NeoAnd/netbox
1
0
Fork 0
mirror of https://github.com/netbox-community/netbox.git synced 2025-07-22 20:12:00 -06:00
Code Issues Actions 8 Packages Projects Releases Wiki Activity

Reduce ObjectPermission creation boilerplate

Browse Source
This commit is contained in:
Jeremy Stretch 2020-05-28 10:27:25 -04:00
parent b2ba9d68c9
commit ca199cdefe
3 changed files with 22 additions and 62 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

60
netbox/netbox/tests/test_authentication.py
View File

@ -201,13 +201,11 @@ class ObjectPermissionViewTestCase(TestCase):
self.assertHttpStatus(response, 403)
# Assign object permission
obj_perm = ObjectPermission(
self.user.object_permissions.create(
model=ContentType.objects.get_for_model(Prefix),
attrs={'site__name': 'Site 1'},
can_view=True
)
obj_perm.save()
obj_perm.users.add(self.user)
# Retrieve permitted object
response = self.client.get(self.prefixes[0].get_absolute_url())
@ -225,13 +223,11 @@ class ObjectPermissionViewTestCase(TestCase):
self.assertHttpStatus(response, 403)
# Assign object permission
obj_perm = ObjectPermission(
self.user.object_permissions.create(
model=ContentType.objects.get_for_model(Prefix),
attrs={'site__name': 'Site 1'},
can_view=True
)
obj_perm.save()
obj_perm.users.add(self.user)
# Retrieve all objects. Only permitted objects should be returned.
response = self.client.get(reverse('ipam:prefix_list'))
@ -259,14 +255,12 @@ class ObjectPermissionViewTestCase(TestCase):
self.assertEqual(initial_count, Prefix.objects.count())
# Assign object permission
obj_perm = ObjectPermission(
self.user.object_permissions.create(
model=ContentType.objects.get_for_model(Prefix),
attrs={'site__name': 'Site 1'},
can_view=True,
can_add=True
)
obj_perm.save()
obj_perm.users.add(self.user)
# Attempt to create a non-permitted object
request = {
@ -307,14 +301,12 @@ class ObjectPermissionViewTestCase(TestCase):
self.assertHttpStatus(response, 403)
# Assign object permission
obj_perm = ObjectPermission(
self.user.object_permissions.create(
model=ContentType.objects.get_for_model(Prefix),
attrs={'site__name': 'Site 1'},
can_view=True,
can_change=True
)
obj_perm.save()
obj_perm.users.add(self.user)
# Attempt to edit a non-permitted object
request = {
@ -351,14 +343,12 @@ class ObjectPermissionViewTestCase(TestCase):
self.assertHttpStatus(response, 403)
# Assign object permission
obj_perm = ObjectPermission(
self.user.object_permissions.create(
model=ContentType.objects.get_for_model(Prefix),
attrs={'site__name': 'Site 1'},
can_view=True,
can_delete=True
)
obj_perm.save()
obj_perm.users.add(self.user)
# Delete permitted object
request = {
@ -400,13 +390,11 @@ class ObjectPermissionViewTestCase(TestCase):
self.assertEqual(initial_count, Prefix.objects.count())
# Assign object permission
obj_perm = ObjectPermission(
self.user.object_permissions.create(
model=ContentType.objects.get_for_model(Prefix),
attrs={'site__name': 'Site 1'},
can_add=True
)
obj_perm.save()
obj_perm.users.add(self.user)
# Attempt to create non-permitted objects
request = {
@ -449,13 +437,11 @@ class ObjectPermissionViewTestCase(TestCase):
self.assertHttpStatus(response, 403)
# Assign object permission
obj_perm = ObjectPermission(
self.user.object_permissions.create(
model=ContentType.objects.get_for_model(Prefix),
attrs={'site__name': 'Site 1'},
can_change=True
)
obj_perm.save()
obj_perm.users.add(self.user)
# Attempt to edit non-permitted objects
request = {
@ -493,14 +479,12 @@ class ObjectPermissionViewTestCase(TestCase):
self.assertHttpStatus(response, 403)
# Assign object permission
obj_perm = ObjectPermission(
self.user.object_permissions.create(
model=ContentType.objects.get_for_model(Prefix),
attrs={'site__name': 'Site 1'},
can_view=True,
can_delete=True
)
obj_perm.save()
obj_perm.users.add(self.user)
# Attempt to delete non-permitted object
request = {
@ -565,15 +549,11 @@ class ObjectPermissionAPIViewTestCase(TestCase):
self.assertEqual(response.status_code, 403)
# Assign object permission
obj_perm = ObjectPermission(
self.user.object_permissions.create(
model=ContentType.objects.get_for_model(Prefix),
attrs={
'site__name': 'Site 1',
},
attrs={'site__name': 'Site 1'},
can_view=True
)
obj_perm.save()
obj_perm.users.add(self.user)
# Retrieve permitted object
url = reverse('ipam-api:prefix-detail', kwargs={'pk': self.prefixes[0].pk})
@ -594,15 +574,11 @@ class ObjectPermissionAPIViewTestCase(TestCase):
self.assertEqual(response.status_code, 403)
# Assign object permission
obj_perm = ObjectPermission(
self.user.object_permissions.create(
model=ContentType.objects.get_for_model(Prefix),
attrs={
'site__name': 'Site 1',
},
attrs={'site__name': 'Site 1'},
can_view=True
)
obj_perm.save()
obj_perm.users.add(self.user)
# Retrieve all objects. Only permitted objects should be returned.
response = self.client.get(url, **self.header)
@ -623,13 +599,11 @@ class ObjectPermissionAPIViewTestCase(TestCase):
self.assertEqual(response.status_code, 403)
# Assign object permission
obj_perm = ObjectPermission(
self.user.object_permissions.create(
model=ContentType.objects.get_for_model(Prefix),
attrs={'site__name': 'Site 1'},
can_add=True
)
obj_perm.save()
obj_perm.users.add(self.user)
# Attempt to create a non-permitted object
response = self.client.post(url, data, format='json', **self.header)
@ -652,13 +626,11 @@ class ObjectPermissionAPIViewTestCase(TestCase):
self.assertEqual(response.status_code, 403)
# Assign object permission
obj_perm = ObjectPermission(
self.user.object_permissions.create(
model=ContentType.objects.get_for_model(Prefix),
attrs={'site__name': 'Site 1'},
can_change=True
)
obj_perm.save()
obj_perm.users.add(self.user)
# Attempt to edit a non-permitted object
data = {'site': self.sites[0].pk}
@ -687,13 +659,11 @@ class ObjectPermissionAPIViewTestCase(TestCase):
self.assertEqual(response.status_code, 403)
# Assign object permission
obj_perm = ObjectPermission(
self.user.object_permissions.create(
model=ContentType.objects.get_for_model(Prefix),
attrs={'site__name': 'Site 1'},
can_delete=True
)
obj_perm.save()
obj_perm.users.add(self.user)
# Attempt to delete a non-permitted object
url = reverse('ipam-api:prefix-detail', kwargs={'pk': self.prefixes[3].pk})

8
netbox/utilities/auth_backends.py
View File

@ -122,14 +122,10 @@ class RemoteUserBackend(_RemoteUserBackend):
try:
app_label, codename = permission_name.split('.')
action, model_name = codename.split('_')
kwargs = {
user.object_permissions.create(**{
'model': ContentType.objects.get(app_label=app_label, model=model_name),
f'can_{action}': True
}
obj_perm = ObjectPermission(**kwargs)
obj_perm.save()
obj_perm.users.add(user)
})
permissions_list.append(permission_name)
except ValueError:
logging.error(

16
netbox/utilities/testing/testcases.py
View File

@ -1,5 +1,5 @@
from django.contrib.contenttypes.models import ContentType
from django.contrib.auth.models import Permission, User
from django.contrib.auth.models import User
from django.core.exceptions import ObjectDoesNotExist
from django.forms.models import model_to_dict
from django.test import Client, TestCase as _TestCase, override_settings
@ -7,7 +7,6 @@ from django.urls import reverse, NoReverseMatch
from rest_framework.test import APIClient
from users.models import ObjectPermission, Token
from utilities.permissions import get_permission_for_model
from .utils import disable_warnings, post_data
@ -36,13 +35,10 @@ class TestCase(_TestCase):
app_label, codename = name.split('.')
action, model_name = codename.split('_')
kwargs = {
self.user.object_permissions.create(**{
'model': ContentType.objects.get(app_label=app_label, model=model_name),
f'can_{action}': True
}
obj_perm = ObjectPermission(**kwargs)
obj_perm.save()
obj_perm.users.add(self.user)
})
def remove_permissions(self, *names):
"""
@ -52,12 +48,10 @@ class TestCase(_TestCase):
app_label, codename = name.split('.')
action, model_name = codename.split('_')
kwargs = {
'user': self.user,
self.user.object_permissions.filter(**{
'model': ContentType.objects.get(app_label=app_label, model=model_name),
f'can_{action}': True
}
ObjectPermission.objects.filter(**kwargs).delete()
}).delete()
#
# Convenience methods