Finish fixing failing ACL app tests
Signed-off-by: Roberto Rosario <Roberto.Rosario@mayan-edms.com>
This commit is contained in:
Roberto Rosario
@@ -21,7 +21,7 @@ def get_kwargs_factory(variable_name):
|
||||
)
|
||||
return {
|
||||
'app_label': '"{}"'.format(content_type.app_label),
|
||||
'model': '"{}"'.format(content_type.model),
|
||||
'model_name': '"{}"'.format(content_type.model),
|
||||
'object_id': '{}.pk'.format(variable_name)
|
||||
}
|
||||
|
||||
|
||||
@@ -3,10 +3,15 @@ from __future__ import unicode_literals
|
||||
from django.contrib.contenttypes.models import ContentType
|
||||
from django.core.exceptions import ImproperlyConfigured
|
||||
|
||||
from mayan.apps.permissions.tests.mixins import RoleTestCaseMixin
|
||||
from mayan.apps.common.tests.mixins import TestModelTestMixin
|
||||
from mayan.apps.permissions.tests.mixins import (
|
||||
PermissionTestMixin, RoleTestCaseMixin, RoleTestMixin
|
||||
)
|
||||
from mayan.apps.user_management.tests.mixins import UserTestCaseMixin
|
||||
|
||||
from ..classes import ModelPermission
|
||||
from ..models import AccessControlList
|
||||
from ..permissions import permission_acl_edit, permission_acl_view
|
||||
|
||||
|
||||
class ACLTestCaseMixin(RoleTestCaseMixin, UserTestCaseMixin):
|
||||
@@ -27,7 +32,7 @@ class ACLTestCaseMixin(RoleTestCaseMixin, UserTestCaseMixin):
|
||||
)
|
||||
|
||||
|
||||
class ACLTestMixin(object):
|
||||
class ACLTestMixin(PermissionTestMixin, RoleTestMixin, TestModelTestMixin):
|
||||
auto_create_test_role = True
|
||||
|
||||
def _create_test_acl(self):
|
||||
@@ -48,3 +53,21 @@ class ACLTestMixin(object):
|
||||
'model_name': self.test_object_content_type.model,
|
||||
'object_id': self.test_object.pk
|
||||
}
|
||||
|
||||
def _setup_test_object(self):
|
||||
self._create_test_model()
|
||||
self._create_test_object()
|
||||
ModelPermission.register(
|
||||
model=self.test_object._meta.model, permissions=(
|
||||
permission_acl_edit, permission_acl_view,
|
||||
)
|
||||
)
|
||||
|
||||
self._create_test_permission()
|
||||
ModelPermission.register(
|
||||
model=self.test_object._meta.model, permissions=(
|
||||
self.test_permission,
|
||||
)
|
||||
)
|
||||
|
||||
self._inject_test_object_content_type()
|
||||
|
||||
@@ -2,38 +2,20 @@ from __future__ import absolute_import, unicode_literals
|
||||
|
||||
from rest_framework import status
|
||||
|
||||
from mayan.apps.common.tests.mixins import TestModelTestMixin
|
||||
from mayan.apps.permissions.tests.mixins import PermissionTestMixin, RoleTestMixin
|
||||
from mayan.apps.rest_api.tests import BaseAPITestCase
|
||||
|
||||
from ..classes import ModelPermission
|
||||
from ..models import AccessControlList
|
||||
from ..permissions import permission_acl_edit, permission_acl_view
|
||||
|
||||
from .mixins import ACLTestMixin
|
||||
|
||||
|
||||
class ACLAPITestCase(ACLTestMixin, RoleTestMixin, PermissionTestMixin, TestModelTestMixin, BaseAPITestCase):
|
||||
class ACLAPITestCase(ACLTestMixin, BaseAPITestCase):
|
||||
def setUp(self):
|
||||
super(ACLAPITestCase, self).setUp()
|
||||
|
||||
self._create_test_model()
|
||||
self._create_test_object()
|
||||
ModelPermission.register(
|
||||
model=self.test_object._meta.model, permissions=(
|
||||
permission_acl_edit, permission_acl_view,
|
||||
)
|
||||
)
|
||||
|
||||
self._create_test_permission()
|
||||
self._setup_test_object()
|
||||
self._create_test_acl()
|
||||
ModelPermission.register(
|
||||
model=self.test_object._meta.model, permissions=(
|
||||
self.test_permission,
|
||||
)
|
||||
)
|
||||
self.test_acl.permissions.add(self.test_permission.stored_permission)
|
||||
self._inject_test_object_content_type()
|
||||
|
||||
def _request_object_acl_list_api_view(self):
|
||||
return self.get(
|
||||
|
||||
@@ -2,7 +2,7 @@ from __future__ import unicode_literals
|
||||
|
||||
from django.urls import reverse
|
||||
|
||||
from mayan.apps.documents.tests import GenericDocumentViewTestCase
|
||||
from mayan.apps.common.tests import GenericViewTestCase
|
||||
|
||||
from ..links import (
|
||||
link_acl_create, link_acl_delete, link_acl_list, link_acl_permissions
|
||||
@@ -12,9 +12,13 @@ from ..permissions import permission_acl_edit, permission_acl_view
|
||||
from .mixins import ACLTestMixin
|
||||
|
||||
|
||||
class ACLsLinksTestCase(ACLTestMixin, GenericDocumentViewTestCase):
|
||||
class AccessControlListLinksTestCase(ACLTestMixin, GenericViewTestCase):
|
||||
auto_create_test_role = False
|
||||
|
||||
def setUp(self):
|
||||
super(AccessControlListLinksTestCase, self).setUp()
|
||||
self._setup_test_object()
|
||||
|
||||
def test_object_acl_create_link(self):
|
||||
self.grant_access(obj=self.test_object, permission=permission_acl_edit)
|
||||
|
||||
|
||||
@@ -4,13 +4,11 @@ from django.core.exceptions import PermissionDenied
|
||||
from django.db import models
|
||||
|
||||
from mayan.apps.common.tests import BaseTestCase
|
||||
from mayan.apps.common.tests.mixins import TestModelTestMixin
|
||||
from mayan.apps.documents.models import Document, DocumentType
|
||||
from mayan.apps.documents.permissions import permission_document_view
|
||||
from mayan.apps.documents.tests import (
|
||||
DocumentTestMixin, TEST_DOCUMENT_TYPE_2_LABEL, TEST_DOCUMENT_TYPE_LABEL
|
||||
)
|
||||
from mayan.apps.permissions.tests.mixins import PermissionTestMixin, RoleTestMixin
|
||||
|
||||
from ..classes import ModelPermission
|
||||
from ..models import AccessControlList
|
||||
@@ -157,7 +155,7 @@ class PermissionTestCase(DocumentTestMixin, BaseTestCase):
|
||||
self.assertTrue(self.test_document_3 in result)
|
||||
|
||||
|
||||
class InheritedPermissionTestCase(TestModelTestMixin, PermissionTestMixin, RoleTestMixin, ACLTestMixin, BaseTestCase):
|
||||
class InheritedPermissionTestCase(ACLTestMixin, BaseTestCase):
|
||||
def test_retrieve_inherited_role_permission_not_model_applicable(self):
|
||||
self._create_test_model()
|
||||
self.test_object = self.TestModel.objects.create()
|
||||
|
||||
@@ -2,16 +2,39 @@ from __future__ import absolute_import, unicode_literals
|
||||
|
||||
from django.utils.encoding import force_text
|
||||
|
||||
from mayan.apps.documents.tests import GenericDocumentViewTestCase
|
||||
from mayan.apps.permissions.tests.mixins import RoleTestMixin
|
||||
from mayan.apps.common.tests import GenericViewTestCase
|
||||
|
||||
from ..classes import ModelPermission
|
||||
from ..models import AccessControlList
|
||||
from ..permissions import permission_acl_edit, permission_acl_view
|
||||
|
||||
from .mixins import ACLTestMixin
|
||||
|
||||
|
||||
class AccessControlListViewTestCase(ACLTestMixin, RoleTestMixin, GenericDocumentViewTestCase):
|
||||
class AccessControlListViewTestCase(ACLTestMixin, GenericViewTestCase):
|
||||
def setUp(self):
|
||||
super(AccessControlListViewTestCase, self).setUp()
|
||||
|
||||
self._create_test_model()
|
||||
self._create_test_object()
|
||||
ModelPermission.register(
|
||||
model=self.test_object._meta.model, permissions=(
|
||||
permission_acl_edit, permission_acl_view,
|
||||
)
|
||||
)
|
||||
|
||||
self._create_test_permission()
|
||||
ModelPermission.register(
|
||||
model=self.test_object._meta.model, permissions=(
|
||||
self.test_permission,
|
||||
)
|
||||
)
|
||||
|
||||
self._inject_test_object_content_type()
|
||||
|
||||
self._create_test_acl()
|
||||
self.test_acl.permissions.add(self.test_permission.stored_permission)
|
||||
|
||||
def _request_acl_create_get_view(self):
|
||||
return self.get(
|
||||
viewname='acls:acl_create',
|
||||
@@ -21,12 +44,15 @@ class AccessControlListViewTestCase(ACLTestMixin, RoleTestMixin, GenericDocument
|
||||
)
|
||||
|
||||
def test_acl_create_get_view_no_permission(self):
|
||||
self.test_acl.delete()
|
||||
|
||||
response = self._request_acl_create_get_view()
|
||||
|
||||
self.assertEqual(response.status_code, 404)
|
||||
self.assertEqual(AccessControlList.objects.count(), 0)
|
||||
|
||||
def test_acl_create_get_view_with_document_access(self):
|
||||
self.assertFalse(self.test_object.acls.filter(role=self.test_role).exists())
|
||||
|
||||
def test_acl_create_get_view_with_object_access(self):
|
||||
self.test_acl.delete()
|
||||
self.grant_access(obj=self.test_object, permission=permission_acl_edit)
|
||||
|
||||
response = self._request_acl_create_get_view()
|
||||
@@ -35,6 +61,8 @@ class AccessControlListViewTestCase(ACLTestMixin, RoleTestMixin, GenericDocument
|
||||
status_code=200
|
||||
)
|
||||
|
||||
self.assertFalse(self.test_object.acls.filter(role=self.test_role).exists())
|
||||
|
||||
def _request_acl_create_post_view(self):
|
||||
return self.post(
|
||||
viewname='acls:acl_create',
|
||||
@@ -44,27 +72,27 @@ class AccessControlListViewTestCase(ACLTestMixin, RoleTestMixin, GenericDocument
|
||||
)
|
||||
|
||||
def test_acl_create_view_post_no_permission(self):
|
||||
response = self._request_acl_create_post_view()
|
||||
self.test_acl.delete()
|
||||
|
||||
response = self._request_acl_create_post_view()
|
||||
self.assertEqual(response.status_code, 404)
|
||||
self.assertEqual(AccessControlList.objects.count(), 0)
|
||||
|
||||
self.assertFalse(self.test_object.acls.filter(role=self.test_role).exists())
|
||||
|
||||
def test_acl_create_view_post_with_access(self):
|
||||
self.test_acl.delete()
|
||||
self.grant_access(obj=self.test_object, permission=permission_acl_edit)
|
||||
|
||||
response = self._request_acl_create_post_view()
|
||||
self.assertEqual(response.status_code, 302)
|
||||
|
||||
# 2 ACLs: 1 created by the test and the other by the self.grant_access
|
||||
self.assertEqual(AccessControlList.objects.count(), 2)
|
||||
self.assertTrue(self.test_object.acls.filter(role=self.test_role).exists())
|
||||
|
||||
def test_acl_create_duplicate_view_with_access(self):
|
||||
"""
|
||||
Test creating a duplicate ACL entry: same object & role
|
||||
Result: Should redirect to existing ACL for object + role combination
|
||||
"""
|
||||
self._create_test_acl()
|
||||
|
||||
self.grant_access(obj=self.test_object, permission=permission_acl_edit)
|
||||
|
||||
response = self._request_acl_create_post_view()
|
||||
@@ -105,22 +133,15 @@ class AccessControlListViewTestCase(ACLTestMixin, RoleTestMixin, GenericDocument
|
||||
)
|
||||
|
||||
def test_acl_delete_view_no_permission(self):
|
||||
self._create_test_acl()
|
||||
|
||||
response = self._request_acl_delete_view()
|
||||
self.assertNotContains(
|
||||
response=response, text=force_text(self.test_object),
|
||||
status_code=404
|
||||
)
|
||||
|
||||
# 1 ACL: the test one
|
||||
self.assertQuerysetEqual(
|
||||
qs=AccessControlList.objects.all(), values=(repr(self.test_acl),)
|
||||
)
|
||||
self.assertTrue(self.test_object.acls.filter(role=self.test_role).exists())
|
||||
|
||||
def test_acl_delete_view_with_access(self):
|
||||
self._create_test_acl()
|
||||
|
||||
self.grant_access(
|
||||
obj=self.test_object, permission=permission_acl_edit
|
||||
)
|
||||
@@ -128,12 +149,7 @@ class AccessControlListViewTestCase(ACLTestMixin, RoleTestMixin, GenericDocument
|
||||
response = self._request_acl_delete_view()
|
||||
self.assertEqual(response.status_code, 302)
|
||||
|
||||
# 1 ACL: the one created by the self.grant_access
|
||||
self.assertQuerysetEqual(
|
||||
qs=AccessControlList.objects.all(), values=(
|
||||
repr(self._test_case_acl),
|
||||
)
|
||||
)
|
||||
self.assertFalse(self.test_object.acls.filter(role=self.test_role).exists())
|
||||
|
||||
def _request_acl_list_view(self):
|
||||
return self.get(
|
||||
@@ -158,28 +174,66 @@ class AccessControlListViewTestCase(ACLTestMixin, RoleTestMixin, GenericDocument
|
||||
status_code=200
|
||||
)
|
||||
|
||||
def _request_get_acl_permissions_view(self):
|
||||
def _request_get_acl_permissions_get_view(self):
|
||||
return self.get(
|
||||
viewname='acls:acl_permissions',
|
||||
kwargs={'acl_id': self.test_acl.pk}
|
||||
)
|
||||
|
||||
def test_acl_permissions_view_get_no_permission(self):
|
||||
self._create_test_acl()
|
||||
def test_acl_permissions_get_view_no_permission(self):
|
||||
self.test_acl.permissions.clear()
|
||||
|
||||
response = self._request_get_acl_permissions_view()
|
||||
response = self._request_get_acl_permissions_get_view()
|
||||
self.assertNotContains(
|
||||
response=response, text=force_text(self.test_object),
|
||||
status_code=404
|
||||
)
|
||||
|
||||
def test_acl_permissions_view_get_with_access(self):
|
||||
self._create_test_acl()
|
||||
self.assertFalse(
|
||||
self.test_object.acls.filter(permissions=self.test_permission.stored_permission).exists()
|
||||
)
|
||||
|
||||
def test_acl_permissions_get_view_with_access(self):
|
||||
self.test_acl.permissions.clear()
|
||||
self.grant_access(obj=self.test_object, permission=permission_acl_edit)
|
||||
|
||||
response = self._request_get_acl_permissions_view()
|
||||
response = self._request_get_acl_permissions_get_view()
|
||||
self.assertContains(
|
||||
response=response, text=force_text(self.test_object),
|
||||
status_code=200
|
||||
)
|
||||
|
||||
self.assertFalse(
|
||||
self.test_object.acls.filter(permissions=self.test_permission.stored_permission).exists()
|
||||
)
|
||||
|
||||
def _request_post_acl_permissions_post_view(self):
|
||||
return self.post(
|
||||
viewname='acls:acl_permissions',
|
||||
kwargs={'acl_id': self.test_acl.pk},
|
||||
data={'available-selection': self.test_permission.stored_permission.pk}
|
||||
)
|
||||
|
||||
def test_acl_permissions_post_view_no_permission(self):
|
||||
self.test_acl.permissions.clear()
|
||||
|
||||
response = self._request_post_acl_permissions_post_view()
|
||||
self.assertNotContains(
|
||||
response=response, text=force_text(self.test_object),
|
||||
status_code=404
|
||||
)
|
||||
|
||||
self.assertFalse(
|
||||
self.test_object.acls.filter(permissions=self.test_permission.stored_permission).exists()
|
||||
)
|
||||
|
||||
def test_acl_permissions_post_view_with_access(self):
|
||||
self.test_acl.permissions.clear()
|
||||
self.grant_access(obj=self.test_object, permission=permission_acl_edit)
|
||||
|
||||
response = self._request_post_acl_permissions_post_view()
|
||||
self.assertEqual(response.status_code, 302)
|
||||
|
||||
self.assertTrue(
|
||||
self.test_object.acls.filter(permissions=self.test_permission.stored_permission).exists()
|
||||
)
|
||||
|
||||
@@ -9,11 +9,11 @@ from .views import (
|
||||
|
||||
urlpatterns = [
|
||||
url(
|
||||
regex=r'^objects/(?P<app_label>[-\w]+)/(?P<model>[-\w]+)/(?P<object_id>\d+)/create/$',
|
||||
regex=r'^objects/(?P<app_label>[-\w]+)/(?P<model_name>[-\w]+)/(?P<object_id>\d+)/create/$',
|
||||
name='acl_create', view=ACLCreateView.as_view()
|
||||
),
|
||||
url(
|
||||
regex=r'^objects/(?P<app_label>[-\w]+)/(?P<model>[-\w]+)/(?P<object_id>\d+)/list/$',
|
||||
regex=r'^objects/(?P<app_label>[-\w]+)/(?P<model_name>[-\w]+)/(?P<object_id>\d+)/list/$',
|
||||
name='acl_list', view=ACLListView.as_view()
|
||||
),
|
||||
url(
|
||||
|
||||
@@ -27,6 +27,10 @@ logger = logging.getLogger(__name__)
|
||||
|
||||
|
||||
class ACLCreateView(ContentTypeViewMixin, ExternalObjectMixin, SingleObjectCreateView):
|
||||
content_type_url_kw_args = {
|
||||
'app_label': 'app_label',
|
||||
'model': 'model_name'
|
||||
}
|
||||
external_object_permission = permission_acl_edit
|
||||
external_object_pk_url_kwarg = 'object_id'
|
||||
form_class = ACLCreateForm
|
||||
@@ -93,13 +97,17 @@ class ACLDeleteView(SingleObjectDeleteView):
|
||||
return reverse(
|
||||
'acls:acl_list', kwargs={
|
||||
'app_label': instance.content_type.app_label,
|
||||
'model': instance.content_type.model,
|
||||
'model_name': instance.content_type.model,
|
||||
'object_id': instance.object_id
|
||||
}
|
||||
)
|
||||
|
||||
|
||||
class ACLListView(ContentTypeViewMixin, ExternalObjectMixin, SingleObjectListView):
|
||||
content_type_url_kw_args = {
|
||||
'app_label': 'app_label',
|
||||
'model': 'model_name'
|
||||
}
|
||||
external_object_permission = permission_acl_view
|
||||
external_object_pk_url_kwarg = 'object_id'
|
||||
|
||||
|
||||
Reference in New Issue
Block a user