To protect your data, the CISO officer has suggested users to enable GitLab 2FA as soon as possible.

Commit e90ef68b authored by Lincoln Smith's avatar Lincoln Smith
Browse files

Fix for anonymous users.

Interpretation of doco that anon users have is_active == False is
incorrect, handle anon users properly.
parent 59794b72
include README.rst
include LICENSE.txt
recursive-include perfieldperms/templates *
recursive-include perfieldperms/templatetags *
recursive-include perfieldperms/static *
prune tests
......@@ -157,8 +157,11 @@ class PFPBackend(object):
"""
Returns true if `user_obj` has `perm` in their set of all permissions.
"""
if not user_obj.is_active:
return False
if not hasattr(user_obj, '_pfp_perm_cache'):
self.get_all_permissions(user_obj, obj)
if not self.get_all_permissions(user_obj, obj):
return False
cache = user_obj._pfp_perm_cache
# Looking for model level perm, no need to go deeper
if perm in cache:
......@@ -179,7 +182,8 @@ class PFPBackend(object):
if not user_obj.is_active:
return False
if not hasattr(user_obj, '_pfp_perm_cache'):
self.get_all_permissions(user_obj)
if not self.get_all_permissions(user_obj):
return False
for perm in user_obj._pfp_perm_cache.keys():
if perm[:perm.index('.')] == app_label:
return True
......
......@@ -10,11 +10,11 @@ with open(os.path.join(os.path.dirname(__file__), 'README.rst')) as readme:
setup(
name='django-perfieldperms',
version='0.1',
version='0.1.1',
packages=find_packages(exclude=['tests*']),
include_package_data=True,
license='Apache-2.0',
description='Per model-field permissions for Django.',
description='Per model field permissions for Django.',
long_description=README,
url='',
author='Lincoln Smith',
......
......@@ -226,6 +226,14 @@ class TestPFPBackend(TestCase):
# Check has user perm
u2.user_permissions.add(perm)
self.assertTrue(backend.has_perm(u2, perm_str))
# Inactive user has no perms
u2 = User.objects.get(username='u2')
u2.is_active = False
self.assertFalse(backend.has_perm(u2, perm_str))
# Anonymous user has no perms
u2 = AnonymousUser()
u2.is_active = False
self.assertFalse(backend.has_perm(u2, perm_str))
# Check has group perm
g1.permissions.add(perm)
u3.groups.add(g1)
......
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment