diff options
author | James Tait <james.tait@canonical.com> | 2013-05-25 00:33:30 +0100 |
---|---|---|
committer | James Tait <james.tait@canonical.com> | 2013-05-25 00:33:30 +0100 |
commit | fb446fbf45bedb6123639005a98c1b7098eb7751 (patch) | |
tree | 4bfd1eb672b032713e7ca92c2c6dc8c55638f80d | |
parent | 2add1e88f10650c46c3a491dd3160421280cd7da (diff) |
Move removal of the account_verified permission to the UserOpenID model delete() method. Add tests for creation and deletion of UserOpenID model and related permission changes.
-rw-r--r-- | django_openid_auth/admin.py | 7 | ||||
-rw-r--r-- | django_openid_auth/models.py | 10 | ||||
-rw-r--r-- | django_openid_auth/tests/__init__.py | 3 | ||||
-rw-r--r-- | django_openid_auth/tests/test_models.py | 96 | ||||
-rw-r--r-- | django_openid_auth/tests/test_views.py | 10 |
5 files changed, 115 insertions, 11 deletions
diff --git a/django_openid_auth/admin.py b/django_openid_auth/admin.py index 3bd3839..23b191a 100644 --- a/django_openid_auth/admin.py +++ b/django_openid_auth/admin.py @@ -29,7 +29,6 @@ from django.conf import settings from django.contrib import admin -from django.contrib.auth.models import Permission from django_openid_auth.models import Nonce, Association, UserOpenID from django_openid_auth.store import DjangoOpenIDStore @@ -67,12 +66,6 @@ class UserOpenIDAdmin(admin.ModelAdmin): list_display = ('user', 'claimed_id') search_fields = ('claimed_id',) - def log_deletion(self, request, obj, object_repr): - permission = Permission.objects.get(codename='account_verified') - if obj.user: - obj.user.user_permissions.remove(permission) - super(UserOpenIDAdmin, self).log_deletion(request, obj, object_repr) - admin.site.register(UserOpenID, UserOpenIDAdmin) diff --git a/django_openid_auth/models.py b/django_openid_auth/models.py index 693634d..c47bba3 100644 --- a/django_openid_auth/models.py +++ b/django_openid_auth/models.py @@ -66,8 +66,11 @@ class UserOpenID(models.Model): ('account_verified', 'The OpenID has been verified'), ) + def _get_permission(self): + return Permission.objects.get(codename='account_verified') + def save(self, force_insert=False, force_update=False, using=None): - permission = Permission.objects.get(codename='account_verified') + permission = self._get_permission() perm_label = '%s.%s' % (permission.content_type.app_label, permission.codename) if self.account_verified and not self.user.has_perm(perm_label): @@ -75,3 +78,8 @@ class UserOpenID(models.Model): elif not self.account_verified and self.user.has_perm(perm_label): self.user.user_permissions.remove(permission) super(UserOpenID, self).save(force_insert, force_update, using) + + def delete(self, using=None): + permission = self._get_permission() + self.user.user_permissions.remove(permission) + super(UserOpenID, self).delete(using) diff --git a/django_openid_auth/tests/__init__.py b/django_openid_auth/tests/__init__.py index f76af6f..5b3964a 100644 --- a/django_openid_auth/tests/__init__.py +++ b/django_openid_auth/tests/__init__.py @@ -35,7 +35,8 @@ from test_admin import * def suite(): suite = unittest.TestSuite() - for name in ['test_auth', 'test_store', 'test_views', 'test_admin']: + for name in ['test_auth', 'test_models', 'test_store', 'test_views', + 'test_admin']: mod = __import__('%s.%s' % (__name__, name), {}, {}, ['suite']) suite.addTest(mod.suite()) return suite diff --git a/django_openid_auth/tests/test_models.py b/django_openid_auth/tests/test_models.py new file mode 100644 index 0000000..204a318 --- /dev/null +++ b/django_openid_auth/tests/test_models.py @@ -0,0 +1,96 @@ +# django-openid-auth - OpenID integration for django.contrib.auth +# +# Copyright (C) 2013 Canonical Ltd. +# +# Redistribution and use in source and binary forms, with or without +# modification, are permitted provided that the following conditions +# are met: +# +# * Redistributions of source code must retain the above copyright +# notice, this list of conditions and the following disclaimer. +# +# * Redistributions in binary form must reproduce the above copyright +# notice, this list of conditions and the following disclaimer in the +# documentation and/or other materials provided with the distribution. +# +# THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS +# "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT +# LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS +# FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE +# COPYRIGHT OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, +# INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, +# BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; +# LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER +# CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT +# LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN +# ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE +# POSSIBILITY OF SUCH DAMAGE. + +import unittest + +from django.contrib.auth.models import User +from django.test import TestCase + +from django_openid_auth.models import UserOpenID + + +class UserOpenIDModelTestCase(TestCase): + + def test_create_useropenid(self): + user = User.objects.create_user('someuser', 'someuser@example.com', + password=None) + user_openid, created = UserOpenID.objects.get_or_create( + user=user, + claimed_id='http://example.com/existing_identity', + display_id='http://example.com/existing_identity', + account_verified=False) + + self.assertEqual('someuser', user_openid.user.username) + self.assertEqual( + user_openid.claimed_id, 'http://example.com/existing_identity') + self.assertEqual( + user_openid.display_id, 'http://example.com/existing_identity') + self.assertFalse(user_openid.account_verified) + self.assertFalse( + User.objects.get(username='someuser').has_perm( + 'django_openid_auth.account_verified')) + + def test_create_verified_useropenid(self): + user = User.objects.create_user('someuser', 'someuser@example.com', + password=None) + user_openid, created = UserOpenID.objects.get_or_create( + user=user, + claimed_id='http://example.com/existing_identity', + display_id='http://example.com/existing_identity', + account_verified=True) + + self.assertEqual('someuser', user_openid.user.username) + self.assertEqual( + user_openid.claimed_id, 'http://example.com/existing_identity') + self.assertEqual( + user_openid.display_id, 'http://example.com/existing_identity') + self.assertTrue(user_openid.account_verified) + self.assertTrue( + User.objects.get(username='someuser').has_perm( + 'django_openid_auth.account_verified')) + + def test_delete_verified_useropenid(self): + user = User.objects.create_user('someuser', 'someuser@example.com', + password=None) + user_openid, created = UserOpenID.objects.get_or_create( + user=user, + claimed_id='http://example.com/existing_identity', + display_id='http://example.com/existing_identity', + account_verified=True) + + self.assertTrue( + User.objects.get(username='someuser').has_perm( + 'django_openid_auth.account_verified')) + user_openid.delete() + self.assertFalse( + User.objects.get(username='someuser').has_perm( + 'django_openid_auth.account_verified')) + + +def suite(): + return unittest.TestLoader().loadTestsFromName(__name__) diff --git a/django_openid_auth/tests/test_views.py b/django_openid_auth/tests/test_views.py index d291cf4..6c21036 100644 --- a/django_openid_auth/tests/test_views.py +++ b/django_openid_auth/tests/test_views.py @@ -32,7 +32,7 @@ import unittest from urllib import quote_plus from django.conf import settings -from django.contrib.auth.models import User, Group +from django.contrib.auth.models import User, Group, Permission from django.http import HttpRequest, HttpResponse from django.test import TestCase from openid.consumer.consumer import Consumer, SuccessResponse @@ -1291,15 +1291,21 @@ class RelyingPartyTests(TestCase): user = User.objects.create_user('testuser', 'someone@example.com') group = Group(name='groupname') group.save() + # Django creates the add_nonce permission by default + group.permissions.add( + Permission.objects.get(codename='add_nonce')) ogroup = Group(name='othergroup') ogroup.save() + # Django creates the add_useropenid permission by default + ogroup.permissions.add( + Permission.objects.get(codename='add_useropenid')) user.groups.add(ogroup) user.save() useropenid = UserOpenID( user=user, claimed_id='http://example.com/identity', display_id='http://example.com/identity', - account_verified=False) + account_verified=True) useropenid.save() # Posting in an identity URL begins the authentication request: |