Source code for tcms.utils.permissions
# -*- coding: utf-8 -*-
from django.conf import settings
from django.contrib.auth.models import Group, Permission
[docs]
def generate_output(output, permissions, group):
"""
Generates verbose output for added permissions
"""
if output:
for perm in permissions:
output.write(
f"{perm.content_type.app_label}.{perm.codename} added to {group.name} group"
)
[docs]
def assign_default_group_permissions(
output=None,
refresh_all=False,
group_model=Group,
admin_permissions_filter=None,
tester_permissions_filter=None,
):
"""
Adds the default permissions for Administrator and Tester
groups!
"""
# arguments default to None due to security issues
# with having an empty dict as the default value
if admin_permissions_filter is None:
admin_permissions_filter = {}
if tester_permissions_filter is None:
tester_permissions_filter = {}
admin = group_model.objects.get(name="Administrator")
if admin.permissions.count() == 0 or refresh_all:
perms_to_add = Permission.objects.exclude(
pk__in=admin.permissions.all()
).filter(**admin_permissions_filter)
admin.permissions.add(*perms_to_add)
generate_output(output, perms_to_add, admin)
tester = group_model.objects.get(name="Tester")
tester_perms = tester.permissions.all()
if tester_perms.count() == 0 or refresh_all:
# apply all permissions for test case & product management
for app_name in [
"attachments",
"bugs",
"django_comments",
"linkreference",
"management",
"testcases",
"testplans",
"testruns",
]:
app_perms = Permission.objects.filter(
content_type__app_label=app_name
).filter(**tester_permissions_filter)
app_perms = app_perms.exclude(pk__in=tester_perms).exclude(
content_type__app_label="attachments",
codename="delete_foreign_attachments",
)
tester.permissions.add(*app_perms)
generate_output(output, app_perms, tester)
[docs]
def initiate_user_with_default_setups(user):
"""
Add default groups, permissions, status to a newly
created user.
"""
# create default permissions if not already set
assign_default_group_permissions()
default_groups = Group.objects.filter(name__in=settings.DEFAULT_GROUPS)
for grp in default_groups:
user.groups.add(grp)
user.is_staff = True # so they can add Products, Builds, etc via the ADMIN menu
user.save()