From 778fc520cb5e6d0f2f6fb9bdf27fb9fb1f7b6188 Mon Sep 17 00:00:00 2001 From: mattiagiupponi <51856725+mattiagiupponi@users.noreply.github.com> Date: Tue, 17 Jan 2023 11:54:36 +0100 Subject: [PATCH] [Fixes #10525] set/unset batch permissions on groups raise an error (#10526) * [Fixes #10525] set/unset batch permissions on groups raise an error * [Fixes #10525] set/unset batch permissions on groups raise an error (cherry picked from commit 648dd10339c8a45e9d5dc3514f3ef77f26adc542) --- geonode/layers/tests.py | 45 +++++++++++++++++++++++++++++++++++++++++ geonode/layers/utils.py | 2 +- 2 files changed, 46 insertions(+), 1 deletion(-) diff --git a/geonode/layers/tests.py b/geonode/layers/tests.py index 794a0ceae6f..41f504617a8 100644 --- a/geonode/layers/tests.py +++ b/geonode/layers/tests.py @@ -67,6 +67,7 @@ from geonode.base.models import TopicCategory, License, Region, Link from geonode.utils import check_ogc_backend, set_resource_default_links from geonode.layers.metadata import convert_keyword, set_metadata, parse_metadata +from geonode.groups.models import GroupProfile from geonode.layers.utils import ( is_sld_upload_only, @@ -925,6 +926,50 @@ def test_assign_remove_permissions(self): # "norman" has no permissions self.assertEqual(_c, 0) + @on_ogc_backend(geoserver.BACKEND_PACKAGE) + def test_assign_remove_permissions_for_groups(self): + # Assing + layer = Dataset.objects.all().first() + perm_spec = layer.get_all_level_info() + group_profile = GroupProfile.objects.create(slug="group1", title="group1", access="public") + self.assertNotIn(group_profile, perm_spec["groups"]) + + # giving manage permissions to the group + utils.set_datasets_permissions("manage", resources_names=[layer.name], groups_names=["group1"], delete_flag=False, verbose=True) + perm_spec = layer.get_all_level_info() + expected = { + 'change_dataset_data', 'change_dataset_style', 'change_resourcebase', + 'change_resourcebase_metadata', 'change_resourcebase_permissions', + 'delete_resourcebase', 'download_resourcebase', 'publish_resourcebase', + 'view_resourcebase' + } + # checking the perms list + self.assertSetEqual( + expected, + set(perm_spec['groups'][group_profile.group]) + ) + + # Chaning perms to the group from manage to read + utils.set_datasets_permissions("view", resources_names=[layer.name], groups_names=["group1"], delete_flag=False, verbose=True) + perm_spec = layer.get_all_level_info() + expected = { + 'view_resourcebase' + } + # checking the perms list + self.assertSetEqual( + expected, + set(perm_spec['groups'][group_profile.group]) + ) + + # Chaning perms to the group from manage to read + utils.set_datasets_permissions("view", resources_names=[layer.name], groups_names=["group1"], delete_flag=True, verbose=True) + perm_spec = layer.get_all_level_info() + # checking the perms list + self.assertTrue(group_profile.group not in perm_spec['groups']) + + if group_profile: + group_profile.delete() + def test_xml_form_without_files_should_raise_500(self): files = dict() files['permissions'] = '{}' diff --git a/geonode/layers/utils.py b/geonode/layers/utils.py index 9a8cafad8e0..2c93cc5c843 100644 --- a/geonode/layers/utils.py +++ b/geonode/layers/utils.py @@ -494,7 +494,7 @@ def set_datasets_permissions(permissions_name, resources_names=None, users_usern final_perms_payload["groups"] = { _group: _perms for _group, _perms in perms_spec_compact_resource.extended["groups"].items() - if _user not in copy_compact_perms.extended["groups"] + if _group not in copy_compact_perms.extended["groups"] } if final_perms_payload["users"].get("AnonymousUser") is None and final_perms_payload["groups"].get("anonymous"): final_perms_payload["groups"].pop("anonymous")