mirror/netbox-community-netbox
1
0
Fork 0
mirror of https://github.com/netbox-community/netbox.git synced 2024-05-10 07:54:54 +00:00
Code Activity

Closes #15464: Move permission assignments to user & group models (#15554)

Browse Source 
* Move user & group M2M assignments for ObjectPermission

* Restore users & groups fields on ObjectPermission serializer
This commit is contained in:
Jeremy Stretch
2024-03-29 14:57:16 -04:00
committed by GitHub
parent 8767577ecd
commit c8d9d9358e
8 changed files with 255 additions and 87 deletions
Download Patch File Download Diff File Expand all files Collapse all files

123
netbox/users/tests/test_api.py
View File

@ -16,29 +16,13 @@ class AppTest(APITestCase):
url = reverse('users-api:api-root')
response = self.client.get(f'{url}?format=api', **self.header)
self.assertEqual(response.status_code, 200)
class UserTest(APIViewTestCases.APIViewTestCase):
model = User
view_namespace = 'users'
brief_fields = ['display', 'id', 'url', 'username']
validation_excluded_fields = ['password']
create_data = [
{
'username': 'User_4',
'password': 'password4',
},
{
'username': 'User_5',
'password': 'password5',
},
{
'username': 'User_6',
'password': 'password6',
},
]
bulk_update_data = {
'email': 'test@example.com',
}
@ -46,13 +30,41 @@ class UserTest(APIViewTestCases.APIViewTestCase):
@classmethod
def setUpTestData(cls):
permissions = (
ObjectPermission(name='Permission 1', actions=['view']),
ObjectPermission(name='Permission 2', actions=['view']),
ObjectPermission(name='Permission 3', actions=['view']),
)
ObjectPermission.objects.bulk_create(permissions)
permissions[0].object_types.add(ObjectType.objects.get_by_natural_key('dcim', 'site'))
permissions[1].object_types.add(ObjectType.objects.get_by_natural_key('dcim', 'location'))
permissions[2].object_types.add(ObjectType.objects.get_by_natural_key('dcim', 'rack'))
users = (
User(username='User_1', password='password1'),
User(username='User_2', password='password2'),
User(username='User_3', password='password3'),
User(username='User1', password='password1'),
User(username='User2', password='password2'),
User(username='User3', password='password3'),
)
User.objects.bulk_create(users)
cls.create_data = [
{
'username': 'User4',
'password': 'password4',
'permissions': [permissions[0].pk],
},
{
'username': 'User5',
'password': 'password5',
'permissions': [permissions[1].pk],
},
{
'username': 'User6',
'password': 'password6',
'permissions': [permissions[2].pk],
},
]
def test_that_password_is_changed(self):
"""
Test that password is changed
@ -67,7 +79,7 @@ class UserTest(APIViewTestCases.APIViewTestCase):
obj_perm.object_types.add(ObjectType.objects.get_for_model(self.model))
user_credentials = {
'username': 'user1',
'username': 'newuser',
'password': 'abc123',
}
user = User.objects.create_user(**user_credentials)
@ -76,41 +88,56 @@ class UserTest(APIViewTestCases.APIViewTestCase):
'password': 'newpassword'
}
url = reverse('users-api:user-detail', kwargs={'pk': user.id})
response = self.client.patch(url, data, format='json', **self.header)
self.assertEqual(response.status_code, 200)
updated_user = User.objects.get(id=user.id)
self.assertTrue(updated_user.check_password(data['password']))
user.refresh_from_db()
self.assertTrue(user.check_password(data['password']))
class GroupTest(APIViewTestCases.APIViewTestCase):
model = Group
view_namespace = 'users'
brief_fields = ['display', 'id', 'name', 'url']
create_data = [
{
'name': 'Group 4',
},
{
'name': 'Group 5',
},
{
'name': 'Group 6',
},
]
@classmethod
def setUpTestData(cls):
users = (
permissions = (
ObjectPermission(name='Permission 1', actions=['view']),
ObjectPermission(name='Permission 2', actions=['view']),
ObjectPermission(name='Permission 3', actions=['view']),
)
ObjectPermission.objects.bulk_create(permissions)
permissions[0].object_types.add(ObjectType.objects.get_by_natural_key('dcim', 'site'))
permissions[1].object_types.add(ObjectType.objects.get_by_natural_key('dcim', 'location'))
permissions[2].object_types.add(ObjectType.objects.get_by_natural_key('dcim', 'rack'))
groups = (
Group(name='Group 1'),
Group(name='Group 2'),
Group(name='Group 3'),
)
Group.objects.bulk_create(users)
Group.objects.bulk_create(groups)
cls.create_data = [
{
'name': 'Group 4',
'permissions': [permissions[0].pk],
},
{
'name': 'Group 5',
'permissions': [permissions[1].pk],
},
{
'name': 'Group 6',
'permissions': [permissions[2].pk],
},
]
def model_to_dict(self, instance, *args, **kwargs):
# Overwrite permissions attr to work around the serializer field having a different name
data = super().model_to_dict(instance, *args, **kwargs)
data['permissions'] = list(instance.object_permissions.values_list('id', flat=True))
return data
def test_bulk_update_objects(self):
"""
@ -142,9 +169,9 @@ class TokenTest(
@classmethod
def setUpTestData(cls):
users = (
create_test_user('User 1'),
create_test_user('User 2'),
create_test_user('User 3'),
create_test_user('User1'),
create_test_user('User2'),
create_test_user('User3'),
)
tokens = (
@ -240,9 +267,7 @@ class ObjectPermissionTest(
APIViewTestCases.DeleteObjectViewTestCase
):
model = ObjectPermission
brief_fields = [
'actions', 'description', 'display', 'enabled', 'groups', 'id', 'name', 'object_types', 'url', 'users',
]
brief_fields = ['actions', 'description', 'display', 'enabled', 'id', 'name', 'object_types', 'url']
@classmethod
def setUpTestData(cls):
@ -255,9 +280,9 @@ class ObjectPermissionTest(
Group.objects.bulk_create(groups)
users = (
User(username='User 1', is_active=True),
User(username='User 2', is_active=True),
User(username='User 3', is_active=True),
User(username='User1', is_active=True),
User(username='User2', is_active=True),
User(username='User3', is_active=True),
)
User.objects.bulk_create(users)