mirror of
https://github.com/netbox-community/netbox.git
synced 2024-05-10 07:54:54 +00:00
Fix permission assignment in tests
This commit is contained in:
Jeremy Stretch
@ -1,7 +1,6 @@
|
||||
from datetime import date
|
||||
|
||||
from django.contrib.contenttypes.models import ContentType
|
||||
from django.test import Client, TestCase
|
||||
from django.urls import reverse
|
||||
from rest_framework import status
|
||||
|
||||
@ -9,7 +8,7 @@ from dcim.forms import SiteCSVForm
|
||||
from dcim.models import Site
|
||||
from extras.choices import *
|
||||
from extras.models import CustomField, CustomFieldValue, CustomFieldChoice
|
||||
from utilities.testing import APITestCase, create_test_user
|
||||
from utilities.testing import APITestCase, TestCase
|
||||
from virtualization.models import VirtualMachine
|
||||
|
||||
|
||||
@ -470,17 +469,10 @@ class CustomFieldChoiceAPITest(APITestCase):
|
||||
|
||||
|
||||
class CustomFieldImportTest(TestCase):
|
||||
|
||||
def setUp(self):
|
||||
|
||||
user = create_test_user(
|
||||
permissions=[
|
||||
'dcim.view_site',
|
||||
'dcim.add_site',
|
||||
]
|
||||
)
|
||||
self.client = Client()
|
||||
self.client.force_login(user)
|
||||
user_permissions = (
|
||||
'dcim.view_site',
|
||||
'dcim.add_site',
|
||||
)
|
||||
|
||||
@classmethod
|
||||
def setUpTestData(cls):
|
||||
|
||||
@ -338,8 +338,8 @@ TEMPLATES = [
|
||||
|
||||
# Set up authentication backends
|
||||
AUTHENTICATION_BACKENDS = [
|
||||
'utilities.auth_backends.ObjectPermissionBackend',
|
||||
REMOTE_AUTH_BACKEND,
|
||||
'utilities.auth_backends.ObjectPermissionBackend',
|
||||
]
|
||||
|
||||
# Internationalization
|
||||
|
||||
@ -1,7 +1,7 @@
|
||||
import logging
|
||||
|
||||
from django.conf import settings
|
||||
from django.contrib.auth.backends import BaseBackend, ModelBackend
|
||||
from django.contrib.auth.backends import ModelBackend, RemoteUserBackend as _RemoteUserBackend
|
||||
from django.contrib.auth.models import Group, Permission
|
||||
from django.db.models import Q
|
||||
|
||||
@ -88,7 +88,7 @@ class ObjectPermissionBackend(ModelBackend):
|
||||
return model.objects.filter(attrs, pk=obj.pk).exists()
|
||||
|
||||
|
||||
class RemoteUserBackend(BaseBackend):
|
||||
class RemoteUserBackend(_RemoteUserBackend):
|
||||
"""
|
||||
Custom implementation of Django's RemoteUserBackend which provides configuration hooks for basic customization.
|
||||
"""
|
||||
@ -124,7 +124,11 @@ class RemoteUserBackend(BaseBackend):
|
||||
"<app>.<action>_<model>. (Example: dcim.add_site)"
|
||||
)
|
||||
if permissions_list:
|
||||
# TODO: Create an ObjectPermission
|
||||
user.user_permissions.add(*permissions_list)
|
||||
logger.debug(f"Assigned permissions to remotely-authenticated user {user}: {permissions_list}")
|
||||
|
||||
return user
|
||||
|
||||
def has_perm(self, user_obj, perm, obj=None):
|
||||
return False
|
||||
|
||||
@ -33,18 +33,31 @@ class TestCase(_TestCase):
|
||||
Assign a set of permissions to the test user. Accepts permission names in the form <app>.<action>_<model>.
|
||||
"""
|
||||
for name in names:
|
||||
app, codename = name.split('.')
|
||||
perm = Permission.objects.get(content_type__app_label=app, codename=codename)
|
||||
self.user.user_permissions.add(perm)
|
||||
app_label, codename = name.split('.')
|
||||
action, model_name = codename.split('_')
|
||||
|
||||
kwargs = {
|
||||
'model': ContentType.objects.get(app_label=app_label, model=model_name),
|
||||
f'can_{action}': True
|
||||
}
|
||||
obj_perm = ObjectPermission(**kwargs)
|
||||
obj_perm.save()
|
||||
obj_perm.users.add(self.user)
|
||||
|
||||
def remove_permissions(self, *names):
|
||||
"""
|
||||
Remove a set of permissions from the test user, if assigned.
|
||||
"""
|
||||
for name in names:
|
||||
app, codename = name.split('.')
|
||||
perm = Permission.objects.get(content_type__app_label=app, codename=codename)
|
||||
self.user.user_permissions.remove(perm)
|
||||
app_label, codename = name.split('.')
|
||||
action, model_name = codename.split('_')
|
||||
|
||||
kwargs = {
|
||||
'user': self.user,
|
||||
'model': ContentType.objects.get(app_label=app_label, model=model_name),
|
||||
f'can_{action}': True
|
||||
}
|
||||
ObjectPermission.objects.filter(**kwargs).delete()
|
||||
|
||||
#
|
||||
# Convenience methods
|
||||
@ -493,10 +506,14 @@ class ViewTestCases:
|
||||
with disable_warnings('django.request'):
|
||||
self.assertHttpStatus(self.client.post(**request), 403)
|
||||
|
||||
# Assign the required permission and submit again
|
||||
self.add_permissions(
|
||||
'{}.add_{}'.format(self.model._meta.app_label, self.model._meta.model_name)
|
||||
# Assign object-level permission
|
||||
obj_perm = ObjectPermission(
|
||||
model=ContentType.objects.get_for_model(self.model),
|
||||
can_add=True
|
||||
)
|
||||
obj_perm.save()
|
||||
obj_perm.users.add(self.user)
|
||||
|
||||
response = self.client.post(**request)
|
||||
self.assertHttpStatus(response, 302)
|
||||
|
||||
|
||||
Reference in New Issue
Block a user