matthias/mayan-edms
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

Refactor ACL app API

Browse Source 
Signed-off-by: Roberto Rosario <Roberto.Rosario@mayan-edms.com>
This commit is contained in:
Roberto Rosario
2019-03-02 16:03:29 -04:00
parent 0cbd9e0d45
commit 2a67cf271e
7 changed files with 324 additions and 438 deletions
Download Patch File Download Diff File Expand all files Collapse all files

125
mayan/apps/acls/tests/test_api.py
View File

@@ -4,72 +4,93 @@ from django.contrib.contenttypes.models import ContentType
from rest_framework import status
from mayan.apps.common.tests.mixins import TestModelTestMixin
from mayan.apps.documents.permissions import permission_document_view
from mayan.apps.documents.tests import DocumentTestMixin
from mayan.apps.permissions.tests.literals import TEST_ROLE_LABEL
from mayan.apps.permissions.tests.mixins import PermissionTestMixin, RoleTestMixin
from mayan.apps.rest_api.tests import BaseAPITestCase
from ..classes import ModelPermission
from ..models import AccessControlList
from ..permissions import permission_acl_view
from ..permissions import permission_acl_edit, permission_acl_view
from .mixins import ACLTestMixin
class ACLAPITestCase(DocumentTestMixin, BaseAPITestCase):
class ACLAPITestCase(ACLTestMixin, RoleTestMixin, PermissionTestMixin, TestModelTestMixin, BaseAPITestCase):
def setUp(self):
super(ACLAPITestCase, self).setUp()
self.login_admin_user()
self.document_content_type = ContentType.objects.get_for_model(
self.document
self._create_test_model()
self._create_test_object()
self._create_test_acl()
ModelPermission.register(
model=self.test_object._meta.model, permissions=(
permission_acl_edit, permission_acl_view,
)
)
def _create_acl(self):
self.acl = AccessControlList.objects.create(
content_object=self.document,
role=self.role
self._create_test_permission()
ModelPermission.register(
model=self.test_object._meta.model, permissions=(
self.test_permission,
)
)
self.test_acl.permissions.add(self.test_permission.stored_permission)
self._inject_test_object_content_type()
def _request_object_acl_list_api_view(self):
return self.get(
viewname='rest_api:object-acl-list',
kwargs=self.test_content_object_view_kwargs
)
self.acl.permissions.add(permission_document_view.stored_permission)
def test_object_acl_list_api_view_no_permission(self):
response = self._request_object_acl_list_api_view()
self.assertEqual(response.status_code, status.HTTP_404_NOT_FOUND)
def test_object_acl_list_view(self):
self._create_acl()
def test_object_acl_list_api_view_with_access(self):
self.grant_access(obj=self.test_object, permission=permission_acl_view)
response = self.get(
viewname='rest_api:accesscontrollist-list',
kwargs={
'app_label': self.document_content_type.app_label,
'model': self.document_content_type.model,
'object_id': self.document.pk
}
)
response = self._request_object_acl_list_api_view()
self.assertEqual(response.status_code, status.HTTP_200_OK)
self.assertEqual(
response.data['results'][0]['content_type']['app_label'],
self.document_content_type.app_label
self.test_object_content_type.app_label
)
self.assertEqual(
response.data['results'][0]['role']['label'], TEST_ROLE_LABEL
response.data['results'][0]['role']['label'],
self.test_acl.role.label
)
def test_object_acl_delete_view(self):
self._create_acl()
def _request_acl_delete_api_view(self):
kwargs = self.test_content_object_view_kwargs.copy()
kwargs['acl_id'] = self.test_acl.pk
response = self.delete(
viewname='rest_api:accesscontrollist-detail',
kwargs={
'app_label': self.document_content_type.app_label,
'model': self.document_content_type.model,
'object_id': self.document.pk,
'acl_pk': self.acl.pk
}
return self.delete(
viewname='rest_api:object-acl-detail',
kwargs=kwargs
)
def test_object_acl_delete_api_view_with_access(self):
self.grant_access(obj=self.test_object, permission=permission_acl_edit)
response = self._request_acl_delete_api_view()
self.assertEqual(response.status_code, status.HTTP_204_NO_CONTENT)
self.assertEqual(AccessControlList.objects.count(), 0)
self.assertTrue(self.test_acl not in AccessControlList.objects.all())
def test_object_acl_delete_api_view_no_permission(self):
response = self._request_acl_delete_api_view()
self.assertEqual(response.status_code, status.HTTP_404_NOT_FOUND)
self.assertTrue(self.test_acl in AccessControlList.objects.all())
def test_object_acl_detail_view(self):
self._create_acl()
response = self.get(
viewname='rest_api:accesscontrollist-detail',
viewname='rest_api:object-acl-detail',
kwargs={
'app_label': self.document_content_type.app_label,
'model': self.document_content_type.model,
@@ -90,12 +111,12 @@ class ACLAPITestCase(DocumentTestMixin, BaseAPITestCase):
permission = self.acl.permissions.first()
response = self.delete(
viewname='rest_api:accesscontrollist-permission-detail',
viewname='rest_api:object-acl-permission-detail',
kwargs={
'app_label': self.document_content_type.app_label,
'model': self.document_content_type.model,
'model_name': self.document_content_type.model,
'object_id': self.document.pk,
'acl_pk': self.acl.pk, 'permission_pk': permission.pk
'acl_id': self.acl.pk, 'permission_id': permission.pk
}
)
self.assertEqual(response.status_code, status.HTTP_204_NO_CONTENT)
@@ -106,10 +127,10 @@ class ACLAPITestCase(DocumentTestMixin, BaseAPITestCase):
permission = self.acl.permissions.first()
response = self.get(
viewname='rest_api:accesscontrollist-permission-detail',
viewname='rest_api:object-acl-permission-detail',
kwargs={
'app_label': self.document_content_type.app_label,
'model': self.document_content_type.model,
'model_name': self.document_content_type.model,
'object_id': self.document.pk, 'acl_pk': self.acl.pk,
'permission_pk': permission.pk
}
@@ -123,12 +144,12 @@ class ACLAPITestCase(DocumentTestMixin, BaseAPITestCase):
self._create_acl()
response = self.get(
viewname='rest_api:accesscontrollist-permission-list',
viewname='rest_api:object-acl-permission-list',
kwargs={
'app_label': self.document_content_type.app_label,
'model': self.document_content_type.model,
'model_name': self.document_content_type.model,
'object_id': self.document.pk,
'acl_pk': self.acl.pk
'acl_id': self.acl.pk
}
)
@@ -141,12 +162,12 @@ class ACLAPITestCase(DocumentTestMixin, BaseAPITestCase):
self._create_acl()
response = self.post(
viewname='rest_api:accesscontrollist-permission-list',
viewname='rest_api:object-acl-permission-list',
kwargs={
'app_label': self.document_content_type.app_label,
'model': self.document_content_type.model,
'model_name': self.document_content_type.model,
'object_id': self.document.pk, 'acl_pk': self.acl.pk
}, data={'permission_pk': permission_acl_view.pk}
}, data={'permission_id': permission_acl_view.pk}
)
self.assertEqual(response.status_code, status.HTTP_201_CREATED)
@@ -159,17 +180,17 @@ class ACLAPITestCase(DocumentTestMixin, BaseAPITestCase):
def test_object_acl_post_no_permissions_added_view(self):
response = self.post(
viewname='rest_api:accesscontrollist-list',
viewname='rest_api:object-acl-list',
kwargs={
'app_label': self.document_content_type.app_label,
'model': self.document_content_type.model,
'model_name': self.document_content_type.model,
'object_id': self.document.pk
}, data={'role_pk': self.role.pk}
}, data={'role_id': self.test_role.pk}
)
self.assertEqual(response.status_code, status.HTTP_201_CREATED)
self.assertEqual(
self.document.acls.first().role, self.role
self.document.acls.first().role, self.test_role
)
self.assertEqual(
self.document.acls.first().content_object, self.document
@@ -180,13 +201,13 @@ class ACLAPITestCase(DocumentTestMixin, BaseAPITestCase):
def test_object_acl_post_with_permissions_added_view(self):
response = self.post(
viewname='rest_api:accesscontrollist-list',
viewname='rest_api:object-acl-list',
kwargs={
'app_label': self.document_content_type.app_label,
'model': self.document_content_type.model,
'object_id': self.document.pk
}, data={
'role_pk': self.role.pk,
'role_pk': self.test_role.pk,
'permissions_pk_list': permission_acl_view.pk
}
@@ -197,7 +218,7 @@ class ACLAPITestCase(DocumentTestMixin, BaseAPITestCase):
self.document.acls.first().content_object, self.document
)
self.assertEqual(
self.document.acls.first().role, self.role
self.document.acls.first().role, self.test_role
)
self.assertEqual(
self.document.acls.first().permissions.first(),