def test_remove_roles(self):
""" test if the remove_roles method works fine """
assign_role(self.john, Teacher, self.bob)
remove_role(self.john, Teacher, self.bob)
users_list = get_users(Teacher)
self.assertEqual(list(users_list), [])
assign_roles([self.john, self.mike], Teacher, self.bob)
remove_roles([self.john, self.mike], Teacher)
users_list = get_users(Teacher)
self.assertEqual(list(users_list), [])
assign_role(self.julie, Coordenator)
self.assertTrue(has_permission(self.julie, 'testapp1.add_user'))
remove_role(self.julie)
self.assertFalse(has_permission(self.julie, 'testapp1.add_user'))
# Remove all roles from the project.
assign_roles([self.john, self.mike], Teacher, self.bob)
remove_all(Coordenator)
remove_all(Teacher)
self.assertEqual(list(get_users(Coordenator)), [])
self.assertEqual(list(get_users(Teacher)), [])
def has_permission(self,
permission,
obj=None,
any_object=False,
persistent=None):
return shortcuts.has_permission(self, permission, obj, any_object,
persistent)
def check_permission(self):
return shortcuts.has_permission(
self.request.user,
self.get_permission_string(),
self.get_permission_object(),
self.permission_any_object,
self.permission_persistent,
)
def has_perm(user, permission, obj=None, persistent=None):
"""Adapts has_permission shortcut into a templatetag."""
any_object = False
# Checking the any_object kwarg.
if obj and isinstance(obj, str) and obj == 'any':
any_object = True
obj = None
# Checking the persistent kwarg.
if persistent and isinstance(persistent, str):
if persistent == 'persistent':
persistent = True
elif persistent == 'non-persistent':
persistent = False
else:
raise NotAllowed(
"Use 'persistent' or 'non-persistent' on Persistent Mode.")
else:
persistent = None
# Return the default behavior of the shortcut.
return has_permission(user, permission, obj, any_object, persistent)
def test_assign_permissions(self):
""" test if the permissions assignment works fine """
# Assign the role and try to use a permission denied by default.
assign_role(self.john, Teacher, self.bob)
assign_role(self.john, Teacher, self.julie)
self.assertFalse(
has_permission(self.john, 'testapp1.delete_user', self.bob))
self.assertFalse(
has_permission(self.john, 'testapp1.delete_user', self.julie))
# Explicitly assign the permission using access=True and the object.
assign_permission(self.john, Teacher, 'testapp1.delete_user', True,
self.bob)
# Result: Only the specified object was affected.
self.assertTrue(
has_permission(self.john, 'testapp1.delete_user', self.bob))
self.assertFalse(
has_permission(self.john, 'testapp1.delete_user', self.julie))
# Assign the role and try to use a permission allowed by default
assign_role(self.mike, Teacher, self.bob)
assign_role(self.mike, Teacher, self.julie)
self.assertTrue(
has_permission(self.mike, 'testapp1.add_user', self.bob))
self.assertTrue(
has_permission(self.mike, 'testapp1.add_user', self.julie))
# Explicitly assign the permission using access=False but without an object.
assign_permission(self.mike, Teacher, 'testapp1.add_user', False)
# Result: All the user's role instances were affected
self.assertFalse(
has_permission(self.mike, 'testapp1.add_user', self.bob))
self.assertFalse(
has_permission(self.mike, 'testapp1.add_user', self.julie))
# Trying to assign a wrong permission.
with self.assertRaises(InvalidPermissionAssignment):
assign_permission(self.mike,
Secretary,
'testapp1.add_user',
access=False)
# Expliciting a permission to a role using ALL_MODELS.
assign_role(self.julie, SubCoordenator)
self.assertFalse(has_permission(self.julie, 'testapp1.delete_user'))
assign_permission(self.julie,
SubCoordenator,
'testapp1.delete_user',
access=True)
self.assertTrue(has_permission(self.julie, 'testapp1.delete_user'))
# Other permissions are still False.
self.assertFalse(has_permission(self.julie, 'testapp1.add_user'))
remove_role(self.julie, SubCoordenator)
self.assertFalse(has_permission(self.julie, 'testapp1.delete_user'))
def test_has_permission(self):
""" test if the has_permission method works fine """
assign_role(self.john, Teacher, self.bob)
self.assertTrue(
has_permission(self.john, 'testapp1.add_user', self.bob))
self.assertFalse(
has_permission(self.mike, 'testapp1.delete_user', self.bob))
assign_role(self.mike, Secretary, self.bob)
self.assertTrue(
has_permission(self.mike, 'testapp1.delete_user', self.bob))
self.assertFalse(
has_permission(self.mike, 'testapp1.add_user', self.bob))
assign_role(self.bob, SubCoordenator)
self.assertTrue(has_permission(self.bob, 'testapp1.change_user'))
self.assertTrue(
has_permission(self.bob, 'testapp1.change_user', self.julie))
self.assertFalse(
has_permission(self.bob, 'testapp1.add_user', self.julie))
assign_role(self.julie, Coordenator)
self.assertTrue(has_permission(self.julie, 'testapp1.add_user'))
self.assertTrue(
has_permission(self.julie, 'testapp1.add_user', self.bob))
self.assertFalse(
has_permission(self.julie, 'testapp1.change_user', self.bob))
# john has both Advisor and Teacher now,
# but Advisor has better ranking.
assign_role(self.john, Advisor, self.bob)
self.assertTrue(
has_permission(self.john, 'testapp1.delete_user', self.bob))
def has_permission(self, permission, obj=None):
return shortcuts.has_permission(self, permission, obj)
def has_perm(user, permission, obj=None):
return has_permission(user, permission, obj)