1
from django.conf import settings
2
from django.contrib.auth.models import User, Group, Permission, AnonymousUser
3
from django.contrib.contenttypes.models import ContentType
4
from django.test import TestCase
7
class BackendTest(TestCase):
9
backend = 'django.contrib.auth.backends.ModelBackend'
12
self.curr_auth = settings.AUTHENTICATION_BACKENDS
13
settings.AUTHENTICATION_BACKENDS = (self.backend,)
14
User.objects.create_user('test', 'test@example.com', 'test')
17
settings.AUTHENTICATION_BACKENDS = self.curr_auth
19
def test_has_perm(self):
20
user = User.objects.get(username='test')
21
self.assertEqual(user.has_perm('auth.test'), False)
24
self.assertEqual(user.has_perm('auth.test'), False)
25
user.is_superuser = True
27
self.assertEqual(user.has_perm('auth.test'), True)
29
user.is_superuser = False
31
self.assertEqual(user.has_perm('auth.test'), False)
33
user.is_superuser = True
34
user.is_active = False
36
self.assertEqual(user.has_perm('auth.test'), False)
38
def test_custom_perms(self):
39
user = User.objects.get(username='test')
40
content_type=ContentType.objects.get_for_model(Group)
41
perm = Permission.objects.create(name='test', content_type=content_type, codename='test')
42
user.user_permissions.add(perm)
45
# reloading user to purge the _perm_cache
46
user = User.objects.get(username='test')
47
self.assertEqual(user.get_all_permissions() == set([u'auth.test']), True)
48
self.assertEqual(user.get_group_permissions(), set([]))
49
self.assertEqual(user.has_module_perms('Group'), False)
50
self.assertEqual(user.has_module_perms('auth'), True)
51
perm = Permission.objects.create(name='test2', content_type=content_type, codename='test2')
52
user.user_permissions.add(perm)
54
perm = Permission.objects.create(name='test3', content_type=content_type, codename='test3')
55
user.user_permissions.add(perm)
57
user = User.objects.get(username='test')
58
self.assertEqual(user.get_all_permissions(), set([u'auth.test2', u'auth.test', u'auth.test3']))
59
self.assertEqual(user.has_perm('test'), False)
60
self.assertEqual(user.has_perm('auth.test'), True)
61
self.assertEqual(user.has_perms(['auth.test2', 'auth.test3']), True)
62
perm = Permission.objects.create(name='test_group', content_type=content_type, codename='test_group')
63
group = Group.objects.create(name='test_group')
64
group.permissions.add(perm)
66
user.groups.add(group)
67
user = User.objects.get(username='test')
68
exp = set([u'auth.test2', u'auth.test', u'auth.test3', u'auth.test_group'])
69
self.assertEqual(user.get_all_permissions(), exp)
70
self.assertEqual(user.get_group_permissions(), set([u'auth.test_group']))
71
self.assertEqual(user.has_perms(['auth.test3', 'auth.test_group']), True)
73
user = AnonymousUser()
74
self.assertEqual(user.has_perm('test'), False)
75
self.assertEqual(user.has_perms(['auth.test2', 'auth.test3']), False)
77
def test_has_no_object_perm(self):
78
"""Regressiontest for #12462"""
79
user = User.objects.get(username='test')
80
content_type=ContentType.objects.get_for_model(Group)
81
perm = Permission.objects.create(name='test', content_type=content_type, codename='test')
82
user.user_permissions.add(perm)
85
self.assertEqual(user.has_perm('auth.test', 'object'), False)
86
self.assertEqual(user.get_all_permissions('object'), set([]))
87
self.assertEqual(user.has_perm('auth.test'), True)
88
self.assertEqual(user.get_all_permissions(), set(['auth.test']))
91
class TestObj(object):
95
class SimpleRowlevelBackend(object):
96
supports_object_permissions = True
98
# This class also supports tests for anonymous user permissions,
99
# via subclasses which just set the 'supports_anonymous_user' attribute.
101
def has_perm(self, user, perm, obj=None):
103
return # We only support row level perms
105
if isinstance(obj, TestObj):
106
if user.username == 'test2':
108
elif user.is_anonymous() and perm == 'anon':
109
# not reached due to supports_anonymous_user = False
113
def has_module_perms(self, user, app_label):
114
return app_label == "app1"
116
def get_all_permissions(self, user, obj=None):
118
return [] # We only support row level perms
120
if not isinstance(obj, TestObj):
123
if user.is_anonymous():
125
if user.username == 'test2':
126
return ['simple', 'advanced']
130
def get_group_permissions(self, user, obj=None):
132
return # We only support row level perms
134
if not isinstance(obj, TestObj):
137
if 'test_group' in [group.name for group in user.groups.all()]:
138
return ['group_perm']
143
class RowlevelBackendTest(TestCase):
145
Tests for auth backend that supports object level permissions
147
backend = 'django.contrib.auth.tests.auth_backends.SimpleRowlevelBackend'
150
self.curr_auth = settings.AUTHENTICATION_BACKENDS
151
settings.AUTHENTICATION_BACKENDS = self.curr_auth + (self.backend,)
152
self.user1 = User.objects.create_user('test', 'test@example.com', 'test')
153
self.user2 = User.objects.create_user('test2', 'test2@example.com', 'test')
154
self.user3 = User.objects.create_user('test3', 'test3@example.com', 'test')
157
settings.AUTHENTICATION_BACKENDS = self.curr_auth
159
def test_has_perm(self):
160
self.assertEqual(self.user1.has_perm('perm', TestObj()), False)
161
self.assertEqual(self.user2.has_perm('perm', TestObj()), True)
162
self.assertEqual(self.user2.has_perm('perm'), False)
163
self.assertEqual(self.user2.has_perms(['simple', 'advanced'], TestObj()), True)
164
self.assertEqual(self.user3.has_perm('perm', TestObj()), False)
165
self.assertEqual(self.user3.has_perm('anon', TestObj()), False)
166
self.assertEqual(self.user3.has_perms(['simple', 'advanced'], TestObj()), False)
168
def test_get_all_permissions(self):
169
self.assertEqual(self.user1.get_all_permissions(TestObj()), set(['simple']))
170
self.assertEqual(self.user2.get_all_permissions(TestObj()), set(['simple', 'advanced']))
171
self.assertEqual(self.user2.get_all_permissions(), set([]))
173
def test_get_group_permissions(self):
174
content_type=ContentType.objects.get_for_model(Group)
175
group = Group.objects.create(name='test_group')
176
self.user3.groups.add(group)
177
self.assertEqual(self.user3.get_group_permissions(TestObj()), set(['group_perm']))
180
class AnonymousUserBackend(SimpleRowlevelBackend):
182
supports_anonymous_user = True
185
class NoAnonymousUserBackend(SimpleRowlevelBackend):
187
supports_anonymous_user = False
190
class AnonymousUserBackendTest(TestCase):
192
Tests for AnonymousUser delegating to backend if it has 'supports_anonymous_user' = True
195
backend = 'django.contrib.auth.tests.auth_backends.AnonymousUserBackend'
198
self.curr_auth = settings.AUTHENTICATION_BACKENDS
199
settings.AUTHENTICATION_BACKENDS = (self.backend,)
200
self.user1 = AnonymousUser()
203
settings.AUTHENTICATION_BACKENDS = self.curr_auth
205
def test_has_perm(self):
206
self.assertEqual(self.user1.has_perm('perm', TestObj()), False)
207
self.assertEqual(self.user1.has_perm('anon', TestObj()), True)
209
def test_has_perms(self):
210
self.assertEqual(self.user1.has_perms(['anon'], TestObj()), True)
211
self.assertEqual(self.user1.has_perms(['anon', 'perm'], TestObj()), False)
213
def test_has_module_perms(self):
214
self.assertEqual(self.user1.has_module_perms("app1"), True)
215
self.assertEqual(self.user1.has_module_perms("app2"), False)
217
def test_get_all_permissions(self):
218
self.assertEqual(self.user1.get_all_permissions(TestObj()), set(['anon']))
221
class NoAnonymousUserBackendTest(TestCase):
223
Tests that AnonymousUser does not delegate to backend if it has 'supports_anonymous_user' = False
225
backend = 'django.contrib.auth.tests.auth_backends.NoAnonymousUserBackend'
228
self.curr_auth = settings.AUTHENTICATION_BACKENDS
229
settings.AUTHENTICATION_BACKENDS = self.curr_auth + (self.backend,)
230
self.user1 = AnonymousUser()
233
settings.AUTHENTICATION_BACKENDS = self.curr_auth
235
def test_has_perm(self):
236
self.assertEqual(self.user1.has_perm('perm', TestObj()), False)
237
self.assertEqual(self.user1.has_perm('anon', TestObj()), False)
239
def test_has_perms(self):
240
self.assertEqual(self.user1.has_perms(['anon'], TestObj()), False)
242
def test_has_module_perms(self):
243
self.assertEqual(self.user1.has_module_perms("app1"), False)
244
self.assertEqual(self.user1.has_module_perms("app2"), False)
246
def test_get_all_permissions(self):
247
self.assertEqual(self.user1.get_all_permissions(TestObj()), set())