← Back to branch summary

~ubuntu-branches/ubuntu/quantal/python-django/quantal-security

« back to all changes in this revision

Viewing changes to django/contrib/auth/tests/auth_backends.py

  • Committer: Bazaar Package Importer
  • Author(s): Chris Lamb
  • Date: 2010-05-21 07:52:55 UTC
  • mfrom: (1.3.6 upstream)
  • mto: This revision was merged to the branch mainline in revision 28.
  • Revision ID: james.westby@ubuntu.com-20100521075255-ii78v1dyfmyu3uzx
Tags: upstream-1.2
ImportĀ upstreamĀ versionĀ 1.2

Show diffs side-by-side

added added

removed removed

Lines of Context:
django/contrib/auth/tests/auth_backends.py
 
1
from django.conf import settings
 
2
from django.contrib.auth.models import User, Group, Permission, AnonymousUser
 
3
from django.contrib.contenttypes.models import ContentType
 
4
from django.test import TestCase
 
5
 
 
6
 
 
7
class BackendTest(TestCase):
 
8
 
 
9
    backend = 'django.contrib.auth.backends.ModelBackend'
 
10
 
 
11
    def setUp(self):
 
12
        self.curr_auth = settings.AUTHENTICATION_BACKENDS
 
13
        settings.AUTHENTICATION_BACKENDS = (self.backend,)
 
14
        User.objects.create_user('test', 'test@example.com', 'test')
 
15
 
 
16
    def tearDown(self):
 
17
        settings.AUTHENTICATION_BACKENDS = self.curr_auth
 
18
 
 
19
    def test_has_perm(self):
 
20
        user = User.objects.get(username='test')
 
21
        self.assertEqual(user.has_perm('auth.test'), False)
 
22
        user.is_staff = True
 
23
        user.save()
 
24
        self.assertEqual(user.has_perm('auth.test'), False)
 
25
        user.is_superuser = True
 
26
        user.save()
 
27
        self.assertEqual(user.has_perm('auth.test'), True)
 
28
        user.is_staff = False
 
29
        user.is_superuser = False
 
30
        user.save()
 
31
        self.assertEqual(user.has_perm('auth.test'), False)
 
32
        user.is_staff = True
 
33
        user.is_superuser = True
 
34
        user.is_active = False
 
35
        user.save()
 
36
        self.assertEqual(user.has_perm('auth.test'), False)
 
37
 
 
38
    def test_custom_perms(self):
 
39
        user = User.objects.get(username='test')
 
40
        content_type=ContentType.objects.get_for_model(Group)
 
41
        perm = Permission.objects.create(name='test', content_type=content_type, codename='test')
 
42
        user.user_permissions.add(perm)
 
43
        user.save()
 
44
 
 
45
        # reloading user to purge the _perm_cache
 
46
        user = User.objects.get(username='test')
 
47
        self.assertEqual(user.get_all_permissions() == set([u'auth.test']), True)
 
48
        self.assertEqual(user.get_group_permissions(), set([]))
 
49
        self.assertEqual(user.has_module_perms('Group'), False)
 
50
        self.assertEqual(user.has_module_perms('auth'), True)
 
51
        perm = Permission.objects.create(name='test2', content_type=content_type, codename='test2')
 
52
        user.user_permissions.add(perm)
 
53
        user.save()
 
54
        perm = Permission.objects.create(name='test3', content_type=content_type, codename='test3')
 
55
        user.user_permissions.add(perm)
 
56
        user.save()
 
57
        user = User.objects.get(username='test')
 
58
        self.assertEqual(user.get_all_permissions(), set([u'auth.test2', u'auth.test', u'auth.test3']))
 
59
        self.assertEqual(user.has_perm('test'), False)
 
60
        self.assertEqual(user.has_perm('auth.test'), True)
 
61
        self.assertEqual(user.has_perms(['auth.test2', 'auth.test3']), True)
 
62
        perm = Permission.objects.create(name='test_group', content_type=content_type, codename='test_group')
 
63
        group = Group.objects.create(name='test_group')
 
64
        group.permissions.add(perm)
 
65
        group.save()
 
66
        user.groups.add(group)
 
67
        user = User.objects.get(username='test')
 
68
        exp = set([u'auth.test2', u'auth.test', u'auth.test3', u'auth.test_group'])
 
69
        self.assertEqual(user.get_all_permissions(), exp)
 
70
        self.assertEqual(user.get_group_permissions(), set([u'auth.test_group']))
 
71
        self.assertEqual(user.has_perms(['auth.test3', 'auth.test_group']), True)
 
72
 
 
73
        user = AnonymousUser()
 
74
        self.assertEqual(user.has_perm('test'), False)
 
75
        self.assertEqual(user.has_perms(['auth.test2', 'auth.test3']), False)
 
76
 
 
77
    def test_has_no_object_perm(self):
 
78
        """Regressiontest for #12462"""
 
79
        user = User.objects.get(username='test')
 
80
        content_type=ContentType.objects.get_for_model(Group)
 
81
        perm = Permission.objects.create(name='test', content_type=content_type, codename='test')
 
82
        user.user_permissions.add(perm)
 
83
        user.save()
 
84
 
 
85
        self.assertEqual(user.has_perm('auth.test', 'object'), False)
 
86
        self.assertEqual(user.get_all_permissions('object'), set([]))
 
87
        self.assertEqual(user.has_perm('auth.test'), True)
 
88
        self.assertEqual(user.get_all_permissions(), set(['auth.test']))
 
89
 
 
90
 
 
91
class TestObj(object):
 
92
    pass
 
93
 
 
94
 
 
95
class SimpleRowlevelBackend(object):
 
96
    supports_object_permissions = True
 
97
 
 
98
    # This class also supports tests for anonymous user permissions,
 
99
    # via subclasses which just set the 'supports_anonymous_user' attribute.
 
100
 
 
101
    def has_perm(self, user, perm, obj=None):
 
102
        if not obj:
 
103
            return # We only support row level perms
 
104
 
 
105
        if isinstance(obj, TestObj):
 
106
            if user.username == 'test2':
 
107
                return True
 
108
            elif user.is_anonymous() and perm == 'anon':
 
109
                # not reached due to supports_anonymous_user = False
 
110
                return True
 
111
        return False
 
112
 
 
113
    def has_module_perms(self, user, app_label):
 
114
        return app_label == "app1"
 
115
 
 
116
    def get_all_permissions(self, user, obj=None):
 
117
        if not obj:
 
118
            return [] # We only support row level perms
 
119
 
 
120
        if not isinstance(obj, TestObj):
 
121
            return ['none']
 
122
 
 
123
        if user.is_anonymous():
 
124
            return ['anon']
 
125
        if user.username == 'test2':
 
126
            return ['simple', 'advanced']
 
127
        else:
 
128
            return ['simple']
 
129
 
 
130
    def get_group_permissions(self, user, obj=None):
 
131
        if not obj:
 
132
            return # We only support row level perms
 
133
 
 
134
        if not isinstance(obj, TestObj):
 
135
            return ['none']
 
136
 
 
137
        if 'test_group' in [group.name for group in user.groups.all()]:
 
138
            return ['group_perm']
 
139
        else:
 
140
            return ['none']
 
141
 
 
142
 
 
143
class RowlevelBackendTest(TestCase):
 
144
    """
 
145
    Tests for auth backend that supports object level permissions
 
146
    """
 
147
    backend = 'django.contrib.auth.tests.auth_backends.SimpleRowlevelBackend'
 
148
 
 
149
    def setUp(self):
 
150
        self.curr_auth = settings.AUTHENTICATION_BACKENDS
 
151
        settings.AUTHENTICATION_BACKENDS = self.curr_auth + (self.backend,)
 
152
        self.user1 = User.objects.create_user('test', 'test@example.com', 'test')
 
153
        self.user2 = User.objects.create_user('test2', 'test2@example.com', 'test')
 
154
        self.user3 = User.objects.create_user('test3', 'test3@example.com', 'test')
 
155
 
 
156
    def tearDown(self):
 
157
        settings.AUTHENTICATION_BACKENDS = self.curr_auth
 
158
 
 
159
    def test_has_perm(self):
 
160
        self.assertEqual(self.user1.has_perm('perm', TestObj()), False)
 
161
        self.assertEqual(self.user2.has_perm('perm', TestObj()), True)
 
162
        self.assertEqual(self.user2.has_perm('perm'), False)
 
163
        self.assertEqual(self.user2.has_perms(['simple', 'advanced'], TestObj()), True)
 
164
        self.assertEqual(self.user3.has_perm('perm', TestObj()), False)
 
165
        self.assertEqual(self.user3.has_perm('anon', TestObj()), False)
 
166
        self.assertEqual(self.user3.has_perms(['simple', 'advanced'], TestObj()), False)
 
167
 
 
168
    def test_get_all_permissions(self):
 
169
        self.assertEqual(self.user1.get_all_permissions(TestObj()), set(['simple']))
 
170
        self.assertEqual(self.user2.get_all_permissions(TestObj()), set(['simple', 'advanced']))
 
171
        self.assertEqual(self.user2.get_all_permissions(), set([]))
 
172
 
 
173
    def test_get_group_permissions(self):
 
174
        content_type=ContentType.objects.get_for_model(Group)
 
175
        group = Group.objects.create(name='test_group')
 
176
        self.user3.groups.add(group)
 
177
        self.assertEqual(self.user3.get_group_permissions(TestObj()), set(['group_perm']))
 
178
 
 
179
 
 
180
class AnonymousUserBackend(SimpleRowlevelBackend):
 
181
 
 
182
    supports_anonymous_user = True
 
183
 
 
184
 
 
185
class NoAnonymousUserBackend(SimpleRowlevelBackend):
 
186
 
 
187
    supports_anonymous_user = False
 
188
 
 
189
 
 
190
class AnonymousUserBackendTest(TestCase):
 
191
    """
 
192
    Tests for AnonymousUser delegating to backend if it has 'supports_anonymous_user' = True
 
193
    """
 
194
 
 
195
    backend = 'django.contrib.auth.tests.auth_backends.AnonymousUserBackend'
 
196
 
 
197
    def setUp(self):
 
198
        self.curr_auth = settings.AUTHENTICATION_BACKENDS
 
199
        settings.AUTHENTICATION_BACKENDS = (self.backend,)
 
200
        self.user1 = AnonymousUser()
 
201
 
 
202
    def tearDown(self):
 
203
        settings.AUTHENTICATION_BACKENDS = self.curr_auth
 
204
 
 
205
    def test_has_perm(self):
 
206
        self.assertEqual(self.user1.has_perm('perm', TestObj()), False)
 
207
        self.assertEqual(self.user1.has_perm('anon', TestObj()), True)
 
208
 
 
209
    def test_has_perms(self):
 
210
        self.assertEqual(self.user1.has_perms(['anon'], TestObj()), True)
 
211
        self.assertEqual(self.user1.has_perms(['anon', 'perm'], TestObj()), False)
 
212
 
 
213
    def test_has_module_perms(self):
 
214
        self.assertEqual(self.user1.has_module_perms("app1"), True)
 
215
        self.assertEqual(self.user1.has_module_perms("app2"), False)
 
216
 
 
217
    def test_get_all_permissions(self):
 
218
        self.assertEqual(self.user1.get_all_permissions(TestObj()), set(['anon']))
 
219
 
 
220
 
 
221
class NoAnonymousUserBackendTest(TestCase):
 
222
    """
 
223
    Tests that AnonymousUser does not delegate to backend if it has 'supports_anonymous_user' = False
 
224
    """
 
225
    backend = 'django.contrib.auth.tests.auth_backends.NoAnonymousUserBackend'
 
226
 
 
227
    def setUp(self):
 
228
        self.curr_auth = settings.AUTHENTICATION_BACKENDS
 
229
        settings.AUTHENTICATION_BACKENDS = self.curr_auth + (self.backend,)
 
230
        self.user1 = AnonymousUser()
 
231
 
 
232
    def tearDown(self):
 
233
        settings.AUTHENTICATION_BACKENDS = self.curr_auth
 
234
 
 
235
    def test_has_perm(self):
 
236
        self.assertEqual(self.user1.has_perm('perm', TestObj()), False)
 
237
        self.assertEqual(self.user1.has_perm('anon', TestObj()), False)
 
238
 
 
239
    def test_has_perms(self):
 
240
        self.assertEqual(self.user1.has_perms(['anon'], TestObj()), False)
 
241
 
 
242
    def test_has_module_perms(self):
 
243
        self.assertEqual(self.user1.has_module_perms("app1"), False)
 
244
        self.assertEqual(self.user1.has_module_perms("app2"), False)
 
245
 
 
246
    def test_get_all_permissions(self):
 
247
        self.assertEqual(self.user1.get_all_permissions(TestObj()), set())