Don't raise error for AnonymousUser permissions

Instead return always False.

Signed-off-by: Roberto Rosario <roberto.rosario@mayan-edms.com>
This commit is contained in:
Roberto Rosario
2019-10-27 20:12:40 -04:00
parent 7e5aad7714
commit 491de98356
5 changed files with 122 additions and 1 deletions

View File

@@ -7,6 +7,8 @@
- Language translations update.
- Add target to run all translations targets.
- Backport color log formatter from branch version/next.
- Don't raise error checking AnonymousUser for permissions.
Instead return always False.
3.2.8 (2019-10-01)
==================

105
docs/releases/3.2.9.rst Normal file
View File

@@ -0,0 +1,105 @@
Version 3.2.9
=============
Released: October XX, 2019
Changes
-------
Removals
--------
- None
Upgrading from a previous version
---------------------------------
If installed via Python's PIP
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
Remove deprecated requirements::
sudo -u mayan curl https://gitlab.com/mayan-edms/mayan-edms/raw/master/removals.txt -o /tmp/removals.txt && sudo -u mayan /opt/mayan-edms/bin/pip uninstall -y -r /tmp/removals.txt
Type in the console::
sudo -u mayan /opt/mayan-edms/bin/pip install mayan-edms==3.2.9
the requirements will also be updated automatically.
Using Git
^^^^^^^^^
If you installed Mayan EDMS by cloning the Git repository issue the commands::
$ git reset --hard HEAD
$ git pull
otherwise download the compressed archived and uncompress it overriding the
existing installation.
Remove deprecated requirements::
$ pip uninstall -y -r removals.txt
Next upgrade/add the new requirements::
$ pip install --upgrade -r requirements.txt
Common steps
^^^^^^^^^^^^
Perform these steps after updating the code from either step above.
Make a backup of your supervisord file::
sudo cp /etc/supervisor/conf.d/mayan.conf /etc/supervisor/conf.d/mayan.conf.bck
Update the supervisord configuration file. Replace the environment
variables values show here with your respective settings. This step will refresh
the supervisord configuration file with the new queues and the latest
recommended layout::
sudo MAYAN_DATABASE_ENGINE=django.db.backends.postgresql MAYAN_DATABASE_NAME=mayan \
MAYAN_DATABASE_PASSWORD=mayanuserpass MAYAN_DATABASE_USER=mayan \
MAYAN_DATABASE_HOST=127.0.0.1 MAYAN_MEDIA_ROOT=/opt/mayan-edms/media \
/opt/mayan-edms/bin/mayan-edms.py platformtemplate supervisord > /etc/supervisor/conf.d/mayan.conf
Edit the supervisord configuration file and update any setting the template
generator missed::
sudo vi /etc/supervisor/conf.d/mayan.conf
Migrate existing database schema with::
sudo -u mayan MAYAN_DATABASE_ENGINE=django.db.backends.postgresql MAYAN_DATABASE_NAME=mayan \
MAYAN_DATABASE_PASSWORD=mayanuserpass MAYAN_DATABASE_USER=mayan \
MAYAN_DATABASE_HOST=127.0.0.1 MAYAN_MEDIA_ROOT=/opt/mayan-edms/media \
/opt/mayan-edms/bin/mayan-edms.py performupgrade
Add new static media::
sudo -u mayan MAYAN_MEDIA_ROOT=/opt/mayan-edms/media \
/opt/mayan-edms/bin/mayan-edms.py preparestatic --noinput
The upgrade procedure is now complete.
Backward incompatible changes
-----------------------------
- None
Bugs fixed or issues closed
---------------------------
- :gitlab-issue:`666` Chinese document such as .doc can't display well.
- :forum-topic:`1347` Workflow state action: perform a POST request
.. _PyPI: https://pypi.python.org/pypi/mayan-edms/

View File

@@ -19,7 +19,8 @@ versions of the documentation contain the release notes for any later releases.
**********
.. toctree::
:maxdepth: 1
3.2.9
3.2.8
3.2.7
3.2.6

View File

@@ -76,6 +76,9 @@ class StoredPermission(models.Model):
)
return True
if not user.is_authenticated():
return False
if Role.objects.filter(groups__user=user, permissions=self).exists():
return True
else:

View File

@@ -1,5 +1,6 @@
from __future__ import unicode_literals
from django.contrib.auth.models import AnonymousUser
from django.core.exceptions import PermissionDenied
from mayan.apps.common.tests import BaseTestCase
@@ -44,6 +45,15 @@ class PermissionTestCase(
except PermissionDenied:
self.fail('PermissionDenied exception was not expected.')
def test_anonymous_user_permissions(self):
self.auto_login_user = False
test_anonymous_user = AnonymousUser()
with self.assertRaises(PermissionDenied):
Permission.check_user_permissions(
permissions=(self.test_permission,), user=test_anonymous_user
)
class StoredPermissionManagerTestCase(BaseTestCase):
create_test_case_superuser = False