Fix role inheritance (#5)

* Fix role inheritance * Drop python 3.6 and add django 4.0 * blacked * Fix django 4.0 requirements
certego · Dec 14, 2021 · 313f141 · 313f141
1 parent ceeb214
commit 313f141
Show file tree

Hide file tree

Showing 7 changed files with 96 additions and 12 deletions.
diff --git a/.github/workflows/ci.yaml b/.github/workflows/ci.yaml
@@ -10,7 +10,7 @@ jobs:
     strategy:
       fail-fast: false
       matrix:
-        python-version: ['3.6', '3.7', '3.8', '3.9', '3.10']
+        python-version: ['3.7', '3.8', '3.9', '3.10']
 
     steps:
       - uses: actions/checkout@v2

diff --git a/django_group_role/management/commands/populate_roles.py b/django_group_role/management/commands/populate_roles.py
@@ -5,13 +5,20 @@
 
 
 def _fuzzy_search(rolenames):
-    fuzzy_rolenames = [name.lower().replace('-', ' ').replace('_', ' ') for name in rolenames]
+    fuzzy_rolenames = [
+        name.lower().replace("-", " ").replace("_", " ") for name in rolenames
+    ]
 
     def search(name):
-        return not rolenames or name in rolenames or name.lower().replace('-', ' ').replace('_', ' ') in fuzzy_rolenames
+        return (
+            not rolenames
+            or name in rolenames
+            or name.lower().replace("-", " ").replace("_", " ") in fuzzy_rolenames
+        )
 
     return search
 
+
 def _standard_search(rolenames):
     def search(name):
         return not rolenames or name in rolenames

diff --git a/django_group_role/roles.py b/django_group_role/roles.py
@@ -33,7 +33,7 @@ def _get_declared_permissions(cls, bases, classdict):
         permissions = [permissions]
         if bases:
             permissions = reduce(
-                lambda a, b: a + [getattr(b, "permissions", None)], bases, permissions
+                lambda a, b: a + [getattr(b, "_permissions", None)], bases, permissions
             )
         permissions = map_permissions(*permissions)
         assert not bases or permissions, "A Role must specify at least 1 permission"
@@ -119,7 +119,7 @@ def setup_permissions(self, clear=False):
 
     # wrappers for group methods
     def _wrap_group_method(self, method, *args, **kwargs):
-        method = getattr(self.group, method)
+        method = getattr(self.group.user_set, method)
         return method(*args, **kwargs)
 
     add = partialmethod(_wrap_group_method, method="add")

diff --git a/setup.cfg b/setup.cfg
@@ -11,7 +11,6 @@ project_urls =
 classifiers =
 	Programming Language :: Python
 	Programming Language :: Python :: 3
-	Programming Language :: Python :: 3.6
 	Programming Language :: Python :: 3.7
 	Programming Language :: Python :: 3.8
 	Programming Language :: Python :: 3.9
@@ -21,13 +20,14 @@ classifiers =
 	Framework :: Django :: 3.0
 	Framework :: Django :: 3.1
 	Framework :: Django :: 3.2
+	Framework :: Django :: 4.0
     License :: OSI Approved :: Apache Software License
     Operating System :: OS Independent
 	Intended Audience :: Developers
 
 [options]
 packages = find:
-python_requires = >=3.6
+python_requires = >=3.7
 setup_requires=
     pytest-runner
 install_requires =
@@ -64,7 +64,8 @@ DJANGO_SETTINGS_MODULE = tests.example_project.settings
 
 [tox:tox]
 envlist =
-    py{36,37,38,39,310}-django{22,30,31,32}
+    py{37,38,39,310}-django{22,30,31,32}
+    py{38,39,310}-django40
 
 [testenv]
 usedevelop = true
@@ -74,4 +75,6 @@ deps=
     django22: Django>=2.2,<2.23
     django30: Django>=3.0,<3.1
     django31: Django>=3.1,<3.2
-    django32: Django>=3.2,<3.3
+    django32: Django>=3.2,<3.3
+    django32: Django>=3.2,<3.3
+    django40: Django>=4.0,<4.1
diff --git a/tests/example_project/roles.py b/tests/example_project/roles.py
@@ -16,6 +16,15 @@ class GroupManagers(BasicRole):
     permissions = ["auth.add_group", "auth.view_group", "auth.delete_group"]
 
 
+class GroupPermManagers(GroupManagers):
+    name = "Top-Managers"
+    permissions = [
+        "auth.add_permission",
+        "auth.view_permission",
+        "auth.delete_permission",
+    ]
+
+
 class AbstractRole(Role):
     name = "Abstract"
     abstract = True

diff --git a/tests/test_command.py b/tests/test_command.py
@@ -31,14 +31,16 @@ def test_apply_every_role(self):
                 'Role "User-Managers" setup completed!',
                 'Setting permissions for role "Group Managers"...',
                 'Role "Group Managers" setup completed!',
+                'Setting permissions for role "Top-Managers"...',
+                'Role "Top-Managers" setup completed!',
                 'Setting permissions for role "Erasers"...',
                 'Unable to bound permission to "Erasers" (Permission broken (auth)  cannot be bound to role)',
                 'Setting permissions for role "Broken"...',
                 'Unable to bound permission to "Broken" (Permission auth.non_existing_perm cannot be bound to role)',
                 "",
             ],
         )
-        self.assertEqual(Group.objects.all().count(), 6)
+        self.assertEqual(Group.objects.all().count(), 7)
         group = Group.objects.get_by_natural_key("Users")
         self.assertQuerysetEqual(
             group.permissions.all(),
@@ -75,6 +77,21 @@ def test_apply_every_role(self):
             transform=lambda p: p.natural_key(),
             ordered=False,
         )
+        group = Group.objects.get_by_natural_key("Top-Managers")
+        self.assertQuerysetEqual(
+            group.permissions.all(),
+            [
+                ("view_user", "auth", "user"),
+                ("view_group", "auth", "group"),
+                ("add_group", "auth", "group"),
+                ("delete_group", "auth", "group"),
+                ("view_permission", "auth", "permission"),
+                ("add_permission", "auth", "permission"),
+                ("delete_permission", "auth", "permission"),
+            ],
+            transform=lambda p: p.natural_key(),
+            ordered=False,
+        )
 
     def test_apply_every_role_clear(self):
         self.assertEqual(Group.objects.all().count(), 3)
@@ -90,14 +107,16 @@ def test_apply_every_role_clear(self):
                 'Role "User-Managers" setup completed!',
                 'Setting permissions for role "Group Managers"...',
                 'Role "Group Managers" setup completed!',
+                'Setting permissions for role "Top-Managers"...',
+                'Role "Top-Managers" setup completed!',
                 'Setting permissions for role "Erasers"...',
                 'Unable to bound permission to "Erasers" (Permission broken (auth)  cannot be bound to role)',
                 'Setting permissions for role "Broken"...',
                 'Unable to bound permission to "Broken" (Permission auth.non_existing_perm cannot be bound to role)',
                 "",
             ],
         )
-        self.assertEqual(Group.objects.all().count(), 6)
+        self.assertEqual(Group.objects.all().count(), 7)
         group = Group.objects.get_by_natural_key("Users")
         self.assertQuerysetEqual(
             group.permissions.all(),
@@ -132,6 +151,21 @@ def test_apply_every_role_clear(self):
             transform=lambda p: p.natural_key(),
             ordered=False,
         )
+        group = Group.objects.get_by_natural_key("Top-Managers")
+        self.assertQuerysetEqual(
+            group.permissions.all(),
+            [
+                ("view_user", "auth", "user"),
+                ("view_group", "auth", "group"),
+                ("add_group", "auth", "group"),
+                ("delete_group", "auth", "group"),
+                ("view_permission", "auth", "permission"),
+                ("add_permission", "auth", "permission"),
+                ("delete_permission", "auth", "permission"),
+            ],
+            transform=lambda p: p.natural_key(),
+            ordered=False,
+        )
 
     def test_apply_single_role_clear(self):
         self.assertEqual(Group.objects.all().count(), 3)
@@ -175,7 +209,9 @@ def test_apply_single_role_clear(self):
     def test_apply_single_role_fuzzy_dash(self):
         self.assertEqual(Group.objects.all().count(), 3)
         out = StringIO()
-        call_command("populate_roles", "group-managers", clear=True, fuzzy=True, stdout=out)
+        call_command(
+            "populate_roles", "group-managers", clear=True, fuzzy=True, stdout=out
+        )
         self.assertEqual(
             out.getvalue().split("\n"),
             [

diff --git a/tests/test_utils.py b/tests/test_utils.py
@@ -93,3 +93,32 @@ def test_map_permissions_list_plus_dict(self):
                 },
             },
         )
+
+    def test_map_permissions_dict_plus_dict(self):
+        perm_map = map_permissions(
+            {
+                "auth": {"user": ["view_user"]},
+                "myapp": {"mymodel": ["delete_mymodel"]},
+                "otherapp.element": ["view_element"],
+            },
+            {
+                "auth.user": ["view_user", "change_user"],
+                "auth": {"group": ["view_group"]},
+                "myapp.mymodel": ["view_mymodel", "change_mymodel"],
+            },
+        )
+        self.assertEqual(
+            perm_map,
+            {
+                "auth": {
+                    "user": {"view_user", "change_user"},
+                    "group": {"view_group"},
+                },
+                "myapp": {
+                    "mymodel": {"view_mymodel", "change_mymodel", "delete_mymodel"},
+                },
+                "otherapp": {
+                    "element": {"view_element"},
+                },
+            },
+        )