do not expose legacy features (#28512)

2018-11-30 19:25:53 +01:00 · 2018-11-30 19:25:53 +01:00 · 80784d047b
parent 76dcfc2ff2
commit 80784d047b
3 changed files with 63 additions and 20 deletions
--- a/auquotidien/modules/admin.py
+++ b/auquotidien/modules/admin.py
@ -85,21 +85,26 @@ class PanelDirectory(Directory):
        form.add(SingleSelectWidget, 'forms', title = _('Admin role for forms'),
                value = permissions_cfg.get('forms', None),
                options = [(None, _('Nobody'), None)] + get_user_roles())
-        form.add(SingleSelectWidget, 'events', title = _('Admin role for events'),
-                value = permissions_cfg.get('events', None),
-                options = [(None, _('Nobody'), None)] + get_user_roles())
-        form.add(SingleSelectWidget, 'links', title = _('Admin role for links'),
-                value = permissions_cfg.get('links', None),
-                options = [(None, _('Nobody'), None)] + get_user_roles())
-        form.add(SingleSelectWidget, 'announces', title = _('Admin role for announces'),
-                value = permissions_cfg.get('announces', None),
-                options = [(None, _('Nobody'), None)] + get_user_roles())
-        form.add(SingleSelectWidget, 'payments', title = _('Admin role for payments'),
-                value = permissions_cfg.get('payments', None),
-                options = [(None, _('Nobody'), None)] + get_user_roles())
-        form.add(SingleSelectWidget, 'strongbox', title = _('Admin role for strongbox'),
-                value = permissions_cfg.get('strongbox', None),
-                options = [(None, _('Nobody'), None)] + get_user_roles())
+        if get_publisher().has_site_option('auquotidien-events'):
+            form.add(SingleSelectWidget, 'events', title = _('Admin role for events'),
+                    value = permissions_cfg.get('events', None),
+                    options = [(None, _('Nobody'), None)] + get_user_roles())
+        if get_publisher().has_site_option('auquotidien-links'):
+            form.add(SingleSelectWidget, 'links', title = _('Admin role for links'),
+                    value = permissions_cfg.get('links', None),
+                    options = [(None, _('Nobody'), None)] + get_user_roles())
+        if get_publisher().has_site_option('auquotidien-announces'):
+            form.add(SingleSelectWidget, 'announces', title = _('Admin role for announces'),
+                    value = permissions_cfg.get('announces', None),
+                    options = [(None, _('Nobody'), None)] + get_user_roles())
+        if get_publisher().has_site_option('auquotidien-payments'):
+            form.add(SingleSelectWidget, 'payments', title = _('Admin role for payments'),
+                    value = permissions_cfg.get('payments', None),
+                    options = [(None, _('Nobody'), None)] + get_user_roles())
+        if get_publisher().has_site_option('auquotidien-strongbox'):
+            form.add(SingleSelectWidget, 'strongbox', title = _('Admin role for strongbox'),
+                    value = permissions_cfg.get('strongbox', None),
+                    options = [(None, _('Nobody'), None)] + get_user_roles())
        form.add_submit('submit', _('Submit'))
        form.add_submit('cancel', _('Cancel'))

@ -256,16 +261,25 @@ class PanelDirectory(Directory):

 class SettingsDirectory(wcs.admin.settings.SettingsDirectory):
    def _q_index(self):
+        if not (get_publisher().has_site_option('auquotidien-announces') or
+                get_publisher().has_site_option('auquotidien-links') or
+                get_publisher().has_site_option('auquotidien-events') or
+                get_publisher().has_site_option('auquotidien-payments') or
+                get_publisher().has_site_option('auquotidien-strongvox')):
+            return super(SettingsDirectory, self)._q_index()
        r = TemplateIO(html=True)
        r += htmltext(super(SettingsDirectory, self)._q_index())
        r += htmltext('<div class="splitcontent-right">')
        r += htmltext('<div class="bo-block">')
        r += htmltext('<h2>%s</h2>') % _('Extra Options')
        r += htmltext('<ul>')
-        r += htmltext('<li><a href="aq/announces">%s</a></li>') % _('Announces Options')
+        if get_publisher().has_site_option('auquotidien-announces'):
+            r += htmltext('<li><a href="aq/announces">%s</a></li>') % _('Announces Options')
        r += htmltext('<li><a href="aq/permissions">%s</a></li>') % _('Permissions')
-        r += htmltext('<li><a href="aq/event_keywords">%s</a></li>') % _('Event Keywords')
-        r += htmltext('<li><a href="aq/announce_themes">%s</a></li>') % _('Announce Themes')
+        if get_publisher().has_site_option('auquotidien-events'):
+            r += htmltext('<li><a href="aq/event_keywords">%s</a></li>') % _('Event Keywords')
+        if get_publisher().has_site_option('auquotidien-announces'):
+            r += htmltext('<li><a href="aq/announce_themes">%s</a></li>') % _('Announce Themes')
        if get_publisher().has_site_option('strongbox'):
            r += htmltext('<li><a href="aq/strongbox">%s</a></li>') % _('Strongbox Support')
        if get_publisher().has_site_option('clicrdv'):
--- a/auquotidien/modules/backoffice.py
+++ b/auquotidien/modules/backoffice.py
@ -18,6 +18,9 @@ from qommon.form import *
 CURRENT_USER = object()

 def check_visibility(target, user=CURRENT_USER):
+    if not get_publisher().has_site_option('auquotidien-%s' % target):
+        # option not explicitely enabled, -> off.
+        return False
    if user is CURRENT_USER:
        user = get_request().user
    if not user:
--- a/tests/test_admin_pages.py
+++ b/tests/test_admin_pages.py
@ -65,6 +65,10 @@ def create_role():
 def teardown_module(module):
    shutil.rmtree(pub.APP_DIR)

+@pytest.fixture
+def empty_siteoptions():
+    open(os.path.join(pub.app_dir, 'site-options.cfg'), 'w').close()
+
 def test_with_superuser():
    create_superuser()
    app = login(get_app(pub))
@ -85,18 +89,40 @@ def test_general_admin_permissions():
    del pub.cfg['admin-permissions']
    pub.write_cfg()

-def test_aq_permissions_panel():
+def test_aq_permissions_panel(empty_siteoptions):
    create_superuser()
    app = login(get_app(pub))
+    resp = app.get('/backoffice/settings/')
+    assert not 'aq/permissions' in resp.body
+
+    with open(os.path.join(pub.app_dir, 'site-options.cfg'), 'w') as fd:
+        if not pub.site_options.has_section('options'):
+            pub.site_options.add_section('options')
+        pub.site_options.set('options', 'auquotidien-links', 'true')
+        pub.site_options.write(fd)
+
    resp = app.get('/backoffice/settings/')
    assert 'aq/permissions' in resp.body
    resp = app.get('/backoffice/settings/aq/permissions')

-def test_menu_items():
+def test_menu_items(empty_siteoptions):
    create_superuser()
    role = create_role()

+    with open(os.path.join(pub.app_dir, 'site-options.cfg'), 'w') as fd:
+        if not pub.site_options.has_section('options'):
+            pub.site_options.add_section('options')
+        pub.site_options.set('options', 'auquotidien-links', 'true')
+        pub.site_options.write(fd)
+
    for area in ('links', 'announces', 'events', 'links', 'payments'):
+
+        with open(os.path.join(pub.app_dir, 'site-options.cfg'), 'w') as fd:
+            if not pub.site_options.has_section('options'):
+                pub.site_options.add_section('options')
+            pub.site_options.set('options', 'auquotidien-%s' % area, 'true')
+            pub.site_options.write(fd)
+
        pub.cfg['aq-permissions'] = {area: None}
        pub.write_cfg()