) self.assertEqual(response.status_code, 200) with self.settings(CMS_RAW_ID_USERS=True): data = { 'page': page.pk, 'grant_on': "hello", } form = PagePermissionInlineAdminForm(data=data, files=None) self.assertFalse(form.is_valid()) data = { 'page': page.pk, 'grant_on': ACCESS_PAGE, } form = PagePermissionInlineAdminForm(data=data, files=None) self.assertTrue(form.is_valid()) form.save() data = { 'page': page.pk, 'grant_on': ACCESS_PAGE_AND_CHILDREN, 'can_add': '1', 'can_change': '' } form = PagePermissionInlineAdminForm(data=data, files=None) self.assertFalse(form.is_valid()) self.assertEqual( str(form.errors), '<ul class="errorlist"><li>__all__<ul class="errorlist"><li>Add page permission also ' 'requires edit page permission.</li></ul></li></ul>') data = { 'page': page.pk, 'grant_on': ACCESS_PAGE, 'can_add': '1', } form = PagePermissionInlineAdminForm(data=data, files=None) self.assertFalse(form.is_valid()) self.assertEqual( str(form.errors), '<ul class="errorlist"><li>__all__<ul class="errorlist"><li>Add page permission requires ' 'also access to children, or descendants, otherwise added page can't be changed by ' 'its creator.</li></ul></li></ul>')
def test_permission_forms(self): page = create_page("page_b", "nav_playground.html", "en", created_by=self.get_superuser()) normal_user = self._create_user("randomuser", is_staff=True, add_default_permissions=True) assign_user_to_page(page, normal_user, can_view=True, can_change=True) with self.login_user_context(self.get_superuser()): response = self.client.get(URL_CMS_PAGE_PERMISSION_CHANGE % page.pk) self.assertEqual(response.status_code, 200) response = self.client.get(URL_CMS_PAGE_PERMISSIONS % page.pk) self.assertEqual(response.status_code, 200) with self.settings(CMS_RAW_ID_USERS=True): data = { 'page': page.pk, 'grant_on': "hello", 'user': normal_user.pk, } form = PagePermissionInlineAdminForm(data=data, files=None) self.assertFalse(form.is_valid()) data = { 'page': page.pk, 'grant_on': ACCESS_PAGE, 'user': normal_user.pk, } form = PagePermissionInlineAdminForm(data=data, files=None) self.assertTrue(form.is_valid()) form.save() data = { 'page': page.pk, 'grant_on': ACCESS_PAGE_AND_CHILDREN, 'can_add': '1', 'can_change': '', 'user': normal_user.pk, } form = PagePermissionInlineAdminForm(data=data, files=None) error_message = ("<li>Users can't create a page without permissions " "to change the created page. Edit permissions required.</li>") self.assertFalse(form.is_valid()) self.assertTrue(error_message in str(form.errors)) data = { 'page': page.pk, 'grant_on': ACCESS_PAGE, 'can_add': '1', 'can_change': '1', 'user': normal_user.pk, } form = PagePermissionInlineAdminForm(data=data, files=None) self.assertFalse(form.is_valid()) self.assertTrue('<li>Add page permission requires also access to children, or ' 'descendants, otherwise added page can't be changed by its ' 'creator.</li>' in str(form.errors))
def test_user_globalpermission(self): # Global user user_global = User(username="******", is_active=True) user_global.set_password("global") user_global.save() with self.login_user_context(self.user_super): user_global = create_page_user(user_global, user_global) user_global.is_staff = False user_global.save() # Prevent is_staff permission global_page = create_page("global", "nav_playground.html", "en", published=True) # Removed call since global page user doesn't have publish permission #global_page = publish_page(global_page, user_global) # it's allowed for the normal user to view the page assign_user_to_page(global_page, user_global, global_permission=True, can_view=True) url = global_page.get_absolute_url('en') all_view_perms = PagePermission.objects.filter(can_view=True) has_perm = False for perm in all_view_perms: if perm.page == self.page_b and perm.user == user_global: has_perm = True self.assertEqual(has_perm, False) global_page_perm_q = Q(user=user_global) & Q(can_view=True) global_view_perms = GlobalPagePermission.objects.filter( global_page_perm_q).exists() self.assertEqual(global_view_perms, True) # user_global with self.login_user_context(user_global): response = self.client.get(url) self.assertEqual(response.status_code, 200) # self.non_user_global has_perm = False for perm in all_view_perms: if perm.page == self.page_b and perm.user == self.user_non_global: has_perm = True self.assertEqual(has_perm, False) global_page_perm_q = Q(user=self.user_non_global) & Q(can_view=True) global_view_perms = GlobalPagePermission.objects.filter( global_page_perm_q).exists() self.assertEqual(global_view_perms, False) with self.login_user_context(self.user_non_global): response = self.client.get(url) self.assertEqual(response.status_code, 404)
def test_visibility_after_move_page(self): superuser = self.get_superuser() user1 = self._create_user("user1", is_staff=True, is_superuser=False) visible = create_page("visible", "nav_playground.html", "en", published=True) visible_child = create_page("visible_child", "nav_playground.html", "en", parent=visible, published=True) invisible_for_user1 = create_page("invisible", "nav_playground.html", "en", published=True) assign_user_to_page(visible, user1, grant_on=ACCESS_PAGE_AND_DESCENDANTS, can_view=True) assign_user_to_page(invisible_for_user1, superuser, grant_on=ACCESS_PAGE_AND_DESCENDANTS, can_view=True) with self.login_user_context(user1): response = self.client.get( visible_child.get_public_object().get_absolute_url()) self.assertEqual(response.status_code, 200) response = self.client.get( invisible_for_user1.get_public_object().get_absolute_url()) self.assertEqual(response.status_code, 404) with self.login_user_context(superuser): move_url = self.get_admin_url(Page, 'move_page', visible_child.pk) response = self.client.post( move_url, { 'id': visible_child.pk, 'position': 0, 'target': invisible_for_user1.pk, }) self.assertEqual(response.status_code, 200) visible_child = visible_child.reload() self.assertEqual(visible_child.parent_page.pk, invisible_for_user1.pk) # Ignore cached_func User = get_user_model() user1 = User.objects.get(pk=user1.pk) self.assertFalse(user_can_view_page(user=user1, page=visible_child))
def test_permission_forms(self): page = create_page("page_b", "nav_playground.html", "en", created_by=self.get_superuser()) normal_user = self._create_user("randomuser", is_staff=True, add_default_permissions=True) assign_user_to_page(page, normal_user, can_view=True, can_change=True) with self.login_user_context(self.get_superuser()): response = self.client.get("/en/admin/cms/page/%s/permission-settings/" % page.pk) self.assertEqual(response.status_code, 200) response = self.client.get("/en/admin/cms/page/%s/permissions/" % page.pk) self.assertEqual(response.status_code, 200) with SettingsOverride(CMS_RAW_ID_USERS=True): data = { 'page': page.pk, 'grant_on': "hello", } form = PagePermissionInlineAdminForm(data=data, files=None) self.assertFalse(form.is_valid()) data = { 'page': page.pk, 'grant_on': ACCESS_PAGE, } form = PagePermissionInlineAdminForm(data=data, files=None) self.assertTrue(form.is_valid()) form.save() data = { 'page': page.pk, 'grant_on': ACCESS_PAGE_AND_CHILDREN, 'can_add': '1', 'can_change': '' } form = PagePermissionInlineAdminForm(data=data, files=None) self.assertFalse(form.is_valid()) self.assertEqual(str(form.errors), '<ul class="errorlist"><li>__all__<ul class="errorlist"><li>Add page permission also ' 'requires edit page permission.</li></ul></li></ul>') data = { 'page': page.pk, 'grant_on': ACCESS_PAGE, 'can_add': '1', } form = PagePermissionInlineAdminForm(data=data, files=None) self.assertFalse(form.is_valid()) self.assertEqual(str(form.errors), '<ul class="errorlist"><li>__all__<ul class="errorlist"><li>Add page permission requires ' 'also access to children, or descendants, otherwise added page can't be changed by ' 'its creator.</li></ul></li></ul>')
def test_assign_user_to_page_single(self): page = create_page(**self._get_default_create_page_arguments()) user = get_user_model().objects.create_user( username='******', email='*****@*****.**', password='******') user.is_staff = True user.save() assign_user_to_page(page, user, can_change=True) self.assertFalse(page.has_change_permission(user)) self.assertFalse(page.has_add_permission(user)) _grant_page_permission(user, 'change') page = Page.objects.get(pk=page.pk) user = get_user_model().objects.get(pk=user.pk) self.assertTrue(page.has_change_permission(user)) self.assertFalse(page.has_add_permission(user))
def test_assign_user_to_page_single(self): page = create_page(**self._get_default_create_page_arguments()) user = get_user_model().objects.create_user(username='******', email='*****@*****.**', password='******') user.is_staff = True user.save() assign_user_to_page(page, user, can_change=True) self.assertFalse(page.has_change_permission(user)) self.assertFalse(page.has_add_permission(user)) _grant_page_permission(user, 'change') page = Page.objects.get(pk=page.pk) user = get_user_model().objects.get(pk=user.pk) self.assertTrue(page.has_change_permission(user)) self.assertFalse(page.has_add_permission(user))
def test_assign_user_to_page_single(self): page = create_page(**self._get_default_create_page_arguments()) user = User.objects.create(username='******', email='*****@*****.**', is_staff=True, is_active=True) request = AttributeObject(user=user) assign_user_to_page(page, user, can_change=True) self.assertFalse(page.has_change_permission(request)) self.assertFalse(page.has_add_permission(request)) _grant_page_permission(user, 'change') page = Page.objects.get(pk=page.pk) user = User.objects.get(pk=user.pk) request = AttributeObject(user=user) self.assertTrue(page.has_change_permission(request)) self.assertFalse(page.has_add_permission(request))
def test_assign_user_to_page_single(self): page = create_page(**self._get_default_create_page_arguments()) user = get_user_model().objects.create_user(username="******", email="*****@*****.**", password="******") user.is_staff = True user.save() request = AttributeObject(user=user) assign_user_to_page(page, user, can_change=True) self.assertFalse(page.has_change_permission(request)) self.assertFalse(page.has_add_permission(request)) _grant_page_permission(user, "change") page = Page.objects.get(pk=page.pk) user = get_user_model().objects.get(pk=user.pk) request = AttributeObject(user=user) self.assertTrue(page.has_change_permission(request)) self.assertFalse(page.has_add_permission(request))
def nuevousuario(sender,user,request,**kwargs): if user.username != "administrador": activate('en') if Page.objects.filter(created_by=user).count() <= 0: usuario=User.objects.get(username=user.username) usuario.save() api.create_page_user(created_by=usuario,user=usuario,can_add_page=True) blog=NewsBlogConfig() blog.app_title=usuario.username blog.namespace=usuario.username blog.save() pagina=api.create_page(title=usuario.username,language='en',template=TEMPLATE_INHERITANCE_MAGIC,parent=None,in_navigation=True,created_by=usuario,apphook='NewsBlogApp',apphook_namespace=usuario.username) api.assign_user_to_page(pagina,usuario,can_add=True,can_change=True,can_delete=True) pagina.publish('en') print("Usuario y blog creado")
def test_user_globalpermission(self): # Global user User = auth.get_user_model() user_global = User(username="******", is_active=True) user_global.set_password("global") user_global.save() with self.login_user_context(self.user_super): user_global = create_page_user(user_global, user_global) user_global.is_staff = False user_global.save() # Prevent is_staff permission global_page = create_page("global", "nav_playground.html", "en", published=True) # Removed call since global page user doesn't have publish permission #global_page = publish_page(global_page, user_global) # it's allowed for the normal user to view the page assign_user_to_page(global_page, user_global, global_permission=True, can_view=True) url = global_page.get_absolute_url('en') all_view_perms = PagePermission.objects.filter(can_view=True) has_perm = False for perm in all_view_perms: if perm.page == self.page_b and perm.user == user_global: has_perm = True self.assertEqual(has_perm, False) global_page_perm_q = Q(user=user_global) & Q(can_view=True) global_view_perms = GlobalPagePermission.objects.filter(global_page_perm_q).exists() self.assertEqual(global_view_perms, True) # user_global with self.login_user_context(user_global): response = self.client.get(url) self.assertEqual(response.status_code, 200) # self.non_user_global has_perm = False for perm in all_view_perms: if perm.page == self.page_b and perm.user == self.user_non_global: has_perm = True self.assertEqual(has_perm, False) global_page_perm_q = Q(user=self.user_non_global) & Q(can_view=True) global_view_perms = GlobalPagePermission.objects.filter(global_page_perm_q).exists() self.assertEqual(global_view_perms, False) with self.login_user_context(self.user_non_global): response = self.client.get(url) self.assertEqual(response.status_code, 404)
def each(self, name, data): is_home = data.pop("is_home", False) language = data["language"] publish = data.pop("publish", False) assignments = data.pop("assignments", []) content = data.pop("content", []) data["created_by"] = self.bootstrap.users[data["created_by"]] page = create_page(**data) if is_home: page.set_as_homepage() version = get_version(page) placeholder = version.content.get_placeholders().get(slot="content") for assignment in assignments: assignment["user"] = self.bootstrap.users[assignment["user"]] assign_user_to_page(page, **assignment) for plugin in content: self.add_plugin(placeholder, plugin, language) if publish: version.publish(data["created_by"]) self.data[name] = page
def test_permission_manager(self): """ Test page permission manager working on a subpage """ page_b = create_page("page_b", "nav_playground.html", "en", created_by=self.user_super) assign_user_to_page(page_b, self.user_normal, can_view=True, can_change=True) cached_permissions = get_permission_cache(self.user_normal, "change_page") self.assertIsNone(cached_permissions) live_permissions = get_change_id_list(self.user_normal, Site.objects.get_current()) cached_permissions_permissions = get_permission_cache(self.user_normal, "change_page") self.assertEqual(live_permissions, [page_b.id]) self.assertEqual(cached_permissions_permissions, live_permissions) self.home_page.save() cached_permissions = get_permission_cache(self.user_normal, "change_page") self.assertIsNone(cached_permissions)
def handle(self, *args, **options): activate('en') user=options['user'] usuario=LDAPBackend().populate_user(user) if usuario is None: self.stdout.write(self.style.SUCCESS('Usuario no existe')) else: if Page.objects.filter(created_by=user).count() <= 0: api.create_page_user(created_by=usuario,user=usuario,can_add_page=True) blog=NewsBlogConfig() blog.app_title=usuario.username blog.namespace=usuario.username blog.save() pagina=api.create_page(title=usuario.username,language='en',template=TEMPLATE_INHERITANCE_MAGIC,parent=None,in_navigation=True,created_by=usuario,apphook='NewsBlogApp',apphook_namespace=usuario.username) api.assign_user_to_page(pagina,usuario,can_add=True,can_change=True,can_delete=True) pagina.publish('en') self.stdout.write(self.style.SUCCESS('Usuario y blog creado')) else: self.stdout.write(self.style.SUCCESS('El usuario ya tiene su página y su blog'))
def setUp(self): self.rf = RequestFactory() self.user1 = User.objects.create(username='******', email='*****@*****.**', password='******', is_staff=True) self.user2 = User.objects.create(username='******', email='*****@*****.**', password='******', is_staff=True) self.root = create_page('root', 'bogus.html', 'en', published=True) assign_user_to_page(self.root, self.user1, grant_on=ACCESS_PAGE) self.page = create_page('page', 'bogus.html', 'en', published=True, parent=self.root) assign_user_to_page(self.page, self.user2, grant_on=ACCESS_PAGE) self.theme = Theme.objects.create(name='test_theme', origin='test_origin', share='any')
def setUp(self): # create super user self.user_super = self._create_user("super", True, True) with self.login_user_context(self.user_super): self.home_page = create_page("home", "nav_playground.html", "en", created_by=self.user_super) # master page & master user self.master_page = create_page("master", "nav_playground.html", "en") # create master user self.user_master = self._create_user("master", True) self.user_master.user_permissions.add(Permission.objects.get(codename='publish_page')) #self.user_master = create_page_user(self.user_super, master, grant_all=True) # assign master user under home page assign_user_to_page(self.home_page, self.user_master, grant_on=ACCESS_DESCENDANTS, grant_all=True) # and to master page assign_user_to_page(self.master_page, self.user_master, grant_all=True) # slave page & slave user self.slave_page = create_page("slave-home", "nav_playground.html", "en", parent=self.master_page, created_by=self.user_super) slave = self._create_user("slave", True) self.user_slave = create_page_user(self.user_super, slave, can_add_page=True, can_change_page=True, can_delete_page=True) assign_user_to_page(self.slave_page, self.user_slave, grant_all=True) # create page_a - sample page from master page_a = create_page("pageA", "nav_playground.html", "en", created_by=self.user_super) assign_user_to_page(page_a, self.user_master, can_add=True, can_change=True, can_delete=True, can_publish=True, can_move_page=True) # publish after creating all drafts publish_page(self.home_page, self.user_super, 'en') publish_page(self.master_page, self.user_super, 'en') with self.login_user_context(self.user_slave): # all of them are under moderation... self.pa = create_page("pa", "nav_playground.html", "en", parent=self.slave_page) self.pb = create_page("pb", "nav_playground.html", "en", parent=self.pa, position="right") self.pc = create_page("pc", "nav_playground.html", "en", parent=self.pb, position="right") self.pd = create_page("pd", "nav_playground.html", "en", parent=self.pb) self.pe = create_page("pe", "nav_playground.html", "en", parent=self.pd, position="right") self.pf = create_page("pf", "nav_playground.html", "en", parent=self.pe) self.pg = create_page("pg", "nav_playground.html", "en", parent=self.pf, position="right") self.ph = create_page("ph", "nav_playground.html", "en", parent=self.pf, position="right") self.assertFalse(self.pg.publisher_public) # login as master for approval self.slave_page = self.slave_page.reload() publish_page(self.slave_page, self.user_master, 'en') # publish and approve them all publish_page(self.pa, self.user_master, 'en') publish_page(self.pb, self.user_master, 'en') publish_page(self.pc, self.user_master, 'en') publish_page(self.pd, self.user_master, 'en') publish_page(self.pe, self.user_master, 'en') publish_page(self.pf, self.user_master, 'en') publish_page(self.pg, self.user_master, 'en') publish_page(self.ph, self.user_master, 'en') self.reload_pages()
def handle(self, *args, **options): #Activamos el idioma que queremos que utilice en nuestro sitio activate('es') #Guardamos el parametro de usuario que hemos pasado anteriormente en una variable usr = options['user'] #Introducimos una lista con todos los permisos genericos que tendrá dicho usuario permisos = [ 'Can add boostrap3 panel body plugin', 'Can change boostrap3 panel body plugin', 'Can add boostrap3 panel plugin', 'Can change boostrap3 panel plugin', 'Can add article', 'Can change article', 'Can delete article', 'Can add cms plugin', 'Can change cms plugin', 'Can delete cms plugin', 'Can add placeholder', 'Can change placeholder', 'Can delete placeholder', 'Can use Structure mode', 'Can add placeholder reference', 'Can change placeholder reference', 'Can add content type', 'Can change content type', 'Can delete content type' ] usuario = LDAPBackend().populate_user(usr) #Comprobamos si el usuario existe o no en LDAP if usuario is None: self.stdout.write( self.style.SUCCESS('No existe el usuario en LDAP.')) else: #Asignamos los permisos al usuario for ele in permisos: per = Permission.objects.get(name=str(ele)) usuario.user_permissions.add(per) usuario.save() #Comprobamos si existe la página del usuario try: Page.objects.get(created_by=usuario) except Page.DoesNotExist: #Creamos un Page User api.create_page_user(created_by=usuario, user=usuario, can_add_page=True) #Creamos el blog del usuario blog = NewsBlogConfig() blog.app_title = usuario.username blog.namespace = usuario.username blog.save() #Creamos la pagina del usuario. pagina = api.create_page(title=usuario.username, language='es', template=TEMPLATE_INHERITANCE_MAGIC, parent=None, created_by=usuario, apphook='NewsBlogApp', apphook_namespace=usuario.username) #Asignamos los permisos que tendra el usuario sobre su pagina. api.assign_user_to_page(pagina, usuario, can_add=True, can_change=True, can_delete=True) #Publicamos la pagina pagina.publish('es') self.stdout.write( self.style.SUCCESS( 'Creacion de usuario finalizada con sus respectivos añadidos.' )) else: self.stdout.write( self.style.SUCCESS( 'El usuario ya tiene páginas en su propiedad.'))
def bootstrap(self): """ Setup initial workflow, pages, users and roles for moderation From: https://github.com/divio/djangocms-moderation/blob/master/tests/utils.py """ # create admin user admin = factories.UserFactory(is_staff=True, is_superuser=True, username="******", email="*****@*****.**", password="******") # create users, groups and roles user = factories.UserFactory(username='******', email='*****@*****.**', password='******', is_staff=True,) user2 = factories.UserFactory(username='******', email='*****@*****.**', password='******', is_staff=True, is_superuser=True,) user3 = factories.UserFactory(username='******', email='*****@*****.**', password='******', is_staff=True, is_superuser=True,) moderator = factories.UserFactory(username='******', email='*****@*****.**', password='******', is_staff=True, ) reviewer = factories.UserFactory(username='******', email='*****@*****.**', password='******', is_staff=True, ) artworker = factories.UserFactory(username='******', email='*****@*****.**', password='******', is_staff=True, ) # add permissions content_type = ContentType.objects.get_for_model(ModerationCollection) permission = Permission.objects.get(content_type=content_type, codename='can_change_author') user.user_permissions.add(permission) moderator.user_permissions.add(permission) permission = Permission.objects.get(content_type=content_type, codename='change_moderationcollection') user.user_permissions.add(permission) moderator.user_permissions.add(permission) reviewer.user_permissions.add(permission) permission = Permission.objects.get(content_type=content_type, codename='add_moderationcollection') user.user_permissions.add(permission) moderator.user_permissions.add(permission) content_type = ContentType.objects.get_for_model(ModerationRequest) permission = Permission.objects.get(content_type=content_type, codename='change_moderationrequest') user.user_permissions.add(permission) moderator.user_permissions.add(permission) reviewer.user_permissions.add(permission) permission = Permission.objects.get(content_type=content_type, codename='add_moderationrequest') user.user_permissions.add(permission) moderator.user_permissions.add(permission) permission = Permission.objects.get(codename='use_structure') moderator.user_permissions.add(permission) reviewer.user_permissions.add(permission) permission = Permission.objects.get(codename='add_staticplaceholder') moderator.user_permissions.add(permission) permission = Permission.objects.get(codename='change_staticplaceholder') moderator.user_permissions.add(permission) permission = Permission.objects.get(codename='delete_staticplaceholder') moderator.user_permissions.add(permission) permission = Permission.objects.get(codename='add_cmsplugin') moderator.user_permissions.add(permission) permission = Permission.objects.get(codename='change_cmsplugin') moderator.user_permissions.add(permission) permission = Permission.objects.get(codename='delete_cmsplugin') moderator.user_permissions.add(permission) permission = Permission.objects.get(codename='add_page') moderator.user_permissions.add(permission) permission = Permission.objects.get(codename='delete_page') moderator.user_permissions.add(permission) permission = Permission.objects.get(codename='view_page') moderator.user_permissions.add(permission) reviewer.user_permissions.add(permission) permission = Permission.objects.get(codename='change_page') moderator.user_permissions.add(permission) reviewer.user_permissions.add(permission) permission = Permission.objects.get(codename='publish_page') moderator.user_permissions.add(permission) permission = Permission.objects.get(codename='edit_static_placeholder') moderator.user_permissions.add(permission) permission = Permission.objects.get(codename='add_aliaspluginmodel') moderator.user_permissions.add(permission) permission = Permission.objects.get(codename='change_aliaspluginmodel') moderator.user_permissions.add(permission) permission = Permission.objects.get(codename='delete_aliaspluginmodel') moderator.user_permissions.add(permission) permission = Permission.objects.get(codename='add_text') moderator.user_permissions.add(permission) permission = Permission.objects.get(codename='change_text') moderator.user_permissions.add(permission) permission = Permission.objects.get(codename='delete_text') moderator.user_permissions.add(permission) permission = Permission.objects.get(codename='add_textareafieldplugin') moderator.user_permissions.add(permission) permission = Permission.objects.get(codename='change_textareafieldplugin') moderator.user_permissions.add(permission) permission = Permission.objects.get(codename='delete_textareafieldplugin') moderator.user_permissions.add(permission) permission = Permission.objects.get(codename='add_image') moderator.user_permissions.add(permission) permission = Permission.objects.get(codename='change_image') moderator.user_permissions.add(permission) permission = Permission.objects.get(codename='delete_image') moderator.user_permissions.add(permission) permission = Permission.objects.get(codename='add_link') moderator.user_permissions.add(permission) permission = Permission.objects.get(codename='change_link') moderator.user_permissions.add(permission) permission = Permission.objects.get(codename='delete_link') moderator.user_permissions.add(permission) permission = Permission.objects.get(codename='add_style') moderator.user_permissions.add(permission) permission = Permission.objects.get(codename='change_style') moderator.user_permissions.add(permission) permission = Permission.objects.get(codename='delete_style') moderator.user_permissions.add(permission) permission = Permission.objects.get(codename='add_snippet') moderator.user_permissions.add(permission) permission = Permission.objects.get(codename='change_snippet') moderator.user_permissions.add(permission) permission = Permission.objects.get(codename='delete_snippet') moderator.user_permissions.add(permission) permission = Permission.objects.get(codename='add_version') moderator.user_permissions.add(permission) permission = Permission.objects.get(codename='change_version') moderator.user_permissions.add(permission) permission = Permission.objects.get(codename='delete_version') moderator.user_permissions.add(permission) permission = Permission.objects.get(codename='add_pagecontentversion') moderator.user_permissions.add(permission) permission = Permission.objects.get(codename='change_pagecontentversion') moderator.user_permissions.add(permission) permission = Permission.objects.get(codename='delete_pagecontentversion') moderator.user_permissions.add(permission) permission = Permission.objects.get(codename='add_versionlock') moderator.user_permissions.add(permission) permission = Permission.objects.get(codename='change_versionlock') moderator.user_permissions.add(permission) permission = Permission.objects.get(codename='delete_versionlock') moderator.user_permissions.add(permission) permission = Permission.objects.get(codename='add_moderationrequest') moderator.user_permissions.add(permission) permission = Permission.objects.get(codename='change_moderationrequest') moderator.user_permissions.add(permission) reviewer.user_permissions.add(permission) permission = Permission.objects.get(codename='delete_moderationrequest') moderator.user_permissions.add(permission) permission = Permission.objects.get(codename='add_moderationrequestaction') moderator.user_permissions.add(permission) reviewer.user_permissions.add(permission) permission = Permission.objects.get(codename='change_moderationrequestaction') moderator.user_permissions.add(permission) reviewer.user_permissions.add(permission) permission = Permission.objects.get(codename='delete_moderationrequestaction') moderator.user_permissions.add(permission) permission = Permission.objects.get(codename='add_workflow') moderator.user_permissions.add(permission) permission = Permission.objects.get(codename='change_workflow') moderator.user_permissions.add(permission) permission = Permission.objects.get(codename='delete_workflow') moderator.user_permissions.add(permission) permission = Permission.objects.get(codename='add_collectioncomment') moderator.user_permissions.add(permission) reviewer.user_permissions.add(permission) permission = Permission.objects.get(codename='change_collectioncomment') moderator.user_permissions.add(permission) reviewer.user_permissions.add(permission) permission = Permission.objects.get(codename='delete_collectioncomment') moderator.user_permissions.add(permission) permission = Permission.objects.get(codename='add_confirmationformsubmission') moderator.user_permissions.add(permission) permission = Permission.objects.get(codename='change_confirmationformsubmission') moderator.user_permissions.add(permission) permission = Permission.objects.get(codename='delete_confirmationformsubmission') moderator.user_permissions.add(permission) permission = Permission.objects.get(codename='add_moderationform') moderator.user_permissions.add(permission) permission = Permission.objects.get(codename='change_moderationform') moderator.user_permissions.add(permission) permission = Permission.objects.get(codename='delete_moderationform') moderator.user_permissions.add(permission) # create pages self.create_homepage(admin) pg1 = create_page(title='Page 1 by test', template='INHERIT', language='en', created_by=user, ) pg2 = create_page(title='Page 2 by test2', template='INHERIT', language='en', created_by=user2, ) pg3 = create_page(title='Page 3 by test3', template='INHERIT', language='en', created_by=user3, ) pg4 = create_page(title='Page 4 by test', template='INHERIT', language='en', created_by=user,) pg5 = create_page(title='Page 5 by moderator', template='INHERIT', language='en', created_by=moderator,) assign_user_to_page(pg5, moderator, can_view=True, can_change=True) assign_user_to_page(pg5, reviewer, can_view=True, can_change=False) assign_user_to_page(pg5, artworker, can_view=True, can_change=True) group = Group.objects.create(name='Group 1',) group2 = Group.objects.create(name='Moderator',) group3 = Group.objects.create(name='Reviewer',) group4 = Group.objects.create(name='Artworker',) user2.groups.add(group) user3.groups.add(group) moderator.groups.add(group2) reviewer.groups.add(group3) artworker.groups.add(group4) role1 = Role.objects.create(name='Role 1', user=user,) role2 = Role.objects.create(name='Role 2', user=user2,) role3 = Role.objects.create(name='Role 3', group=group,) role4 = Role.objects.create(name='Moderator', group=group2,) role5 = Role.objects.create(name='Reviewer', group=group3,) role6 = Role.objects.create(name='Artworker', group=group4,) # create workflows wf1 = Workflow.objects.create(pk=1, name='Workflow 1', is_default=True,) wf2 = Workflow.objects.create(pk=2, name='Workflow 2',) wf3 = Workflow.objects.create(pk=3, name='Workflow 3',) wf4 = Workflow.objects.create(pk=4, name='NCO',) # create versions v1 = Version.objects.filter_by_grouper(pg1).filter(state=DRAFT).first() v2 = Version.objects.filter_by_grouper(pg2).filter(state=DRAFT).first() v3 = Version.objects.filter_by_grouper(pg3).filter(state=DRAFT).first() v4 = Version.objects.filter_by_grouper(pg4).filter(state=DRAFT).first() v5 = Version.objects.filter_by_grouper(pg5).filter(state=DRAFT).first() # create previously published version v5.publish(moderator) v5.unpublish(moderator) v5.copy(moderator) # create workflow steps for workflow wf1st1 = wf1.steps.create(role=role1, is_required=True, order=1,) wf1st2 = wf1.steps.create(role=role2, is_required=False, order=2,) wf1st3 = wf1.steps.create(role=role3, is_required=True, order=3,) wf2st1 = wf2.steps.create(role=role1, is_required=True, order=1,) wf2st2 = wf2.steps.create(role=role3, is_required=True, order=2,) wf3st1 = wf3.steps.create(role=role1, is_required=True, order=1,) wf3st2 = wf3.steps.create(role=role3, is_required=False, order=2,) wf4st1 = wf4.steps.create(role=role5, is_required=True, order=1,) # create collections # collection 1 (v1 by user, v2 by user2)-> # workflow 1 -> # step_role_1 (user) >> # step_role_2 (user2) >> # step_role_3 (user2 and user3) >> # collection1 = ModerationCollection.objects.create( author=user, name='Collection 1', workflow=wf1 ) collection2 = ModerationCollection.objects.create( author=user2, name='Collection 2', workflow=wf2 ) collection3 = ModerationCollection.objects.create( author=moderator, name='Collection for review', workflow=wf4 ) # add each version to the collection collection1.add_version(v1) collection1.add_version(v2) collection2.add_version(v3) collection2.add_version(v4) collection3.add_version(v5)
def setUp(self): # create super user self.user_super = User(username="******", is_staff=True, is_active=True, is_superuser=True) self.user_super.set_password("super") self.user_super.save() with self.login_user_context(self.user_super): self._home_page = create_page("home", "nav_playground.html", "en", created_by=self.user_super) # master page & master user self._master_page = create_page("master", "nav_playground.html", "en") # create master user master = User.objects.create(username="******", email="*****@*****.**", password="******") self.user_master = create_page_user(self.user_super, master, grant_all=True) # assign master user under home page assign_user_to_page(self.home_page, self.user_master, grant_on=ACCESS_DESCENDANTS, grant_all=True) # and to master page assign_user_to_page(self.master_page, self.user_master, grant_all=True) # slave page & slave user self._slave_page = create_page("slave-home", "nav_playground.html", "en", parent=self.master_page, created_by=self.user_super) slave = User(username='******', email='*****@*****.**', is_staff=True, is_active=True) slave.set_password('slave') slave.save() self.user_slave = create_page_user(self.user_super, slave, can_add_page=True, can_change_page=True, can_delete_page=True) assign_user_to_page(self.slave_page, self.user_slave, grant_all=True) # create page_a - sample page from master page_a = create_page("pageA", "nav_playground.html", "en", created_by=self.user_super) assign_user_to_page(page_a, self.user_master, can_add=True, can_change=True, can_delete=True, can_publish=True, can_move_page=True, can_moderate=True) # publish after creating all drafts publish_page(self.home_page, self.user_super) publish_page(self.master_page, self.user_super) # logg in as master, and request moderation for slave page and descendants self.request_moderation(self.slave_page, 7) with self.login_user_context(self.user_slave): # all of them are under moderation... self._pa = create_page("pa", "nav_playground.html", "en", parent=self.slave_page) self._pb = create_page("pb", "nav_playground.html", "en", parent=self.pa, position="right") self._pc = create_page("pc", "nav_playground.html", "en", parent=self.pb, position="right") self._pd = create_page("pd", "nav_playground.html", "en", parent=self.pb) self._pe = create_page("pe", "nav_playground.html", "en", parent=self.pd, position="right") self._pf = create_page("pf", "nav_playground.html", "en", parent=self.pe) self._pg = create_page("pg", "nav_playground.html", "en", parent=self.pf, position="right") self._ph = create_page("ph", "nav_playground.html", "en", parent=self.pf, position="right") self.assertFalse(self.pg.publisher_public) # login as master for approval publish_page(self.slave_page, self.user_master, approve=True) # publish and approve them all publish_page(self.pa, self.user_master, approve=True) publish_page(self.pb, self.user_master, approve=True) publish_page(self.pc, self.user_master, approve=True) publish_page(self.pd, self.user_master, approve=True) publish_page(self.pe, self.user_master, approve=True) publish_page(self.pf, self.user_master, approve=True) publish_page(self.pg, self.user_master, approve=True) publish_page(self.ph, self.user_master, approve=True)
def setUp(self): # create super user self.user_super = User(username="******", is_staff=True, is_active=True, is_superuser=True) self.user_super.set_password("super") self.user_super.save() # create staff user self.user_staff = User(username="******", is_staff=True, is_active=True) self.user_staff.set_password("staff") self.user_staff.save() with self.login_user_context(self.user_super): self._home_page = create_page("home", "nav_playground.html", "en", created_by=self.user_super) # master page & master user self._master_page = create_page("master", "nav_playground.html", "en") # create master user master = User(username="******", email="*****@*****.**", is_staff=True, is_active=True) master.set_password('master') master.save() master.user_permissions.add(Permission.objects.get(codename='add_text')) master.user_permissions.add(Permission.objects.get(codename='delete_text')) master.user_permissions.add(Permission.objects.get(codename='change_text')) self.user_master = create_page_user(self.user_super, master, grant_all=True) # create non global, non staff user self.user_non_global = User(username="******", is_active=True) self.user_non_global.set_password("nonglobal") self.user_non_global.save() # assign master user under home page assign_user_to_page(self.home_page, self.user_master, grant_on=ACCESS_DESCENDANTS, grant_all=True) # and to master page assign_user_to_page(self.master_page, self.user_master, grant_on=ACCESS_PAGE_AND_DESCENDANTS, grant_all=True) # slave page & slave user self._slave_page = create_page("slave-home", "nav_playground.html", "en", parent=self.master_page, created_by=self.user_super) slave = User(username='******', email='*****@*****.**', is_staff=True) slave.set_password('slave') slave.save() slave.user_permissions.add(Permission.objects.get(codename='add_text')) slave.user_permissions.add(Permission.objects.get(codename='delete_text')) slave.user_permissions.add(Permission.objects.get(codename='change_text')) self.user_slave = create_page_user(self.user_super, slave, can_add_page=True, can_change_page=True, can_delete_page=True) assign_user_to_page(self.slave_page, self.user_slave, grant_all=True) # create page_b page_b = create_page("pageB", "nav_playground.html", "en", created_by=self.user_super) # Normal user normal = User(username='******', email='*****@*****.**', is_active=True) normal.set_password('normal') normal.save() self.user_normal = create_page_user(self.user_master, normal) # it's allowed for the normal user to view the page assign_user_to_page(page_b, self.user_normal, can_view=True) self.user_normal = self.reload(self.user_normal) # create page_a - sample page from master page_a = create_page("pageA", "nav_playground.html", "en", created_by=self.user_super) assign_user_to_page(page_a, self.user_master, can_add=True, can_change=True, can_delete=True, can_publish=True, can_move_page=True, can_moderate=True) # publish after creating all drafts publish_page(self.home_page, self.user_super) publish_page(self.master_page, self.user_super) self.page_b = publish_page(page_b, self.user_super) # logg in as master, and request moderation for slave page and descendants self.request_moderation(self.slave_page, 7)
def handle(self, *args, **options): #Activar idioma activate('en') #Recuperar el parámetro guardándolo en la variables user user = options['user'] #Lista de permisos permisos = [ 'Can add article', 'Can view article', 'Can change article', 'Can delete article', 'Can add cms plugin', 'Can view cms plugin', 'Can change cms plugin', 'Can delete cms plugin', 'Can add placeholder', 'Can view placeholder', 'Can change placeholder', 'Can delete placeholder', 'Can use Structure mode', 'Can add placeholder reference', 'Can change placeholder reference', 'Can add content type', 'Can change content type', 'Can delete content type', 'Can view content type' ] usuario = LDAPBackend().populate_user(user) #Si el usuairo no existe en LDAP asignaremos permisos y si no existe la página del usuario crearmos la Userpage, el blog para el usuario y la página del usuario, luego #asignaremos permisos y finalmente publicaremos la página. #si ya existe la página del usuario entonces mostramos un mensaje informativo. if usuario is None: self.stdout.write( self.style.SUCCESS('No existe ese usuario en LDAP.')) else: for p in permisos: per = Permission.objects.get(name=str(p)) usuario.user_permissions.add(per) usuario.save() try: Page.objects.get(created_by=usuario) except Page.DoesNotExist: #Crear UserPage api.create_page_user(created_by=usuario, user=usuario, can_add_page=True) #Crear Blog blog = NewsBlogConfig() blog.app_title = usuario.username blog.namespace = usuario.username blog.save() #Crear pagina del usuario pagina = api.create_page(title=usuario.username, language='en', template=TEMPLATE_INHERITANCE_MAGIC, parent=None, created_by=usuario, apphook='NewsBlogApp', apphook_namespace=usuario.username) #Permisos de usuario api.assign_user_to_page(pagina, usuario, can_add=True, can_change=True, can_delete=True) pagina.publish('en') self.stdout.write( self.style.SUCCESS( 'Creación de usuario y blog finalizada')) else: self.stdout.write( self.style.SUCCESS( 'El usuario ya tiene página y blog creados'))
def setUp(self): # create super user self.user_super = User(username="******", is_staff=True, is_active=True, is_superuser=True) self.user_super.set_password("super") self.user_super.save() # create staff user self.user_staff = User(username="******", is_staff=True, is_active=True) self.user_staff.set_password("staff") self.user_staff.save() with self.login_user_context(self.user_super): self._home_page = create_page("home", "nav_playground.html", "en", created_by=self.user_super) # master page & master user self._master_page = create_page("master", "nav_playground.html", "en") # create master user master = User(username="******", email="*****@*****.**", is_staff=True, is_active=True) master.set_password('master') master.save() master.user_permissions.add( Permission.objects.get(codename='add_text')) master.user_permissions.add( Permission.objects.get(codename='delete_text')) master.user_permissions.add( Permission.objects.get(codename='change_text')) self.user_master = create_page_user(self.user_super, master, grant_all=True) # create non global, non staff user self.user_non_global = User(username="******", is_active=True) self.user_non_global.set_password("nonglobal") self.user_non_global.save() # assign master user under home page assign_user_to_page(self.home_page, self.user_master, grant_on=ACCESS_DESCENDANTS, grant_all=True) # and to master page assign_user_to_page(self.master_page, self.user_master, grant_on=ACCESS_PAGE_AND_DESCENDANTS, grant_all=True) # slave page & slave user self._slave_page = create_page("slave-home", "nav_playground.html", "en", parent=self.master_page, created_by=self.user_super) slave = User(username='******', email='*****@*****.**', is_staff=True) slave.set_password('slave') slave.save() slave.user_permissions.add( Permission.objects.get(codename='add_text')) slave.user_permissions.add( Permission.objects.get(codename='delete_text')) slave.user_permissions.add( Permission.objects.get(codename='change_text')) self.user_slave = create_page_user(self.user_super, slave, can_add_page=True, can_change_page=True, can_delete_page=True) assign_user_to_page(self.slave_page, self.user_slave, grant_all=True) # create page_b page_b = create_page("pageB", "nav_playground.html", "en", created_by=self.user_super) # Normal user normal = User(username='******', email='*****@*****.**', is_active=True) normal.set_password('normal') normal.save() self.user_normal = create_page_user(self.user_master, normal) # it's allowed for the normal user to view the page assign_user_to_page(page_b, self.user_normal, can_view=True) self.user_normal = self.reload(self.user_normal) # create page_a - sample page from master page_a = create_page("pageA", "nav_playground.html", "en", created_by=self.user_super) assign_user_to_page(page_a, self.user_master, can_add=True, can_change=True, can_delete=True, can_publish=True, can_move_page=True, can_moderate=True) # publish after creating all drafts publish_page(self.home_page, self.user_super) publish_page(self.master_page, self.user_super) self.page_b = publish_page(page_b, self.user_super) # logg in as master, and request moderation for slave page and descendants self.request_moderation(self.slave_page, 7)
def setUp(self): # create super user self.user_super = User(username="******", is_staff=True, is_active=True, is_superuser=True) self.user_super.set_password("super") self.user_super.save() with self.login_user_context(self.user_super): self.home_page = create_page("home", "nav_playground.html", "en", created_by=self.user_super) # master page & master user self.master_page = create_page("master", "nav_playground.html", "en") # create master user self.user_master = User.objects.create(username="******", email="*****@*****.**", password="******", is_staff=True) self.user_master.user_permissions.add(Permission.objects.get(codename='publish_page')) #self.user_master = create_page_user(self.user_super, master, grant_all=True) # assign master user under home page assign_user_to_page(self.home_page, self.user_master, grant_on=ACCESS_DESCENDANTS, grant_all=True) # and to master page assign_user_to_page(self.master_page, self.user_master, grant_all=True) # slave page & slave user self.slave_page = create_page("slave-home", "nav_playground.html", "en", parent=self.master_page, created_by=self.user_super) slave = User(username='******', email='*****@*****.**', is_staff=True, is_active=True) slave.set_password('slave') slave.save() self.user_slave = create_page_user(self.user_super, slave, can_add_page=True, can_change_page=True, can_delete_page=True) assign_user_to_page(self.slave_page, self.user_slave, grant_all=True) # create page_a - sample page from master page_a = create_page("pageA", "nav_playground.html", "en", created_by=self.user_super) assign_user_to_page(page_a, self.user_master, can_add=True, can_change=True, can_delete=True, can_publish=True, can_move_page=True) # publish after creating all drafts publish_page(self.home_page, self.user_super) publish_page(self.master_page, self.user_super) with self.login_user_context(self.user_slave): # all of them are under moderation... self.pa = create_page("pa", "nav_playground.html", "en", parent=self.slave_page) self.pb = create_page("pb", "nav_playground.html", "en", parent=self.pa, position="right") self.pc = create_page("pc", "nav_playground.html", "en", parent=self.pb, position="right") self.pd = create_page("pd", "nav_playground.html", "en", parent=self.pb) self.pe = create_page("pe", "nav_playground.html", "en", parent=self.pd, position="right") self.pf = create_page("pf", "nav_playground.html", "en", parent=self.pe) self.pg = create_page("pg", "nav_playground.html", "en", parent=self.pf, position="right") self.ph = create_page("ph", "nav_playground.html", "en", parent=self.pf, position="right") self.assertFalse(self.pg.publisher_public) # login as master for approval publish_page(self.slave_page, self.user_master) # publish and approve them all publish_page(self.pa, self.user_master) publish_page(self.pb, self.user_master) publish_page(self.pc, self.user_master) publish_page(self.pd, self.user_master) publish_page(self.pe, self.user_master) publish_page(self.pf, self.user_master) publish_page(self.pg, self.user_master) publish_page(self.ph, self.user_master)
def test_not_included_when_perm_set_and_this_user_not_included_2(self): self.view.request.user = self.user page = self._create_page(login_required=False) page.publish('en') assign_user_to_page(page, self.other_user, can_view=True) self.assertEqual(len(self.view.get_queryset()), 0)
def setUp(self): # create super user self.user_super = self._create_user("super", True, True) with self.login_user_context(self.user_super): self.home_page = create_page("home", "nav_playground.html", "en", created_by=self.user_super) # master page & master user self.master_page = create_page("master", "nav_playground.html", "en") # create master user self.user_master = self._create_user("master", True) self.add_permission(self.user_master, 'change_page') self.add_permission(self.user_master, 'publish_page') #self.user_master = create_page_user(self.user_super, master, grant_all=True) # assign master user under home page assign_user_to_page(self.home_page, self.user_master, grant_on=ACCESS_DESCENDANTS, grant_all=True) # and to master page assign_user_to_page(self.master_page, self.user_master, grant_all=True) # slave page & slave user self.slave_page = create_page("slave-home", "nav_playground.html", "en", parent=self.master_page, created_by=self.user_super) slave = self._create_user("slave", True) self.user_slave = create_page_user(self.user_super, slave, can_add_page=True, can_change_page=True, can_delete_page=True) assign_user_to_page(self.slave_page, self.user_slave, grant_all=True) # create page_a - sample page from master page_a = create_page("pageA", "nav_playground.html", "en", created_by=self.user_super) assign_user_to_page(page_a, self.user_master, can_add=True, can_change=True, can_delete=True, can_publish=True, can_move_page=True) # publish after creating all drafts publish_page(self.home_page, self.user_super, 'en') publish_page(self.master_page, self.user_super, 'en') with self.login_user_context(self.user_slave): # 000200010001 self.pa = create_page("pa", "nav_playground.html", "en", parent=self.slave_page) # 000200010002 self.pb = create_page("pb", "nav_playground.html", "en", parent=self.pa, position="right") # 000200010003 self.pc = create_page("pc", "nav_playground.html", "en", parent=self.pb, position="right") self.pd = create_page("pd", "nav_playground.html", "en", parent=self.pb) self.pe = create_page("pe", "nav_playground.html", "en", parent=self.pd, position="right") self.pf = create_page("pf", "nav_playground.html", "en", parent=self.pe) self.pg = create_page("pg", "nav_playground.html", "en", parent=self.pf, position="right") self.ph = create_page("ph", "nav_playground.html", "en", parent=self.pf, position="right") self.assertFalse(self.pg.publisher_public) # login as master for approval self.slave_page = self.slave_page.reload() publish_page(self.slave_page, self.user_master, 'en') # publish and approve them all publish_page(self.pa, self.user_master, 'en') publish_page(self.pb, self.user_master, 'en') publish_page(self.pc, self.user_master, 'en') publish_page(self.pd, self.user_master, 'en') publish_page(self.pe, self.user_master, 'en') publish_page(self.pf, self.user_master, 'en') publish_page(self.pg, self.user_master, 'en') publish_page(self.ph, self.user_master, 'en') self.reload_pages()