update: Rewrite permissions

@sylvain Done, here's how it works:

• On djangoldp Model.Meta.
• permission_classes is not mandatory anymore if not provided it'll be LDPPermissions.
• By default, no one have any right.
• Model.Meta now have anonymous_perms, authenticated_perms, owner_perms
• anonymous_perms, authenticated_perms and owner_perms can have view, add, change, control, or delete
• They can also have inherit - that is activated by default. Owner inherit from Auth who inherit from Anons.

egs. :

class EveryoneCanRead(Model):
    class Meta:
        anonymous_perms = ['view']
# Because default owner & auth are inherit.

class NoOneCanUseMe(Model):
    class Meta:

class AuthOnly(Model):
    class Meta:
        anonymous_perms = []
        authenticated_perms = ['view', 'add']
        owner_perms = ['inherit', 'change', 'control', 'delete']

class Notifications(Model):
    class Meta:
        anonymous_perms = ['add']
        authenticated_perms = []
        owner_perms = ['view', 'change']

class OhNoOwnerCantRead(Model):
    class Meta:
        anonymous_perms = ['view']
        authenticated_perms = ['inherit', 'add']
        owner_perms = ['change', 'control', 'delete']
# I supposed this is bad, but we don't want to always inherit permissions..?

Also, you can still overload it if you need more precise permissions (Member of a project for example)

@bleme If you can take a look too.

djangoldp/tests/tests_anonymous_permissions.py

-from django.contrib.auth.models import AnonymousUser
-from django.test import TestCase
-from rest_framework.test import APIRequestFactory
+import json
 
-from guardian.shortcuts import get_anonymous_user
+from django.test import TestCase
+from rest_framework.test import APIClient
 
-from djangoldp.permissions import AnonymousReadOnly
+from djangoldp.permissions import LDPPermissions
 from djangoldp.tests.models import JobOffer
 from djangoldp.views import LDPViewSet
 
-import json
-
 
 class TestAnonymousUserPermissions(TestCase):
     def setUp(self):
-        self.factory = APIRequestFactory()
-        self.user = get_anonymous_user()
-        self.job = JobOffer.objects.create(title="job")
+        self.client = APIClient(enforce_csrf_checks=True)
+        self.job = JobOffer.objects.create(title="job", slug=1)
 
     def test_get_request_for_anonymousUser(self):
-        request = self.factory.get("/job-offers/")
-        request.user = self.user
-        my_view = LDPViewSet.as_view({'get': 'list'},
-                                     model=JobOffer,
-                                     nested_fields=["skills"],
-                                     permission_classes=[AnonymousReadOnly])
-        response = my_view(request)
+        response = self.client.get('/job-offers/')
+        self.assertEqual(response.status_code, 200)
+
+    def test_get_1_request_for_anonymousUser(self):
+        response = self.client.get('/job-offers/1/')
         self.assertEqual(response.status_code, 200)
 
     def test_post_request_for_anonymousUser(self):
-        data = {'title': 'new idea'}
-        request = self.factory.post('/job-offers/', json.dumps(data), content_type='application/ld+json')
-        my_view = LDPViewSet.as_view({'post': 'create'}, model=JobOffer, nested_fields=["skills"], permission_classes=[AnonymousReadOnly])
-        response = my_view(request, pk=1)
+        post = {'title': "job_created"}
+        response = self.client.post('/job-offers/', data=json.dumps(post), content_type='application/ld+json')
         self.assertEqual(response.status_code, 403)
 
     def test_put_request_for_anonymousUser(self):
-        request = self.factory.put("/job-offers/")
-        my_view = LDPViewSet.as_view({'put': 'update'},
-                                     model=JobOffer,
-                                     nested_fields=["skills"],
-                                     permission_classes=[AnonymousReadOnly])
-        response = my_view(request, pk=self.job.pk)
+        body = {'title':"job_updated"}
+        response = self.client.put('/job-offers/{}/'.format(self.job.pk), data=json.dumps(body),
+                                   content_type='application/ld+json')
         self.assertEqual(response.status_code, 403)
-
+    
     def test_patch_request_for_anonymousUser(self):
-        request = self.factory.patch("/job-offers/")
-        my_view = LDPViewSet.as_view({'patch': 'partial_update'},
-                                     model=JobOffer,
-                                     nested_fields=["skills"],
-                                     permission_classes=[AnonymousReadOnly])
-        response = my_view(request, pk=self.job.pk)
+        response = self.client.patch('/job-offers/' + str(self.job.pk) + "/",
+                                   content_type='application/ld+json')
         self.assertEqual(response.status_code, 403)