deprecate CanCreateMixin

Les motifs de cette déprécation sont indiqués dans la documentation. Le mixin a été remplacé par `PermissionRequiredMixin` dans les endroits où ce remplacement était aisé.
2025-07-09 19:40:19 +00:00 · 2025-01-13 17:31:04 +01:00
parent e500cf92ee
commit d0b1a49300
13 changed files with 94 additions and 56 deletions
--- a/core/auth/mixins.py
+++ b/core/auth/mixins.py
@ -23,6 +23,7 @@
 #

 import types
+import warnings
 from typing import TYPE_CHECKING, Any, LiteralString

 from django.contrib.auth.mixins import AccessMixin, PermissionRequiredMixin
@ -148,6 +149,24 @@ class CanCreateMixin(View):
            to create the object of the view.
    """

+    def __init_subclass__(cls, **kwargs):
+        warnings.warn(
+            f"{cls.__name__} is deprecated and should be replaced "
+            "by other permission verification mecanism.",
+            DeprecationWarning,
+            stacklevel=2,
+        )
+        super().__init_subclass__(**kwargs)
+
+    def __init__(self, *args, **kwargs):
+        warnings.warn(
+            f"{self.__class__.__name__} is deprecated and should be replaced "
+            "by other permission verification mecanism.",
+            DeprecationWarning,
+            stacklevel=2,
+        )
+        super().__init__(*args, **kwargs)
+
    def dispatch(self, request, *arg, **kwargs):
        res = super().dispatch(request, *arg, **kwargs)
        if not request.user.is_authenticated:
--- a/core/management/commands/populate.py
+++ b/core/management/commands/populate.py
@ -894,7 +894,9 @@ Welcome to the wiki page!
        public_group = Group.objects.create(name="Public")

        subscribers = Group.objects.create(name="Subscribers")
-        subscribers.permissions.add(*list(perms.filter(codename__in=["add_news"])))
+        subscribers.permissions.add(
+            *list(perms.filter(codename__in=["add_news", "add_uvcommentreport"]))
+        )
        old_subscribers = Group.objects.create(name="Old subscribers")
        old_subscribers.permissions.add(
            *list(
--- a/core/tests/test_core.py
+++ b/core/tests/test_core.py
@ -327,12 +327,9 @@ http://git.an
 class TestUserTools:
    def test_anonymous_user_unauthorized(self, client):
        """An anonymous user shouldn't have access to the tools page."""
-        response = client.get(reverse("core:user_tools"))
-        assertRedirects(
-            response,
-            expected_url="/login?next=%2Fuser%2Ftools%2F",
-            target_status_code=301,
-        )
+        url = reverse("core:user_tools")
+        response = client.get(url)
+        assertRedirects(response, expected_url=reverse("core:login") + f"?next={url}")

    @pytest.mark.parametrize("username", ["guy", "root", "skia", "comunity"])
    def test_page_is_working(self, client, username):
--- a/core/views/group.py
+++ b/core/views/group.py
@ -16,12 +16,13 @@
 """Views to manage Groups."""

 from django import forms
+from django.contrib.auth.mixins import PermissionRequiredMixin
 from django.urls import reverse_lazy
 from django.utils.translation import gettext_lazy as _
 from django.views.generic import ListView
 from django.views.generic.edit import CreateView, DeleteView, UpdateView

-from core.auth.mixins import CanCreateMixin, CanEditMixin
+from core.auth.mixins import CanEditMixin
 from core.models import Group, User
 from core.views import DetailFormView
 from core.views.widgets.select import AutoCompleteSelectMultipleUser
@ -74,13 +75,14 @@ class GroupEditView(CanEditMixin, UpdateView):
    fields = ["name", "description"]


-class GroupCreateView(CanCreateMixin, CreateView):
+class GroupCreateView(PermissionRequiredMixin, CreateView):
    """Add a new Group."""

    model = Group
    queryset = Group.objects.filter(is_manually_manageable=True)
    template_name = "core/create.jinja"
    fields = ["name", "description"]
+    permission_required = "core.add_group"


 class GroupTemplateView(CanEditMixin, DetailFormView):