Move permission purge code

Move the code to purge obsolete permissions from the management command to the StoredPermission default manager. Signed-off-by: Roberto Rosario <Roberto.Rosario@mayan-edms.com>
2019-01-13 23:58:08 -04:00
parent 0e800dc314
commit 097ac7dae6
6 changed files with 70 additions and 30 deletions
--- a/mayan/apps/permissions/classes.py
+++ b/mayan/apps/permissions/classes.py
@@ -59,7 +59,7 @@ class Permission(object):

            for namespace, permissions in itertools.groupby(cls.all(), lambda entry: entry.namespace):
                permission_options = [
-                    (force_text(permission.uuid), permission) for permission in permissions
+                    (force_text(permission.pk), permission) for permission in permissions
                ]
                results.append(
                    (namespace, permission_options)
@@ -98,6 +98,8 @@ class Permission(object):

    @classmethod
    def get(cls, pk, proxy_only=False):
+        # TODO: Split into .get which returns the stored permission model and
+        # .get_volatile which returns the class of type Permission
        if proxy_only:
            return cls._permissions[pk]
        else:
@@ -124,8 +126,8 @@ class Permission(object):
        self.namespace = namespace
        self.name = name
        self.label = label
-        self.pk = self.uuid
-        self.__class__._permissions[self.uuid] = self
+        self.pk = self.get_pk()
+        self.__class__._permissions[self.pk] = self

    def __repr__(self):
        return self.pk
@@ -133,24 +135,21 @@ class Permission(object):
    def __str__(self):
        return force_text(self.label)

+    def get_pk(self):
+        return '%s.%s' % (self.namespace.name, self.name)
+
    @property
    def stored_permission(self):
-        StoredPermission = apps.get_model(
-            app_label='permissions', model_name='StoredPermission'
-        )
-
        try:
-            return self.__class__._stored_permissions_cache[self.uuid]
+            return self.__class__._stored_permissions_cache[self.pk]
        except KeyError:
+            StoredPermission = apps.get_model(
+                app_label='permissions', model_name='StoredPermission'
+            )
+
            stored_permission, created = StoredPermission.objects.get_or_create(
                namespace=self.namespace.name,
                name=self.name,
            )
-            self.__class__._stored_permissions_cache[
-                self.uuid
-            ] = stored_permission
+            self.__class__._stored_permissions_cache[self.pk] = stored_permission
            return stored_permission
-
-    @property
-    def uuid(self):
-        return '%s.%s' % (self.namespace.name, self.name)
--- a/mayan/apps/permissions/handlers.py
+++ b/mayan/apps/permissions/handlers.py
@@ -1,7 +1,10 @@
 from __future__ import unicode_literals

-from django.core import management
+from django.apps import apps


 def handler_purge_permissions(**kwargs):
-    management.call_command('purgepermissions')
+    StoredPermission = apps.get_model(
+        app_label='permissions', model_name='StoredPermission'
+    )
+    StoredPermission.objects.purge_obsolete()
--- a/mayan/apps/permissions/management/commands/purgepermissions.py
+++ b/mayan/apps/permissions/management/commands/purgepermissions.py
@@ -2,7 +2,6 @@ from __future__ import unicode_literals

 from django.core.management.base import BaseCommand

-from ...classes import Permission
 from ...models import StoredPermission


@@ -10,11 +9,4 @@ class Command(BaseCommand):
    help = 'Remove obsolete permissions from the database'

    def handle(self, *args, **options):
-        for permission in StoredPermission.objects.all():
-            try:
-                Permission.get(
-                    pk='{}.{}'.format(permission.namespace, permission.name),
-                    proxy_only=True
-                )
-            except KeyError:
-                permission.delete()
+        StoredPermission.objects.purge_obsolete()
--- a/mayan/apps/permissions/managers.py
+++ b/mayan/apps/permissions/managers.py
@@ -22,3 +22,10 @@ class StoredPermissionManager(models.Manager):
        return self.model.objects.filter(
            permissionholder__holder_type=ct
        ).filter(permissionholder__holder_id=holder.pk)
+
+    def purge_obsolete(self):
+        for permission in self.all():
+            try:
+                permission.volatile_permission
+            except KeyError:
+                permission.delete()
--- a/mayan/apps/permissions/tests/literals.py
+++ b/mayan/apps/permissions/tests/literals.py
@@ -1,5 +1,11 @@
 from __future__ import unicode_literals

 TEST_CASE_ROLE_LABEL = 'test case role'
+TEST_INVALID_PERMISSION_NAMESPACE_NAME = 'invalid namespace'
+TEST_INVALID_PERMISSION_NAME = 'invalid name'
+TEST_PERMISSION_NAMESPACE_LABEL = 'test namespace label'
+TEST_PERMISSION_NAMESPACE_NAME = 'test namespace'
+TEST_PERMISSION_LABEL = 'test name label'
+TEST_PERMISSION_NAME = 'test name'
 TEST_ROLE_LABEL = 'test role 2'
 TEST_ROLE_LABEL_EDITED = 'test role label edited'
--- a/mayan/apps/permissions/tests/test_models.py
+++ b/mayan/apps/permissions/tests/test_models.py
@@ -4,14 +4,18 @@ from django.core.exceptions import PermissionDenied

 from mayan.apps.common.tests import BaseTestCase

-from ..classes import Permission
+from ..classes import Permission, PermissionNamespace
 from ..permissions import permission_role_view
+from ..models import StoredPermission
+
+from .literals import (
+    TEST_INVALID_PERMISSION_NAMESPACE_NAME, TEST_INVALID_PERMISSION_NAME,
+    TEST_PERMISSION_NAMESPACE_NAME, TEST_PERMISSION_NAMESPACE_LABEL,
+    TEST_PERMISSION_NAME, TEST_PERMISSION_LABEL
+)


 class PermissionTestCase(BaseTestCase):
-    def setUp(self):
-        super(PermissionTestCase, self).setUp()
-
    def test_no_permissions(self):
        with self.assertRaises(PermissionDenied):
            Permission.check_user_permission(
@@ -29,3 +33,32 @@ class PermissionTestCase(BaseTestCase):
            )
        except PermissionDenied:
            self.fail('PermissionDenied exception was not expected.')
+
+
+class StoredPermissionManagerTestCase(BaseTestCase):
+    create_test_case_superuser = False
+    create_test_case_user = False
+
+    def test_purge_obsolete_with_invalid(self):
+        StoredPermission.objects.create(
+            namespace=TEST_INVALID_PERMISSION_NAMESPACE_NAME,
+            name=TEST_INVALID_PERMISSION_NAME
+        )
+
+        StoredPermission.objects.purge_obsolete()
+
+        self.assertEqual(StoredPermission.objects.count(), 0)
+
+    def test_purge_obsolete_with_valid(self):
+        test_permission_namespace = PermissionNamespace(
+            label=TEST_PERMISSION_NAMESPACE_LABEL,
+            name=TEST_PERMISSION_NAMESPACE_NAME
+        )
+        test_permission = test_permission_namespace.add_permission(
+            label=TEST_PERMISSION_LABEL, name=TEST_PERMISSION_NAME
+        )
+        test_permission.stored_permission
+
+        StoredPermission.objects.purge_obsolete()
+
+        self.assertEqual(StoredPermission.objects.count(), 1)