def test_can_execute_constitution(self):
"""Test that users with can_execute permissions can execute any constitution action and mark it as 'passed'"""
all_actions_fail_policy = {
**all_actions_pass_policy,
"check": "return FAILED",
}
policy = ConstitutionPolicy(
**all_actions_fail_policy,
community=self.community,
description="all actions fail",
name="all actions fail",
)
policy.save()
# create a test user with can_execute permissions for PolicykitAddCommunityDoc
can_add = Permission.objects.get(
name="Can add policykit add community doc")
can_execute = Permission.objects.get(
name="Can execute policykit add community doc")
user_with_can_execute = SlackUser.objects.create(
username="******", community=self.community)
user_with_can_execute.user_permissions.add(can_add)
user_with_can_execute.user_permissions.add(can_execute)
self.assertTrue(
user_with_can_execute.has_perm(
"policyengine.add_policykitaddcommunitydoc"))
self.assertTrue(
user_with_can_execute.has_perm(
"policyengine.can_execute_policykitaddcommunitydoc"))
# action initiated by user with "can_execute" should pass
action = PolicykitAddCommunityDoc(name="my doc",
initiator=user_with_can_execute,
community=self.community)
action.save()
self.assertEqual(action.proposal.status, "passed")
# action initiated by user without "can_execute" should fail
action = PolicykitAddCommunityDoc(name="my other doc",
initiator=self.user,
community=self.community)
action.save()
self.assertEqual(action.proposal.status, "failed")
def test_cannot_propose_constitution(self):
"""Test that action fails when a user does not have permission to propose constitution change"""
policy = ConstitutionPolicy(
**all_actions_pass_policy,
community=self.community,
description="all actions pass",
name="all actions pass",
)
policy.save()
# action initiated by user without "can_add" should fail
user = SlackUser.objects.create(username="******",
community=self.community)
self.assertEqual(
user.has_perm("policyengine.add_policykitaddcommunitydoc"), False)
action = PolicykitAddCommunityDoc(name="my doc",
initiator=user,
community=self.community)
action.save()
action.refresh_from_db(
) # test that it was saved to the db with correct proposal
self.assertEqual(action.proposal.status, "failed")
# action initiated by user with "can_add" should pass
user = SlackUser.objects.create(username="******",
community=self.community)
can_add = Permission.objects.get(
name="Can add policykit add community doc")
user.user_permissions.add(can_add)
self.assertTrue(
user.has_perm("policyengine.add_policykitaddcommunitydoc"))
action = PolicykitAddCommunityDoc(name="my other doc",
initiator=user,
community=self.community)
action.save()
action.refresh_from_db(
) # test that it was saved to the db with correct proposal
self.assertEqual(action.proposal.status, "passed")
def init_kit(self, community, creator_token=None):
for policy in self.genericpolicy_set.all():
if policy.is_constitution:
p = ConstitutionPolicy()
p.community = community
p.filter = policy.filter
p.initialize = policy.initialize
p.check = policy.check
p.notify = policy.notify
p.success = policy.success
p.fail = policy.fail
p.description = policy.description
p.name = policy.name
proposal = Proposal.objects.create(author=None, status=Proposal.PASSED)
p.proposal = proposal
p.save()
else:
p = PlatformPolicy()
p.community = community
p.filter = policy.filter
p.initialize = policy.initialize
p.check = policy.check
p.notify = policy.notify
p.success = policy.success
p.fail = policy.fail
p.description = policy.description
p.name = policy.name
proposal = Proposal.objects.create(author=None, status=Proposal.PASSED)
p.proposal = proposal
p.save()
for role in self.genericrole_set.all():
c = None
if role.is_base_role:
c = community.base_role
role.is_base_role = False
else:
c = CommunityRole()
c.community = community
c.role_name = role.role_name
c.name = "Discord: " + community.community_name + ": " + role.role_name
c.description = role.description
c.save()
for perm in role.permissions.all():
c.permissions.add(perm)
jsonDec = json.decoder.JSONDecoder()
perm_set = jsonDec.decode(role.plat_perm_set)
if 'view' in perm_set:
for perm in DISCORD_VIEW_PERMS:
p1 = Permission.objects.get(name=perm)
c.permissions.add(p1)
if 'propose' in perm_set:
for perm in DISCORD_PROPOSE_PERMS:
p1 = Permission.objects.get(name=perm)
c.permissions.add(p1)
if 'execute' in perm_set:
for perm in DISCORD_EXECUTE_PERMS:
p1 = Permission.objects.get(name=perm)
c.permissions.add(p1)
if role.user_group == "admins":
group = CommunityUser.objects.filter(community = community, is_community_admin = True)
for user in group:
c.user_set.add(user)
elif role.user_group == "nonadmins":
group = CommunityUser.objects.filter(community = community, is_community_admin = False)
for user in group:
c.user_set.add(user)
elif role.user_group == "all":
group = CommunityUser.objects.filter(community = community)
for user in group:
c.user_set.add(user)
elif role.user_group == "creator":
user = CommunityUser.objects.get(access_token=creator_token)
c.user_set.add(user)
c.save()