refactoring roles module to compatibility with django permission backend

vintasoftware · Feb 25, 2014 · 6852439 · 6852439
1 parent 512df4e
commit 6852439
Show file tree

Hide file tree

Showing 5 changed files with 62 additions and 181 deletions.
diff --git a/rolepermissions/migrations/0001_initial.py b/rolepermissions/migrations/0001_initial.py
diff --git a/rolepermissions/migrations/__init__.py b/rolepermissions/migrations/__init__.py
diff --git a/rolepermissions/models.py b/rolepermissions/models.py
@@ -1,20 +1,2 @@
 
 from django.db import models
-from django.conf import settings
-
-
-class UserRole(models.Model):
-    user = models.OneToOneField(settings.AUTH_USER_MODEL, related_name='role')
-    role_name = models.CharField(max_length=255)
-
-    def __unicode__(self):
-        return self.user.get_full_name() + ' - ' + self.role_name
-
-
-class UserPermission(models.Model):
-    user = models.ForeignKey(settings.AUTH_USER_MODEL, related_name='+')
-    permission_name = models.CharField(max_length=255)
-    is_granted = models.BooleanField(default=False)
-
-    def __unicode__(self):
-        return self.user.get_full_name() + ' - ' + self.permission_name + ' - ' + str(self.is_granted)
diff --git a/rolepermissions/roles.py b/rolepermissions/roles.py
@@ -1,10 +1,11 @@
 
 import inspect
 import re
-
+from django.conf import settings
 from django.core.exceptions import ObjectDoesNotExist
-
-from rolepermissions.models import UserRole, UserPermission
+from django.contrib.auth.models import Group, Permission
+from django.contrib.contenttypes.models import ContentType
+from django.contrib.auth import get_user_model
 
 
 def camelToSnake(s):
@@ -53,36 +54,41 @@ def get_name(cls):
 
     @classmethod
     def assign_role_to_user(cls, user):
-        try:
-            user_role = UserRole.objects.get(user=user)
-        except ObjectDoesNotExist:
-            user_role = None
-
-        UserPermission.objects.filter(user=user).delete()
+        old_groups = user.groups.all()
+
+        if old_groups:
+            old_group = old_groups[0]
+            role = RolesManager.retrieve_role(old_group.name)
+            permissions_to_remove = Permission.objects.filter(codename__in=role.permission_list()).all()
+            user.user_permissions.remove(*permissions_to_remove)
+            user.groups.clear()
+
+        group, created = Group.objects.get_or_create(name=cls.get_name())
+        user.groups.add(group)
+        permissions_to_add = cls.get_default_true_permissions()
+        user.user_permissions.add(*permissions_to_add)
+
+        return group
 
-        if not user_role:
-            user_role = UserRole(user=user)
-
-        user_role.role_name = cls.get_name()
-        user_role.save()
+    @classmethod
+    def permission_list(cls):
+        return [key for (key, value) in cls.available_permissions.items()]
 
-        user.role = user_role
+    @classmethod
+    def get_default_true_permissions(cls):
+        permission_names = [key for (key, default) in cls.available_permissions.items() if default]
 
-        cls.assign_default_permissions(user)
+        user_type = ContentType.objects.get_for_model(get_user_model())
+        permissions = list(Permission.objects.filter(content_type=user_type, codename__in=permission_names).all())
 
-        return user_role
+        if len(permissions) != len(permission_names):
+            for permission_name in permission_names:
+                permission, created = Permission.objects.get_or_create(content_type=user_type, codename=permission_name)
+                if created:
+                    permissions.append(permission)
 
-    @classmethod
-    def assign_default_permissions(cls, user):
-        role_permissions = cls.available_permissions
-        for permission in role_permissions:
-            UserPermission.objects.get_or_create(
-                user=user, permission_name=permission,
-                is_granted=role_permissions[permission])
+        return permissions
 
-    @classmethod
-    def permission_list(cls):
-        return cls.available_permissions.keys()
 
     @classmethod
     def get_default(cls, permission_name):

diff --git a/rolepermissions/tests/test_roles.py b/rolepermissions/tests/test_roles.py
@@ -5,7 +5,7 @@
 from model_mommy import mommy
 
 from rolepermissions.roles import RolesManager, AbstractUserRole
-from rolepermissions.models import UserPermission
+
 
 class RolRole1(AbstractUserRole):
     available_permissions = {
@@ -40,51 +40,45 @@ def test_get_name(self):
     def test_assign_Role1_default_permissions(self):
         user = mommy.make(get_user_model())
 
-        RolRole1.assign_default_permissions(user)
-        permissions = UserPermission.objects.filter(user=user)
+        RolRole1.assign_role_to_user(user)
+        permissions = user.user_permissions.all()
 
-        permission_hash = { p.permission_name: p.is_granted for p in permissions }
+        permission_list = [perm.codename for perm in permissions]
 
-        self.assertIn('permission1', permission_hash)
-        self.assertTrue(permission_hash['permission1'])
-        self.assertIn('permission2', permission_hash)
-        self.assertTrue(permission_hash['permission2'])
+        self.assertIn('permission1', permission_list)
+        self.assertIn('permission2', permission_list)
         self.assertEquals(len(permissions), 2)
 
     def test_assign_Role2_default_permissions(self):
         user = mommy.make(get_user_model())
 
-        RolRole2.assign_default_permissions(user)
-        permissions = UserPermission.objects.filter(user=user)
+        RolRole2.assign_role_to_user(user)
+        permissions = user.user_permissions.all()
 
-        permission_hash = { p.permission_name: p.is_granted for p in permissions }
+        permission_list = [perm.codename for perm in permissions]
 
-        self.assertIn('permission3', permission_hash)
-        self.assertTrue(permission_hash['permission3'])
-        self.assertIn('permission4', permission_hash)
-        self.assertFalse(permission_hash['permission4'])
-        self.assertEquals(len(permissions), 2)
+        self.assertIn('permission3', permission_list)
+        self.assertNotIn('permission4', permission_list)
+        self.assertEquals(len(permissions), 1)
 
     def test_assign_Role3_default_permissions(self):
         user = mommy.make(get_user_model())
 
-        RolRole3.assign_default_permissions(user)
-        permissions = UserPermission.objects.filter(user=user)
+        RolRole3.assign_role_to_user(user)
+        permissions = user.user_permissions.all()
 
-        permission_hash = { p.permission_name: p.is_granted for p in permissions }
+        permission_list = [perm.codename for perm in permissions]
 
-        self.assertIn('permission5', permission_hash)
-        self.assertFalse(permission_hash['permission5'])
-        self.assertIn('permission6', permission_hash)
-        self.assertFalse(permission_hash['permission6'])
-        self.assertEquals(len(permissions), 2)
+        self.assertNotIn('permission5', permission_list)
+        self.assertNotIn('permission6', permission_list)
+        self.assertEquals(len(permissions), 0)
 
     def test_assign_role_to_user(self):
         user = mommy.make(get_user_model())
 
         user_role = RolRole1.assign_role_to_user(user)
 
-        self.assertEquals(user_role.role_name, 'rol_role1')
+        self.assertEquals(user_role.name, 'rol_role1')
 
     def test_instanciate_role(self):
         user = mommy.make(get_user_model())
@@ -98,34 +92,36 @@ def test_change_user_role(self):
 
         user_role = RolRole1.assign_role_to_user(user)
 
-        self.assertEquals(user_role.role_name, 'rol_role1')
+        self.assertEquals(user_role.name, 'rol_role1')
 
         user_role = RolRole2.assign_role_to_user(user)
 
-        self.assertEquals(user_role.role_name, 'rol_role2')
+        self.assertEquals(user_role.name, 'rol_role2')
 
     def test_delete_old_permissions_on_role_change(self):
         user = mommy.make(get_user_model())
 
         RolRole1().assign_role_to_user(user)
 
-        permissions = UserPermission.objects.filter(user=user)
+        permissions = user.user_permissions.all()
 
-        permission_names = [n.permission_name for n in permissions]
+        permission_names = [n.codename for n in permissions]
 
         self.assertIn('permission1', permission_names)
         self.assertIn('permission2', permission_names)
         self.assertEquals(len(permissions), 2)
 
         RolRole2.assign_role_to_user(user)
 
-        permissions = UserPermission.objects.filter(user=user)
+        permissions = user.user_permissions.all()
 
-        permission_names = [n.permission_name for n in permissions]
+        permission_names = [n.codename for n in permissions]
 
+        self.assertNotIn('permission1', permission_names)
+        self.assertNotIn('permission2', permission_names)
         self.assertIn('permission3', permission_names)
-        self.assertIn('permission4', permission_names)
-        self.assertEquals(len(permissions), 2)
+        self.assertNotIn('permission4', permission_names)
+        self.assertEquals(len(permissions), 1)
 
 
     def test_permission_list(self):