Commits

Kai Diefenbach committed 52222ca Merge

Merge

  • Participants
  • Parent commits 66889a1, f8d98ad

Comments (0)

Files changed (6)

 3741477e8642e9a0b6a85f85048b695e4bccc11c 1.0a3
 069e96ddd6cb6e3107d6a872735b8d7ead00f30c 1.0a4
 7ad2b5c97b0eaf6d0d0579b38be80fb847d201cd 1.0b1
+8be56091dba07e2e4932660f23ee911929fafb36 1.0b2
 Changes
 =======
 
+1.0 beta 2 (2010-05-19)
+------------------------
+
+* Bugfix: get_allowed_transitions; return only allowed permissions; issue #2.
+* Added license
+
 1.0 beta 1 (2010-05-17)
 ------------------------
 
 from setuptools import setup, find_packages
 import os
 
-version = '1.0b1'
+version = '1.0b2'
 
 here = os.path.abspath(os.path.dirname(__file__))
 README = open(os.path.join(here, 'README.txt')).read()
       long_description=README,      
       # Get more strings from http://www.python.org/pypi?%3Aaction=list_classifiers
       classifiers=[
-          'Development Status :: 3 - Alpha',
+          'Development Status :: 4 - Beta',
           'Environment :: Web Environment',
           'Framework :: Django',
           'License :: OSI Approved :: BSD License',

workflows/models.py

 from django.utils.translation import ugettext_lazy as _
 
 # permissions imports
+import permissions.utils
 from permissions.models import Permission
 from permissions.models import Role
 
     def __unicode__(self):
         return "%s (%s)" % (self.name, self.workflow.name)
 
-    def get_allowed_transitions(self, user):
-        """Returns all allowed transitions for given user.
+    def get_allowed_transitions(self, obj, user):
+        """Returns all allowed transitions for passed object and user.
         """
-        return self.transitions.all()
+        transitions = []
+        for transition in self.transitions.all():
+            permission = transition.permission
+            if permission is None or permissions.utils.has_permission(obj, user, permission.codename):
+               transitions.append(transition)
+
+        return transitions
 
 class Transition(models.Model):
     """A transition from a source to a destination state. The transition can

workflows/tests.py

         self.assertEqual(states[0], self.private)
         self.assertEqual(states[1], self.public)
 
-    def test_transitions(self):
-        """
-        """
-        transitions = self.public.transitions.all()
-        self.assertEqual(len(transitions), 1)
-        self.assertEqual(transitions[0], self.make_private)
-
-        transitions = self.private.transitions.all()
-        self.assertEqual(len(transitions), 1)
-        self.assertEqual(transitions[0], self.make_public)
-
-    def test_get_transitions(self):
-        """
-        """
-        request = create_request()
-        transitions = self.private.get_allowed_transitions(request.user)
-        self.assertEqual(len(transitions), 1)
-        self.assertEqual(transitions[0], self.make_public)
-
-        transitions = self.public.get_allowed_transitions(request.user)
-        self.assertEqual(len(transitions), 1)
-        self.assertEqual(transitions[0], self.make_private)
-
     def test_unicode(self):
         """
         """
         result = workflows.utils.get_objects_for_workflow("Wrong")
         self.assertEqual(result, [])
 
-
     def test_remove_workflow_from_model(self):
         """
         """
         result = workflows.utils.remove_workflow(self.user)
         self.assertEqual(result, None)
 
+    def get_allowed_transitions(self):
+        """Tests get_allowed_transitions method
+        """
+        page_1 = FlatPage.objects.create(url="/page-1/", title="Page 1")
+        role_1 = permissions.utils.register_role("Role 1")
+        permissions.utils.add_role(self.user, role_1)
+
+        view = permissions.utils.register_permission("Publish", "publish")
+
+        transitions = self.private.get_allowed_transitions(page_1, self.user)
+        self.assertEqual(len(transitions), 1)
+
+        # protect the transition with a permission
+        self.make_public.permission = view
+        self.make_public.save()
+
+        # user has no transition
+        transitions = self.private.get_allowed_transitions(page_1, self.user)
+        self.assertEqual(len(transitions), 0)
+
+        # grant permission
+        permissions.utils.grant_permission(page_1, role_1, view)
+
+        # user has transition again
+        transitions = self.private.get_allowed_transitions(page_1, self.user)
+        self.assertEqual(len(transitions), 1)
+
 class StateTestCase(TestCase):
     """Tests the State model
     """
         """
         """
         create_workflow(self)
+        self.user = User.objects.create()
+        self.role_1 = permissions.utils.register_role("Role 1")
+        permissions.utils.add_role(self.user, self.role_1)
+        self.page_1 = FlatPage.objects.create(url="/page-1/", title="Page 1")
 
     def test_unicode(self):
         """
         """
         self.assertEqual(self.private.__unicode__(), u"Private (Standard)")
 
+    def test_transitions(self):
+        """
+        """
+        transitions = self.public.transitions.all()
+        self.assertEqual(len(transitions), 1)
+        self.assertEqual(transitions[0], self.make_private)
+
+        transitions = self.private.transitions.all()
+        self.assertEqual(len(transitions), 1)
+        self.assertEqual(transitions[0], self.make_public)
+
+    def test_get_transitions(self):
+        """
+        """
+        transitions = self.private.get_allowed_transitions(self.page_1, self.user)
+        self.assertEqual(len(transitions), 1)
+        self.assertEqual(transitions[0], self.make_public)
+
+        transitions = self.public.get_allowed_transitions(self.page_1, self.user)
+        self.assertEqual(len(transitions), 1)
+        self.assertEqual(transitions[0], self.make_private)
+
+    def test_get_allowed_transitions(self):
+        """
+        """
+        self.view = permissions.utils.register_permission("Publish", "publish")
+        transitions = self.private.get_allowed_transitions(self.page_1, self.user)
+        self.assertEqual(len(transitions), 1)
+
+        # protect the transition with a permission
+        self.make_public.permission = self.view
+        self.make_public.save()
+
+        # user has no transition
+        transitions = self.private.get_allowed_transitions(self.page_1, self.user)
+        self.assertEqual(len(transitions), 0)
+
+        # grant permission
+        permissions.utils.grant_permission(self.page_1, self.role_1, self.view)
+
+        # user has transition again
+        transitions = self.private.get_allowed_transitions(self.page_1, self.user)
+        self.assertEqual(len(transitions), 1)
+
 class TransitionTestCase(TestCase):
     """Tests the Transition model
     """

workflows/utils.py

 
     transitions = []
     for transition in state.transitions.all():
-        transitions.append(transition)
+        permission = transition.permission
+        if permission is None or self.has_permission(user, permission.codename):
+           transitions.append(transition)
 
     return transitions