Skip to content
GitLab
Projects
Groups
Snippets
/
Help
Help
Support
Community forum
Keyboard shortcuts
?
Submit feedback
Sign in / Register
Toggle navigation
Menu
Open sidebar
Auri
funkwhale
Commits
34ec869c
Verified
Commit
34ec869c
authored
Dec 06, 2018
by
Eliot Berriot
Browse files
Removed obsolete permissions, added a new moderation permission
parent
af53ee7c
Changes
9
Hide whitespace changes
Inline
Side-by-side
api/funkwhale_api/common/scripts/django_permissions_to_user_permissions.py
View file @
34ec869c
...
...
@@ -10,7 +10,6 @@ from funkwhale_api.users import models
mapping
=
{
"dynamic_preferences.change_globalpreferencemodel"
:
"settings"
,
"music.add_importbatch"
:
"library"
,
"federation.change_library"
:
"federation"
,
}
...
...
api/funkwhale_api/manage/filters.py
View file @
34ec869c
...
...
@@ -31,10 +31,9 @@ class ManageUserFilterSet(filters.FilterSet):
"privacy_level"
,
"is_staff"
,
"is_superuser"
,
"permission_upload"
,
"permission_library"
,
"permission_settings"
,
"permission_
fe
deration"
,
"permission_
mo
deration"
,
]
...
...
api/funkwhale_api/users/admin.py
View file @
34ec869c
...
...
@@ -51,7 +51,7 @@ class UserAdmin(AuthUserAdmin):
"privacy_level"
,
"permission_settings"
,
"permission_library"
,
"permission_
fe
deration"
,
"permission_
mo
deration"
,
]
fieldsets
=
(
...
...
@@ -67,10 +67,9 @@ class UserAdmin(AuthUserAdmin):
"is_active"
,
"is_staff"
,
"is_superuser"
,
"permission_upload"
,
"permission_library"
,
"permission_settings"
,
"permission_
fe
deration"
,
"permission_
mo
deration"
,
)
},
),
...
...
api/funkwhale_api/users/migrations/0013_auto_20181206_1008.py
0 → 100644
View file @
34ec869c
# Generated by Django 2.0.9 on 2018-12-06 10:08
from
django.db
import
migrations
,
models
class
Migration
(
migrations
.
Migration
):
dependencies
=
[
(
'users'
,
'0012_user_upload_quota'
),
]
operations
=
[
migrations
.
RemoveField
(
model_name
=
'user'
,
name
=
'permission_federation'
,
),
migrations
.
RemoveField
(
model_name
=
'user'
,
name
=
'permission_upload'
,
),
migrations
.
AddField
(
model_name
=
'user'
,
name
=
'permission_moderation'
,
field
=
models
.
BooleanField
(
default
=
False
,
help_text
=
'Block/mute/remove domains, users and content'
,
verbose_name
=
'Moderation'
),
),
]
api/funkwhale_api/users/models.py
View file @
34ec869c
...
...
@@ -34,16 +34,15 @@ def get_token():
PERMISSIONS_CONFIGURATION
=
{
"
fe
deration"
:
{
"label"
:
"M
anage library fe
deration"
,
"help_text"
:
"
Follow other instances, accept/deny library follow requests...
"
,
"
mo
deration"
:
{
"label"
:
"M
o
deration"
,
"help_text"
:
"
Block/mute/remove domains, users and content
"
,
},
"library"
:
{
"label"
:
"Manage library"
,
"help_text"
:
"Manage library, delete files, tracks, artists, albums..."
,
},
"settings"
:
{
"label"
:
"Manage instance-level settings"
,
"help_text"
:
""
},
"upload"
:
{
"label"
:
"Upload new content to the library"
,
"help_text"
:
""
},
}
PERMISSIONS
=
sorted
(
PERMISSIONS_CONFIGURATION
.
keys
())
...
...
@@ -71,9 +70,9 @@ class User(AbstractUser):
subsonic_api_token
=
models
.
CharField
(
blank
=
True
,
null
=
True
,
max_length
=
255
)
# permissions
permission_
fe
deration
=
models
.
BooleanField
(
PERMISSIONS_CONFIGURATION
[
"
fe
deration"
][
"label"
],
help_text
=
PERMISSIONS_CONFIGURATION
[
"
fe
deration"
][
"help_text"
],
permission_
mo
deration
=
models
.
BooleanField
(
PERMISSIONS_CONFIGURATION
[
"
mo
deration"
][
"label"
],
help_text
=
PERMISSIONS_CONFIGURATION
[
"
mo
deration"
][
"help_text"
],
default
=
False
,
)
permission_library
=
models
.
BooleanField
(
...
...
@@ -86,11 +85,6 @@ class User(AbstractUser):
help_text
=
PERMISSIONS_CONFIGURATION
[
"settings"
][
"help_text"
],
default
=
False
,
)
permission_upload
=
models
.
BooleanField
(
PERMISSIONS_CONFIGURATION
[
"upload"
][
"label"
],
help_text
=
PERMISSIONS_CONFIGURATION
[
"upload"
][
"help_text"
],
default
=
False
,
)
last_activity
=
models
.
DateTimeField
(
default
=
None
,
null
=
True
,
blank
=
True
)
...
...
api/tests/common/test_scripts.py
View file @
34ec869c
...
...
@@ -22,30 +22,6 @@ def test_script_command_list(command, script_name, mocker):
mocked
.
assert_called_once_with
(
command
,
script_name
=
script_name
,
interactive
=
False
)
def
test_django_permissions_to_user_permissions
(
factories
,
command
):
group
=
factories
[
"auth.Group"
](
perms
=
[
"federation.change_library"
])
user1
=
factories
[
"users.User"
](
perms
=
[
"dynamic_preferences.change_globalpreferencemodel"
,
"music.add_importbatch"
,
]
)
user2
=
factories
[
"users.User"
](
perms
=
[
"music.add_importbatch"
],
groups
=
[
group
])
scripts
.
django_permissions_to_user_permissions
.
main
(
command
)
user1
.
refresh_from_db
()
user2
.
refresh_from_db
()
assert
user1
.
permission_settings
is
True
assert
user1
.
permission_library
is
True
assert
user1
.
permission_federation
is
False
assert
user2
.
permission_settings
is
False
assert
user2
.
permission_library
is
True
assert
user2
.
permission_federation
is
True
@
pytest
.
mark
.
parametrize
(
"open_api,expected_visibility"
,
[(
True
,
"everyone"
),
(
False
,
"instance"
)]
)
...
...
api/tests/manage/test_serializers.py
View file @
34ec869c
...
...
@@ -13,8 +13,7 @@ def test_manage_upload_action_delete(factories):
def
test_user_update_permission
(
factories
):
user
=
factories
[
"users.User"
](
permission_library
=
False
,
permission_upload
=
False
,
permission_federation
=
True
,
permission_moderation
=
False
,
permission_settings
=
True
,
is_active
=
True
,
)
...
...
@@ -32,7 +31,6 @@ def test_user_update_permission(factories):
assert
user
.
is_active
is
False
assert
user
.
upload_quota
==
12
assert
user
.
permission_federation
is
False
assert
user
.
permission_upload
is
True
assert
user
.
permission_moderation
is
True
assert
user
.
permission_library
is
False
assert
user
.
permission_settings
is
True
api/tests/users/test_models.py
View file @
34ec869c
...
...
@@ -46,23 +46,22 @@ def test_get_permissions_regular(factories):
def
test_get_permissions_default
(
factories
,
preferences
):
preferences
[
"users__default_permissions"
]
=
[
"
upload
"
,
"
fe
deration"
]
preferences
[
"users__default_permissions"
]
=
[
"
library
"
,
"
mo
deration"
]
user
=
factories
[
"users.User"
]()
perms
=
user
.
get_permissions
()
assert
perms
[
"upload"
]
is
True
assert
perms
[
"federation"
]
is
True
assert
perms
[
"library"
]
is
False
assert
perms
[
"moderation"
]
is
True
assert
perms
[
"library"
]
is
True
assert
perms
[
"settings"
]
is
False
@
pytest
.
mark
.
parametrize
(
"args,perms,expected"
,
[
({
"is_superuser"
:
True
},
[
"
fe
deration"
,
"library"
],
True
),
({
"is_superuser"
:
False
},
[
"
fe
deration"
],
False
),
({
"is_superuser"
:
True
},
[
"
mo
deration"
,
"library"
],
True
),
({
"is_superuser"
:
False
},
[
"
mo
deration"
],
False
),
({
"permission_library"
:
True
},
[
"library"
],
True
),
({
"permission_library"
:
True
},
[
"library"
,
"
fe
deration"
],
False
),
({
"permission_library"
:
True
},
[
"library"
,
"
mo
deration"
],
False
),
],
)
def
test_has_permissions_and
(
args
,
perms
,
expected
,
factories
):
...
...
@@ -73,10 +72,10 @@ def test_has_permissions_and(args, perms, expected, factories):
@
pytest
.
mark
.
parametrize
(
"args,perms,expected"
,
[
({
"is_superuser"
:
True
},
[
"
fe
deration"
,
"library"
],
True
),
({
"is_superuser"
:
False
},
[
"
fe
deration"
],
False
),
({
"permission_library"
:
True
},
[
"library"
,
"
fe
deration"
],
True
),
({
"permission_library"
:
True
},
[
"
fe
deration"
],
False
),
({
"is_superuser"
:
True
},
[
"
mo
deration"
,
"library"
],
True
),
({
"is_superuser"
:
False
},
[
"
mo
deration"
],
False
),
({
"permission_library"
:
True
},
[
"library"
,
"
mo
deration"
],
True
),
({
"permission_library"
:
True
},
[
"
mo
deration"
],
False
),
],
)
def
test_has_permissions_or
(
args
,
perms
,
expected
,
factories
):
...
...
api/tests/users/test_permissions.py
View file @
34ec869c
...
...
@@ -21,21 +21,21 @@ def test_has_user_permission_anonymous(anonymous_user, api_request):
@
pytest
.
mark
.
parametrize
(
"value"
,
[
True
,
False
])
def
test_has_user_permission_logged_in_single
(
value
,
factories
,
api_request
):
user
=
factories
[
"users.User"
](
permission_
fe
deration
=
value
)
user
=
factories
[
"users.User"
](
permission_
mo
deration
=
value
)
class
View
(
APIView
):
required_permissions
=
[
"
fe
deration"
]
required_permissions
=
[
"
mo
deration"
]
view
=
View
()
permission
=
permissions
.
HasUserPermission
()
request
=
api_request
.
get
(
"/"
)
setattr
(
request
,
"user"
,
user
)
result
=
permission
.
has_permission
(
request
,
view
)
assert
result
==
user
.
has_permissions
(
"
fe
deration"
)
==
value
assert
result
==
user
.
has_permissions
(
"
mo
deration"
)
==
value
@
pytest
.
mark
.
parametrize
(
"
fe
deration,library,expected"
,
"
mo
deration,library,expected"
,
[
(
True
,
False
,
False
),
(
False
,
True
,
False
),
...
...
@@ -44,14 +44,14 @@ def test_has_user_permission_logged_in_single(value, factories, api_request):
],
)
def
test_has_user_permission_logged_in_multiple_and
(
fe
deration
,
library
,
expected
,
factories
,
api_request
mo
deration
,
library
,
expected
,
factories
,
api_request
):
user
=
factories
[
"users.User"
](
permission_
fe
deration
=
fe
deration
,
permission_library
=
library
permission_
mo
deration
=
mo
deration
,
permission_library
=
library
)
class
View
(
APIView
):
required_permissions
=
[
"
fe
deration"
,
"library"
]
required_permissions
=
[
"
mo
deration"
,
"library"
]
permission_operator
=
"and"
view
=
View
()
...
...
@@ -59,11 +59,11 @@ def test_has_user_permission_logged_in_multiple_and(
request
=
api_request
.
get
(
"/"
)
setattr
(
request
,
"user"
,
user
)
result
=
permission
.
has_permission
(
request
,
view
)
assert
result
==
user
.
has_permissions
(
"
fe
deration"
,
"library"
)
==
expected
assert
result
==
user
.
has_permissions
(
"
mo
deration"
,
"library"
)
==
expected
@
pytest
.
mark
.
parametrize
(
"
fe
deration,library,expected"
,
"
mo
deration,library,expected"
,
[
(
True
,
False
,
True
),
(
False
,
True
,
True
),
...
...
@@ -72,14 +72,14 @@ def test_has_user_permission_logged_in_multiple_and(
],
)
def
test_has_user_permission_logged_in_multiple_or
(
fe
deration
,
library
,
expected
,
factories
,
api_request
mo
deration
,
library
,
expected
,
factories
,
api_request
):
user
=
factories
[
"users.User"
](
permission_
fe
deration
=
fe
deration
,
permission_library
=
library
permission_
mo
deration
=
mo
deration
,
permission_library
=
library
)
class
View
(
APIView
):
required_permissions
=
[
"
fe
deration"
,
"library"
]
required_permissions
=
[
"
mo
deration"
,
"library"
]
permission_operator
=
"or"
view
=
View
()
...
...
@@ -87,6 +87,6 @@ def test_has_user_permission_logged_in_multiple_or(
request
=
api_request
.
get
(
"/"
)
setattr
(
request
,
"user"
,
user
)
result
=
permission
.
has_permission
(
request
,
view
)
has_permission_result
=
user
.
has_permissions
(
"
fe
deration"
,
"library"
,
operator
=
"or"
)
has_permission_result
=
user
.
has_permissions
(
"
mo
deration"
,
"library"
,
operator
=
"or"
)
assert
result
==
has_permission_result
==
expected
Write
Preview
Supports
Markdown
0%
Try again
or
attach a new file
.
Cancel
You are about to add
0
people
to the discussion. Proceed with caution.
Finish editing this message first!
Cancel
Please
register
or
sign in
to comment