From 8f8c8a2701f9ec665893218f2b4a493f35b62a30 Mon Sep 17 00:00:00 2001 From: Eric Mc Sween Date: Tue, 28 Feb 2012 15:18:03 -0500 Subject: [PATCH] Support pour les permissions globales --- auf/django/permissions/__init__.py | 16 +++++++++++++--- auf/django/permissions/predicates.py | 4 ++-- buildout.cfg | 1 - tests/food/tests.py | 11 +++++++++++ 4 files changed, 26 insertions(+), 6 deletions(-) diff --git a/auf/django/permissions/__init__.py b/auf/django/permissions/__init__.py index 480f28c..0204c40 100644 --- a/auf/django/permissions/__init__.py +++ b/auf/django/permissions/__init__.py @@ -38,7 +38,10 @@ class Predicate(object): """ Appelle la fonction encapsulée. """ - return self.func(user, obj, cls) + if self.func.func_code.co_argcount == 1: + return self.func(user) + else: + return self.func(user, obj, cls) def __and__(self, other): def func(user, obj, cls): @@ -94,11 +97,18 @@ class Rules(object): raise TypeError("the third argument to deny() must be a Predicate") self.deny_rules[(perm, cls)] |= predicate + def allow_global(self, perm, predicate): + self.allow(perm, None, predicate) + + def deny_global(self, perm, predicate): + self.deny(perm, None, predicate) + def predicate_for_perm(self, perm, cls): return self.allow_rules[(perm, cls)] & ~self.deny_rules[(perm, cls)] def user_has_perm(self, user, perm, obj): - result = self.predicate_for_perm(perm, obj.__class__)(user, obj) + cls = None if obj is None else obj.__class__ + result = self.predicate_for_perm(perm, cls)(user, obj) if isinstance(result, bool): return result else: @@ -125,7 +135,7 @@ class AuthenticationBackend(object): rules = None def has_perm(self, user, perm, obj=None): - if self.rules is None or obj is None: + if self.rules is None: return False return self.rules.user_has_perm(user, perm, obj) diff --git a/auf/django/permissions/predicates.py b/auf/django/permissions/predicates.py index 3e66e70..924a8a6 100644 --- a/auf/django/permissions/predicates.py +++ b/auf/django/permissions/predicates.py @@ -8,11 +8,11 @@ from auf.django.permissions import Predicate, predicate_for_perm, predicate_gene def has_global_perm(perm): - def p(user, obj, cls): + def p(user): return user.has_perm(perm) return Predicate(p) def has_object_perm(perm): def p(user, obj, cls): - return predicate_for_perm(perm, model or obj.__class__)(user, obj, model) + return predicate_for_perm(perm, cls or obj.__class__)(user, obj, cls) return Predicate(p) diff --git a/buildout.cfg b/buildout.cfg index 0cf9814..df20568 100644 --- a/buildout.cfg +++ b/buildout.cfg @@ -15,4 +15,3 @@ settings = settings eggs = ${buildout:eggs} [versions] -auf.recipe.django = 1.2 diff --git a/tests/food/tests.py b/tests/food/tests.py index beffe93..2ece9a6 100644 --- a/tests/food/tests.py +++ b/tests/food/tests.py @@ -36,6 +36,17 @@ class FoodTestCase(unittest.TestCase): class RulesTestCase(FoodTestCase): + def test_global_perms(self): + self.rules.allow_global('sing', Predicate(lambda user: user is self.alice)) + self.assertTrue(self.alice.has_perm('sing')) + self.assertFalse(self.alice.has_perm('dance')) + + def test_global_deny(self): + self.rules.allow_global('eat', Predicate(True)) + self.rules.deny_global('eat', Predicate(lambda user: user is self.bob)) + self.assertTrue(self.alice.has_perm('eat')) + self.assertFalse(self.bob.has_perm('eat')) + def test_object_perms(self): self.rules.allow('eat', Food, ~is_allergic) self.assertTrue(self.alice.has_perm('eat', self.apple)) -- 1.7.10.4