def test_remove_obsolete_permissions(self): superuser = self.UserModel.objects.filter(is_superuser=True, is_active=True)[0] encrypted_password = superuser.password # Create with more permissions: get_or_create_user_and_group( username="******", groupname="testgroup", permissions=get_filtered_permissions( exclude_app_labels=("admin",), exclude_codenames=("delete_group",), exclude_permissions=((ContentType, "delete_contenttype"),), ), encrypted_password=encrypted_password, ) with StdoutStderrBuffer() as buff: get_or_create_user_and_group( username="******", groupname="testgroup", permissions=get_filtered_permissions( exclude_app_labels=("admin", "sites"), exclude_models=(Session,), exclude_codenames=("delete_user", "delete_group"), exclude_permissions=((ContentType, "add_contenttype"), (ContentType, "delete_contenttype")), ), encrypted_password=encrypted_password, ) output = buff.get_output() print(output) assert_equal_dedent( output, """ Check 'admin' Check 'sites' remove permission: auth | user | Can delete user remove permission: contenttypes | content type | Can add content type remove permission: sessions | session | Can add session remove permission: sessions | session | Can change session remove permission: sessions | session | Can delete session remove permission: sessions | session | Can view session remove permission: sites | site | Can add site remove permission: sites | site | Can change site remove permission: sites | site | Can delete site remove permission: sites | site | Can view site Add 74 permissions to 'testgroup' Group testgroup has 74 permissions """, )
def test_get_filtered_permissions(self): permissions = get_filtered_permissions( exclude_app_labels=("easy_thumbnails", "filer"), exclude_models=(LimitToUsergroupsTestModel, PermissionTestModel), exclude_codenames=("delete_group", "delete_user"), exclude_permissions=( (ContentType, "add_contenttype"), (ContentType, "delete_contenttype"), ) ) permissions = permissions2list(permissions) pprint.pprint(permissions) self.assertEqual(permissions, [ 'admin.add_logentry', 'admin.change_logentry', 'admin.delete_logentry', 'auth.add_group', 'auth.change_group', 'auth.add_permission', 'auth.change_permission', 'auth.delete_permission', 'auth.add_user', 'auth.change_user', 'contenttypes.change_contenttype', 'dynamic_site.add_sitealias', 'dynamic_site.change_sitealias', 'dynamic_site.delete_sitealias', 'sessions.add_session', 'sessions.change_session', 'sessions.delete_session', 'sites.add_site', 'sites.change_site', 'sites.delete_site' ])
def test_remove_obsolete_permissions(self): superuser = self.UserModel.objects.filter(is_superuser=True, is_active=True)[0] encrypted_password = superuser.password # Create with more permissions: get_or_create_user_and_group( username="******", groupname="testgroup", permissions=get_filtered_permissions( exclude_app_labels=("admin",), exclude_codenames=("delete_group",), exclude_permissions=((ContentType, "delete_contenttype"),), ), encrypted_password=encrypted_password, ) with StdoutStderrBuffer() as buff: get_or_create_user_and_group( username="******", groupname="testgroup", permissions=get_filtered_permissions( exclude_app_labels=("admin", "sites"), exclude_models=(Session,), exclude_codenames=("delete_user", "delete_group"), exclude_permissions=((ContentType, "add_contenttype"), (ContentType, "delete_contenttype")), ), encrypted_password=encrypted_password, ) output = buff.get_output() print(output) assert_equal_dedent( output, """ Check 'admin' Check 'sites' remove permission: auth | user | Can delete user remove permission: contenttypes | content type | Can add content type remove permission: sessions | session | Can add session remove permission: sessions | session | Can change session remove permission: sessions | session | Can delete session remove permission: sites | site | Can add site remove permission: sites | site | Can change site remove permission: sites | site | Can delete site Add 55 permissions to 'testgroup' Group testgroup has 55 permissions """, )
def test_get_filtered_permissions(self): permissions = get_filtered_permissions( exclude_app_labels=('easy_thumbnails', 'filer'), exclude_models=(LimitToUsergroupsTestModel, PermissionTestModel), exclude_codenames=('delete_group', 'delete_user'), exclude_permissions=((ContentType, 'add_contenttype'), (ContentType, 'delete_contenttype')), ) permissions = permissions2list(permissions) assert_pformat_equal( permissions, [ 'admin.add_logentry', 'admin.change_logentry', 'admin.delete_logentry', 'admin.view_logentry', 'auth.add_group', 'auth.change_group', 'auth.view_group', 'auth.add_permission', 'auth.change_permission', 'auth.delete_permission', 'auth.view_permission', 'auth.add_user', 'auth.change_user', 'auth.view_user', 'contenttypes.change_contenttype', 'contenttypes.view_contenttype', 'django_tools_test_app.add_overwritefilesystemstoragemodel', 'django_tools_test_app.change_overwritefilesystemstoragemodel', 'django_tools_test_app.delete_overwritefilesystemstoragemodel', 'django_tools_test_app.view_overwritefilesystemstoragemodel', 'django_tools_test_app.add_simpleparlermodel', 'django_tools_test_app.change_simpleparlermodel', 'django_tools_test_app.delete_simpleparlermodel', 'django_tools_test_app.view_simpleparlermodel', 'django_tools_test_app.add_usermediafiles', 'django_tools_test_app.change_usermediafiles', 'django_tools_test_app.delete_usermediafiles', 'django_tools_test_app.view_usermediafiles', 'flatpages.add_flatpage', 'flatpages.change_flatpage', 'flatpages.delete_flatpage', 'flatpages.view_flatpage', 'serve_media_app.add_usermediatokenmodel', 'serve_media_app.change_usermediatokenmodel', 'serve_media_app.delete_usermediatokenmodel', 'serve_media_app.view_usermediatokenmodel', 'sessions.add_session', 'sessions.change_session', 'sessions.delete_session', 'sessions.view_session', 'sites.add_site', 'sites.change_site', 'sites.delete_site', 'sites.view_site', ], )
def test_get_filtered_permissions_without_any_filter(self): permissions = sorted( permissions2list(get_filtered_permissions( ) # without any filter -> we get all existing permissions )) pprint.pprint(permissions) all_permissions = sorted(permissions2list(Permission.objects.all())) assert_pformat_equal(permissions, all_permissions)
def test_get_filtered_permissions_without_any_filter(self): permissions = permissions2list( get_filtered_permissions() # without any filter -> we get all existing permissions ) permissions.sort() pprint.pprint(permissions) all_permissions = permissions2list(Permission.objects.all()) all_permissions.sort() self.assertEqual(permissions, all_permissions)
def test_get_filtered_permissions(self): permissions = get_filtered_permissions( exclude_app_labels=("easy_thumbnails", "filer"), exclude_models=(LimitToUsergroupsTestModel, PermissionTestModel), exclude_codenames=("delete_group", "delete_user"), exclude_permissions=((ContentType, "add_contenttype"), (ContentType, "delete_contenttype")), ) permissions = permissions2list(permissions) assert_pformat_equal( permissions, [ "admin.add_logentry", "admin.change_logentry", "admin.delete_logentry", "admin.view_logentry", "auth.add_group", "auth.change_group", "auth.view_group", "auth.add_permission", "auth.change_permission", "auth.delete_permission", "auth.view_permission", "auth.add_user", "auth.change_user", "auth.view_user", "contenttypes.change_contenttype", "contenttypes.view_contenttype", "django_tools_test_app.add_overwritefilesystemstoragemodel", "django_tools_test_app.change_overwritefilesystemstoragemodel", "django_tools_test_app.delete_overwritefilesystemstoragemodel", "django_tools_test_app.view_overwritefilesystemstoragemodel", "django_tools_test_app.add_simpleparlermodel", "django_tools_test_app.change_simpleparlermodel", "django_tools_test_app.delete_simpleparlermodel", "django_tools_test_app.view_simpleparlermodel", "flatpages.add_flatpage", "flatpages.change_flatpage", "flatpages.delete_flatpage", "flatpages.view_flatpage", "sessions.add_session", "sessions.change_session", "sessions.delete_session", "sessions.view_session", "sites.add_site", "sites.change_site", "sites.delete_site", "sites.view_site", ], )
def test_pprint_filtered_permissions(self): permissions = get_filtered_permissions( exclude_app_labels=("easy_thumbnails", "filer"), exclude_actions=("delete", ), exclude_models=(LimitToUsergroupsTestModel, PermissionTestModel), exclude_codenames=("change_group", "change_user"), exclude_permissions=((ContentType, "add_contenttype"), (ContentType, "delete_contenttype")), ) with StdoutStderrBuffer() as buffer: pprint_filtered_permissions(permissions) output = buffer.get_output() assert_equal_dedent( output, """ [*] admin.add_logentry [*] admin.change_logentry [ ] admin.delete_logentry [*] admin.view_logentry [*] auth.add_group [ ] auth.change_group [ ] auth.delete_group [*] auth.view_group [*] auth.add_permission [*] auth.change_permission [ ] auth.delete_permission [*] auth.view_permission [*] auth.add_user [ ] auth.change_user [ ] auth.delete_user [*] auth.view_user [ ] contenttypes.add_contenttype [*] contenttypes.change_contenttype [ ] contenttypes.delete_contenttype [*] contenttypes.view_contenttype [ ] django_tools_test_app.add_limittousergroupstestmodel [ ] django_tools_test_app.change_limittousergroupstestmodel [ ] django_tools_test_app.delete_limittousergroupstestmodel [ ] django_tools_test_app.view_limittousergroupstestmodel [*] django_tools_test_app.add_overwritefilesystemstoragemodel [*] django_tools_test_app.change_overwritefilesystemstoragemodel [ ] django_tools_test_app.delete_overwritefilesystemstoragemodel [*] django_tools_test_app.view_overwritefilesystemstoragemodel [ ] django_tools_test_app.add_permissiontestmodel [ ] django_tools_test_app.change_permissiontestmodel [ ] django_tools_test_app.delete_permissiontestmodel [ ] django_tools_test_app.extra_permission [ ] django_tools_test_app.view_permissiontestmodel [*] django_tools_test_app.add_simpleparlermodel [*] django_tools_test_app.change_simpleparlermodel [ ] django_tools_test_app.delete_simpleparlermodel [*] django_tools_test_app.view_simpleparlermodel [*] django_tools_test_app.add_usermediafiles [*] django_tools_test_app.change_usermediafiles [ ] django_tools_test_app.delete_usermediafiles [*] django_tools_test_app.view_usermediafiles [ ] easy_thumbnails.add_source [ ] easy_thumbnails.change_source [ ] easy_thumbnails.delete_source [ ] easy_thumbnails.view_source [ ] easy_thumbnails.add_thumbnail [ ] easy_thumbnails.change_thumbnail [ ] easy_thumbnails.delete_thumbnail [ ] easy_thumbnails.view_thumbnail [ ] easy_thumbnails.add_thumbnaildimensions [ ] easy_thumbnails.change_thumbnaildimensions [ ] easy_thumbnails.delete_thumbnaildimensions [ ] easy_thumbnails.view_thumbnaildimensions [ ] filer.add_clipboard [ ] filer.change_clipboard [ ] filer.delete_clipboard [ ] filer.view_clipboard [ ] filer.add_clipboarditem [ ] filer.change_clipboarditem [ ] filer.delete_clipboarditem [ ] filer.view_clipboarditem [ ] filer.add_file [ ] filer.change_file [ ] filer.delete_file [ ] filer.view_file [ ] filer.add_folder [ ] filer.can_use_directory_listing [ ] filer.change_folder [ ] filer.delete_folder [ ] filer.view_folder [ ] filer.add_folderpermission [ ] filer.change_folderpermission [ ] filer.delete_folderpermission [ ] filer.view_folderpermission [ ] filer.add_image [ ] filer.change_image [ ] filer.delete_image [ ] filer.view_image [ ] filer.add_thumbnailoption [ ] filer.change_thumbnailoption [ ] filer.delete_thumbnailoption [ ] filer.view_thumbnailoption [*] flatpages.add_flatpage [*] flatpages.change_flatpage [ ] flatpages.delete_flatpage [*] flatpages.view_flatpage [*] serve_media_app.add_usermediatokenmodel [*] serve_media_app.change_usermediatokenmodel [ ] serve_media_app.delete_usermediatokenmodel [*] serve_media_app.view_usermediatokenmodel [*] sessions.add_session [*] sessions.change_session [ ] sessions.delete_session [*] sessions.view_session [*] sites.add_site [*] sites.change_site [ ] sites.delete_site [*] sites.view_site """, )
def test_get_or_create_user_and_group(self): superuser = self.UserModel.objects.filter(is_superuser=True, is_active=True)[0] encrypted_password = superuser.password test_user = get_or_create_user_and_group( username="******", groupname="testgroup", permissions=get_filtered_permissions( exclude_app_labels=("admin", "sites"), exclude_models=(Session, ), exclude_codenames=( "delete_user", "delete_group", ), exclude_permissions=( (ContentType, "add_contenttype"), (ContentType, "delete_contenttype"), )), encrypted_password=encrypted_password) with StdoutStderrBuffer() as buff: call_command("permission_info", "testuser") output = buff.get_output() output = [line.strip(" \t_") for line in output.splitlines()] output = "\n".join([line for line in output if line]) print(output) self.assertEqual_dedent( output, """ Display effective user permissions in the same format as user.has_perm() argument: <appname>.<codename> All permissions for user 'testuser': is_active : yes is_staff : yes is_superuser : no [ ] admin.add_logentry [ ] admin.change_logentry [ ] admin.delete_logentry [*] auth.add_group [*] auth.change_group [ ] auth.delete_group [*] auth.add_permission [*] auth.change_permission [*] auth.delete_permission [*] auth.add_user [*] auth.change_user [ ] auth.delete_user [ ] contenttypes.add_contenttype [*] contenttypes.change_contenttype [ ] contenttypes.delete_contenttype [*] django_tools_test_app.add_limittousergroupstestmodel [*] django_tools_test_app.change_limittousergroupstestmodel [*] django_tools_test_app.delete_limittousergroupstestmodel [*] django_tools_test_app.add_permissiontestmodel [*] django_tools_test_app.change_permissiontestmodel [*] django_tools_test_app.delete_permissiontestmodel [*] django_tools_test_app.extra_permission [*] dynamic_site.add_sitealias [*] dynamic_site.change_sitealias [*] dynamic_site.delete_sitealias [*] easy_thumbnails.add_source [*] easy_thumbnails.change_source [*] easy_thumbnails.delete_source [*] easy_thumbnails.add_thumbnail [*] easy_thumbnails.change_thumbnail [*] easy_thumbnails.delete_thumbnail [*] easy_thumbnails.add_thumbnaildimensions [*] easy_thumbnails.change_thumbnaildimensions [*] easy_thumbnails.delete_thumbnaildimensions [*] filer.add_clipboard [*] filer.change_clipboard [*] filer.delete_clipboard [*] filer.add_clipboarditem [*] filer.change_clipboarditem [*] filer.delete_clipboarditem [*] filer.add_file [*] filer.change_file [*] filer.delete_file [*] filer.add_folder [*] filer.can_use_directory_listing [*] filer.change_folder [*] filer.delete_folder [*] filer.add_folderpermission [*] filer.change_folderpermission [*] filer.delete_folderpermission [*] filer.add_image [*] filer.change_image [*] filer.delete_image [*] filer.add_thumbnailoption [*] filer.change_thumbnailoption [*] filer.delete_thumbnailoption [ ] sessions.add_session [ ] sessions.change_session [ ] sessions.delete_session [ ] sites.add_site [ ] sites.change_site [ ] sites.delete_site """) self.assertEqual(test_user.password, encrypted_password)
def test_get_or_create_user_and_group(self): superuser = self.UserModel.objects.filter(is_superuser=True, is_active=True)[0] encrypted_password = superuser.password test_user = get_or_create_user_and_group( username="******", groupname="testgroup", permissions=get_filtered_permissions( exclude_app_labels=("admin", "sites"), exclude_models=(Session,), exclude_codenames=("delete_user", "delete_group"), exclude_permissions=((ContentType, "add_contenttype"), (ContentType, "delete_contenttype")), ), encrypted_password=encrypted_password, ) with StdoutStderrBuffer() as buff: call_command("permission_info", "testuser") output = buff.get_output() output = [line.strip(" \t_") for line in output.splitlines()] output = "\n".join([line for line in output if line]) print(output) assert_equal_dedent( output, """ Display effective user permissions in the same format as user.has_perm() argument: <appname>.<codename> All permissions for user 'testuser': is_active : yes is_staff : yes is_superuser : no [ ] admin.add_logentry [ ] admin.change_logentry [ ] admin.delete_logentry [*] auth.add_group [*] auth.change_group [ ] auth.delete_group [*] auth.add_permission [*] auth.change_permission [*] auth.delete_permission [*] auth.add_user [*] auth.change_user [ ] auth.delete_user [ ] contenttypes.add_contenttype [*] contenttypes.change_contenttype [ ] contenttypes.delete_contenttype [*] django_tools_test_app.add_limittousergroupstestmodel [*] django_tools_test_app.change_limittousergroupstestmodel [*] django_tools_test_app.delete_limittousergroupstestmodel [*] django_tools_test_app.add_overwritefilesystemstoragemodel [*] django_tools_test_app.change_overwritefilesystemstoragemodel [*] django_tools_test_app.delete_overwritefilesystemstoragemodel [*] django_tools_test_app.add_permissiontestmodel [*] django_tools_test_app.change_permissiontestmodel [*] django_tools_test_app.delete_permissiontestmodel [*] django_tools_test_app.extra_permission [*] django_tools_test_app.add_simpleparlermodel [*] django_tools_test_app.change_simpleparlermodel [*] django_tools_test_app.delete_simpleparlermodel [*] easy_thumbnails.add_source [*] easy_thumbnails.change_source [*] easy_thumbnails.delete_source [*] easy_thumbnails.add_thumbnail [*] easy_thumbnails.change_thumbnail [*] easy_thumbnails.delete_thumbnail [*] easy_thumbnails.add_thumbnaildimensions [*] easy_thumbnails.change_thumbnaildimensions [*] easy_thumbnails.delete_thumbnaildimensions [*] filer.add_clipboard [*] filer.change_clipboard [*] filer.delete_clipboard [*] filer.add_clipboarditem [*] filer.change_clipboarditem [*] filer.delete_clipboarditem [*] filer.add_file [*] filer.change_file [*] filer.delete_file [*] filer.add_folder [*] filer.can_use_directory_listing [*] filer.change_folder [*] filer.delete_folder [*] filer.add_folderpermission [*] filer.change_folderpermission [*] filer.delete_folderpermission [*] filer.add_image [*] filer.change_image [*] filer.delete_image [*] filer.add_thumbnailoption [*] filer.change_thumbnailoption [*] filer.delete_thumbnailoption [*] flatpages.add_flatpage [*] flatpages.change_flatpage [*] flatpages.delete_flatpage [ ] sessions.add_session [ ] sessions.change_session [ ] sessions.delete_session [ ] sites.add_site [ ] sites.change_site [ ] sites.delete_site """, ) assert_pformat_equal(test_user.password, encrypted_password)
def create_test_user(delete_first=False): User = get_user_model() if delete_first: qs = User.objects.exclude(is_superuser=True, is_active=True) print("Delete %i users..." % qs.count()) qs.delete() qs = Group.objects.all() print("Delete %i user groups..." % qs.count()) qs.delete() # all_permissions = [ # "%s.%s" % (entry.content_type, entry.codename) # for entry in Permission.objects.all().order_by("content_type", "codename") # ] # pprint.pprint(all_permissions) superuser_qs = User.objects.all().filter(is_superuser=True, is_active=True) try: superuser = superuser_qs[0] except IndexError: print("\nERROR: No active superuser found!") print("Please create one and run again!\n") sys.exit(-1) print("Use password from Superuser:"******"auth", "sites"), exclude_models=(PagePermission, ), exclude_codenames=( "can_publish" # <app_name>.can_publish_<model_name> "delete" # <app_name>.delete_<model_name> ), exclude_permissions=( # Django CMS permissions: (Page, "publish_page"), # cms.publish_page (Page, "delete_page"), # cms.delete_page # Publisher permissions: (PublisherStateModel, "add_publisherstatemodel"), (PublisherStateModel, "delete_publisherstatemodel"), (PublisherParlerAutoSlugifyTestModel, "can_publish_publisherparlerautoslugifytestmodel"), (PublisherParlerAutoSlugifyTestModel, "delete_publisherparlerautoslugifytestmodel"), (PublisherItem, "can_publish_publisheritem"), (PublisherItem, "delete_publisheritem"), (PublisherParlerTestModel, "can_publish_publisherparlertestmodel"), (PublisherParlerTestModel, "delete_publisherparlertestmodel"), (PublisherTestModel, "can_publish_publishertestmodel"), (PublisherTestModel, "delete_publishertestmodel"), ), ), encrypted_password=encrypted_password) # 'editor' can direct (un-)publish & accept/reject a (un-)publish request editor_user = get_or_create_user_and_group( username=EDITOR_USER, groupname=EDITOR_GROUP, permissions=get_filtered_permissions( exclude_app_labels=("auth", "sites"), exclude_models=(PagePermission, ), exclude_codenames=(), exclude_permissions=( # Publisher permissions: (PublisherStateModel, "add_publisherstatemodel"), (PublisherStateModel, "delete_publisherstatemodel"), ), ), encrypted_password=encrypted_password) return reporter_user, editor_user
def test_pprint_filtered_permissions(self): permissions = get_filtered_permissions( exclude_app_labels=("easy_thumbnails", "filer"), exclude_models=(LimitToUsergroupsTestModel, PermissionTestModel), exclude_codenames=("delete_group", "delete_user"), exclude_permissions=( (ContentType, "add_contenttype"), (ContentType, "delete_contenttype"), ) ) with StdoutStderrBuffer() as buffer: pprint_filtered_permissions(permissions) self.assertEqual_dedent(buffer.get_output(), """ [*] admin.add_logentry [*] admin.change_logentry [*] admin.delete_logentry [*] auth.add_group [*] auth.change_group [ ] auth.delete_group [*] auth.add_permission [*] auth.change_permission [*] auth.delete_permission [*] auth.add_user [*] auth.change_user [ ] auth.delete_user [ ] contenttypes.add_contenttype [*] contenttypes.change_contenttype [ ] contenttypes.delete_contenttype [ ] django_tools_test_app.add_limittousergroupstestmodel [ ] django_tools_test_app.change_limittousergroupstestmodel [ ] django_tools_test_app.delete_limittousergroupstestmodel [ ] django_tools_test_app.add_permissiontestmodel [ ] django_tools_test_app.change_permissiontestmodel [ ] django_tools_test_app.delete_permissiontestmodel [ ] django_tools_test_app.extra_permission [*] dynamic_site.add_sitealias [*] dynamic_site.change_sitealias [*] dynamic_site.delete_sitealias [ ] easy_thumbnails.add_source [ ] easy_thumbnails.change_source [ ] easy_thumbnails.delete_source [ ] easy_thumbnails.add_thumbnail [ ] easy_thumbnails.change_thumbnail [ ] easy_thumbnails.delete_thumbnail [ ] easy_thumbnails.add_thumbnaildimensions [ ] easy_thumbnails.change_thumbnaildimensions [ ] easy_thumbnails.delete_thumbnaildimensions [ ] filer.add_clipboard [ ] filer.change_clipboard [ ] filer.delete_clipboard [ ] filer.add_clipboarditem [ ] filer.change_clipboarditem [ ] filer.delete_clipboarditem [ ] filer.add_file [ ] filer.change_file [ ] filer.delete_file [ ] filer.add_folder [ ] filer.can_use_directory_listing [ ] filer.change_folder [ ] filer.delete_folder [ ] filer.add_folderpermission [ ] filer.change_folderpermission [ ] filer.delete_folderpermission [ ] filer.add_image [ ] filer.change_image [ ] filer.delete_image [ ] filer.add_thumbnailoption [ ] filer.change_thumbnailoption [ ] filer.delete_thumbnailoption [*] sessions.add_session [*] sessions.change_session [*] sessions.delete_session [*] sites.add_site [*] sites.change_site [*] sites.delete_site """)