def setUp(self):
self.permission = AllowOwnerButReadOnlyIfBlocked()
self.user = AnonymousUser()
self.request_factory = RequestFactory()
self.extension = Extension.objects.create()
self.unsafe_methods = ('patch', 'post', 'put', 'delete')
self.safe_methods = ('get', 'options', 'head')
class TestAllowOwnerIfNotBlocked(TestCase):
fixtures = fixture('user_2519')
def setUp(self):
self.permission = AllowOwnerButReadOnlyIfBlocked()
self.user = AnonymousUser()
self.request_factory = RequestFactory()
self.extension = Extension.objects.create()
self.unsafe_methods = ('patch', 'post', 'put', 'delete')
self.safe_methods = ('get', 'options', 'head')
def _request(self, verb):
request = getattr(self.request_factory, verb)('/')
request.user = self.user
return request
def test_has_permission_anonymous(self):
eq_(self.permission.has_permission(self._request('get'), 'myview'),
False)
def test_has_permission_logged_in(self):
self.user = UserProfile.objects.get(pk=2519)
eq_(self.permission.has_permission(self._request('get'), 'myview'),
True)
def test_has_object_permission_not_author(self):
obj = self.extension
eq_(self.permission.has_object_permission(
self._request('get'), 'myview', obj), False)
self.user = UserProfile.objects.get(pk=2519)
eq_(self.permission.has_object_permission(
self._request('get'), 'myview', obj), False)
def test_has_object_permission_author(self):
obj = self.extension
self.user = UserProfile.objects.get(pk=2519)
obj.authors.add(self.user)
for verb in self.safe_methods + self.unsafe_methods:
eq_(self.permission.has_object_permission(
self._request(verb), 'myview', obj), True)
def test_has_object_permission_blocked(self):
obj = self.extension
self.user = UserProfile.objects.get(pk=2519)
obj.authors.add(self.user)
obj.block()
for verb in self.safe_methods:
eq_(self.permission.has_object_permission(
self._request(verb), 'myview', obj), True)
for verb in self.unsafe_methods:
eq_(self.permission.has_object_permission(
self._request(verb), 'myview', obj), False)
