search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
App Engine Python SDK version 1.7.4 (2)
[gae.git] / python / lib / django_1_4 / django / contrib / auth / tests / auth_backends.py
blob0337ef14f37542c07af534977c668fc9bd465686
1 from django.conf import settings
2 from django.contrib.auth.models import User, Group, Permission, AnonymousUser
3 from django.contrib.contenttypes.models import ContentType
4 from django.core.exceptions import ImproperlyConfigured
5 from django.test import TestCase
6
7
8 class BackendTest(TestCase):
9
10 backend = 'django.contrib.auth.backends.ModelBackend'
11
12 def setUp(self):
13 self.curr_auth = settings.AUTHENTICATION_BACKENDS
14 settings.AUTHENTICATION_BACKENDS = (self.backend,)
15 User.objects.create_user('test', 'test@example.com', 'test')
16 User.objects.create_superuser('test2', 'test2@example.com', 'test')
17
18 def tearDown(self):
19 settings.AUTHENTICATION_BACKENDS = self.curr_auth
20 # The custom_perms test messes with ContentTypes, which will
21 # be cached; flush the cache to ensure there are no side effects
22 # Refs #14975, #14925
23 ContentType.objects.clear_cache()
24
25 def test_has_perm(self):
26 user = User.objects.get(username='test')
27 self.assertEqual(user.has_perm('auth.test'), False)
28 user.is_staff = True
29 user.save()
30 self.assertEqual(user.has_perm('auth.test'), False)
31 user.is_superuser = True
32 user.save()
33 self.assertEqual(user.has_perm('auth.test'), True)
34 user.is_staff = False
35 user.is_superuser = False
36 user.save()
37 self.assertEqual(user.has_perm('auth.test'), False)
38 user.is_staff = True
39 user.is_superuser = True
40 user.is_active = False
41 user.save()
42 self.assertEqual(user.has_perm('auth.test'), False)
43
44 def test_custom_perms(self):
45 user = User.objects.get(username='test')
46 content_type=ContentType.objects.get_for_model(Group)
47 perm = Permission.objects.create(name='test', content_type=content_type, codename='test')
48 user.user_permissions.add(perm)
49 user.save()
50
51 # reloading user to purge the _perm_cache
52 user = User.objects.get(username='test')
53 self.assertEqual(user.get_all_permissions() == set([u'auth.test']), True)
54 self.assertEqual(user.get_group_permissions(), set([]))
55 self.assertEqual(user.has_module_perms('Group'), False)
56 self.assertEqual(user.has_module_perms('auth'), True)
57 perm = Permission.objects.create(name='test2', content_type=content_type, codename='test2')
58 user.user_permissions.add(perm)
59 user.save()
60 perm = Permission.objects.create(name='test3', content_type=content_type, codename='test3')
61 user.user_permissions.add(perm)
62 user.save()
63 user = User.objects.get(username='test')
64 self.assertEqual(user.get_all_permissions(), set([u'auth.test2', u'auth.test', u'auth.test3']))
65 self.assertEqual(user.has_perm('test'), False)
66 self.assertEqual(user.has_perm('auth.test'), True)
67 self.assertEqual(user.has_perms(['auth.test2', 'auth.test3']), True)
68 perm = Permission.objects.create(name='test_group', content_type=content_type, codename='test_group')
69 group = Group.objects.create(name='test_group')
70 group.permissions.add(perm)
71 group.save()
72 user.groups.add(group)
73 user = User.objects.get(username='test')
74 exp = set([u'auth.test2', u'auth.test', u'auth.test3', u'auth.test_group'])
75 self.assertEqual(user.get_all_permissions(), exp)
76 self.assertEqual(user.get_group_permissions(), set([u'auth.test_group']))
77 self.assertEqual(user.has_perms(['auth.test3', 'auth.test_group']), True)
78
79 user = AnonymousUser()
80 self.assertEqual(user.has_perm('test'), False)
81 self.assertEqual(user.has_perms(['auth.test2', 'auth.test3']), False)
82
83 def test_has_no_object_perm(self):
84 """Regressiontest for #12462"""
85 user = User.objects.get(username='test')
86 content_type=ContentType.objects.get_for_model(Group)
87 perm = Permission.objects.create(name='test', content_type=content_type, codename='test')
88 user.user_permissions.add(perm)
89 user.save()
90
91 self.assertEqual(user.has_perm('auth.test', 'object'), False)
92 self.assertEqual(user.get_all_permissions('object'), set([]))
93 self.assertEqual(user.has_perm('auth.test'), True)
94 self.assertEqual(user.get_all_permissions(), set(['auth.test']))
95
96 def test_get_all_superuser_permissions(self):
97 "A superuser has all permissions. Refs #14795"
98 user = User.objects.get(username='test2')
99 self.assertEqual(len(user.get_all_permissions()), len(Permission.objects.all()))
100
101 class TestObj(object):
102 pass
103
104
105 class SimpleRowlevelBackend(object):
106 supports_inactive_user = False
107
108 # This class also supports tests for anonymous user permissions, and
109 # inactive user permissions via subclasses which just set the
110 # 'supports_anonymous_user' or 'supports_inactive_user' attribute.
111
112 def has_perm(self, user, perm, obj=None):
113 if not obj:
114 return # We only support row level perms
115
116 if isinstance(obj, TestObj):
117 if user.username == 'test2':
118 return True
119 elif user.is_anonymous() and perm == 'anon':
120 return True
121 elif not user.is_active and perm == 'inactive':
122 return True
123 return False
124
125 def has_module_perms(self, user, app_label):
126 if not user.is_anonymous() and not user.is_active:
127 return False
128 return app_label == "app1"
129
130 def get_all_permissions(self, user, obj=None):
131 if not obj:
132 return [] # We only support row level perms
133
134 if not isinstance(obj, TestObj):
135 return ['none']
136
137 if user.is_anonymous():
138 return ['anon']
139 if user.username == 'test2':
140 return ['simple', 'advanced']
141 else:
142 return ['simple']
143
144 def get_group_permissions(self, user, obj=None):
145 if not obj:
146 return # We only support row level perms
147
148 if not isinstance(obj, TestObj):
149 return ['none']
150
151 if 'test_group' in [group.name for group in user.groups.all()]:
152 return ['group_perm']
153 else:
154 return ['none']
155
156
157 class RowlevelBackendTest(TestCase):
158 """
159 Tests for auth backend that supports object level permissions
160 """
161 backend = 'django.contrib.auth.tests.auth_backends.SimpleRowlevelBackend'
162
163 def setUp(self):
164 self.curr_auth = settings.AUTHENTICATION_BACKENDS
165 settings.AUTHENTICATION_BACKENDS = tuple(self.curr_auth) + (self.backend,)
166 self.user1 = User.objects.create_user('test', 'test@example.com', 'test')
167 self.user2 = User.objects.create_user('test2', 'test2@example.com', 'test')
168 self.user3 = User.objects.create_user('test3', 'test3@example.com', 'test')
169
170 def tearDown(self):
171 settings.AUTHENTICATION_BACKENDS = self.curr_auth
172 # The get_group_permissions test messes with ContentTypes, which will
173 # be cached; flush the cache to ensure there are no side effects
174 # Refs #14975, #14925
175 ContentType.objects.clear_cache()
176
177 def test_has_perm(self):
178 self.assertEqual(self.user1.has_perm('perm', TestObj()), False)
179 self.assertEqual(self.user2.has_perm('perm', TestObj()), True)
180 self.assertEqual(self.user2.has_perm('perm'), False)
181 self.assertEqual(self.user2.has_perms(['simple', 'advanced'], TestObj()), True)
182 self.assertEqual(self.user3.has_perm('perm', TestObj()), False)
183 self.assertEqual(self.user3.has_perm('anon', TestObj()), False)
184 self.assertEqual(self.user3.has_perms(['simple', 'advanced'], TestObj()), False)
185
186 def test_get_all_permissions(self):
187 self.assertEqual(self.user1.get_all_permissions(TestObj()), set(['simple']))
188 self.assertEqual(self.user2.get_all_permissions(TestObj()), set(['simple', 'advanced']))
189 self.assertEqual(self.user2.get_all_permissions(), set([]))
190
191 def test_get_group_permissions(self):
192 content_type=ContentType.objects.get_for_model(Group)
193 group = Group.objects.create(name='test_group')
194 self.user3.groups.add(group)
195 self.assertEqual(self.user3.get_group_permissions(TestObj()), set(['group_perm']))
196
197
198 class AnonymousUserBackend(SimpleRowlevelBackend):
199 supports_inactive_user = False
200
201
202 class AnonymousUserBackendTest(TestCase):
203 """
204 Tests for AnonymousUser delegating to backend.
205 """
206
207 backend = 'django.contrib.auth.tests.auth_backends.AnonymousUserBackend'
208
209 def setUp(self):
210 self.curr_auth = settings.AUTHENTICATION_BACKENDS
211 settings.AUTHENTICATION_BACKENDS = (self.backend,)
212 self.user1 = AnonymousUser()
213
214 def tearDown(self):
215 settings.AUTHENTICATION_BACKENDS = self.curr_auth
216
217 def test_has_perm(self):
218 self.assertEqual(self.user1.has_perm('perm', TestObj()), False)
219 self.assertEqual(self.user1.has_perm('anon', TestObj()), True)
220
221 def test_has_perms(self):
222 self.assertEqual(self.user1.has_perms(['anon'], TestObj()), True)
223 self.assertEqual(self.user1.has_perms(['anon', 'perm'], TestObj()), False)
224
225 def test_has_module_perms(self):
226 self.assertEqual(self.user1.has_module_perms("app1"), True)
227 self.assertEqual(self.user1.has_module_perms("app2"), False)
228
229 def test_get_all_permissions(self):
230 self.assertEqual(self.user1.get_all_permissions(TestObj()), set(['anon']))
231
232
233
234
235 class NoBackendsTest(TestCase):
236 """
237 Tests that an appropriate error is raised if no auth backends are provided.
238 """
239 def setUp(self):
240 self.old_AUTHENTICATION_BACKENDS = settings.AUTHENTICATION_BACKENDS
241 settings.AUTHENTICATION_BACKENDS = []
242 self.user = User.objects.create_user('test', 'test@example.com', 'test')
243
244 def tearDown(self):
245 settings.AUTHENTICATION_BACKENDS = self.old_AUTHENTICATION_BACKENDS
246
247 def test_raises_exception(self):
248 self.assertRaises(ImproperlyConfigured, self.user.has_perm, ('perm', TestObj(),))
249
250
251 class InActiveUserBackend(SimpleRowlevelBackend):
252 supports_inactive_user = True
253
254
255 class NoInActiveUserBackend(SimpleRowlevelBackend):
256 supports_inactive_user = False
257
258
259 class InActiveUserBackendTest(TestCase):
260 """
261 Tests for a inactive user delegating to backend if it has 'supports_inactive_user' = True
262 """
263
264 backend = 'django.contrib.auth.tests.auth_backends.InActiveUserBackend'
265
266 def setUp(self):
267 self.curr_auth = settings.AUTHENTICATION_BACKENDS
268 settings.AUTHENTICATION_BACKENDS = (self.backend,)
269 self.user1 = User.objects.create_user('test', 'test@example.com', 'test')
270 self.user1.is_active = False
271 self.user1.save()
272
273 def tearDown(self):
274 settings.AUTHENTICATION_BACKENDS = self.curr_auth
275
276 def test_has_perm(self):
277 self.assertEqual(self.user1.has_perm('perm', TestObj()), False)
278 self.assertEqual(self.user1.has_perm('inactive', TestObj()), True)
279
280 def test_has_module_perms(self):
281 self.assertEqual(self.user1.has_module_perms("app1"), False)
282 self.assertEqual(self.user1.has_module_perms("app2"), False)
283
284
285 class NoInActiveUserBackendTest(TestCase):
286 """
287 Tests that an inactive user does not delegate to backend if it has 'supports_inactive_user' = False
288 """
289 backend = 'django.contrib.auth.tests.auth_backends.NoInActiveUserBackend'
290
291 def setUp(self):
292 self.curr_auth = settings.AUTHENTICATION_BACKENDS
293 settings.AUTHENTICATION_BACKENDS = tuple(self.curr_auth) + (self.backend,)
294 self.user1 = User.objects.create_user('test', 'test@example.com', 'test')
295 self.user1.is_active = False
296 self.user1.save()
297
298 def tearDown(self):
299 settings.AUTHENTICATION_BACKENDS = self.curr_auth
300
301 def test_has_perm(self):
302 self.assertEqual(self.user1.has_perm('perm', TestObj()), False)
303 self.assertEqual(self.user1.has_perm('inactive', TestObj()), False)
304
305 def test_has_module_perms(self):
306 self.assertEqual(self.user1.has_module_perms("app1"), False)
307 self.assertEqual(self.user1.has_module_perms("app2"), False)
308
google appengine git mirror