fix(permission): Fix BoardPermission legacy codes

sparcs-kaist · Jan 10, 2024 · 226d1d8 · 226d1d8
1 parent 33546bb
commit 226d1d8
Show file tree

Hide file tree

Showing 3 changed files with 218 additions and 13 deletions.
diff --git a/apps/core/models/board_permission.py b/apps/core/models/board_permission.py
@@ -21,9 +21,36 @@ class BoardAccessPermissionType(IntEnum):
     DELETE = 4
 
 
+DEFAULT_READ_PERMISSION: list[tuple[int, BoardAccessPermissionType]] = [
+    (2, BoardAccessPermissionType.READ),
+    (3, BoardAccessPermissionType.READ),
+    (4, BoardAccessPermissionType.READ),
+    (5, BoardAccessPermissionType.READ),
+    (7, BoardAccessPermissionType.READ),
+    (8, BoardAccessPermissionType.READ),
+]
+DEFAULT_WRITE_PERMISSION: list[tuple[int, BoardAccessPermissionType]] = [
+    (2, BoardAccessPermissionType.WRITE),
+    (4, BoardAccessPermissionType.WRITE),
+    (5, BoardAccessPermissionType.WRITE),
+    (7, BoardAccessPermissionType.WRITE),
+    (8, BoardAccessPermissionType.WRITE),
+]
+DEFAULT_COMMENT_PERMISSION: list[tuple[int, BoardAccessPermissionType]] = [
+    (2, BoardAccessPermissionType.COMMENT),
+    (3, BoardAccessPermissionType.COMMENT),
+    (4, BoardAccessPermissionType.COMMENT),
+    (5, BoardAccessPermissionType.COMMENT),
+    (6, BoardAccessPermissionType.COMMENT),
+    (7, BoardAccessPermissionType.COMMENT),
+    (8, BoardAccessPermissionType.COMMENT),
+]
+
+
 class BoardAccessPermission:
     def __init__(self, target: UserProfile | Group, board: Board) -> None:
-        self.target = target
+        self.user = target if isinstance(target, UserProfile) else None
+        self.group = target if isinstance(target, Group) else None
         self.board = board
         self.READ = False
         self.WRITE = False
@@ -95,3 +122,79 @@ def permission_list_by_user(
                 permissions.setPermission(perm.permission)
 
         return permissions
+
+    @staticmethod
+    def add_permission(
+        group: Group,
+        board: Board,
+        permission: BoardAccessPermissionType,
+    ):
+        BoardPermission.objects.create(
+            group=group,
+            board=board,
+            permission=permission,
+        )
+
+    @staticmethod
+    def remove_permission(
+        group: Group,
+        board: Board,
+        permission: BoardAccessPermissionType,
+    ):
+        BoardPermission.objects.filter(
+            group=group,
+            board=board,
+            permission=permission,
+        ).delete()
+
+    @staticmethod
+    def add_permission_bulk_by_board(
+        board: Board,
+        perms: list[tuple[int, BoardAccessPermissionType]],
+    ):
+        for group_id, perm in perms:
+            BoardPermission.objects.create(
+                group=Group.search_by_id(group_id),
+                board=board,
+                permission=perm,
+            )
+
+    @staticmethod
+    def set_group_permission(permission: BoardAccessPermission):
+        if permission.group is None:
+            # raise ValueError("permission.group is None")
+            return
+        BoardPermission.objects.filter(
+            group=permission.group, board=permission.board
+        ).delete()
+        if permission.DENY:
+            BoardPermission.objects.create(
+                group=permission.group,
+                board=permission.board,
+                permission=BoardAccessPermissionType.DENY,
+            )
+            return
+        if permission.READ:
+            BoardPermission.objects.create(
+                group=permission.group,
+                board=permission.board,
+                permission=BoardAccessPermissionType.READ,
+            )
+        if permission.WRITE:
+            BoardPermission.objects.create(
+                group=permission.group,
+                board=permission.board,
+                permission=BoardAccessPermissionType.WRITE,
+            )
+        if permission.COMMENT:
+            BoardPermission.objects.create(
+                group=permission.group,
+                board=permission.board,
+                permission=BoardAccessPermissionType.COMMENT,
+            )
+        if permission.DELETE:
+            BoardPermission.objects.create(
+                group=permission.group,
+                board=permission.board,
+                permission=BoardAccessPermissionType.DELETE,
+            )
diff --git a/tests/test_articles.py b/tests/test_articles.py
@@ -5,6 +5,13 @@
 
 from apps.core.models import Article, Block, Board, Comment, Topic, Vote
 from apps.core.models.board import NameType
+from apps.core.models.board_permission import (
+    DEFAULT_COMMENT_PERMISSION,
+    DEFAULT_READ_PERMISSION,
+    DEFAULT_WRITE_PERMISSION,
+    BoardAccessPermissionType,
+    BoardPermission,
+)
 from apps.user.models import Group, UserGroup, UserProfile
 from ara.settings import MIN_TIME, SCHOOL_RESPONSE_VOTE_THRESHOLD
 from tests.conftest import RequestSetting, TestCase, Utils
@@ -44,38 +51,100 @@ def set_boards(request):
         slug="regular access",
         ko_name="일반 접근 권한 게시판",
         en_name="Regular Access Board",
-        read_access_mask=0b11011110,
-        write_access_mask=0b11011010,
+        # read_access_mask=0b11011110,
+        # write_access_mask=0b11011010,
+    )
+    permission_bulk: list[tuple[int, BoardAccessPermissionType]] = [
+        (2, BoardAccessPermissionType.READ),
+        (3, BoardAccessPermissionType.READ),
+        (4, BoardAccessPermissionType.READ),
+        (5, BoardAccessPermissionType.READ),
+        (7, BoardAccessPermissionType.READ),
+        (8, BoardAccessPermissionType.READ),
+        (2, BoardAccessPermissionType.WRITE),
+        (4, BoardAccessPermissionType.WRITE),
+        (5, BoardAccessPermissionType.WRITE),
+        (7, BoardAccessPermissionType.WRITE),
+        (8, BoardAccessPermissionType.WRITE),
+    ]
+    permission_bulk.extend(DEFAULT_COMMENT_PERMISSION)
+    BoardPermission.add_permission_bulk_by_board(
+        request.cls.regular_access_board, permission_bulk
     )
 
     # Though its name is 'advertiser accessible', enterprise is also accessible
     request.cls.advertiser_accessible_board = Board.objects.create(
         slug="advertiser accessible",
         ko_name="외부인(홍보 계정) 접근 가능 게시판",
         en_name="Advertiser Accessible Board",
-        read_access_mask=0b11111110,
-        write_access_mask=0b11111110,
+        # read_access_mask=0b11111110,
+        # write_access_mask=0b11111110,
+    )
+    permission_bulk: list[tuple[int, BoardAccessPermissionType]] = [
+        (2, BoardAccessPermissionType.READ),
+        (3, BoardAccessPermissionType.READ),
+        (4, BoardAccessPermissionType.READ),
+        (5, BoardAccessPermissionType.READ),
+        (7, BoardAccessPermissionType.READ),
+        (8, BoardAccessPermissionType.READ),
+        (2, BoardAccessPermissionType.WRITE),
+        (4, BoardAccessPermissionType.WRITE),
+        (5, BoardAccessPermissionType.WRITE),
+        (6, BoardAccessPermissionType.WRITE),
+        (7, BoardAccessPermissionType.WRITE),
+        (8, BoardAccessPermissionType.WRITE),
+    ]
+    permission_bulk.extend(DEFAULT_COMMENT_PERMISSION)
+    BoardPermission.add_permission_bulk_by_board(
+        request.cls.advertiser_accessible_board, permission_bulk
     )
 
     request.cls.nonwritable_board = Board.objects.create(
         slug="nonwritable",
         ko_name="글 작성 불가 게시판",
         en_name="Nonwritable Board",
-        write_access_mask=0b00000000,
+        # write_access_mask=0b00000000,
+    )
+    permission_bulk: list[tuple[int, BoardAccessPermissionType]] = []
+    permission_bulk.extend(DEFAULT_READ_PERMISSION)
+    permission_bulk.extend(DEFAULT_COMMENT_PERMISSION)
+    BoardPermission.add_permission_bulk_by_board(
+        request.cls.nonwritable_board, permission_bulk
     )
 
     request.cls.newsadmin_writable_board = Board.objects.create(
         slug="newsadmin writable",
         ko_name="뉴스게시판 관리인 글 작성 가능 게시판",
         en_name="Newsadmin Writable Board",
-        write_access_mask=0b10000000,
+        # write_access_mask=0b10000000,
+    )
+    permission_bulk: list[tuple[int, BoardAccessPermissionType]] = [
+        (8, BoardAccessPermissionType.WRITE),
+    ]
+    permission_bulk.extend(DEFAULT_READ_PERMISSION)
+    permission_bulk.extend(DEFAULT_COMMENT_PERMISSION)
+    BoardPermission.add_permission_bulk_by_board(
+        request.cls.newsadmin_writable_board, permission_bulk
     )
 
     request.cls.enterprise_writable_board = Board.objects.create(
         slug="enterprise writable",
         ko_name="입주업체 글 작성 가능 게시판",
         en_name="Enterprise Writable Board",
-        write_access_mask=0b11011110,
+        # write_access_mask=0b11011110,
+    )
+    permission_bulk: list[tuple[int, BoardAccessPermissionType]] = [
+        (2, BoardAccessPermissionType.WRITE),
+        (3, BoardAccessPermissionType.WRITE),
+        (4, BoardAccessPermissionType.WRITE),
+        (5, BoardAccessPermissionType.WRITE),
+        (7, BoardAccessPermissionType.WRITE),
+        (8, BoardAccessPermissionType.WRITE),
+    ]
+    permission_bulk.extend(DEFAULT_READ_PERMISSION)
+    permission_bulk.extend(DEFAULT_COMMENT_PERMISSION)
+    BoardPermission.add_permission_bulk_by_board(
+        request.cls.enterprise_writable_board, permission_bulk
     )
 
 
@@ -184,9 +253,18 @@ def set_kaist_articles(request):
         slug="kaist-only",
         ko_name="KAIST Board",
         en_name="KAIST Board",
-        read_access_mask=0b00000010,
-        write_access_mask=0b00000010,
+        # read_access_mask=0b00000010,
+        # write_access_mask=0b00000010,
     )
+    permission_bulk: list[tuple[int, BoardAccessPermissionType]] = [
+        (2, BoardAccessPermissionType.READ),
+        (2, BoardAccessPermissionType.WRITE),
+    ]
+    permission_bulk.extend(DEFAULT_COMMENT_PERMISSION)
+    BoardPermission.add_permission_bulk_by_board(
+        request.cls.kaist_board, permission_bulk
+    )
+
     request.cls.kaist_article, _ = Article.objects.get_or_create(
         title="example article",
         content="example content",

diff --git a/tests/test_communication_article.py b/tests/test_communication_article.py
@@ -6,8 +6,15 @@
 from django.utils import timezone
 from rest_framework.status import HTTP_200_OK, HTTP_400_BAD_REQUEST
 
-from apps.core.models import Article, Board
+from apps.core.models import Article, Board, BoardAccessPermissionType, BoardPermission
 from apps.core.models.board import NameType
+from apps.core.models.board_permission import (
+    DEFAULT_COMMENT_PERMISSION,
+    DEFAULT_READ_PERMISSION,
+    DEFAULT_WRITE_PERMISSION,
+    BoardAccessPermissionType,
+    BoardPermission,
+)
 from apps.core.models.communication_article import (
     CommunicationArticle,
     SchoolResponseStatus,
@@ -26,8 +33,25 @@ def set_communication_board(request):
         en_name="With School (Test)",
         is_school_communication=True,
         name_type=NameType.REALNAME,
-        read_access_mask=0b11011110,
-        write_access_mask=0b11011010,
+        # read_access_mask=0b11011110,
+        # write_access_mask=0b11011010,
+    )
+    permission_bulk: list[tuple[int, BoardAccessPermissionType]] = [
+        (2, BoardAccessPermissionType.READ),
+        (3, BoardAccessPermissionType.READ),
+        (4, BoardAccessPermissionType.READ),
+        (5, BoardAccessPermissionType.READ),
+        (7, BoardAccessPermissionType.READ),
+        (8, BoardAccessPermissionType.READ),
+        (2, BoardAccessPermissionType.WRITE),
+        (4, BoardAccessPermissionType.WRITE),
+        (5, BoardAccessPermissionType.WRITE),
+        (7, BoardAccessPermissionType.WRITE),
+        (8, BoardAccessPermissionType.WRITE),
+    ]
+    permission_bulk.extend(DEFAULT_COMMENT_PERMISSION)
+    BoardPermission.add_permission_bulk_by_board(
+        request.cls.communication_board, permission_bulk
     )