def run(): create_permission( "can_change_user_cert", description=\ "Owners of this permission can view/modify users' GCF" "certificates.", view=request_permission_wrapper, )
def setUp(self): """ Create some permissions and users. """ self.u1 = User.objects.create_user("user1", "*****@*****.**", "password") self.u2 = User.objects.create_user("user2", "*****@*****.**", "password") create_permission("permission1", description="Permission 1 description.") give_permission_to("permission1", self.u1, self.u1, can_delegate=True) give_permission_to("permission1", self.u2, self.u1, can_delegate=True)
def setUp(self): """ Create some permissions and users. """ self.u1 = User.objects.create_user("user1", "*****@*****.**", "password") self.u2 = User.objects.create_user("user2", "*****@*****.**", "password") create_permission("permission1", description="Permission 1 description.") give_permission_to("permission1", self.u1, self.u1, can_delegate=True) give_permission_to("permission1", self.u2, self.u1, can_delegate=True)
def run(): create_permission( "can_edit_user", description=\ "Owners of this permission can modify information about " "or delete a particular user.", view=request_permission_wrapper, ) create_permission( "can_manage_users", description=\ "Owners of this permission can view/modify/delete users in the" " user management page.", view=request_permission_wrapper, )
def run(): create_permission( "can_edit_user", description=\ "Owners of this permission can modify information about " "or delete a particular user.", view=request_permission_wrapper, ) create_permission( "can_manage_users", description=\ "Owners of this permission can view/modify/delete users in the" " user management page.", view=request_permission_wrapper, )
def run(): create_permission( "can_add_aggregate", description="Owners of this permission can add aggregates to Expedient.", view=request_permission_wrapper, ) create_permission( "can_edit_aggregate", description=\ "Owners of this permission can edit or delete " "the related aggregates in Expedient.", view=request_permission_wrapper, ) create_permission( "can_use_aggregate", description=\ "Projects, slices, and users that are owners of this permission " "can use the aggregate by starting or stopping slices on it, and " "by calling other methods.", view=get_can_use_permission, )
def run(): create_permission( "can_create_project", description=\ "Owners of this permission can create projects in Expedient.", view=request_permission_wrapper, ) create_permission( "can_edit_project", description=\ "Owners of this permission can edit basic project properties.", view=make_request, force=True, ) create_permission( "can_delete_project", description=\ "Owners of this permission can edit basic project properties.", view=make_request, force=True, ) create_permission( "can_view_project", description=\ "Owners of this permission can view the project. Without " "other permissions, they are non-functional members.", view=make_request, force=True, ) create_permission( "can_add_members", description=\ "Owners of this permission can add members to " "the project and assign to them roles.", view=make_request, force=True, ) create_permission( "can_remove_members", description=\ "Owners of this permission can remove members from " "the project. They can also remove permissions from roles and " "remove roles from users.", view=make_request, force=True, ) create_permission( "can_create_slices", description=\ "Owners of this permission can create new slices.", view=make_request, force=True, ) create_permission( "can_edit_slices", description=\ "Owners of this permission can modify existing slices.", view=make_request, force=True, ) create_permission( "can_delete_slices", description=\ "Owners of this permission can delete existing slices.", view=make_request, force=True, ) create_permission( "can_stop_slices", description=\ "Owners of this permission can start slices.", view=make_request, force=True, ) create_permission( "can_start_slices", description=\ "Owners of this permission can stop slices.", view=make_request, force=True, ) create_permission( "can_add_aggregates", description=\ "Owners of this permission can add aggregates " "to the project.", view=make_request, force=True, ) create_permission( "can_remove_aggregates", description=\ "Owners of this permission can remove aggregates " "from the project.", view=make_request, force=True, ) create_permission( "can_create_roles", description=\ "Owners of this permission can create roles " "in the project", view=make_request, force=True, ) create_permission( "can_edit_roles", description=\ "Owners of this permission can modify and delete roles " "in the project", view=make_request, force=True, )
def setUp(self): """Create a project and test permissions and permittees""" self.su = User.objects.create_superuser("superuser", "*****@*****.**", "password") self.u1 = User.objects.create_user("user1", "*****@*****.**", "password") self.u2 = User.objects.create_user("user2", "*****@*****.**", "password") self.u3 = User.objects.create_user("user3", "*****@*****.**", "password") self.client.login(username="******", password="******") threadlocals.push_frame(user=self.su) self.project = Project.objects.create(name="projectX", description="blabla") self.projectY = Project.objects.create(name="projectY", description="blabla") self.client.logout() threadlocals.pop_frame() create_permission("perm1") create_permission("perm2") create_permission("perm3") create_permission("perm4") self.obj_perm1 = ObjectPermission.objects.\ get_or_create_for_object_or_class("perm1", self.project)[0] self.obj_perm2 = ObjectPermission.objects.\ get_or_create_for_object_or_class("perm2", self.project)[0] self.obj_perm3 = ObjectPermission.objects.\ get_or_create_for_object_or_class("perm3", self.project)[0] self.obj_perm4 = ObjectPermission.objects.\ get_or_create_for_object_or_class("perm4", self.project)[0] self.role1 = ProjectRole.objects.create( name="role1", project=self.project, ) self.role1.obj_permissions.add(self.obj_perm1) self.role2 = ProjectRole.objects.create( name="role2", project=self.project, ) self.role2.obj_permissions.add(self.obj_perm2) self.role3 = ProjectRole.objects.create( name="role3", project=self.project, ) self.role3.obj_permissions.add(self.obj_perm1) self.role3.obj_permissions.add(self.obj_perm3) create_permission("permY1") create_permission("permY2") create_permission("permY3") create_permission("permY4") self.obj_permY1 = ObjectPermission.objects.\ get_or_create_for_object_or_class("permY1", self.projectY)[0] self.obj_permY2 = ObjectPermission.objects.\ get_or_create_for_object_or_class("permY2", self.projectY)[0] self.obj_permY3 = ObjectPermission.objects.\ get_or_create_for_object_or_class("permY3", self.projectY)[0] self.obj_permY4 = ObjectPermission.objects.\ get_or_create_for_object_or_class("permY4", self.projectY)[0] self.roleY1 = ProjectRole.objects.create( name="roleY1", project=self.projectY, ) self.roleY1.obj_permissions.add(self.obj_permY1) self.roleY2 = ProjectRole.objects.create( name="roleY2", project=self.projectY, ) self.roleY2.obj_permissions.add(self.obj_permY2) self.roleY3 = ProjectRole.objects.create( name="roleY3", project=self.projectY, ) self.roleY3.obj_permissions.add(self.obj_permY1) self.roleY3.obj_permissions.add(self.obj_permY3)
def setUp(self): """Create a project and test permissions and permittees""" self.su = User.objects.create_superuser( "superuser", "*****@*****.**", "password") self.u1 = User.objects.create_user( "user1", "*****@*****.**", "password") self.u2 = User.objects.create_user( "user2", "*****@*****.**", "password") self.u3 = User.objects.create_user( "user3", "*****@*****.**", "password") self.client.login(username="******", password="******") threadlocals.push_frame(user=self.su) self.project = Project.objects.create( name="projectX", description="blabla") self.projectY = Project.objects.create( name="projectY", description="blabla") self.client.logout() threadlocals.pop_frame() create_permission("perm1") create_permission("perm2") create_permission("perm3") create_permission("perm4") self.obj_perm1 = ObjectPermission.objects.\ get_or_create_for_object_or_class("perm1", self.project)[0] self.obj_perm2 = ObjectPermission.objects.\ get_or_create_for_object_or_class("perm2", self.project)[0] self.obj_perm3 = ObjectPermission.objects.\ get_or_create_for_object_or_class("perm3", self.project)[0] self.obj_perm4 = ObjectPermission.objects.\ get_or_create_for_object_or_class("perm4", self.project)[0] self.role1 = ProjectRole.objects.create( name="role1", project=self.project, ) self.role1.obj_permissions.add(self.obj_perm1) self.role2 = ProjectRole.objects.create( name="role2", project=self.project, ) self.role2.obj_permissions.add(self.obj_perm2) self.role3 = ProjectRole.objects.create( name="role3", project=self.project, ) self.role3.obj_permissions.add(self.obj_perm1) self.role3.obj_permissions.add(self.obj_perm3) create_permission("permY1") create_permission("permY2") create_permission("permY3") create_permission("permY4") self.obj_permY1 = ObjectPermission.objects.\ get_or_create_for_object_or_class("permY1", self.projectY)[0] self.obj_permY2 = ObjectPermission.objects.\ get_or_create_for_object_or_class("permY2", self.projectY)[0] self.obj_permY3 = ObjectPermission.objects.\ get_or_create_for_object_or_class("permY3", self.projectY)[0] self.obj_permY4 = ObjectPermission.objects.\ get_or_create_for_object_or_class("permY4", self.projectY)[0] self.roleY1 = ProjectRole.objects.create( name="roleY1", project=self.projectY, ) self.roleY1.obj_permissions.add(self.obj_permY1) self.roleY2 = ProjectRole.objects.create( name="roleY2", project=self.projectY, ) self.roleY2.obj_permissions.add(self.obj_permY2) self.roleY3 = ProjectRole.objects.create( name="roleY3", project=self.projectY, ) self.roleY3.obj_permissions.add(self.obj_permY1) self.roleY3.obj_permissions.add(self.obj_permY3)
def run(): create_permission( "can_create_project", description=\ "Owners of this permission can create projects in Expedient.", view=request_permission_wrapper, ) create_permission( "can_edit_project", description=\ "Owners of this permission can edit basic project properties.", view=make_request, force=True, ) create_permission( "can_delete_project", description=\ "Owners of this permission can edit basic project properties.", view=make_request, force=True, ) create_permission( "can_view_project", description=\ "Owners of this permission can view the project. Without " "other permissions, they are non-functional members.", view=make_request, force=True, ) create_permission( "can_add_members", description=\ "Owners of this permission can add members to " "the project and assign to them roles.", view=make_request, force=True, ) create_permission( "can_remove_members", description=\ "Owners of this permission can remove members from " "the project. They can also remove permissions from roles and " "remove roles from users.", view=make_request, force=True, ) create_permission( "can_create_slices", description=\ "Owners of this permission can create new slices.", view=make_request, force=True, ) create_permission( "can_edit_slices", description=\ "Owners of this permission can modify existing slices.", view=make_request, force=True, ) create_permission( "can_delete_slices", description=\ "Owners of this permission can delete existing slices.", view=make_request, force=True, ) create_permission( "can_stop_slices", description=\ "Owners of this permission can start slices.", view=make_request, force=True, ) create_permission( "can_start_slices", description=\ "Owners of this permission can stop slices.", view=make_request, force=True, ) create_permission( "can_add_aggregates", description=\ "Owners of this permission can add aggregates " "to the project.", view=make_request, force=True, ) create_permission( "can_remove_aggregates", description=\ "Owners of this permission can remove aggregates " "from the project.", view=make_request, force=True, ) create_permission( "can_create_roles", description=\ "Owners of this permission can create roles " "in the project", view=make_request, force=True, ) create_permission( "can_edit_roles", description=\ "Owners of this permission can modify and delete roles " "in the project", view=make_request, force=True, )