From 5260b39ac541d193ec022475f4d36ef1385907a2 Mon Sep 17 00:00:00 2001
From: Calum Mackervoy <c.mackervoy@gmail.com>
Date: Fri, 11 Sep 2020 21:25:55 +0200
Subject: [PATCH] update: new tests for permissions
---
djangoldp/permissions.py | 9 ++++++++-
djangoldp/tests/models.py | 2 --
djangoldp/tests/settings_default.py | 2 +-
djangoldp/tests/tests_performance.py | 8 ++++++--
4 files changed, 15 insertions(+), 6 deletions(-)
diff --git a/djangoldp/permissions.py b/djangoldp/permissions.py
index 4e111206..34f1fa06 100644
--- a/djangoldp/permissions.py
+++ b/djangoldp/permissions.py
@@ -2,6 +2,7 @@ from django.core.exceptions import PermissionDenied
from django.db.models.base import ModelBase
from rest_framework.permissions import DjangoObjectPermissions
from django.contrib.auth.models import _user_get_all_permissions
+from guardian.shortcuts import get_user_perms
class LDPPermissions(DjangoObjectPermissions):
@@ -47,10 +48,16 @@ class LDPPermissions(DjangoObjectPermissions):
perms = set()
if obj is not None and not user.is_anonymous:
- # get permissions from all backends and then remove model name from the permissions
+
+ '''guardian_perms = get_user_perms(user, obj)
+>>>>>>> update: new tests for permissions
model_name = model._meta.model_name
forbidden_string = "_" + model_name
+<<<<<<< HEAD
perms = set([p.replace(forbidden_string, '') for p in _user_get_all_permissions(user, obj)])
+=======
+ perms = set([p.replace(forbidden_string, '') for p in guardian_perms])'''
+ perms = _user_get_all_permissions(user, obj)
# apply anon, owner and auth permissions
if user.is_anonymous:
diff --git a/djangoldp/tests/models.py b/djangoldp/tests/models.py
index 288a0b35..1f2526d2 100644
--- a/djangoldp/tests/models.py
+++ b/djangoldp/tests/models.py
@@ -172,7 +172,6 @@ class Circle(Model):
anonymous_perms = ['view', 'add', 'delete', 'add', 'change', 'control']
authenticated_perms = ["inherit"]
rdf_type = 'hd:circle'
- depth = 1
class Batch(Model):
@@ -219,7 +218,6 @@ class Project(Model):
anonymous_perms = ['view', 'add', 'delete', 'add', 'change', 'control']
authenticated_perms = ["inherit"]
rdf_type = 'hd:project'
- depth = 1
class DateModel(Model):
diff --git a/djangoldp/tests/settings_default.py b/djangoldp/tests/settings_default.py
index 6ecb12a9..acfc847f 100644
--- a/djangoldp/tests/settings_default.py
+++ b/djangoldp/tests/settings_default.py
@@ -45,7 +45,7 @@ MIDDLEWARE = [
'django.middleware.clickjacking.XFrameOptionsMiddleware',
]
AUTHENTICATION_BACKENDS=(
- 'django.contrib.auth.backends.ModelBackend', 'guardian.backends.ObjectPermissionBackend')
+ 'django.contrib.auth.backends.ModelBackend')
ROOT_URLCONF='djangoldp.urls'
diff --git a/djangoldp/tests/tests_performance.py b/djangoldp/tests/tests_performance.py
index f34aec23..4d817a40 100644
--- a/djangoldp/tests/tests_performance.py
+++ b/djangoldp/tests/tests_performance.py
@@ -1,3 +1,4 @@
+from django.contrib.auth import get_user_model
from rest_framework.test import APIClient, APITestCase
from djangoldp.tests.models import User, Project
import cProfile, pstats, io
@@ -8,6 +9,9 @@ class TestPerformance(APITestCase):
def setUp(self):
self.client = APIClient()
+ self.user = get_user_model().objects.create_user(username='john', email='jlennon@beatles.com',
+ password='glass onion')
+ self.client.force_authenticate(user=self.user)
print('there are ' + str(Project.objects.count()) + ' projects in the database')
print('there are ' + str(User.objects.count()) + ' users in the database')
@@ -28,11 +32,11 @@ class TestPerformance(APITestCase):
self.assertEqual(response.status_code, 200)
print('counted ' + str(len(response.data['ldp:contains'])) + ' projects')
pr.disable()
- self._print_stats(pr)
+ #self._print_stats(pr)
pr = self._enable_new_profiler()
response = self.client.get('/users/', content_type='application/ld+json')
self.assertEqual(response.status_code, 200)
print('counted ' + str(len(response.data['ldp:contains'])) + ' users')
pr.disable()
- self._print_stats(pr)
+ #self._print_stats(pr)
--
GitLab