def test_moderation_tricks_a_posteriori(self):
# text a posteriori moderated
# a new comment is approved -> owner can edit -> get a reply -> owner cannot edit it (unless moderator)
user2 = UserProfile.objects.get(id=2).user
user3 = UserProfile.objects.get(id=3).user
text2 = Text.objects.get(id=2)
text2.last_text_version.mod_posteriori = True
text2.last_text_version.save()
# user 3 is Commentator on text 2 (a priori mod)
# user 2 is Editor on text 2 (a priori mod)
c3 = create_comment(user=user3, state='approved')
self.assertTrue(
has_own_perm(FalseRequest(user3), "can_edit_comment" + "_own",
text2, c3),
'CAN edit own comment (there is NO reply)')
# create a reply
c2 = create_comment(user=user3, reply_to=c3, state='approved')
self.assertFalse(
has_own_perm(FalseRequest(user3), "can_edit_comment" + "_own",
text2, c3),
'CANNOT edit own comment (there is a reply)')
self.assertTrue(
has_perm(FalseRequest(user2), "can_edit_comment", text2),
"CAN edit other's comment (moderator)")
def test_moderation_tricks_a_priori(self):
# text a priori moderated
# a new comment is unapproved -> owner can edit -> gets approved -> owner cannot edit it (unless moderator)
user2 = UserProfile.objects.get(id=2).user
user3 = UserProfile.objects.get(id=3).user
text2 = Text.objects.get(id=2)
# user 3 is Commentator on text 2 (a priori mod)
# user 2 is Editor on text 2 (a priori mod)
c2 = create_comment(user=user2)
self.assertTrue(
has_own_perm(FalseRequest(user2), "can_edit_comment" + "_own",
text2, c2), 'can edit own comment')
c3 = create_comment(user=user3)
self.assertTrue(
has_own_perm(FalseRequest(user3), "can_edit_comment" + "_own",
text2, c3), 'can edit own comment')
c2.state = 'approved'
c2.save()
c3.state = 'approved'
c3.save()
cache.clear()
self.assertFalse(
has_own_perm(FalseRequest(user3), "can_edit_comment" + "_own",
text2, c3),
'CANNOT edit own comment (there is a reply)')
self.assertTrue(
has_own_perm(FalseRequest(user2), "can_edit_comment" + "_own",
text2, c2), "CAN edit own comment (is moderator)")
self.assertTrue(
has_perm(FalseRequest(user2), "can_edit_comment", text2),
"CAN edit other comment (is moderator)")
def test_moderation_tricks_a_posteriori(self):
# text a posteriori moderated
# a new comment is approved -> owner can edit -> get a reply -> owner cannot edit it (unless moderator)
user2 = UserProfile.objects.get(id=2).user
user3 = UserProfile.objects.get(id=3).user
text2 = Text.objects.get(id=2)
text2.last_text_version.mod_posteriori = True
text2.last_text_version.save()
# user 3 is Commentator on text 2 (a priori mod)
# user 2 is Editor on text 2 (a priori mod)
c3 = create_comment(user=user3, state='approved')
self.assertTrue(has_own_perm(FalseRequest(user3), "can_edit_comment" + "_own", text2, c3),'CAN edit own comment (there is NO reply)')
# create a reply
c2 = create_comment(user=user3, reply_to=c3, state='approved')
self.assertFalse(has_own_perm(FalseRequest(user3), "can_edit_comment" + "_own", text2, c3),'CANNOT edit own comment (there is a reply)')
self.assertTrue(has_perm(FalseRequest(user2), "can_edit_comment", text2),"CAN edit other's comment (moderator)")
def test_moderation_tricks_a_priori(self):
# text a priori moderated
# a new comment is unapproved -> owner can edit -> gets approved -> owner cannot edit it (unless moderator)
user2 = UserProfile.objects.get(id=2).user
user3 = UserProfile.objects.get(id=3).user
text2 = Text.objects.get(id=2)
# user 3 is Commentator on text 2 (a priori mod)
# user 2 is Editor on text 2 (a priori mod)
c2 = create_comment(user=user2)
self.assertTrue(has_own_perm(FalseRequest(user2), "can_edit_comment" + "_own", text2, c2),'can edit own comment')
c3 = create_comment(user=user3)
self.assertTrue(has_own_perm(FalseRequest(user3), "can_edit_comment" + "_own", text2, c3),'can edit own comment')
c2.state = 'approved'
c2.save()
c3.state = 'approved'
c3.save()
self.assertFalse(has_own_perm(FalseRequest(user3), "can_edit_comment" + "_own", text2, c3),'CANNOT edit own comment (there is a reply)')
self.assertTrue(has_own_perm(FalseRequest(user2), "can_edit_comment" + "_own", text2, c2),"CAN edit own comment (is moderator)")
self.assertTrue(has_perm(FalseRequest(user2), "can_edit_comment", text2),"CAN edit other comment (is moderator)")
