Coverage for website/activemembers/backends.py: 85.00%

44 statements  

« prev     ^ index     » next       coverage.py v7.6.7, created at 2025-08-14 10:31 +0000

1from django.contrib.auth.models import Permission 

2from django.db.models import Q 

3from django.utils import timezone 

4 

5from members.models import Member 

6 

7 

8class MemberGroupBackend: 

9 """Check permissions against MemberGroups.""" 

10 

11 def authenticate(self, *args, **kwargs): 

12 """Not implemented in this backend.""" 

13 return 

14 

15 def get_user(self, *args, **kwargs): 

16 """Not implemented in this backend.""" 

17 return 

18 

19 @staticmethod 

20 def _get_permissions(user, obj): 

21 if not user.is_active or user.is_anonymous or obj is not None: 21 ↛ 22line 21 didn't jump to line 22 because the condition on line 21 was never true

22 return set() 

23 

24 perm_cache_name = "_membergroup_perm_cache" 

25 if not hasattr(user, perm_cache_name): 

26 if isinstance(user, Member): 

27 member = user 

28 else: 

29 try: 

30 member = Member.objects.get(pk=user.pk) 

31 except Member.DoesNotExist: 

32 return set() 

33 

34 now = timezone.now() 

35 if not member.has_active_membership(): 

36 return set() 

37 

38 groups = member.membergroup_set.filter( 

39 Q(membergroupmembership__until=None) 

40 | Q( 

41 membergroupmembership__since__lte=now, 

42 membergroupmembership__until__gte=now, 

43 ) 

44 ) 

45 

46 chair_permission_groups = member.membergroup_set.filter( 

47 Q( 

48 membergroupmembership__until=None, 

49 membergroupmembership__has_chair_permissions=True, 

50 ) 

51 | Q( 

52 membergroupmembership__since__lte=now, 

53 membergroupmembership__until__gte=now, 

54 membergroupmembership__has_chair_permissions=True, 

55 ) 

56 ) 

57 perms = ( 

58 Permission.objects.filter( 

59 Q(permissions_groups__in=groups) 

60 | Q(chair_permissions_groups__in=chair_permission_groups) 

61 ) 

62 .values_list("content_type__app_label", "codename") 

63 .order_by() 

64 ) 

65 setattr( 

66 user, 

67 perm_cache_name, 

68 set(f"{ct}.{name}" for ct, name in perms), 

69 ) 

70 return getattr(user, perm_cache_name) 

71 

72 def get_all_permissions(self, user, obj=None): 

73 return self._get_permissions(user, obj) 

74 

75 def get_group_permissions(self, user, obj=None): 

76 return self._get_permissions(user, obj) 

77 

78 def has_perm(self, user, perm, obj=None): 

79 if not user.is_active: 79 ↛ 80line 79 didn't jump to line 80 because the condition on line 79 was never true

80 return False 

81 return perm in self.get_all_permissions(user, obj) 

82 

83 def has_module_perms(self, user, app_label): 

84 """Return True if user has any permissions in the given app_label.""" 

85 if not user.is_active: 85 ↛ 86line 85 didn't jump to line 86 because the condition on line 85 was never true

86 return False 

87 for perm in self.get_all_permissions(user): 

88 if perm[: perm.index(".")] == app_label: 

89 return True 

90 return False