Skip to content

Commit

Permalink
Merge aa387f9 into 14a8038
Browse files Browse the repository at this point in the history
  • Loading branch information
@MyPyDavid
MyPyDavid committed May 21, 2024
2 parents 14a8038 + aa387f9 commit 40e0a5d
Show file tree
Hide file tree
Showing 43 changed files with 436 additions and 225 deletions.
7 changes: 4 additions & 3 deletions rdmo/conditions/tests/test_viewset_condition_multisite.py
View file
Original file line number Diff line number Diff line change
Expand Up @@ -4,9 +4,10 @@

from django.urls import reverse

from ...core.tests import get_obj_perms_status_code
from ...core.tests import multisite_status_map as status_map
from ...core.tests import multisite_users as users
from rdmo.core.tests.constants import multisite_status_map as status_map
from rdmo.core.tests.constants import multisite_users as users
from rdmo.core.tests.utils import get_obj_perms_status_code

from ..models import Condition
from .test_viewset_condition import export_formats, urlnames

Expand Down
11 changes: 11 additions & 0 deletions rdmo/core/permissions.py
View file
Original file line number Diff line number Diff line change
Expand Up @@ -74,3 +74,14 @@ def has_permission(self, request, view):
return True
else:
return False


class CanToggleElementCurrentSite(DjangoModelPermissions):

perms_map = {
'PUT': ['%(app_label)s.change_%(model_name)s_toggle_site'],
}

@log_result
def has_permission(self, request, view):
return super().has_permission(request, view)
148 changes: 0 additions & 148 deletions rdmo/core/tests/__init__.py
View file
Original file line number Diff line number Diff line change
@@ -1,148 +0,0 @@

from rdmo.core.models import Model

multisite_users = (
('user', 'user'),
('reviewer', 'reviewer'),
('editor', 'editor'),
('example-reviewer', 'example-reviewer'),
('example-editor', 'example-editor'),
('foo-user', 'foo-user'),
('foo-reviewer', 'foo-reviewer'),
('foo-editor', 'foo-editor'),
('bar-user', 'bar-user'),
('bar-reviewer', 'bar-reviewer'),
('bar-editor', 'bar-editor'),
('anonymous', None),
)


multisite_status_map = {
'list': {
'foo-user': 403, 'foo-reviewer': 200, 'foo-editor': 200,
'bar-user': 403, 'bar-reviewer': 200, 'bar-editor': 200,
'user': 403, 'example-reviewer': 200, 'example-editor': 200,
'anonymous': 401, 'reviewer': 200, 'editor': 200,
},
'detail': {
'foo-user': 404, 'foo-reviewer': 200, 'foo-editor': 200,
'bar-user': 404, 'bar-reviewer': 200, 'bar-editor': 200,
'user': 404, 'example-reviewer': 200, 'example-editor': 200,
'anonymous': 401, 'reviewer': 200, 'editor': 200,
},
'nested': {
'foo-user': 404, 'foo-reviewer': 200, 'foo-editor': 200,
'bar-user': 404, 'bar-reviewer': 200, 'bar-editor': 200,
'user': 404, 'example-reviewer': 200, 'example-editor': 200,
'anonymous': 401, 'reviewer': 200, 'editor': 200,
},
'create': {
'foo-user': 403, 'foo-reviewer': 403, 'foo-editor': 201,
'bar-user': 403, 'bar-reviewer': 403, 'bar-editor': 201,
'user': 403, 'example-reviewer': 403, 'example-editor': 201,
'anonymous': 401, 'reviewer': 403, 'editor': 201,
},
'copy': {
'foo-user': 404, 'foo-reviewer': 403, 'foo-editor': 201,
'bar-user': 404, 'bar-reviewer': 403, 'bar-editor': 201,
'user': 404, 'example-reviewer': 403, 'example-editor': 201,
'anonymous': 401, 'reviewer': 403, 'editor': 201,
},
'update': {
'foo-user': 404, 'foo-reviewer': 403, 'foo-editor': 200,
'bar-user': 404, 'bar-reviewer': 403, 'bar-editor': 200,
'user': 404, 'example-reviewer': 403, 'example-editor': 200,
'anonymous': 401, 'reviewer': 403, 'editor': 200,
},
'delete': {
'foo-user': 404, 'foo-reviewer': 403, 'foo-editor': 204,
'bar-user': 404, 'bar-reviewer': 403, 'bar-editor': 204,
'user': 404, 'example-reviewer': 403, 'example-editor': 204,
'anonymous': 401, 'reviewer': 403, 'editor': 204,
}
}


status_map_object_permissions = {
'copy': {
'all-element': {
'foo-reviewer': 403, 'foo-editor': 201,
'bar-reviewer': 403, 'bar-editor': 201,
'example-reviewer': 403, 'example-editor': 201,
},
'foo-element': {
'foo-reviewer': 403, 'foo-editor': 201,
'bar-reviewer': 404, 'bar-editor': 404,
'example-reviewer': 404, 'example-editor': 404,
},
'bar-element': {
'foo-reviewer': 404, 'foo-editor': 404,
'bar-reviewer': 403, 'bar-editor': 201,
'example-reviewer': 404, 'example-editor': 404,
}
},
'update': {
'all-element': {
'foo-reviewer': 403, 'foo-editor': 200,
'bar-reviewer': 403, 'bar-editor': 200,
'example-reviewer': 403, 'example-editor': 200,
},
'foo-element': {
'foo-reviewer': 403, 'foo-editor': 200,
'bar-reviewer': 404, 'bar-editor': 404,
'example-reviewer': 404, 'example-editor': 404,
},
'bar-element': {
'foo-reviewer': 404, 'foo-editor': 404,
'bar-reviewer': 403, 'bar-editor': 200,
'example-reviewer': 404, 'example-editor': 404,
}
},
'delete': {
'all-element': {
'foo-reviewer': 403, 'foo-editor': 204,
'bar-reviewer': 403, 'bar-editor': 204,
'example-reviewer': 403, 'example-editor': 204,
},
'foo-element': {
'foo-reviewer': 403, 'foo-editor': 204,
'bar-reviewer': 404, 'bar-editor': 404,
'example-reviewer': 404, 'example-editor': 404,
},
'bar-element': {
'foo-reviewer': 404, 'foo-editor': 404,
'bar-reviewer': 403, 'bar-editor': 204,
'example-reviewer': 404, 'example-editor': 404,
}
},
}


def get_obj_perms_status_code(instance, username, method):
''' looks for the object permissions of the instance and returns the status code '''

if isinstance(instance, Model):
try:
if not instance.editors.exists():
return multisite_status_map[method][username]
except AttributeError as e:
raise AttributeError(f'instance {instance} should have an editors attribute') from e
elif isinstance(instance, str):
pass

if 'foo-' in str(instance):
instance_obj_perms_key = 'foo-element'
elif 'bar-' in str(instance):
instance_obj_perms_key = 'bar-element'
else:
instance_obj_perms_key = 'all-element'

try:
method_instance_obj_perms_map = status_map_object_permissions[method][instance_obj_perms_key]
except KeyError as e:
raise KeyError(f'instance ({instance_obj_perms_key}) should be defined in status_map_object_permissions') from e
try:
return method_instance_obj_perms_map[username]
except KeyError:
# not all users are defined in the method_instance_perms_map
return multisite_status_map[method][username]
139 changes: 139 additions & 0 deletions rdmo/core/tests/constants.py
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,139 @@

multisite_status_map = {
'list': {
'foo-user': 403, 'foo-reviewer': 200, 'foo-editor': 200,
'bar-user': 403, 'bar-reviewer': 200, 'bar-editor': 200,
'user': 403, 'example-reviewer': 200, 'example-editor': 200,
'anonymous': 401, 'reviewer': 200, 'editor': 200,
},
'detail': {
'foo-user': 404, 'foo-reviewer': 200, 'foo-editor': 200,
'bar-user': 404, 'bar-reviewer': 200, 'bar-editor': 200,
'user': 404, 'example-reviewer': 200, 'example-editor': 200,
'anonymous': 401, 'reviewer': 200, 'editor': 200,
},
'nested': {
'foo-user': 404, 'foo-reviewer': 200, 'foo-editor': 200,
'bar-user': 404, 'bar-reviewer': 200, 'bar-editor': 200,
'user': 404, 'example-reviewer': 200, 'example-editor': 200,
'anonymous': 401, 'reviewer': 200, 'editor': 200,
},
'create': {
'foo-user': 403, 'foo-reviewer': 403, 'foo-editor': 201,
'bar-user': 403, 'bar-reviewer': 403, 'bar-editor': 201,
'user': 403, 'example-reviewer': 403, 'example-editor': 201,
'anonymous': 401, 'reviewer': 403, 'editor': 201,
},
'copy': {
'foo-user': 404, 'foo-reviewer': 403, 'foo-editor': 201,
'bar-user': 404, 'bar-reviewer': 403, 'bar-editor': 201,
'user': 404, 'example-reviewer': 403, 'example-editor': 201,
'anonymous': 401, 'reviewer': 403, 'editor': 201,
},
'update': {
'foo-user': 404, 'foo-reviewer': 403, 'foo-editor': 200,
'bar-user': 404, 'bar-reviewer': 403, 'bar-editor': 200,
'user': 404, 'example-reviewer': 403, 'example-editor': 200,
'anonymous': 401, 'reviewer': 403, 'editor': 200,
},
'delete': {
'foo-user': 404, 'foo-reviewer': 403, 'foo-editor': 204,
'bar-user': 404, 'bar-reviewer': 403, 'bar-editor': 204,
'user': 404, 'example-reviewer': 403, 'example-editor': 204,
'anonymous': 401, 'reviewer': 403, 'editor': 204,
},
'toggle-site': {
# foo-editor is not permitted to apply own site(foo.com) in test run(example.com)
'foo-user': 403, 'foo-reviewer': 403, 'foo-editor': 403,
# bar-editor is not permitted to apply own site(bar.com) in test run(example.com)
'bar-user': 403, 'bar-reviewer': 403, 'bar-editor': 403,
'user': 403, 'example-reviewer': 403, 'example-editor': 200,
'anonymous': 401, 'reviewer': 403, 'editor': 200,
},
}
status_map_object_permissions = {
'copy': {
'all-element': {
'foo-reviewer': 403, 'foo-editor': 201,
'bar-reviewer': 403, 'bar-editor': 201,
'example-reviewer': 403, 'example-editor': 201,
},
'foo-element': {
'foo-reviewer': 403, 'foo-editor': 201,
'bar-reviewer': 404, 'bar-editor': 404,
'example-reviewer': 404, 'example-editor': 404,
},
'bar-element': {
'foo-reviewer': 404, 'foo-editor': 404,
'bar-reviewer': 403, 'bar-editor': 201,
'example-reviewer': 404, 'example-editor': 404,
}
},
'update': {
'all-element': {
'foo-reviewer': 403, 'foo-editor': 200,
'bar-reviewer': 403, 'bar-editor': 200,
'example-reviewer': 403, 'example-editor': 200,
},
'foo-element': {
'foo-reviewer': 403, 'foo-editor': 200,
'bar-reviewer': 404, 'bar-editor': 404,
'example-reviewer': 404, 'example-editor': 404,
},
'bar-element': {
'foo-reviewer': 404, 'foo-editor': 404,
'bar-reviewer': 403, 'bar-editor': 200,
'example-reviewer': 404, 'example-editor': 404,
}
},
'delete': {
'all-element': {
'foo-reviewer': 403, 'foo-editor': 204,
'bar-reviewer': 403, 'bar-editor': 204,
'example-reviewer': 403, 'example-editor': 204,
},
'foo-element': {
'foo-reviewer': 403, 'foo-editor': 204,
'bar-reviewer': 404, 'bar-editor': 404,
'example-reviewer': 404, 'example-editor': 404,
},
'bar-element': {
'foo-reviewer': 404, 'foo-editor': 404,
'bar-reviewer': 403, 'bar-editor': 204,
'example-reviewer': 404, 'example-editor': 404,
}
},
'toggle-site': {
'all-element': {
# foo-editor can not apply own site(foo.com) in test run(example.com)
'foo-reviewer': 403, 'foo-editor': 403,
# bar-editor can not apply own site(bar.com) in test run(example.com)
'bar-reviewer': 403, 'bar-editor': 403,
'example-reviewer': 403, 'example-editor': 200,
},
'foo-element': {
'foo-reviewer': 403, 'foo-editor': 403,
'bar-reviewer': 403, 'bar-editor': 403,
'example-reviewer': 403, 'example-editor': 200,
},
'bar-element': {
'foo-reviewer': 403, 'foo-editor': 403,
'bar-reviewer': 403, 'bar-editor': 403,
'example-reviewer': 403, 'example-editor': 200,
}
}
}
multisite_users = (
('user', 'user'),
('reviewer', 'reviewer'),
('editor', 'editor'),
('example-reviewer', 'example-reviewer'),
('example-editor', 'example-editor'),
('foo-user', 'foo-user'),
('foo-reviewer', 'foo-reviewer'),
('foo-editor', 'foo-editor'),
('bar-user', 'bar-user'),
('bar-reviewer', 'bar-reviewer'),
('bar-editor', 'bar-editor'),
('anonymous', None),
)
4 changes: 3 additions & 1 deletion rdmo/core/tests/test_views.py
View file
Original file line number Diff line number Diff line change
Expand Up @@ -7,6 +7,8 @@
('reviewer', 'reviewer'),
('user', 'user'),
('api', 'api'),
('example-editor', 'example-editor'),
('example-reviewer', 'example-reviewer'),
)


Expand Down Expand Up @@ -57,7 +59,7 @@ def test_i18n_switcher(db, client):
def test_can_view_management(db, client, username, password):
client.login(username=username, password=password)
response = client.get(reverse('management'))
if username in ('editor', 'reviewer', 'api'):
if username in ('editor', 'reviewer', 'api', 'example-editor', 'example-reviewer'):
assert response.status_code == 200
else:
assert response.status_code == 403
32 changes: 32 additions & 0 deletions rdmo/core/tests/utils.py
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,32 @@
from rdmo.core.models import Model
from rdmo.core.tests.constants import multisite_status_map, status_map_object_permissions


def get_obj_perms_status_code(instance, username, method):
''' looks for the object permissions of the instance and returns the status code '''

if isinstance(instance, Model):
try:
if not instance.editors.exists():
return multisite_status_map[method][username]
except AttributeError as e:
raise AttributeError(f'instance {instance} should have an editors attribute') from e
elif isinstance(instance, str):
pass

if 'foo-' in str(instance):
instance_obj_perms_key = 'foo-element'
elif 'bar-' in str(instance):
instance_obj_perms_key = 'bar-element'
else:
instance_obj_perms_key = 'all-element'

try:
method_instance_obj_perms_map = status_map_object_permissions[method][instance_obj_perms_key]
except KeyError as e:
raise KeyError(f'instance ({instance_obj_perms_key}) should be defined in status_map_object_permissions') from e
try:
return method_instance_obj_perms_map[username]
except KeyError:
# not all users are defined in the method_instance_perms_map
return multisite_status_map[method][username]
7 changes: 4 additions & 3 deletions rdmo/domain/tests/test_viewset_attribute_multisite.py
View file
Original file line number Diff line number Diff line change
Expand Up @@ -4,9 +4,10 @@

from django.urls import reverse

from ...core.tests import get_obj_perms_status_code
from ...core.tests import multisite_status_map as status_map
from ...core.tests import multisite_users as users
from rdmo.core.tests.constants import multisite_status_map as status_map
from rdmo.core.tests.constants import multisite_users as users
from rdmo.core.tests.utils import get_obj_perms_status_code

from ..models import Attribute
from .test_viewset_attribute import urlnames

Expand Down
Loading

0 comments on commit 40e0a5d

Please sign in to comment.