def test_access_permission_for_not_owner(self):
user = UserFactory()
diff_user_prompt = WriteUpPromptFactory()
valid = user_can_read_prompt_instance(user, diff_user_prompt)
self.assertFalse(valid)
def test_access_permission_for_not_owner_failed(self):
user = UserFactory()
diff_user_prompt = WriteUpPromptFactory(
share_state=PromptShareStates.PUBLISHED,
staff_verified_share_state=StaffVerifiedShareStates.VERIFIED_FAIL,
)
valid = user_can_read_prompt_instance(user, diff_user_prompt)
self.assertFalse(valid)
def get(self, request, prompt_uuid):
prompt = get_object_or_404(WriteUpPrompt, uuid=prompt_uuid)
can_read = user_can_read_prompt_instance(request.user, prompt)
if not can_read:
raise Http404
serializer = WriteUpPromptCreateReadSerializer(prompt)
data = serializer.data
return Response(data=data)
def test_access_permission_for_user_owner(self):
user = UserFactory()
user_prompt = WriteUpPromptFactory(user=user)
valid = user_can_read_prompt_instance(user, user_prompt)
self.assertTrue(valid)