diff --git a/apps/permission/backends.py b/apps/permission/backends.py index 94816bfe..2446f211 100644 --- a/apps/permission/backends.py +++ b/apps/permission/backends.py @@ -1,13 +1,12 @@ # Copyright (C) 2018-2020 by BDE ENS Paris-Saclay # SPDX-License-Identifier: GPL-3.0-or-later -import datetime - from django.conf import settings from django.contrib.auth.backends import ModelBackend from django.contrib.auth.models import User, AnonymousUser from django.contrib.contenttypes.models import ContentType from django.db.models import Q, F +from django.utils import timezone from note.models import Note, NoteUser, NoteClub, NoteSpecial from note_kfet.middlewares import get_current_session from member.models import Membership, Club @@ -43,8 +42,8 @@ class PermissionBackend(ModelBackend): ).filter( ( Q( - rolepermissions__role__membership__date_start__lte=datetime.date.today(), - rolepermissions__role__membership__date_end__gte=datetime.date.today(), + rolepermissions__role__membership__date_start__lte=timezone.now().today(), + rolepermissions__role__membership__date_end__gte=timezone.now().today(), ) | Q(permanent=True) ) @@ -98,8 +97,8 @@ class PermissionBackend(ModelBackend): NoteSpecial=NoteSpecial, F=F, Q=Q, - now=datetime.datetime.now(), - today=datetime.date.today(), + now=timezone.now(), + today=timezone.now().date(), ) yield permission diff --git a/apps/permission/fixtures/initial.json b/apps/permission/fixtures/initial.json index 089cb2a1..095bcfc1 100644 --- a/apps/permission/fixtures/initial.json +++ b/apps/permission/fixtures/initial.json @@ -272,7 +272,7 @@ "note", "alias" ], - "query": "[\"OR\", {\"note__in\": [\"NoteUser\", \"objects\", [\"filter\", {\"user__membership__club__name\": \"Kfet\"}], [\"all\"]]}, {\"note__in\": [\"NoteClub\", \"objects\", [\"all\"]]}]", + "query": "[\"OR\", {\"note__in\": [\"NoteUser\", \"objects\", [\"filter\", {\"user__memberships__club__name\": \"Kfet\"}], [\"all\"]]}, {\"note__in\": [\"NoteClub\", \"objects\", [\"all\"]]}]", "type": "view", "mask": 1, "field": "", @@ -480,7 +480,7 @@ "note", "note" ], - "query": "[\"OR\", {\"pk\": [\"club\", \"note\", \"pk\"]}, {\"pk__in\": [\"NoteUser\", \"objects\", [\"filter\", {\"user__membership__club\": [\"club\"]}], [\"all\"]]}]", + "query": "[\"OR\", {\"pk\": [\"club\", \"note\", \"pk\"]}, {\"pk__in\": [\"NoteUser\", \"objects\", [\"filter\", {\"user__memberships__club\": [\"club\"]}], [\"all\"]]}]", "type": "view", "mask": 2, "field": "", @@ -1872,7 +1872,7 @@ "wei", "busteam" ], - "query": "{\"wei\": [\"club\"], \"wei__membership_end__gte\": [\"today\"]}", + "query": "{\"bus__wei\": [\"club\"], \"bus__wei__membership_end__gte\": [\"today\"]}", "type": "add", "mask": 3, "field": "", @@ -1888,7 +1888,7 @@ "wei", "busteam" ], - "query": "{\"wei\": [\"club\"], \"wei__membership_end__gte\": [\"today\"]}", + "query": "{\"bus__wei\": [\"club\"], \"bus__wei__membership_end__gte\": [\"today\"]}", "type": "change", "mask": 3, "field": "", @@ -1920,7 +1920,7 @@ "wei", "busteam" ], - "query": "[\"AND\", {\"wei\": [\"club\"]}, [\"OR\", [\"NOT\", [\"membership\", \"registration\", \"first_year\"]], {\"wei__date_end__lte\": [\"today\"]}]]", + "query": "[\"AND\", {\"bus__wei\": [\"club\"]}, [\"OR\", [\"NOT\", [\"membership\", \"registration\", \"first_year\"]], {\"bus__wei__date_end__lte\": [\"today\"]}]]", "type": "view", "mask": 1, "field": "", @@ -1936,7 +1936,7 @@ "wei", "weimembership" ], - "query": "[\"AND\", {\"club\": [\"club\"], \"club__weiclub__membership_end__gte\": [\"today\"]}, [\"OR\", {\"registration__soge_credit\": true}, {\"user__note__balance__gte\": [\"F\", \"fee\"]}]]", + "query": "[\"AND\", {\"club\": [\"club\"], \"club__weiclub__membership_end__gte\": [\"today\"]}, [\"OR\", {\"registration__soge_credit\": true}, {\"user__note__balance__gte\": {\"F\": [\"F\", \"fee\"]}}]]", "type": "add", "mask": 3, "field": "", @@ -2048,7 +2048,7 @@ "wei", "bus" ], - "query": "{\"pk\": [\"membership\", \"bus\", \"pk\"], \"wei__date_end__gte\": [\"today\"]}", + "query": "{\"pk\": [\"membership\", \"weimembership\", \"bus\", \"pk\"], \"wei__date_end__gte\": [\"today\"]}", "type": "change", "mask": 1, "field": "name", @@ -2064,7 +2064,7 @@ "wei", "bus" ], - "query": "{\"pk\": [\"membership\", \"bus\", \"pk\"], \"wei__date_end__gte\": [\"today\"]}", + "query": "{\"pk\": [\"membership\", \"weimembership\", \"bus\", \"pk\"], \"wei__date_end__gte\": [\"today\"]}", "type": "change", "mask": 1, "field": "description", @@ -2080,7 +2080,7 @@ "wei", "busteam" ], - "query": "{\"bus\": [\"membership\", \"bus\"], \"wei__date_end__gte\": [\"today\"]}", + "query": "{\"bus\": [\"membership\", \"weimembership\", \"bus\"], \"bus__wei__date_end__gte\": [\"today\"]}", "type": "add", "mask": 1, "field": "", @@ -2096,7 +2096,7 @@ "wei", "busteam" ], - "query": "{\"bus\": [\"membership\", \"bus\"], \"wei__date_end__gte\": [\"today\"]}", + "query": "{\"bus\": [\"membership\", \"weimembership\", \"bus\"], \"bus__wei__date_end__gte\": [\"today\"]}", "type": "change", "mask": 1, "field": "name", @@ -2112,7 +2112,7 @@ "wei", "busteam" ], - "query": "{\"bus\": [\"membership\", \"bus\"], \"wei__date_end__gte\": [\"today\"]}", + "query": "{\"bus\": [\"membership\", \"weimembership\", \"bus\"], \"bus__wei__date_end__gte\": [\"today\"]}", "type": "change", "mask": 1, "field": "color", @@ -2128,7 +2128,7 @@ "wei", "busteam" ], - "query": "{\"bus\": [\"membership\", \"bus\"], \"wei__date_end__gte\": [\"today\"]}", + "query": "{\"bus\": [\"membership\", \"weimembership\", \"bus\"], \"bus__wei__date_end__gte\": [\"today\"]}", "type": "change", "mask": 1, "field": "description", @@ -2144,7 +2144,7 @@ "wei", "busteam" ], - "query": "{\"pk\": [\"membership\", \"team\", \"pk\"], \"wei__date_end__gte\": [\"today\"]}", + "query": "{\"pk\": [\"membership\", \"weimembership\", \"team\", \"pk\"], \"bus__wei__date_end__gte\": [\"today\"]}", "type": "change", "mask": 1, "field": "name", @@ -2160,7 +2160,7 @@ "wei", "busteam" ], - "query": "{\"pk\": [\"membership\", \"team\", \"pk\"], \"wei__date_end__gte\": [\"today\"]}", + "query": "{\"pk\": [\"membership\", \"weimembership\", \"team\", \"pk\"], \"bus__wei__date_end__gte\": [\"today\"]}", "type": "change", "mask": 1, "field": "color", @@ -2176,7 +2176,7 @@ "wei", "busteam" ], - "query": "{\"pk\": [\"membership\", \"team\", \"pk\"], \"wei__date_end__gte\": [\"today\"]}", + "query": "{\"pk\": [\"membership\", \"weimembership\", \"team\", \"pk\"], \"bus__wei__date_end__gte\": [\"today\"]}", "type": "change", "mask": 1, "field": "description", diff --git a/apps/permission/test.py b/apps/permission/test.py new file mode 100644 index 00000000..de46d5aa --- /dev/null +++ b/apps/permission/test.py @@ -0,0 +1,86 @@ +# Copyright (C) 2018-2020 by BDE ENS Paris-Saclay +# SPDX-License-Identifier: GPL-3.0-or-later + +from django.contrib.auth.models import User +from django.core.exceptions import FieldError +from django.db.models import F, Q +from django.test import TestCase +from django.utils import timezone +from member.models import Club, Membership +from note.models import NoteUser, Note, NoteClub, NoteSpecial +from wei.models import WEIMembership, WEIRegistration, WEIClub, Bus, BusTeam + +from .models import Permission + + +class PermissionQueryTestCase(TestCase): + fixtures = ('initial', ) + + @classmethod + def setUpTestData(cls): + user = User.objects.create(username="user") + NoteUser.objects.create(user=user) + wei = WEIClub.objects.create( + name="wei", + date_start=timezone.now().date(), + date_end=timezone.now().date(), + ) + NoteClub.objects.create(club=wei) + weiregistration = WEIRegistration.objects.create( + user=user, + wei=wei, + birth_date=timezone.now().date(), + ) + bus = Bus.objects.create( + name="bus", + wei=wei, + ) + team = BusTeam.objects.create( + name="team", + bus=bus, + color=0xFFFFFF, + ) + WEIMembership.objects.create( + user=user, + club=wei, + registration=weiregistration, + bus=bus, + team=team, + ) + + def test_permission_queries(self): + """ + Check for all permissions that the query is compilable and that the database can parse the query. + We use a random user with a random WEIClub (to use permissions for the WEI) in a random team in a random bus. + """ + for perm in Permission.objects.all(): + instanced = perm.about( + user=User.objects.get(), + club=WEIClub.objects.get(), + membership=Membership.objects.get(), + User=User, + Club=Club, + Membership=Membership, + Note=Note, + NoteUser=NoteUser, + NoteClub=NoteClub, + NoteSpecial=NoteSpecial, + F=F, + Q=Q, + now=timezone.now(), + today=timezone.now().date(), + ) + try: + instanced.update_query() + query = instanced.query + model = perm.model.model_class() + model.objects.filter(query).all() + # print("Good query for permission", perm) + except (FieldError, AttributeError, ValueError): + print("Query error for permission", perm) + print("Query:", perm.query) + if instanced.query: + print("Compiled query:", instanced.query) + raise + + print("All permission queries are well formed")