Created
December 9, 2011 15:19
-
-
Save kezabelle/1451938 to your computer and use it in GitHub Desktop.
Standalone demonstration of view restrictions issue.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
from django.contrib.auth.models import User, Group | |
from cms.api import create_page | |
from cms.models.permissionmodels import PagePermission | |
from cms.models import ACCESS_PAGE, ACCESS_DESCENDANTS, ACCESS_CHILDREN, ACCESS_PAGE_AND_CHILDREN, ACCESS_PAGE_AND_DESCENDANTS | |
template = "cms/default.html" | |
language = 'en-gb' | |
groups = [] | |
users = [] | |
for g in ['A', 'B', 'C']: | |
new_group, _ = Group.objects.get_or_create(name=g) | |
new_user, _ = User.objects.get_or_create(username=g.lower()) | |
new_user.set_password(g.lower()) | |
new_user.groups.add(new_group) | |
new_user.save() | |
groups.append(new_group) | |
users.append(new_user) | |
# Create the following cms.models.pagemodel.Page structure. | |
# page 1 | |
# page 2 | |
# page 3 | |
# page 4 <-- We're going to find we have permissions here. | |
# page 5 | |
# page 6 <-- We'll add our permissions to this. | |
page1 = create_page("page 1", template, language, published=True, in_navigation=True) | |
page2 = create_page("page 2", template, language, published=True, in_navigation=True, parent=page1) | |
page3 = create_page("page 3", template, language, published=True, in_navigation=True, parent=page2) | |
page4 = create_page("page 4", template, language, published=True, in_navigation=True, parent=page3) | |
page5 = create_page("page 5", template, language, published=True, in_navigation=True, parent=page1) | |
page6 = create_page("page 6", template, language, published=True, in_navigation=True, parent=page5) | |
# make sure the tree is as we've documented. | |
assert [u'page 1', u'page 5'] == [x.get_title() for x in page6.get_ancestors()] | |
assert [u'page 1', u'page 2', u'page 3'] == [x.get_title() for x in page4.get_ancestors()] | |
# These are the full set of available permissions. We exclusively want to test can_view. | |
view_perms = { | |
'can_change': False, | |
'can_add': False, | |
'can_delete': False, | |
'can_change_advanced_settings': False, | |
'can_publish': False, | |
'can_change_permissions': False, | |
'can_move_page': False, | |
'can_moderate': False, | |
'can_view': True, | |
} | |
perm_a, _ = PagePermission.objects.get_or_create(grant_on=ACCESS_PAGE_AND_DESCENDANTS, group=groups[0], page=page6, **view_perms) | |
perm_b, _ = PagePermission.objects.get_or_create(grant_on=ACCESS_PAGE_AND_CHILDREN, group=groups[2], page=page6, **view_perms) | |
# we've just added perm_a and perm_b to this page, so we would expect 2 results. | |
assert 2 == PagePermission.objects.for_page(page6).count() | |
# page 4 should be an entirely different set of permissions, as page 6 is not | |
# an ancestor, but is instead an ancestor's sibling. | |
assert 0 == PagePermission.objects.for_page(page4).count() | |
# doubly-verify by comparing the titles. | |
assert [u'page 6', u'page 6'] == [x.page.get_title() for x in PagePermission.objects.for_page(page4)] | |
# handle the two other descendent oriented choices. | |
perm_a.grant_on = ACCESS_DESCENDANTS | |
perm_a.save() | |
perm_b.grant_on = ACCESS_CHILDREN | |
perm_b.save() | |
# Same as previous asserts. | |
assert PagePermission.objects.for_page(page6).count() == 2 | |
assert PagePermission.objects.for_page(page4).count() == 0 | |
# the final one. The only one that works correctly is specifically current page only. | |
perm_a.grant_on = ACCESS_PAGE | |
perm_a.save() | |
perm_b.grant_on = ACCESS_PAGE | |
perm_b.save() | |
# is now correct. | |
assert PagePermission.objects.for_page(page6).count() == 2 | |
assert PagePermission.objects.for_page(page4).count() == 0 |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment