Verified Commit 34ec869c authored by Eliot Berriot's avatar Eliot Berriot
Browse files

Removed obsolete permissions, added a new moderation permission

parent af53ee7c
......@@ -10,7 +10,6 @@ from funkwhale_api.users import models
mapping = {
"dynamic_preferences.change_globalpreferencemodel": "settings",
"music.add_importbatch": "library",
"federation.change_library": "federation",
}
......
......@@ -31,10 +31,9 @@ class ManageUserFilterSet(filters.FilterSet):
"privacy_level",
"is_staff",
"is_superuser",
"permission_upload",
"permission_library",
"permission_settings",
"permission_federation",
"permission_moderation",
]
......
......@@ -51,7 +51,7 @@ class UserAdmin(AuthUserAdmin):
"privacy_level",
"permission_settings",
"permission_library",
"permission_federation",
"permission_moderation",
]
fieldsets = (
......@@ -67,10 +67,9 @@ class UserAdmin(AuthUserAdmin):
"is_active",
"is_staff",
"is_superuser",
"permission_upload",
"permission_library",
"permission_settings",
"permission_federation",
"permission_moderation",
)
},
),
......
# Generated by Django 2.0.9 on 2018-12-06 10:08
from django.db import migrations, models
class Migration(migrations.Migration):
dependencies = [
('users', '0012_user_upload_quota'),
]
operations = [
migrations.RemoveField(
model_name='user',
name='permission_federation',
),
migrations.RemoveField(
model_name='user',
name='permission_upload',
),
migrations.AddField(
model_name='user',
name='permission_moderation',
field=models.BooleanField(default=False, help_text='Block/mute/remove domains, users and content', verbose_name='Moderation'),
),
]
......@@ -34,16 +34,15 @@ def get_token():
PERMISSIONS_CONFIGURATION = {
"federation": {
"label": "Manage library federation",
"help_text": "Follow other instances, accept/deny library follow requests...",
"moderation": {
"label": "Moderation",
"help_text": "Block/mute/remove domains, users and content",
},
"library": {
"label": "Manage library",
"help_text": "Manage library, delete files, tracks, artists, albums...",
},
"settings": {"label": "Manage instance-level settings", "help_text": ""},
"upload": {"label": "Upload new content to the library", "help_text": ""},
}
PERMISSIONS = sorted(PERMISSIONS_CONFIGURATION.keys())
......@@ -71,9 +70,9 @@ class User(AbstractUser):
subsonic_api_token = models.CharField(blank=True, null=True, max_length=255)
# permissions
permission_federation = models.BooleanField(
PERMISSIONS_CONFIGURATION["federation"]["label"],
help_text=PERMISSIONS_CONFIGURATION["federation"]["help_text"],
permission_moderation = models.BooleanField(
PERMISSIONS_CONFIGURATION["moderation"]["label"],
help_text=PERMISSIONS_CONFIGURATION["moderation"]["help_text"],
default=False,
)
permission_library = models.BooleanField(
......@@ -86,11 +85,6 @@ class User(AbstractUser):
help_text=PERMISSIONS_CONFIGURATION["settings"]["help_text"],
default=False,
)
permission_upload = models.BooleanField(
PERMISSIONS_CONFIGURATION["upload"]["label"],
help_text=PERMISSIONS_CONFIGURATION["upload"]["help_text"],
default=False,
)
last_activity = models.DateTimeField(default=None, null=True, blank=True)
......
......@@ -22,30 +22,6 @@ def test_script_command_list(command, script_name, mocker):
mocked.assert_called_once_with(command, script_name=script_name, interactive=False)
def test_django_permissions_to_user_permissions(factories, command):
group = factories["auth.Group"](perms=["federation.change_library"])
user1 = factories["users.User"](
perms=[
"dynamic_preferences.change_globalpreferencemodel",
"music.add_importbatch",
]
)
user2 = factories["users.User"](perms=["music.add_importbatch"], groups=[group])
scripts.django_permissions_to_user_permissions.main(command)
user1.refresh_from_db()
user2.refresh_from_db()
assert user1.permission_settings is True
assert user1.permission_library is True
assert user1.permission_federation is False
assert user2.permission_settings is False
assert user2.permission_library is True
assert user2.permission_federation is True
@pytest.mark.parametrize(
"open_api,expected_visibility", [(True, "everyone"), (False, "instance")]
)
......
......@@ -13,8 +13,7 @@ def test_manage_upload_action_delete(factories):
def test_user_update_permission(factories):
user = factories["users.User"](
permission_library=False,
permission_upload=False,
permission_federation=True,
permission_moderation=False,
permission_settings=True,
is_active=True,
)
......@@ -32,7 +31,6 @@ def test_user_update_permission(factories):
assert user.is_active is False
assert user.upload_quota == 12
assert user.permission_federation is False
assert user.permission_upload is True
assert user.permission_moderation is True
assert user.permission_library is False
assert user.permission_settings is True
......@@ -46,23 +46,22 @@ def test_get_permissions_regular(factories):
def test_get_permissions_default(factories, preferences):
preferences["users__default_permissions"] = ["upload", "federation"]
preferences["users__default_permissions"] = ["library", "moderation"]
user = factories["users.User"]()
perms = user.get_permissions()
assert perms["upload"] is True
assert perms["federation"] is True
assert perms["library"] is False
assert perms["moderation"] is True
assert perms["library"] is True
assert perms["settings"] is False
@pytest.mark.parametrize(
"args,perms,expected",
[
({"is_superuser": True}, ["federation", "library"], True),
({"is_superuser": False}, ["federation"], False),
({"is_superuser": True}, ["moderation", "library"], True),
({"is_superuser": False}, ["moderation"], False),
({"permission_library": True}, ["library"], True),
({"permission_library": True}, ["library", "federation"], False),
({"permission_library": True}, ["library", "moderation"], False),
],
)
def test_has_permissions_and(args, perms, expected, factories):
......@@ -73,10 +72,10 @@ def test_has_permissions_and(args, perms, expected, factories):
@pytest.mark.parametrize(
"args,perms,expected",
[
({"is_superuser": True}, ["federation", "library"], True),
({"is_superuser": False}, ["federation"], False),
({"permission_library": True}, ["library", "federation"], True),
({"permission_library": True}, ["federation"], False),
({"is_superuser": True}, ["moderation", "library"], True),
({"is_superuser": False}, ["moderation"], False),
({"permission_library": True}, ["library", "moderation"], True),
({"permission_library": True}, ["moderation"], False),
],
)
def test_has_permissions_or(args, perms, expected, factories):
......
......@@ -21,21 +21,21 @@ def test_has_user_permission_anonymous(anonymous_user, api_request):
@pytest.mark.parametrize("value", [True, False])
def test_has_user_permission_logged_in_single(value, factories, api_request):
user = factories["users.User"](permission_federation=value)
user = factories["users.User"](permission_moderation=value)
class View(APIView):
required_permissions = ["federation"]
required_permissions = ["moderation"]
view = View()
permission = permissions.HasUserPermission()
request = api_request.get("/")
setattr(request, "user", user)
result = permission.has_permission(request, view)
assert result == user.has_permissions("federation") == value
assert result == user.has_permissions("moderation") == value
@pytest.mark.parametrize(
"federation,library,expected",
"moderation,library,expected",
[
(True, False, False),
(False, True, False),
......@@ -44,14 +44,14 @@ def test_has_user_permission_logged_in_single(value, factories, api_request):
],
)
def test_has_user_permission_logged_in_multiple_and(
federation, library, expected, factories, api_request
moderation, library, expected, factories, api_request
):
user = factories["users.User"](
permission_federation=federation, permission_library=library
permission_moderation=moderation, permission_library=library
)
class View(APIView):
required_permissions = ["federation", "library"]
required_permissions = ["moderation", "library"]
permission_operator = "and"
view = View()
......@@ -59,11 +59,11 @@ def test_has_user_permission_logged_in_multiple_and(
request = api_request.get("/")
setattr(request, "user", user)
result = permission.has_permission(request, view)
assert result == user.has_permissions("federation", "library") == expected
assert result == user.has_permissions("moderation", "library") == expected
@pytest.mark.parametrize(
"federation,library,expected",
"moderation,library,expected",
[
(True, False, True),
(False, True, True),
......@@ -72,14 +72,14 @@ def test_has_user_permission_logged_in_multiple_and(
],
)
def test_has_user_permission_logged_in_multiple_or(
federation, library, expected, factories, api_request
moderation, library, expected, factories, api_request
):
user = factories["users.User"](
permission_federation=federation, permission_library=library
permission_moderation=moderation, permission_library=library
)
class View(APIView):
required_permissions = ["federation", "library"]
required_permissions = ["moderation", "library"]
permission_operator = "or"
view = View()
......@@ -87,6 +87,6 @@ def test_has_user_permission_logged_in_multiple_or(
request = api_request.get("/")
setattr(request, "user", user)
result = permission.has_permission(request, view)
has_permission_result = user.has_permissions("federation", "library", operator="or")
has_permission_result = user.has_permissions("moderation", "library", operator="or")
assert result == has_permission_result == expected
Supports Markdown
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment