def test_none_user_can_view_public_task(self):
# given
task = Task('task', is_public=True)
self.pl.add(task)
self.pl.commit()
# when
result = TaskUserOps.user_can_view_task(task, None)
# then
self.assertTrue(result)
def test_none_user_cannot_edit_private_task(self):
# given
task = Task('task')
self.pl.add(task)
self.pl.commit()
# when
result = TaskUserOps.user_can_edit_task(task, None)
# then
self.assertFalse(result)
def test_anon_user_cannot_edit_private_task(self):
# given
task = Task('task')
anon = AnonymousUserMixin()
self.pl.add(task)
self.pl.commit()
# when
result = TaskUserOps.user_can_edit_task(task, anon)
# then
self.assertFalse(result)
def test_guest_user_cannot_edit_private_task(self):
# given
task = Task('task')
guest = self.pl.get_guest_user()
self.pl.add(task)
self.pl.commit()
# when
result = TaskUserOps.user_can_edit_task(task, guest)
# then
self.assertFalse(result)
def test_anon_user_can_view_public_task(self):
# given
task = Task('task', is_public=True)
anon = AnonymousUserMixin()
self.pl.add(task)
self.pl.commit()
# when
result = TaskUserOps.user_can_view_task(task, anon)
# then
self.assertTrue(result)
def test_guest_user_can_view_public_task(self):
# given
task = Task('task', is_public=True)
guest = self.pl.get_guest_user()
self.pl.add(task)
self.pl.commit()
# when
result = TaskUserOps.user_can_view_task(task, guest)
# then
self.assertTrue(result)
def test_unauthorized_nonadmin_cannot_edit_public_task(self):
# given
task = Task('task', is_public=True)
user = User('*****@*****.**')
self.pl.add(task)
self.pl.add(user)
self.pl.commit()
# when
result = TaskUserOps.user_can_edit_task(task, user)
# then
self.assertFalse(result)
def test_unauthorized_admin_can_edit_private_task(self):
# given
task = Task('task')
user = User('*****@*****.**', None, True)
self.pl.add(task)
self.pl.add(user)
self.pl.commit()
# when
result = TaskUserOps.user_can_edit_task(task, user)
# then
self.assertTrue(result)
def test_unauthorized_nonadmin_cannot_view_private_task(self):
# given
task = Task('task')
user = User('*****@*****.**')
self.pl.add(task)
self.pl.add(user)
self.pl.commit()
# when
result = TaskUserOps.user_can_view_task(task, user)
# then
self.assertFalse(result)
def test_unauthorized_nonadmin_cannot_access_task(self):
# given
task = Task('task')
user = User('*****@*****.**')
self.pl.add(task)
self.pl.add(user)
self.pl.commit()
# when
result = TaskUserOps.is_user_authorized_or_admin(task, user)
# then
self.assertFalse(result)
def test_authorized_admin_can_edit_public_task(self):
# given
task = Task('task', is_public=True)
user = User('*****@*****.**', None, True)
self.pl.add(task)
self.pl.add(user)
task.users.append(user)
self.pl.commit()
# when
result = TaskUserOps.user_can_edit_task(task, user)
# then
self.assertTrue(result)
def test_authorized_admin_can_access_task(self):
# given
task = Task('task')
user = User('*****@*****.**', None, True)
self.pl.add(task)
self.pl.add(user)
task.users.append(user)
self.pl.commit()
# when
result = TaskUserOps.is_user_authorized_or_admin(task, user)
# then
self.assertTrue(result)