Kai Diefenbach avatar Kai Diefenbach committed d12d6f8

Check permissions for single users

Comments (0)

Files changed (2)

permissions/tests.py

 
         self.permission = permissions.utils.register_permission("View", "view")
 
-    def test_has_permission(self):
+    def test_has_permission_group(self):
         """
         """
         result = permissions.utils.has_permission("view", self.user, self.page_1)
         result = permissions.utils.has_permission("view", self.user, self.page_1)
         self.assertEqual(result, True)
 
+        result = permissions.utils.remove_permission("view", self.group_1, self.page_1)
+        self.assertEqual(result, True)
+
+        result = permissions.utils.has_permission("view", self.user, self.page_1)
+        self.assertEqual(result, False)
+
+    def test_has_permission_user(self):
+        """
+        """
+        result = permissions.utils.has_permission("view", self.user, self.page_1)
+        self.assertEqual(result, False)
+
+        result = permissions.utils.grant_permission(self.permission, self.user, self.page_1)
+        self.assertEqual(result, True)
+
+        result = permissions.utils.has_permission("view", self.user, self.page_1)
+        self.assertEqual(result, True)
+
         result = permissions.utils.remove_permission("view", self.user, self.page_1)
         self.assertEqual(result, True)
 

permissions/utils.py

 
 # Permission #################################################################
 
-def grant_permission(permission, group, obj):
+def grant_permission(permission, user_group, obj):
     """Adds passed permission to passed group and object. Returns True if the
     permission was able to be added, otherwise False.
 
     **Parameters:**
 
         permission
-            The permission for which should be removed. Either a permission 
+            The permission which should be granted. Either a permission
             object or the codename of a permission.
+        user_group
+            The user or group for which the permission should be granted.
         obj
-            The content object for which an inheritance should be added.
+            The content object for which the permission should be granted.
     """
     if not isinstance(permission, Permission):
         try:
             permission = Permission.objects.get(codename = permission)
         except Permission.DoesNotExist:
             return False
-    
+
     ct = ContentType.objects.get_for_model(obj)
-    try:
-        ObjectPermission.objects.get(group=group, content_type = ct, content_id=obj.id, permission=permission)
-    except ObjectPermission.DoesNotExist:
+    if isinstance(user_group, Group):
         try:
-            result = ObjectPermission.objects.create(group=group, content=obj, permission=permission)
-        except IntegrityError:
-            return False
+            ObjectPermission.objects.get(group=user_group, content_type = ct, content_id=obj.id, permission=permission)
+        except ObjectPermission.DoesNotExist:
+            try:
+                result = ObjectPermission.objects.create(group=user_group, content=obj, permission=permission)
+            except IntegrityError:
+                return False
+    else:
+        try:
+            ObjectPermission.objects.get(user=user_group, content_type = ct, content_id=obj.id, permission=permission)
+        except ObjectPermission.DoesNotExist:
+            try:
+                result = ObjectPermission.objects.create(user=user_group, content=obj, permission=permission)
+            except IntegrityError:
+                return False
     return True
 
-def remove_permission(permission, group, obj):
+def remove_permission(permission, user_group, obj):
     """Removes passed permission from passed group and object. Returns True if
     the permission has been removed.
 
     **Parameters:**
 
         permission
-            The permission for which should be removed. Either a permission 
-            object or the codename of a permission.
-        group
-            The group for which a permission should be removed.
+            The permission which should be removed. Either a permission object
+            or the codename of a permission.
+        user_group
+            The user or group for which a permission should be removed.
         obj
             The content object for which a permission should be removed.
     """
             return False
 
     ct = ContentType.objects.get_for_model(obj)
-    try:
-        op = ObjectPermission.objects.get(group=group, content_type = ct, content_id=obj.id, permission = permission)
-    except ObjectPermission.DoesNotExist:
-        return False
-
+    
+    if isinstance(user_group, Group):
+        try:
+            op = ObjectPermission.objects.get(group=user_group, content_type = ct, content_id=obj.id, permission = permission)
+        except ObjectPermission.DoesNotExist:
+            return False
+    else:
+        try:
+            op = ObjectPermission.objects.get(user=user_group, content_type = ct, content_id=obj.id, permission = permission)
+        except ObjectPermission.DoesNotExist:
+            return False                
     op.delete()
     return True
 
 
     while obj is not None:
         p = ObjectPermission.objects.filter(
+            content_type=ct, content_id=obj.id, user=user, permission__codename = codename)
+
+        if p.exists():
+            return True
+
+        p = ObjectPermission.objects.filter(
             content_type=ct, content_id=obj.id, group__in=groups, permission__codename = codename)
 
         if p.exists():
     **Parameters:**
 
         permission
-            The permission for which an inheritance block should be added. 
+            The permission for which an inheritance block should be added.
             Either a permission object or the codename of a permission.
         obj
             The content object for which an inheritance block should be added.
     return True
 
 def remove_inheritance_block(permission, obj):
-    """Removes a inheritance block for the passed permission from the passed 
+    """Removes a inheritance block for the passed permission from the passed
     object.
 
     **Parameters:**
     return True
 
 def register_group(name):
-    """Registers a group with passed name to the framework. Creates a Django 
-    default group. Returns the new group if the registration was successfully, 
+    """Registers a group with passed name to the framework. Creates a Django
+    default group. Returns the new group if the registration was successfully,
     otherwise False.
 
     **Parameters:**
Tip: Filter by directory path e.g. /media app.js to search for public/media/app.js.
Tip: Use camelCasing e.g. ProjME to search for ProjectModifiedEvent.java.
Tip: Filter by extension type e.g. /repo .js to search for all .js files in the /repo directory.
Tip: Separate your search with spaces e.g. /ssh pom.xml to search for src/ssh/pom.xml.
Tip: Use ↑ and ↓ arrow keys to navigate and return to view the file.
Tip: You can also navigate files with Ctrl+j (next) and Ctrl+k (previous) and view the file with Ctrl+o.
Tip: You can also navigate files with Alt+j (next) and Alt+k (previous) and view the file with Alt+o.