def test_standard_permissions(self):
from groups_manager import settings
settings.GROUPS_MANAGER = deepcopy(GROUPS_MANAGER_MOCK)
self.create_legions()
legio_4 = testproject_models.Legion(name='Legio IV')
legio_4.save()
legio_5 = testproject_models.Legion(name='Legio V')
legio_5.save()
relation = models.GroupMember.objects.get(group=self.consuls,
member=self.sulla)
relation.assign_object(legio_4)
# owner - read
self.assertTrue(self.sulla.has_perm('testproject.view_legion',
legio_4))
self.assertFalse(
self.sulla.has_perm('testproject.view_legion', legio_5))
# owner - write
self.assertTrue(
self.sulla.has_perm('testproject.change_legion', legio_4))
# owner - delete
self.assertTrue(
self.sulla.has_perm('testproject.delete_legion', legio_4))
# group
self.assertTrue(
self.metellus.has_perm('testproject.view_legion', legio_4))
self.assertTrue(
self.metellus.has_perm('testproject.change_legion', legio_4))
self.assertFalse(
self.metellus.has_perm('testproject.delete_legion', legio_4))
# groups - upstream
self.assertTrue(self.mars.has_perm('testproject.view_legion', legio_4))
self.assertFalse(
self.mars.has_perm('testproject.change_legion', legio_4))
self.assertFalse(
self.mars.has_perm('testproject.delete_legion', legio_4))
# groups - downstream
self.assertFalse(
self.quintus.has_perm('testproject.view_legion', legio_4))
self.assertFalse(
self.quintus.has_perm('testproject.change_legion', legio_4))
self.assertFalse(
self.quintus.has_perm('testproject.delete_legion', legio_4))
# groups - sibling
self.assertTrue(
self.marius.has_perm('testproject.view_legion', legio_4))
self.assertFalse(
self.marius.has_perm('testproject.change_legion', legio_4))
self.assertFalse(
self.marius.has_perm('testproject.delete_legion', legio_4))
# groups - other
self.assertFalse(
self.archelaus.has_perm('testproject.view_legion', legio_4))
self.assertFalse(
self.archelaus.has_perm('testproject.change_legion', legio_4))
self.assertFalse(
self.archelaus.has_perm('testproject.delete_legion', legio_4))
def test_assign_object_without_models_sync(self):
from groups_manager import settings
settings.GROUPS_MANAGER = deepcopy(GROUPS_MANAGER_MOCK)
settings.GROUPS_MANAGER['AUTH_MODELS_SYNC'] = False
self.create_legions()
legio_4 = testproject_models.Legion(name='Legio IV')
legio_4.save()
self.sulla.assign_object(self.consuls, legio_4)
def test_all_true_permissions(self):
self.create_legions()
from groups_manager import settings
settings.GROUPS_MANAGER = deepcopy(GROUPS_MANAGER_MOCK)
custom_permissions = {
'owner': ['view', 'change', 'delete'],
'group': ['view', 'change', 'delete'],
'groups_upstream': ['view', 'change', 'delete'],
'groups_downstream': ['view', 'change', 'delete'],
'groups_siblings': ['view', 'change', 'delete'],
}
legio_4 = testproject_models.Legion(name='Legio IV')
legio_4.save()
legio_5 = testproject_models.Legion(name='Legio V')
legio_5.save()
relation = models.GroupMember.objects.get(group=self.consuls,
member=self.sulla)
relation.assign_object(legio_4, custom_permissions=custom_permissions)
# owner - read
self.assertTrue(self.sulla.has_perm('testproject.view_legion',
legio_4))
self.assertFalse(
self.sulla.has_perm('testproject.view_legion', legio_5))
# owner - write
self.assertTrue(
self.sulla.has_perm('testproject.change_legion', legio_4))
# owner - delete
self.assertTrue(
self.sulla.has_perm('testproject.change_legion', legio_4))
# group
self.assertTrue(
self.metellus.has_perm('testproject.view_legion', legio_4))
self.assertTrue(
self.metellus.has_perm('testproject.change_legion', legio_4))
self.assertTrue(
self.metellus.has_perm('testproject.delete_legion', legio_4))
# groups - upstream
self.assertTrue(self.mars.has_perm('testproject.view_legion', legio_4))
self.assertTrue(
self.mars.has_perm('testproject.change_legion', legio_4))
self.assertTrue(
self.mars.has_perm('testproject.delete_legion', legio_4))
# groups - downstream
self.assertTrue(
self.quintus.has_perms([
'testproject.view_legion', 'testproject.change_legion',
'testproject.delete_legion'
], legio_4))
# groups - sibling
self.assertTrue(
self.marius.has_perms([
'testproject.view_legion', 'testproject.change_legion',
'testproject.delete_legion'
], legio_4))
# groups - other
self.assertFalse(
self.archelaus.has_perms([
'testproject.view_legion', 'testproject.change_legion',
'testproject.delete_legion'
], legio_4))