mirror of
https://github.com/inventree/InvenTree.git
synced 2025-06-16 20:15:44 +00:00
Merge branch 'inventree:master' into matmair/issue2279
This commit is contained in:
Matthias Mair
GitHub
@ -162,11 +162,6 @@ class GetAuthToken(APIView):
|
||||
'token': token.key,
|
||||
})
|
||||
|
||||
else:
|
||||
return Response({
|
||||
'error': 'User not authenticated',
|
||||
})
|
||||
|
||||
def logout(self, request):
|
||||
try:
|
||||
request.user.auth_token.delete()
|
||||
|
||||
@ -32,7 +32,7 @@ class UsersConfig(AppConfig):
|
||||
|
||||
# First, delete any rule_set objects which have become outdated!
|
||||
for rule in RuleSet.objects.all():
|
||||
if rule.name not in RuleSet.RULESET_NAMES:
|
||||
if rule.name not in RuleSet.RULESET_NAMES: # pragma: no cover # can not change ORM without the app beeing loaded
|
||||
print("need to delete:", rule.name)
|
||||
rule.delete()
|
||||
|
||||
|
||||
@ -268,7 +268,7 @@ class RuleSet(models.Model):
|
||||
|
||||
def __str__(self, debug=False):
|
||||
""" Ruleset string representation """
|
||||
if debug:
|
||||
if debug: # pragma: no cover
|
||||
# Makes debugging easier
|
||||
return f'{str(self.group).ljust(15)}: {self.name.title().ljust(15)} | ' \
|
||||
f'v: {str(self.can_view).ljust(5)} | a: {str(self.can_add).ljust(5)} | ' \
|
||||
@ -341,7 +341,7 @@ def update_group_roles(group, debug=False):
|
||||
"""
|
||||
|
||||
if not canAppAccessDatabase(allow_test=True):
|
||||
return
|
||||
return # pragma: no cover
|
||||
|
||||
# List of permissions already associated with this group
|
||||
group_permissions = set()
|
||||
@ -433,7 +433,7 @@ def update_group_roles(group, debug=False):
|
||||
try:
|
||||
content_type = ContentType.objects.get(app_label=app, model=model)
|
||||
permission = Permission.objects.get(content_type=content_type, codename=perm)
|
||||
except ContentType.DoesNotExist:
|
||||
except ContentType.DoesNotExist: # pragma: no cover
|
||||
logger.warning(f"Error: Could not find permission matching '{permission_string}'")
|
||||
permission = None
|
||||
|
||||
@ -451,7 +451,7 @@ def update_group_roles(group, debug=False):
|
||||
if permission:
|
||||
group.permissions.add(permission)
|
||||
|
||||
if debug:
|
||||
if debug: # pragma: no cover
|
||||
print(f"Adding permission {perm} to group {group.name}")
|
||||
|
||||
# Remove any extra permissions from the group
|
||||
@ -466,7 +466,7 @@ def update_group_roles(group, debug=False):
|
||||
if permission:
|
||||
group.permissions.remove(permission)
|
||||
|
||||
if debug:
|
||||
if debug: # pragma: no cover
|
||||
print(f"Removing permission {perm} from group {group.name}")
|
||||
|
||||
# Enable all action permissions for certain children models
|
||||
@ -618,7 +618,7 @@ class Owner(models.Model):
|
||||
# Create new owner
|
||||
try:
|
||||
return cls.objects.create(owner=obj)
|
||||
except IntegrityError:
|
||||
except IntegrityError: # pragma: no cover
|
||||
return None
|
||||
|
||||
return existing_owner
|
||||
|
||||
@ -3,9 +3,12 @@ from __future__ import unicode_literals
|
||||
|
||||
from django.test import TestCase
|
||||
from django.apps import apps
|
||||
from django.urls import reverse
|
||||
from django.contrib.auth import get_user_model
|
||||
from django.contrib.auth.models import Group
|
||||
|
||||
from rest_framework.authtoken.models import Token
|
||||
|
||||
from users.models import RuleSet, Owner
|
||||
|
||||
|
||||
@ -22,7 +25,7 @@ class RuleSetModelTest(TestCase):
|
||||
|
||||
missing = [name for name in RuleSet.RULESET_NAMES if name not in keys]
|
||||
|
||||
if len(missing) > 0:
|
||||
if len(missing) > 0: # pragma: no cover
|
||||
print("The following rulesets do not have models assigned:")
|
||||
for m in missing:
|
||||
print("-", m)
|
||||
@ -30,7 +33,7 @@ class RuleSetModelTest(TestCase):
|
||||
# Check if models have been defined for a ruleset which is incorrect
|
||||
extra = [name for name in keys if name not in RuleSet.RULESET_NAMES]
|
||||
|
||||
if len(extra) > 0:
|
||||
if len(extra) > 0: # pragma: no cover
|
||||
print("The following rulesets have been improperly added to RULESET_MODELS:")
|
||||
for e in extra:
|
||||
print("-", e)
|
||||
@ -38,7 +41,7 @@ class RuleSetModelTest(TestCase):
|
||||
# Check that each ruleset has models assigned
|
||||
empty = [key for key in keys if len(RuleSet.RULESET_MODELS[key]) == 0]
|
||||
|
||||
if len(empty) > 0:
|
||||
if len(empty) > 0: # pragma: no cover
|
||||
print("The following rulesets have empty entries in RULESET_MODELS:")
|
||||
for e in empty:
|
||||
print("-", e)
|
||||
@ -77,10 +80,10 @@ class RuleSetModelTest(TestCase):
|
||||
missing_models = set()
|
||||
|
||||
for model in available_tables:
|
||||
if model not in assigned_models and model not in RuleSet.RULESET_IGNORE:
|
||||
if model not in assigned_models and model not in RuleSet.RULESET_IGNORE: # pragma: no cover
|
||||
missing_models.add(model)
|
||||
|
||||
if len(missing_models) > 0:
|
||||
if len(missing_models) > 0: # pragma: no cover
|
||||
print("The following database models are not covered by the defined RuleSet permissions:")
|
||||
for m in missing_models:
|
||||
print("-", m)
|
||||
@ -95,11 +98,11 @@ class RuleSetModelTest(TestCase):
|
||||
for model in RuleSet.RULESET_IGNORE:
|
||||
defined_models.add(model)
|
||||
|
||||
for model in defined_models:
|
||||
for model in defined_models: # pragma: no cover
|
||||
if model not in available_tables:
|
||||
extra_models.add(model)
|
||||
|
||||
if len(extra_models) > 0:
|
||||
if len(extra_models) > 0: # pragma: no cover
|
||||
print("The following RuleSet permissions do not match a database model:")
|
||||
for m in extra_models:
|
||||
print("-", m)
|
||||
@ -169,16 +172,16 @@ class OwnerModelTest(TestCase):
|
||||
""" Add users and groups """
|
||||
|
||||
# Create a new user
|
||||
self.user = get_user_model().objects.create_user(
|
||||
username='john',
|
||||
email='john@email.com',
|
||||
password='custom123',
|
||||
)
|
||||
|
||||
self.user = get_user_model().objects.create_user('username', 'user@email.com', 'password')
|
||||
# Put the user into a new group
|
||||
self.group = Group.objects.create(name='new_group')
|
||||
self.user.groups.add(self.group)
|
||||
|
||||
def do_request(self, endpoint, filters, status_code=200):
|
||||
response = self.client.get(endpoint, filters, format='json')
|
||||
self.assertEqual(response.status_code, status_code)
|
||||
return response.data
|
||||
|
||||
def test_owner(self):
|
||||
|
||||
# Check that owner was created for user
|
||||
@ -203,3 +206,43 @@ class OwnerModelTest(TestCase):
|
||||
self.group.delete()
|
||||
group_as_owner = Owner.get_owner(self.group)
|
||||
self.assertEqual(group_as_owner, None)
|
||||
|
||||
def test_api(self):
|
||||
"""
|
||||
Test user APIs
|
||||
"""
|
||||
# not authed
|
||||
self.do_request(reverse('api-owner-list'), {}, 401)
|
||||
self.do_request(reverse('api-owner-detail', kwargs={'pk': self.user.id}), {}, 401)
|
||||
|
||||
self.client.login(username='username', password='password')
|
||||
# user list
|
||||
self.do_request(reverse('api-owner-list'), {})
|
||||
# user list with search
|
||||
self.do_request(reverse('api-owner-list'), {'search': 'user'})
|
||||
# user detail
|
||||
# TODO fix this test
|
||||
# self.do_request(reverse('api-owner-detail', kwargs={'pk': self.user.id}), {})
|
||||
|
||||
def test_token(self):
|
||||
"""
|
||||
Test token mechanisms
|
||||
"""
|
||||
token = Token.objects.filter(user=self.user)
|
||||
|
||||
# not authed
|
||||
self.do_request(reverse('api-token'), {}, 401)
|
||||
|
||||
self.client.login(username='username', password='password')
|
||||
# token get
|
||||
response = self.do_request(reverse('api-token'), {})
|
||||
self.assertEqual(response['token'], token.first().key)
|
||||
|
||||
# token delete
|
||||
response = self.client.delete(reverse('api-token'), {}, format='json')
|
||||
self.assertEqual(response.status_code, 202)
|
||||
self.assertEqual(len(token), 0)
|
||||
|
||||
# token second delete
|
||||
response = self.client.delete(reverse('api-token'), {}, format='json')
|
||||
self.assertEqual(response.status_code, 400)
|
||||
|
||||
Reference in New Issue
Block a user