Support pour les permissions globales
authorEric Mc Sween <eric.mcsween@auf.org>
Tue, 28 Feb 2012 20:18:03 +0000 (15:18 -0500)
committerEric Mc Sween <eric.mcsween@auf.org>
Tue, 28 Feb 2012 20:18:03 +0000 (15:18 -0500)
auf/django/permissions/__init__.py
auf/django/permissions/predicates.py
buildout.cfg
tests/food/tests.py

index 480f28c..0204c40 100644 (file)
@@ -38,7 +38,10 @@ class Predicate(object):
         """
         Appelle la fonction encapsulée.
         """
-        return self.func(user, obj, cls)
+        if self.func.func_code.co_argcount == 1:
+            return self.func(user)
+        else:
+            return self.func(user, obj, cls)
 
     def __and__(self, other):
         def func(user, obj, cls):
@@ -94,11 +97,18 @@ class Rules(object):
             raise TypeError("the third argument to deny() must be a Predicate")
         self.deny_rules[(perm, cls)] |= predicate
 
+    def allow_global(self, perm, predicate):
+        self.allow(perm, None, predicate)
+
+    def deny_global(self, perm, predicate):
+        self.deny(perm, None, predicate)
+
     def predicate_for_perm(self, perm, cls):
         return self.allow_rules[(perm, cls)] & ~self.deny_rules[(perm, cls)]
 
     def user_has_perm(self, user, perm, obj):
-        result = self.predicate_for_perm(perm, obj.__class__)(user, obj)
+        cls = None if obj is None else obj.__class__
+        result = self.predicate_for_perm(perm, cls)(user, obj)
         if isinstance(result, bool):
             return result
         else:
@@ -125,7 +135,7 @@ class AuthenticationBackend(object):
     rules = None
 
     def has_perm(self, user, perm, obj=None):
-        if self.rules is None or obj is None:
+        if self.rules is None:
             return False
         return self.rules.user_has_perm(user, perm, obj)
 
index 3e66e70..924a8a6 100644 (file)
@@ -8,11 +8,11 @@ from auf.django.permissions import Predicate, predicate_for_perm, predicate_gene
 
 
 def has_global_perm(perm):
-    def p(user, obj, cls):
+    def p(user):
         return user.has_perm(perm)
     return Predicate(p)
 
 def has_object_perm(perm):
     def p(user, obj, cls):
-        return predicate_for_perm(perm, model or obj.__class__)(user, obj, model)
+        return predicate_for_perm(perm, cls or obj.__class__)(user, obj, cls)
     return Predicate(p)
index 0cf9814..df20568 100644 (file)
@@ -15,4 +15,3 @@ settings = settings
 eggs = ${buildout:eggs}
 
 [versions]
-auf.recipe.django = 1.2
index beffe93..2ece9a6 100644 (file)
@@ -36,6 +36,17 @@ class FoodTestCase(unittest.TestCase):
 
 class RulesTestCase(FoodTestCase):
 
+    def test_global_perms(self):
+        self.rules.allow_global('sing', Predicate(lambda user: user is self.alice))
+        self.assertTrue(self.alice.has_perm('sing'))
+        self.assertFalse(self.alice.has_perm('dance'))
+
+    def test_global_deny(self):
+        self.rules.allow_global('eat', Predicate(True))
+        self.rules.deny_global('eat', Predicate(lambda user: user is self.bob))
+        self.assertTrue(self.alice.has_perm('eat'))
+        self.assertFalse(self.bob.has_perm('eat'))
+
     def test_object_perms(self):
         self.rules.allow('eat', Food, ~is_allergic)
         self.assertTrue(self.alice.has_perm('eat', self.apple))