def setUp(self): self.test_user = User.objects.get_or_create(username='******', password='******')[0] self.setup_request() # Superuser. self.superuser = User.objects.get(username='******') # Cyder admin. self.cyder_admin = User.objects.get_or_create(username='******', password='******')[0] self.ctnr_global = Ctnr.objects.get(id=1) self.ctnr_user_cyder_admin_global = CtnrUser(id=None, ctnr=self.ctnr_global, user=self.cyder_admin, level=2) self.ctnr_user_cyder_admin_global.save() # Admin. self.ctnr_admin = Ctnr(id=None, name="admin") self.ctnr_admin.save() self.ctnr_user_admin = CtnrUser(id=None, ctnr=self.ctnr_admin, user=self.test_user, level=2) self.ctnr_user_admin.save() self.ctnr_user_cyder_admin = CtnrUser(id=None, ctnr=self.ctnr_admin, user=self.cyder_admin, level=2) self.ctnr_user_cyder_admin.save() # User. self.ctnr_user = Ctnr(id=None, name="user") self.ctnr_user.save() self.ctnr_user_user = CtnrUser(id=None, ctnr=self.ctnr_user, user=self.test_user, level=1) self.ctnr_user_user.save() # Guest. self.ctnr_guest = Ctnr(id=None, name="guest") self.ctnr_guest.save() self.ctnr_user_guest = CtnrUser(id=None, ctnr=self.ctnr_guest, user=self.test_user, level=0) self.ctnr_user_guest.save() # Pleb. self.pleb_user = User.objects.get_or_create(username='******', password='******')[0]
def test_domain_ctnr(self): """Test that an MX's domain must be in the MX's container""" ctnr1 = Ctnr(name='test_ctnr1') ctnr1.save() ctnr1.domains.add(self.o_e) MX.objects.create( label='foo', domain=self.o_e, server='bar.oregonstate.edu', priority=1, ttl=1000, ctnr=ctnr1, ) ctnr2 = Ctnr(name='test_ctnr2') ctnr2.save() self.assertRaises( ValidationError, MX.objects.create, label='bleh', domain=self.o_e, server='xyz.oregonstate.edu', priority=1, ttl=1000, ctnr=ctnr2, )
class CtnrViewTests(TestCase): def setUp(self): self.url_slug = 'ctnr' self.ctnr = Ctnr(name=random_label()) self.ctnr.save() def test_base_app_ctnr(self): resp = self.client.get(reverse('ctnr-list')) self.assertEqual(resp.status_code, 200) def test_get_create_ctnr(self): resp = self.client.get(reverse('ctnr-create')) self.assertEqual(resp.status_code, 200) def test_post_create_ctnr(self): resp = self.client.post(reverse('ctnr-create'), self.post_data()) self.assertTrue(resp.status_code in (302, 200)) def test_get_update_ctnr(self): resp = self.client.get(reverse('ctnr-update', args=[self.ctnr.pk])) self.assertEqual(resp.status_code, 200) def test_post_update_ctnr(self): resp = self.client.post(reverse('ctnr-update', args=[self.ctnr.pk]), self.post_data()) self.assertTrue(resp.status_code in (302, 200)) def test_get_details_ctnr(self): resp = self.client.get(reverse('ctnr-details', args=[self.ctnr.pk])) self.assertEqual(resp.status_code, 200) def test_get_delete_ctnr(self): resp = self.client.get(reverse('ctnr-delete', args=[self.ctnr.pk])) self.assertTrue(resp.status_code in (302, 200)) def test_get_change_ctnr(self): resp = self.client.get(reverse('ctnr-change', args=[self.ctnr.pk])) self.assertTrue(resp.status_code in (302, 200)) def test_post_change_ctnr(self): resp = self.client.get(reverse('ctnr-change', args=[self.ctnr.pk])) self.assertTrue(resp.status_code in (302, 200)) def post_data(self): return { 'name': random_label() }
class CtnrViewTests(TestCase): def setUp(self): self.url_slug = "ctnr" self.ctnr = Ctnr(name=random_label()) self.ctnr.save() def test_base_app_ctnr(self): resp = self.client.get("/%s/" % (self.url_slug)) self.assertEqual(resp.status_code, 200) def test_get_create_ctnr(self): resp = self.client.get("/%s/create/" % (self.url_slug)) self.assertEqual(resp.status_code, 200) def test_post_create_ctnr(self): resp = self.client.post("/%s/create/" % (self.url_slug), self.post_data()) self.assertTrue(resp.status_code in (302, 200)) def test_get_update_ctnr(self): resp = self.client.get("/%s/%s/update/" % (self.url_slug, self.ctnr.pk)) self.assertEqual(resp.status_code, 200) def test_post_update_ctnr(self): resp = self.client.post("/%s/%s/update/" % (self.url_slug, self.ctnr.pk), self.post_data()) self.assertTrue(resp.status_code in (302, 200)) def test_get_details_ctnr(self): resp = self.client.get("/%s/%s/" % (self.url_slug, self.ctnr.pk)) self.assertEqual(resp.status_code, 200) def test_get_delete_ctnr(self): resp = self.client.get("/%s/%s/delete/" % (self.url_slug, self.ctnr.pk)) self.assertTrue(resp.status_code in (302, 200)) def test_get_change_ctnr(self): resp = self.client.get("/%s/%s/change/" % (self.url_slug, self.ctnr.pk)) self.assertTrue(resp.status_code in (302, 200)) def test_post_change_ctnr(self): resp = self.client.get("/%s/change/" % (self.url_slug), {"id": self.ctnr.pk}) self.assertTrue(resp.status_code in (302, 200)) def post_data(self): return {"name": random_label()}
def setUp(self): # test user is for tests only self.test_user = User.objects.get_or_create(username='******', password='******')[0] # development user exists as fixture, has admin to all ctnrs self.dev_user = User.objects.get(username='******') # create container where user has no admin self.ctnr = Ctnr(id=None, name="no_admin") self.ctnr.save() self.ctnr_user = CtnrUser(id=None, ctnr=self.ctnr, user=self.test_user, level=0) self.ctnr_user.save() # create container where user has admin self.ctnr_admin = Ctnr(id=None, name="has_admin") self.ctnr_admin.save() self.ctnr_user_admin = CtnrUser(id=None, ctnr=self.ctnr_admin, user=self.test_user, level=1) self.ctnr_user_admin.save() # create container that is meant to stay empty self.ctnr_empty = Ctnr(id=None, name="empty") self.ctnr_empty.save() self.ctnr_user_empty = CtnrUser(id=None, ctnr=self.ctnr_empty, user=self.test_user, level=1) self.ctnr_user_empty.save()
def setUp(self): self.test_user = User.objects.get_or_create(username='******', password='******')[0] self.setup_request() # Superuser. self.superuser = User.objects.get(username='******') # Cyder admin. self.cyder_admin = User.objects.get_or_create( username='******', password='******')[0] self.ctnr_global = Ctnr.objects.get(id=1) self.ctnr_user_cyder_admin_global = CtnrUser(id=None, ctnr=self.ctnr_global, user=self.cyder_admin, level=2) self.ctnr_user_cyder_admin_global.save() # Admin. self.ctnr_admin = Ctnr(id=None, name="admin") self.ctnr_admin.save() self.ctnr_user_admin = CtnrUser(id=None, ctnr=self.ctnr_admin, user=self.test_user, level=2) self.ctnr_user_admin.save() self.ctnr_user_cyder_admin = CtnrUser(id=None, ctnr=self.ctnr_admin, user=self.cyder_admin, level=2) self.ctnr_user_cyder_admin.save() # User. self.ctnr_user = Ctnr(id=None, name="user") self.ctnr_user.save() self.ctnr_user_user = CtnrUser(id=None, ctnr=self.ctnr_user, user=self.test_user, level=1) self.ctnr_user_user.save() # Guest. self.ctnr_guest = Ctnr(id=None, name="guest") self.ctnr_guest.save() self.ctnr_user_guest = CtnrUser(id=None, ctnr=self.ctnr_guest, user=self.test_user, level=0) self.ctnr_user_guest.save() # Pleb. self.pleb_user = User.objects.get_or_create(username='******', password='******')[0]
class PermissionsTest(TestCase): fixtures = ['initial_data.json'] def setUp(self): self.test_user = User.objects.get_or_create(username='******', password='******')[0] self.setup_request() # Superuser. self.superuser = User.objects.get(username='******') # Cyder admin. self.cyder_admin = User.objects.get_or_create(username='******', password='******')[0] self.ctnr_global = Ctnr.objects.get(id=1) self.ctnr_user_cyder_admin_global = CtnrUser(id=None, ctnr=self.ctnr_global, user=self.cyder_admin, level=2) self.ctnr_user_cyder_admin_global.save() # Admin. self.ctnr_admin = Ctnr(id=None, name="admin") self.ctnr_admin.save() self.ctnr_user_admin = CtnrUser(id=None, ctnr=self.ctnr_admin, user=self.test_user, level=2) self.ctnr_user_admin.save() self.ctnr_user_cyder_admin = CtnrUser(id=None, ctnr=self.ctnr_admin, user=self.cyder_admin, level=2) self.ctnr_user_cyder_admin.save() # User. self.ctnr_user = Ctnr(id=None, name="user") self.ctnr_user.save() self.ctnr_user_user = CtnrUser(id=None, ctnr=self.ctnr_user, user=self.test_user, level=1) self.ctnr_user_user.save() # Guest. self.ctnr_guest = Ctnr(id=None, name="guest") self.ctnr_guest.save() self.ctnr_user_guest = CtnrUser(id=None, ctnr=self.ctnr_guest, user=self.test_user, level=0) self.ctnr_user_guest.save() # Pleb. self.pleb_user = User.objects.get_or_create(username='******', password='******')[0] def test_soa_perms(self): """ Test SOA perms """ self.setup_request() perm_table = { 'cyder_admin': ['all'], 'admin': ['view'], 'user': ['view'], 'guest': ['view'], } # initialize obj into ctnrs obj = SOA() obj.primary = '192.168.1.1' obj.contact = '192.168.1.1' obj.save() domain = Domain(id=None, name='foo') domain.soa = obj domain.save() self.ctnr_admin.domains.add(domain) self.ctnr_user.domains.add(domain) self.ctnr_guest.domains.add(domain) self.save_all_ctnrs() self.check_perms_each_user(obj, perm_table) def test_domain_perms(self): """ Test domain perms """ self.setup_request() perm_table = { 'cyder_admin': ['view', 'update'], 'admin': ['view', 'update'], 'user': ['view', 'update'], 'guest': ['view'], } # Initialize obj into ctnrs. obj = Domain(id=None, name='foo') obj.save() self.ctnr_admin.domains.add(obj) self.ctnr_user.domains.add(obj) self.ctnr_guest.domains.add(obj) self.save_all_ctnrs() self.check_perms_each_user(obj, perm_table) def test_domain_records_perms(self): """ Test common domain record perms (cname, mx, txt, srv, ns) """ self.setup_request() perm_table = { 'cyder_admin': ['all'], 'admin': ['all'], 'user': ['all'], 'guest': ['view'], } # Initialize objs into ctnrs. domain = Domain(id=None, name='foo') domain.save() self.ctnr_admin.domains.add(domain) self.ctnr_user.domains.add(domain) self.ctnr_guest.domains.add(domain) self.save_all_ctnrs() domain_records = [] domain_records.append(AddressRecord(domain=domain)) domain_records.append(CNAME(domain=domain)) domain_records.append(MX(domain=domain)) domain_records.append(SRV(domain=domain)) domain_records.append(TXT(domain=domain)) domain_records.append(Nameserver(domain=domain)) for obj in domain_records: self.check_perms_each_user(obj, perm_table) def setup_request(self): """ Utility function for flushing and setting up request object for testing """ self.request = HttpRequest() self.request.user = self.test_user self.request.session = SessionStore() def save_all_ctnrs(self): """ Utility function that simply saves all of the defined ctnrs Called after adding an object to each one """ self.ctnr_admin.save() self.ctnr_user.save() self.ctnr_guest.save() def check_perms_each_user(self, obj, perm_table): """ Utility function for checking permissions """ # Superuser. self.request.user = self.superuser self.request.session['ctnr'] = self.ctnr_guest self.assert_perms(obj, perm_table, 'superuser') # Cyder admin. self.request.user = self.cyder_admin self.request.session['ctnr'] = self.ctnr_admin self.assert_perms(obj, perm_table, 'cyder_admin') # Admin. self.request.user = self.test_user self.request.session['ctnr'] = self.ctnr_admin self.assert_perms(obj, perm_table, 'admin') # User. self.request.session['ctnr'] = self.ctnr_user self.assert_perms(obj, perm_table, 'user') # Guest. self.request.session['ctnr'] = self.ctnr_guest self.assert_perms(obj, perm_table, 'guest') # Pleb. self.request.user = self.pleb_user self.assert_perms(obj, perm_table, 'pleb') def assert_perms(self, obj, perm_table, user_level): """ Utility function that gets each type of permissions for an object and asserts against perm table. """ create_perm = self.request.user.get_profile().has_perm(self.request, obj, 'create') view_perm = self.request.user.get_profile().has_perm(self.request, obj, 'view') update_perm = self.request.user.get_profile().has_perm(self.request, obj, 'update') delete_perm = self.request.user.get_profile().has_perm(self.request, obj, 'delete') actual_perms = { 'all': create_perm and view_perm and update_perm and delete_perm, 'create': create_perm, 'view': view_perm, 'update': update_perm, 'delete': delete_perm, } # Superuser. actual_perms_list = [create_perm, view_perm, update_perm, delete_perm] if user_level == 'superuser': for perm in actual_perms_list: self.assertTrue(perm, "Superuser should automatically have all permissions" ) return # Pleb. if not user_level in perm_table: for actual_perm in actual_perms_list: self.assertTrue(not actual_perm, "%s should not have any permissions to %s" % (user_level, obj.__class__.__name__) ) return # Get what permissions should be from permissions table. test_perm_list = perm_table[user_level] # Generically compare actual perms to what they should be (test_perm_list). for perm_type, actual_perm in actual_perms.iteritems(): # If should have perm. if perm_type in test_perm_list: self.assertTrue(actual_perm, "%s should have %s perms to %s" % (user_level, perm_type, obj.__class__.__name__) ) # If should not have perm. elif 'all' not in test_perm_list: self.assertTrue(not actual_perm, "%s should not have %s perms to %s" % (user_level, perm_type, obj.__class__.__name__) )
class PermissionsTest(TestCase): fixtures = ['core/users.json'] def setUp(self): self.test_user = User.objects.create(username='******') self.setup_request() # Superuser. self.superuser = User.objects.get(username='******') # Cyder admin. self.cyder_admin = User.objects.create(username='******') self.ctnr_global = Ctnr.objects.get(id=1) self.ctnr_user_cyder_admin_global = CtnrUser(id=None, ctnr=self.ctnr_global, user=self.cyder_admin, level=2) self.ctnr_user_cyder_admin_global.save() # Admin. self.ctnr_admin = Ctnr(id=None, name="admin") self.ctnr_admin.save() self.ctnr_user_admin = CtnrUser(id=None, ctnr=self.ctnr_admin, user=self.test_user, level=2) self.ctnr_user_admin.save() self.ctnr_user_cyder_admin = CtnrUser(id=None, ctnr=self.ctnr_admin, user=self.cyder_admin, level=2) self.ctnr_user_cyder_admin.save() # User. self.ctnr_user = Ctnr(id=None, name="user") self.ctnr_user.save() self.ctnr_user_user = CtnrUser(id=None, ctnr=self.ctnr_user, user=self.test_user, level=1) self.ctnr_user_user.save() # Guest. self.ctnr_guest = Ctnr(id=None, name="guest") self.ctnr_guest.save() self.ctnr_user_guest = CtnrUser(id=None, ctnr=self.ctnr_guest, user=self.test_user, level=0) self.ctnr_user_guest.save() # Pleb. self.pleb_user = User.objects.create(username='******') def test_soa_perms(self): """ Test SOA perms """ self.setup_request() perm_table = { 'cyder_admin': ['all'], 'admin': [cy.ACTION_VIEW], 'user': [cy.ACTION_VIEW], 'guest': [cy.ACTION_VIEW], } # initialize obj into ctnrs obj = SOA() obj.primary = '192.168.1.1' obj.contact = '192.168.1.1' obj.save() domain = Domain(id=None, name='foo') domain.soa = obj domain.save() self.ctnr_admin.domains.add(domain) self.ctnr_user.domains.add(domain) self.ctnr_guest.domains.add(domain) self.save_all_ctnrs() self.check_perms_each_user(obj, perm_table) def test_domain_perms(self): """ Test domain perms """ self.setup_request() perm_table = { 'cyder_admin': [cy.ACTION_VIEW, cy.ACTION_UPDATE], 'admin': [cy.ACTION_VIEW, cy.ACTION_UPDATE], 'user': [cy.ACTION_VIEW, cy.ACTION_UPDATE], 'guest': [cy.ACTION_VIEW], } # Initialize obj into ctnrs. obj = Domain(id=None, name='foo') obj.save() self.ctnr_admin.domains.add(obj) self.ctnr_user.domains.add(obj) self.ctnr_guest.domains.add(obj) self.save_all_ctnrs() self.check_perms_each_user(obj, perm_table) def test_domain_records_perms(self): """ Test common domain record perms (cname, mx, txt, srv, ns) """ self.setup_request() perm_table = { 'cyder_admin': ['all'], 'admin': ['all'], 'user': ['all'], 'guest': [cy.ACTION_VIEW], } # Initialize objs into ctnrs. domain = Domain(id=None, name='foo') domain.save() self.ctnr_admin.domains.add(domain) self.ctnr_user.domains.add(domain) self.ctnr_guest.domains.add(domain) self.save_all_ctnrs() domain_records = [] domain_records.append(AddressRecord(domain=domain)) domain_records.append(CNAME(domain=domain)) domain_records.append(MX(domain=domain)) domain_records.append(SRV(domain=domain)) domain_records.append(TXT(domain=domain)) domain_records.append(Nameserver(domain=domain)) for obj in domain_records: self.check_perms_each_user(obj, perm_table) def setup_request(self): """ Utility function for flushing and setting up request object for testing """ self.request = HttpRequest() self.request.user = self.test_user self.request.session = SessionStore() def save_all_ctnrs(self): """ Utility function that simply saves all of the defined ctnrs Called after adding an object to each one """ self.ctnr_admin.save() self.ctnr_user.save() self.ctnr_guest.save() def check_perms_each_user(self, obj, perm_table): """ Utility function for checking permissions """ # Superuser. self.request.user = self.superuser self.request.session['ctnr'] = self.ctnr_guest self.assert_perms(obj, perm_table, 'superuser') # Cyder admin. self.request.user = self.cyder_admin self.request.session['ctnr'] = self.ctnr_admin self.assert_perms(obj, perm_table, 'cyder_admin') # Admin. self.request.user = self.test_user self.request.session['ctnr'] = self.ctnr_admin self.assert_perms(obj, perm_table, 'admin') # User. self.request.session['ctnr'] = self.ctnr_user self.assert_perms(obj, perm_table, 'user') # Guest. self.request.session['ctnr'] = self.ctnr_guest self.assert_perms(obj, perm_table, 'guest') # Pleb. self.request.user = self.pleb_user self.assert_perms(obj, perm_table, 'pleb') def assert_perms(self, obj, perm_table, user_level): """ Utility function that gets each type of permissions for an object and asserts against perm table. """ create_perm = self.request.user.get_profile().has_perm( self.request, cy.ACTION_CREATE, obj=obj) view_perm = self.request.user.get_profile().has_perm(self.request, cy.ACTION_VIEW, obj=obj) update_perm = self.request.user.get_profile().has_perm( self.request, cy.ACTION_UPDATE, obj=obj) delete_perm = self.request.user.get_profile().has_perm( self.request, cy.ACTION_DELETE, obj=obj) actual_perms = { 'all': create_perm and view_perm and update_perm and delete_perm, cy.ACTION_CREATE: create_perm, cy.ACTION_VIEW: view_perm, cy.ACTION_UPDATE: update_perm, cy.ACTION_DELETE: delete_perm, } # Superuser. actual_perms_list = [create_perm, view_perm, update_perm, delete_perm] if user_level == 'superuser': for perm in actual_perms_list: self.assertTrue(perm, "Superuser should have all permissions") return # Pleb. if not user_level in perm_table: for actual_perm in actual_perms_list: self.assertTrue( not actual_perm, "%s should not have any permissions to %s" % (user_level, obj.__class__.__name__)) return # Get what permissions should be from permissions table. test_perm_list = perm_table[user_level] # Generically compare actual perms to what they should be # (test_perm_list). for perm_type, actual_perm in actual_perms.iteritems(): # If should have perm. if perm_type in test_perm_list: self.assertTrue( actual_perm, "%s should have %s perms to %s" % (user_level, perm_type, obj.__class__.__name__)) # If should not have perm. elif 'all' not in test_perm_list: self.assertTrue( not actual_perm, "%s should not have %s perms to %s" % (user_level, perm_type, obj.__class__.__name__))
def setUp(self): self.url_slug = 'ctnr' self.ctnr = Ctnr(name=random_label()) self.ctnr.save()
class CtnrPermissionsTest(TestCase): fixtures = ['initial_data.json'] def setUp(self): # test user is for tests only self.test_user = User.objects.get_or_create(username='******', password='******')[0] # development user exists as fixture, has admin to all ctnrs self.dev_user = User.objects.get(username='******') # create container where user has no admin self.ctnr = Ctnr(id=None, name="no_admin") self.ctnr.save() self.ctnr_user = CtnrUser(id=None, ctnr=self.ctnr, user=self.test_user, level=0) self.ctnr_user.save() # create container where user has admin self.ctnr_admin = Ctnr(id=None, name="has_admin") self.ctnr_admin.save() self.ctnr_user_admin = CtnrUser(id=None, ctnr=self.ctnr_admin, user=self.test_user, level=1) self.ctnr_user_admin.save() # create container that is meant to stay empty self.ctnr_empty = Ctnr(id=None, name="empty") self.ctnr_empty.save() self.ctnr_user_empty = CtnrUser(id=None, ctnr=self.ctnr_empty, user=self.test_user, level=1) self.ctnr_user_empty.save() def test_session_has_ctnr_dev(self): """ Test middleware sets session ctnr on log in Precondition: no session container Postcondition: session container """ request = HttpRequest() request.user = AnonymousUser() request.session = SessionStore() dev_middleware = DevAuthenticationMiddleware() dev_middleware.process_request(request) self.assertTrue('ctnr' in request.session) def test_ctnr_domain(self): """ Test being in ctnr /w domain gives appropriate perms Precondition: domain in ctnr Postcondition: has full perm to domain if admin, read only if not """ request = HttpRequest() request.user = self.test_user request.session = SessionStore() request.session['ctnr'] = self.ctnr # create domain, add domain to ctnr domain = Domain(id=None, name='foo') domain.save() self.ctnr.domains.add(domain) self.ctnr.save() self.ctnr_admin.domains.add(domain) self.ctnr_admin.save() # checks where user is not admin has_perm = self.test_user.get_profile().has_perm(request, domain, write=False) self.assertTrue(has_perm, 'user should have read access') has_perm = self.test_user.get_profile().has_perm(request, domain, write=True) self.assertFalse(has_perm, 'user should not have write access') # checks where user is admin request.session['ctnr'] = self.ctnr_admin has_perm = self.test_user.get_profile().has_perm(request, domain, write=False) self.assertTrue(has_perm, 'user should have read access') has_perm = self.test_user.get_profile().has_perm(request, domain, write=True) self.assertTrue(has_perm, 'user should have write access') # checks where obj not in ctnr request.session['ctnr'] = self.ctnr_empty has_perm = self.test_user.get_profile().has_perm(request, domain, write=False) self.assertFalse(has_perm, 'user should not have read access') has_perm = self.test_user.get_profile().has_perm(request, domain, write=True) self.assertFalse(has_perm, 'user should not have write access') def test_ctnr_reverse_domain(self): """ Test being in ctnr /w rdomain gives appropriate perms Precondition: rdomain in ctnr Postcondition: full perm if admin, read only if not """ request = HttpRequest() request.user = self.test_user request.session = SessionStore() request.session['ctnr'] = self.ctnr # create reverse domain, add reverse domain to ctnr rdomain = ReverseDomain(id=None, name='128') rdomain.save() self.ctnr.reverse_domains.add(rdomain) self.ctnr.save() self.ctnr_admin.reverse_domains.add(rdomain) self.ctnr_admin.save() # checks where user is not admin has_perm = self.test_user.get_profile().has_perm(request, rdomain, write=False) self.assertTrue(has_perm, 'user should have read access') has_perm = self.test_user.get_profile().has_perm(request, rdomain, write=True) self.assertFalse(has_perm, 'user should not have write access') # checks where user is admin request.session = {'ctnr': self.ctnr_admin} has_perm = self.test_user.get_profile().has_perm(request, rdomain, write=False) self.assertTrue(has_perm, 'user should have read access') has_perm = self.test_user.get_profile().has_perm(request, rdomain, write=True) self.assertTrue(has_perm, 'user should have write access') # checks where obj not in ctnr request.session = {'ctnr': self.ctnr_empty} has_perm = self.test_user.get_profile().has_perm(request, rdomain, write=False) self.assertFalse(has_perm, 'user should not have read access') has_perm = self.test_user.get_profile().has_perm(request, rdomain, write=True) self.assertFalse(has_perm, 'user should not have write access') def test_ctnr_domain_records(self): """ Test being in ctnr /w common domain records gives appropriate perms common domain records: cname, mx, txt, srv """ request = HttpRequest() request.user = self.test_user request.session = SessionStore() request.session['ctnr'] = self.ctnr # create domain, add domain to ctnr domain = Domain(id=None, name='foo') domain.save() self.ctnr.domains.add(domain) self.ctnr.save() self.ctnr_admin.domains.add(domain) self.ctnr_admin.save() domain_records = [] domain_records.append(AddressRecord(domain=domain)) domain_records.append(CNAME(domain=domain)) domain_records.append(MX(domain=domain)) domain_records.append(Nameserver(domain=domain)) domain_records.append(SRV(domain=domain)) domain_records.append(TXT(domain=domain)) for record in domain_records: # checks where user is not admin request.session = {'ctnr': self.ctnr} has_perm = self.test_user.get_profile().has_perm(request, record, write=False) self.assertTrue(has_perm, 'user should have read access') has_perm = self.test_user.get_profile().has_perm(request, record, write=True) self.assertFalse(has_perm, 'user should not have write access') # checks where user is admin request.session = {'ctnr': self.ctnr_admin} has_perm = self.test_user.get_profile().has_perm(request, record, write=False) self.assertTrue(has_perm, 'user should have read access') has_perm = self.test_user.get_profile().has_perm(request, record, write=True) self.assertTrue(has_perm, 'user should have write access') # checks where obj not in ctnr request.session = {'ctnr': self.ctnr_empty} has_perm = self.test_user.get_profile().has_perm(request, record, write=False) self.assertFalse(has_perm, 'user should not have read access') has_perm = self.test_user.get_profile().has_perm(request, record, write=True) self.assertFalse(has_perm, 'user should not have write access') def test_ctnr_rdomain_records(self): """ Test being in ctnr /w common domain records gives appropriate perms common domain records: cname, mx, txt, srv """ request = HttpRequest() request.user = self.test_user request.session = SessionStore() request.session['ctnr'] = self.ctnr # create domain, add domain to ctnr rdomain = ReverseDomain(id=None, name='128') rdomain.save() self.ctnr.reverse_domains.add(rdomain) self.ctnr.save() self.ctnr_admin.reverse_domains.add(rdomain) self.ctnr_admin.save() rdomain_records = [] rdomain_records.append(PTR(reverse_domain=rdomain)) rdomain_records.append(ReverseNameserver(reverse_domain=rdomain)) for record in rdomain_records: # checks where user is not admin request.session = {'ctnr': self.ctnr} has_perm = self.test_user.get_profile().has_perm(request, record, write=False) self.assertTrue(has_perm, 'user should have read access') has_perm = self.test_user.get_profile().has_perm(request, record, write=True) self.assertFalse(has_perm, 'user should not have write access') # checks where user is admin request.session = {'ctnr': self.ctnr_admin} has_perm = self.test_user.get_profile().has_perm(request, record, write=False) self.assertTrue(has_perm, 'user should have read access') has_perm = self.test_user.get_profile().has_perm(request, record, write=True) self.assertTrue(has_perm, 'user should have write access') # checks where obj not in ctnr request.session = {'ctnr': self.ctnr_empty} has_perm = self.test_user.get_profile().has_perm(request, record, write=False) self.assertFalse(has_perm, 'user should not have read access') has_perm = self.test_user.get_profile().has_perm(request, record, write=True) self.assertFalse(has_perm, 'user should not have write access') def test_ctnr_rdomain_records(self): """ Test being in ctnr /w common domain records gives appropriate perms common domain records: cname, mx, txt, srv """ request = HttpRequest() request.user = self.test_user request.session = SessionStore() request.session['ctnr'] = self.ctnr # create domain, add domain to ctnr rdomain = ReverseDomain(id=None, name='128') rdomain.save() self.ctnr.reverse_domains.add(rdomain) self.ctnr.save() self.ctnr_admin.reverse_domains.add(rdomain) self.ctnr_admin.save() rdomain_records = [] rdomain_records.append(PTR(reverse_domain=rdomain)) rdomain_records.append(ReverseNameserver(reverse_domain=rdomain)) for record in rdomain_records: # checks where user is not admin request.session = {'ctnr': self.ctnr} has_perm = self.test_user.get_profile().has_perm(request, record, write=False) self.assertTrue(has_perm, 'user should have read access') has_perm = self.test_user.get_profile().has_perm(request, record, write=True) self.assertFalse(has_perm, 'user should not have write access') # checks where user is admin request.session = {'ctnr': self.ctnr_admin} has_perm = self.test_user.get_profile().has_perm(request, record, write=False) self.assertTrue(has_perm, 'user should have read access') has_perm = self.test_user.get_profile().has_perm(request, record, write=True) self.assertTrue(has_perm, 'user should have write access') # checks where obj not in ctnr request.session = {'ctnr': self.ctnr_empty} has_perm = self.test_user.get_profile().has_perm(request, record, write=False) self.assertFalse(has_perm, 'user should not have read access') has_perm = self.test_user.get_profile().has_perm(request, record, write=True) self.assertFalse(has_perm, 'user should not have write access') def test_ctnr_soa(self): """ Test being in ctnr /w soa record gives appropriate perms """ request = HttpRequest() request.user = self.test_user request.session = SessionStore() request.session['ctnr'] = self.ctnr # create domain with soa, add domain to ctnr soa = SOA() soa.primary = '192.168.1.1' soa.contact = '192.168.1.1' soa.save() domain = Domain(id=None, name='foo') domain.soa = soa domain.save() self.ctnr.domains.add(domain) self.ctnr.save() self.ctnr_admin.domains.add(domain) self.ctnr_admin.save() # checks where user is not admin has_perm = self.test_user.get_profile().has_perm(request, soa, write=False) self.assertTrue(has_perm, 'user should have read access') has_perm = self.test_user.get_profile().has_perm(request, soa, write=True) self.assertFalse(has_perm, 'user should not have write access') # checks where user is admin request.session = {'ctnr': self.ctnr_admin} has_perm = self.test_user.get_profile().has_perm(request, soa, write=False) self.assertTrue(has_perm, 'user should have read access') has_perm = self.test_user.get_profile().has_perm(request, soa, write=True) self.assertTrue(has_perm, 'user should have write access') # checks where obj not in ctnr request.session = {'ctnr': self.ctnr_empty} has_perm = self.test_user.get_profile().has_perm(request, soa, write=False) self.assertFalse(has_perm, 'user should not have read access') has_perm = self.test_user.get_profile().has_perm(request, soa, write=True) self.assertFalse(has_perm, 'user should not have write access')