def test_grants_manage_unpublished_visualisations_permission(self):
user = factories.UserFactory.create(
username='******',
is_staff=False,
is_superuser=False,
)
visualisation = factories.VisualisationCatalogueItemFactory.create(
published=False, visualisation_template__gitlab_project_id=1)
perm_codename = dataset_type_to_manage_unpublished_permission_codename(
DataSetType.VISUALISATION.value)
assert user.has_perm(perm_codename) is False
with requests_mock.Mocker() as rmock:
rmock.get(
f'http://127.0.0.1:8007/api/v4/users?extern_uid={user.profile.sso_id}&provider=oauth2_generic',
json=[{
"id": 1
}],
)
rmock.get(
'http://127.0.0.1:8007/api/v4/projects/1/members/all?user_ids=1',
json=[{
"id": 1,
"access_level": 50
}],
)
has_access = gitlab_has_developer_access(
user, visualisation.visualisation_template.gitlab_project_id)
# Permissions are cached on the instance so we need to re-fetch it entirely - refresh_from_db insufficient.
# https://docs.djangoproject.com/en/3.0/topics/auth/default/#permission-caching
user = get_object_or_404(get_user_model(), pk=user.id)
assert has_access is True
assert user.has_perm(perm_codename) is True
def is_visualisation_preview_and_has_gitlab_developer():
return (
is_preview
and visualisation_catalogue_item
and gitlab_has_developer_access(
request.user, application_template.gitlab_project_id
)
)
def visualisation_datasets_html_view(request, gitlab_project_id):
if not request.user.has_perm('applications.develop_visualisations'):
raise PermissionDenied()
gitlab_project = _visualisation_gitlab_project(gitlab_project_id)
if not gitlab_has_developer_access(request.user, gitlab_project_id):
raise PermissionDenied()
if request.method == 'GET':
return visualisation_datasets_html_GET(request, gitlab_project)
if request.method == 'POST':
return visualisation_datasets_html_POST(request, gitlab_project)
return HttpResponse(status=405)
def visualisation_users_give_access_html_view(request, gitlab_project_id):
if not request.user.has_perm('applications.develop_visualisations'):
raise PermissionDenied()
gitlab_project = _visualisation_gitlab_project(gitlab_project_id)
if not gitlab_has_developer_access(request.user, gitlab_project_id):
raise PermissionDenied()
token = request.GET.get("token")
token_data = decrypt_token(token.encode('utf-8')) if token else {}
if request.method == 'GET':
return visualisation_users_give_access_html_GET(
request, gitlab_project, token_data
)
if request.method == 'POST':
return visualisation_users_give_access_html_POST(
request, gitlab_project, token_data
)
return HttpResponse(status=405)
def is_visualisation_preview_and_has_gitlab_developer():
return (is_preview
and application_template.application_type == 'VISUALISATION'
and gitlab_has_developer_access(
request.user, application_template.gitlab_project_id))
