246 lines
11 KiB
Python
246 lines
11 KiB
Python
from importlib import import_module
|
|
|
|
from django.apps import apps
|
|
from django.contrib.auth.models import Permission, User
|
|
from django.contrib.contenttypes.models import ContentType
|
|
from django.db import connection, connections
|
|
from django.test import TransactionTestCase
|
|
from django.test.utils import captured_stdout
|
|
|
|
from .models import Proxy, UserProxy
|
|
|
|
update_proxy_permissions = import_module(
|
|
"django.contrib.auth.migrations.0011_update_proxy_permissions"
|
|
)
|
|
|
|
|
|
class ProxyModelWithDifferentAppLabelTests(TransactionTestCase):
|
|
available_apps = [
|
|
"auth_tests",
|
|
"django.contrib.auth",
|
|
"django.contrib.contenttypes",
|
|
]
|
|
|
|
def setUp(self):
|
|
"""
|
|
Create proxy permissions with content_type to the concrete model
|
|
rather than the proxy model (as they were before Django 2.2 and
|
|
migration 11).
|
|
"""
|
|
Permission.objects.all().delete()
|
|
self.concrete_content_type = ContentType.objects.get_for_model(UserProxy)
|
|
self.default_permission = Permission.objects.create(
|
|
content_type=self.concrete_content_type,
|
|
codename="add_userproxy",
|
|
name="Can add userproxy",
|
|
)
|
|
self.custom_permission = Permission.objects.create(
|
|
content_type=self.concrete_content_type,
|
|
codename="use_different_app_label",
|
|
name="May use a different app label",
|
|
)
|
|
|
|
def test_proxy_model_permissions_contenttype(self):
|
|
proxy_model_content_type = ContentType.objects.get_for_model(
|
|
UserProxy, for_concrete_model=False
|
|
)
|
|
self.assertEqual(
|
|
self.default_permission.content_type, self.concrete_content_type
|
|
)
|
|
self.assertEqual(
|
|
self.custom_permission.content_type, self.concrete_content_type
|
|
)
|
|
with connection.schema_editor() as editor:
|
|
update_proxy_permissions.update_proxy_model_permissions(apps, editor)
|
|
self.default_permission.refresh_from_db()
|
|
self.assertEqual(self.default_permission.content_type, proxy_model_content_type)
|
|
self.custom_permission.refresh_from_db()
|
|
self.assertEqual(self.custom_permission.content_type, proxy_model_content_type)
|
|
|
|
def test_user_has_now_proxy_model_permissions(self):
|
|
user = User.objects.create()
|
|
user.user_permissions.add(self.default_permission)
|
|
user.user_permissions.add(self.custom_permission)
|
|
for permission in [self.default_permission, self.custom_permission]:
|
|
self.assertTrue(user.has_perm("auth." + permission.codename))
|
|
self.assertFalse(user.has_perm("auth_tests." + permission.codename))
|
|
with connection.schema_editor() as editor:
|
|
update_proxy_permissions.update_proxy_model_permissions(apps, editor)
|
|
# Reload user to purge the _perm_cache.
|
|
user = User._default_manager.get(pk=user.pk)
|
|
for permission in [self.default_permission, self.custom_permission]:
|
|
self.assertFalse(user.has_perm("auth." + permission.codename))
|
|
self.assertTrue(user.has_perm("auth_tests." + permission.codename))
|
|
|
|
def test_migrate_backwards(self):
|
|
with connection.schema_editor() as editor:
|
|
update_proxy_permissions.update_proxy_model_permissions(apps, editor)
|
|
update_proxy_permissions.revert_proxy_model_permissions(apps, editor)
|
|
self.default_permission.refresh_from_db()
|
|
self.assertEqual(
|
|
self.default_permission.content_type, self.concrete_content_type
|
|
)
|
|
self.custom_permission.refresh_from_db()
|
|
self.assertEqual(
|
|
self.custom_permission.content_type, self.concrete_content_type
|
|
)
|
|
|
|
def test_user_keeps_same_permissions_after_migrating_backward(self):
|
|
user = User.objects.create()
|
|
user.user_permissions.add(self.default_permission)
|
|
user.user_permissions.add(self.custom_permission)
|
|
for permission in [self.default_permission, self.custom_permission]:
|
|
self.assertTrue(user.has_perm("auth." + permission.codename))
|
|
self.assertFalse(user.has_perm("auth_tests." + permission.codename))
|
|
with connection.schema_editor() as editor:
|
|
update_proxy_permissions.update_proxy_model_permissions(apps, editor)
|
|
update_proxy_permissions.revert_proxy_model_permissions(apps, editor)
|
|
# Reload user to purge the _perm_cache.
|
|
user = User._default_manager.get(pk=user.pk)
|
|
for permission in [self.default_permission, self.custom_permission]:
|
|
self.assertTrue(user.has_perm("auth." + permission.codename))
|
|
self.assertFalse(user.has_perm("auth_tests." + permission.codename))
|
|
|
|
|
|
class ProxyModelWithSameAppLabelTests(TransactionTestCase):
|
|
available_apps = [
|
|
"auth_tests",
|
|
"django.contrib.auth",
|
|
"django.contrib.contenttypes",
|
|
]
|
|
|
|
def setUp(self):
|
|
"""
|
|
Create proxy permissions with content_type to the concrete model
|
|
rather than the proxy model (as they were before Django 2.2 and
|
|
migration 11).
|
|
"""
|
|
Permission.objects.all().delete()
|
|
self.concrete_content_type = ContentType.objects.get_for_model(Proxy)
|
|
self.default_permission = Permission.objects.create(
|
|
content_type=self.concrete_content_type,
|
|
codename="add_proxy",
|
|
name="Can add proxy",
|
|
)
|
|
self.custom_permission = Permission.objects.create(
|
|
content_type=self.concrete_content_type,
|
|
codename="display_proxys",
|
|
name="May display proxys information",
|
|
)
|
|
|
|
def test_proxy_model_permissions_contenttype(self):
|
|
proxy_model_content_type = ContentType.objects.get_for_model(
|
|
Proxy, for_concrete_model=False
|
|
)
|
|
self.assertEqual(
|
|
self.default_permission.content_type, self.concrete_content_type
|
|
)
|
|
self.assertEqual(
|
|
self.custom_permission.content_type, self.concrete_content_type
|
|
)
|
|
with connection.schema_editor() as editor:
|
|
update_proxy_permissions.update_proxy_model_permissions(apps, editor)
|
|
self.default_permission.refresh_from_db()
|
|
self.custom_permission.refresh_from_db()
|
|
self.assertEqual(self.default_permission.content_type, proxy_model_content_type)
|
|
self.assertEqual(self.custom_permission.content_type, proxy_model_content_type)
|
|
|
|
def test_user_still_has_proxy_model_permissions(self):
|
|
user = User.objects.create()
|
|
user.user_permissions.add(self.default_permission)
|
|
user.user_permissions.add(self.custom_permission)
|
|
for permission in [self.default_permission, self.custom_permission]:
|
|
self.assertTrue(user.has_perm("auth_tests." + permission.codename))
|
|
with connection.schema_editor() as editor:
|
|
update_proxy_permissions.update_proxy_model_permissions(apps, editor)
|
|
# Reload user to purge the _perm_cache.
|
|
user = User._default_manager.get(pk=user.pk)
|
|
for permission in [self.default_permission, self.custom_permission]:
|
|
self.assertTrue(user.has_perm("auth_tests." + permission.codename))
|
|
|
|
def test_migrate_backwards(self):
|
|
with connection.schema_editor() as editor:
|
|
update_proxy_permissions.update_proxy_model_permissions(apps, editor)
|
|
update_proxy_permissions.revert_proxy_model_permissions(apps, editor)
|
|
self.default_permission.refresh_from_db()
|
|
self.assertEqual(
|
|
self.default_permission.content_type, self.concrete_content_type
|
|
)
|
|
self.custom_permission.refresh_from_db()
|
|
self.assertEqual(
|
|
self.custom_permission.content_type, self.concrete_content_type
|
|
)
|
|
|
|
def test_user_keeps_same_permissions_after_migrating_backward(self):
|
|
user = User.objects.create()
|
|
user.user_permissions.add(self.default_permission)
|
|
user.user_permissions.add(self.custom_permission)
|
|
for permission in [self.default_permission, self.custom_permission]:
|
|
self.assertTrue(user.has_perm("auth_tests." + permission.codename))
|
|
with connection.schema_editor() as editor:
|
|
update_proxy_permissions.update_proxy_model_permissions(apps, editor)
|
|
update_proxy_permissions.revert_proxy_model_permissions(apps, editor)
|
|
# Reload user to purge the _perm_cache.
|
|
user = User._default_manager.get(pk=user.pk)
|
|
for permission in [self.default_permission, self.custom_permission]:
|
|
self.assertTrue(user.has_perm("auth_tests." + permission.codename))
|
|
|
|
def test_migrate_with_existing_target_permission(self):
|
|
"""
|
|
Permissions may already exist:
|
|
|
|
- Old workaround was to manually create permissions for proxy models.
|
|
- Model may have been concrete and then converted to proxy.
|
|
|
|
Output a reminder to audit relevant permissions.
|
|
"""
|
|
proxy_model_content_type = ContentType.objects.get_for_model(
|
|
Proxy, for_concrete_model=False
|
|
)
|
|
Permission.objects.create(
|
|
content_type=proxy_model_content_type,
|
|
codename="add_proxy",
|
|
name="Can add proxy",
|
|
)
|
|
Permission.objects.create(
|
|
content_type=proxy_model_content_type,
|
|
codename="display_proxys",
|
|
name="May display proxys information",
|
|
)
|
|
with captured_stdout() as stdout:
|
|
with connection.schema_editor() as editor:
|
|
update_proxy_permissions.update_proxy_model_permissions(apps, editor)
|
|
self.assertIn(
|
|
"A problem arose migrating proxy model permissions", stdout.getvalue()
|
|
)
|
|
|
|
|
|
class MultiDBProxyModelAppLabelTests(TransactionTestCase):
|
|
databases = {"default", "other"}
|
|
available_apps = [
|
|
"auth_tests",
|
|
"django.contrib.auth",
|
|
"django.contrib.contenttypes",
|
|
]
|
|
|
|
def setUp(self):
|
|
ContentType.objects.all().delete()
|
|
Permission.objects.using("other").delete()
|
|
concrete_content_type = ContentType.objects.db_manager("other").get_for_model(
|
|
Proxy
|
|
)
|
|
self.permission = Permission.objects.using("other").create(
|
|
content_type=concrete_content_type,
|
|
codename="add_proxy",
|
|
name="Can add proxy",
|
|
)
|
|
|
|
def test_migrate_other_database(self):
|
|
proxy_model_content_type = ContentType.objects.db_manager(
|
|
"other"
|
|
).get_for_model(Proxy, for_concrete_model=False)
|
|
with connections["other"].schema_editor() as editor:
|
|
update_proxy_permissions.update_proxy_model_permissions(apps, editor)
|
|
self.permission.refresh_from_db()
|
|
self.assertEqual(self.permission.content_type, proxy_model_content_type)
|