def test_edit03(self):
"Logged as regular user."
user = self.login_not_as_superuser()
role1 = UserRole(name='Master')
role1.allowed_apps = ['persons']
role1.save()
SetCredentials.objects.create(
role=role1,
value=EntityCredentials.VIEW,
set_type=SetCredentials.ESET_ALL,
)
other_user = User.objects.create(username='******', role=role1)
briareos = Contact.objects.create(
user=user,
first_name='Briareos',
last_name='Hecatonchires',
)
self.assertTrue(other_user.has_perm_to_view(briareos))
url = self._build_edit_url(other_user.id)
self.assertGET403(url)
role2 = UserRole.objects.create(name='Slave')
self.assertPOST403(
url,
data={
'first_name': 'Deunan',
'last_name': 'Knut',
'email': '*****@*****.**',
'role': role2.id,
},
)
def test_actions_not_admin(self):
with self.assertNumQueries(0):
field = CreatorModelChoiceField(
queryset=FakePosition.objects.all())
role = UserRole(name='CEO')
role.allowed_apps = ['persons'] # Not admin
role.save()
user = get_user_model().objects.create_user(
username='******',
first_name='Joe',
last_name='Average',
email='*****@*****.**',
)
user.role = role
field.user = user
render_str = field.widget.render('position', None)
self.assertIn(_(u'Cannot create'), render_str)
field.user = None
# self.assertFalse(hasattr(field.widget, 'actions'))
render_str = field.widget.render('position', None)
self.assertNotIn(_(u'Cannot create'), render_str)
def test_team_edit01(self):
self.login()
role = UserRole(name='Role')
role.allowed_apps = ['creme_core']
role.save()
SetCredentials.objects.create(role=role, value=EntityCredentials.VIEW,
set_type=SetCredentials.ESET_OWN
)
def create_user(name, email):
user = User.objects.create_user(username=name, email=email,
first_name=name, last_name='Endou',
password='******',
)
user.role = role
user.save()
return user
user01 = create_user('Maruo', '*****@*****.**')
user02 = create_user('Yokiji', '*****@*****.**')
user03 = create_user('Koizumi', '*****@*****.**')
self.assertGET404(reverse('creme_config__edit_team', args=(user01.id,)))
teamname = 'Teamee'
team = self._create_team(teamname, [user01, user02])
entity = CremeEntity.objects.create(user=team)
self.assertTrue(user01.has_perm_to_view(entity))
self.assertTrue(user02.has_perm_to_view(entity))
self.assertFalse(user03.has_perm_to_view(entity))
url = reverse('creme_config__edit_team', args=(team.id,))
self.assertGET200(url)
teamname += '_edited'
response = self.client.post(url, follow=True,
data={'username': teamname,
'teammates': [user02.id, user03.id],
}
)
self.assertNoFormError(response)
team = self.refresh(team)
self.assertEqual(teamname, team.username)
teammates = team.teammates
self.assertEqual(2, len(teammates))
self.assertIn(user02.id, teammates)
self.assertIn(user03.id, teammates)
self.assertNotIn(user01.id, teammates)
# Credentials have been updated ?
entity = CremeEntity.objects.get(pk=entity.id)
self.assertFalse(self.refresh(user01).has_perm_to_view(entity))
self.assertTrue(self.refresh(user02).has_perm_to_view(entity))
self.assertTrue(self.refresh(user03).has_perm_to_view(entity))
def test_edit_credentials01(self):
self.login()
role = UserRole(name='CEO')
role.allowed_apps = ['persons']
role.save()
creds = SetCredentials.objects.create(
role=role,
set_type=SetCredentials.ESET_ALL,
value=EntityCredentials.VIEW,
)
url = reverse('creme_config__edit_role_credentials', args=(creds.id, ))
response = self.assertGET200(url)
# self.assertTemplateUsed(response, 'creme_core/generics/blockform/edit_popup.html')
self.assertTemplateUsed(
response, 'creme_core/generics/blockform/edit-popup.html')
context = response.context
# self.assertEqual(_('Edit credentials for «{role}»').format(role=role),
self.assertEqual(
_('Edit credentials for «{role}»').format(role=role),
context.get('title'))
self.assertEqual(_('Save the modifications'),
context.get('submit_label'))
with self.assertNoException():
cred_ctypes = set(context['form'].fields['ctype'].ctypes)
get_ct = ContentType.objects.get_for_model
ct_contact = get_ct(Contact)
self.assertIn(ct_contact, cred_ctypes)
self.assertIn(get_ct(Organisation), cred_ctypes)
self.assertNotIn(get_ct(Activity), cred_ctypes) # App not allowed
# ---
response = self.client.post(url,
data={
'can_view': True,
'can_change': True,
'can_delete': True,
'can_link': False,
'can_unlink': False,
'set_type': SetCredentials.ESET_OWN,
'ctype': ct_contact.id,
})
self.assertNoFormError(response)
creds = self.refresh(creds)
self.assertEqual(
EntityCredentials.VIEW | EntityCredentials.CHANGE
| EntityCredentials.DELETE, creds.value)
self.assertEqual(SetCredentials.ESET_OWN, creds.set_type)
self.assertEqual(ct_contact.id, creds.ctype_id)
def test_add_credentials01(self):
user = self.login()
role = UserRole(name='CEO')
role.allowed_apps = ['creme_core']
role.save()
other_user = User.objects.create(username='******', role=role)
contact = FakeContact.objects.create(user=user,
first_name='Yuki',
last_name='Kajiura')
self.assertFalse(other_user.has_perm_to_view(contact))
self.assertEqual(0, role.credentials.count())
url = self._build_add_creds_url(role)
response = self.assertGET200(url)
# self.assertTemplateUsed(response, 'creme_core/generics/blockform/edit_popup.html')
self.assertTemplateUsed(
response, 'creme_core/generics/blockform/edit-popup.html')
context = response.context
# self.assertEqual(_('Add credentials to «{role}»').format(role=role),
self.assertEqual(
_('Add credentials to «{object}»').format(object=role),
context.get('title'))
self.assertEqual(_('Add the credentials'), context.get('submit_label'))
# ---
set_type = SetCredentials.ESET_ALL
response = self.client.post(url,
data={
'can_view': True,
'can_change': False,
'can_delete': False,
'can_link': False,
'can_unlink': False,
'set_type': set_type,
'ctype': '',
})
self.assertNoFormError(response)
setcreds = role.credentials.all()
self.assertEqual(1, len(setcreds))
creds = setcreds[0]
self.assertEqual(EntityCredentials.VIEW, creds.value)
self.assertEqual(set_type, creds.set_type)
self.assertIsNone(creds.ctype)
contact = self.refresh(contact) # Refresh cache
other_user = self.refresh(other_user)
self.assertTrue(other_user.has_perm_to_view(contact))
def test_edit01(self):
user = self.login()
role1 = UserRole(name='Master')
role1.allowed_apps = ['persons']
role1.save()
SetCredentials.objects.create(role=role1, value=EntityCredentials.VIEW,
set_type=SetCredentials.ESET_ALL
)
other_user = User.objects.create(username='******', first_name='??', last_name='??',
email='??', role=role1,
)
deunan = other_user.linked_contact
briareos = Contact.objects.create(user=user, first_name='Briareos', last_name='Hecatonchires')
self.assertTrue(other_user.has_perm_to_view(briareos))
url = self._build_edit_url(other_user.id)
response = self.assertGET200(url)
self.assertTemplateUsed(response, 'creme_core/generics/blockform/edit-popup.html')
self.assertEqual(_('Edit «{object}»').format(object=other_user),
response.context.get('title')
)
# ----
first_name = 'Deunan'
last_name = 'Knut'
email = '*****@*****.**'
role2 = UserRole.objects.create(name='Slave')
response = self.client.post(url, follow=True,
data={'first_name': first_name,
'last_name': last_name,
'email': email,
'role': role2.id,
}
)
self.assertNoFormError(response)
other_user = self.refresh(other_user)
self.assertEqual(first_name, other_user.first_name)
self.assertEqual(last_name, other_user.last_name)
self.assertEqual(email, other_user.email)
self.assertEqual(role2, other_user.role)
self.assertFalse(other_user.is_superuser)
briareos = self.refresh(briareos) # Refresh cache
self.assertFalse(other_user.has_perm_to_view(briareos))
# Contact is synced
deunan = self.refresh(deunan)
self.assertEqual(first_name, deunan.first_name)
self.assertEqual(last_name, deunan.last_name)
self.assertEqual(email, deunan.email)
def test_create02(self):
"Not superuser ; special chars in username."
self.login()
role = UserRole(name='Mangaka')
role.allowed_apps = ['persons']
role.save()
SetCredentials.objects.create(
role=role,
value=EntityCredentials.VIEW,
set_type=SetCredentials.ESET_ALL,
)
orga = Organisation.objects.create(user=self.user,
name='Olympus',
is_managed=True)
username = '******'
password = '******'
first_name = 'Deunan'
last_name = 'Knut'
response = self.client.post(
self.ADD_URL,
follow=True,
data={
'username': username,
'password_1': password,
'password_2': password,
'first_name': first_name,
'last_name': last_name,
'email': username,
'role': role.id,
'organisation': orga.id,
'relation': REL_SUB_MANAGES,
},
)
self.assertNoFormError(response)
user = self.get_object_or_fail(User, username=username)
self.assertEqual(role, user.role)
self.assertFalse(user.is_superuser)
self.assertTrue(user.has_perm_to_view(orga))
contact = self.get_object_or_fail(Contact,
first_name=first_name,
last_name=last_name)
self.assertEqual(user, contact.is_user)
self.assertRelationCount(1, contact, REL_SUB_MANAGES, orga)
def test_actions_admin(self):
field = CreatorModelChoiceField(queryset=FakeSector.objects.all())
role = UserRole(name='CEO')
role.admin_4_apps = ['creme_core']
role.save()
field.user = get_user_model().objects.create(username='******',
role=role)
render_str = field.widget.render('sector', None)
self.assertIn(self.ADD_URL, render_str)
self.assertIn(str(FakeSector.creation_label), render_str)
field.user = None
render_str = field.widget.render('sector', None)
self.assertNotIn(self.ADD_URL, render_str)
def test_actions_admin(self):
field = CreatorModelChoiceField(queryset=FakePosition.objects.all())
role = UserRole(name='CEO')
role.admin_4_apps = ['creme_core']
role.save()
admin = get_user_model().objects.create(username='******', role=role)
admin.role = role
field.user = admin
render_str = field.widget.render('position', None)
self.assertIn(self.ADD_URL, render_str)
self.assertIn(_(u'Create'), render_str)
field.user = None
render_str = field.widget.render('position', None)
self.assertNotIn(self.ADD_URL, render_str)
def test_actions_admin_no_creatable(self):
field = CreatorModelChoiceField(queryset=FakePosition.objects.all())
role = UserRole(name='CEO')
role.admin_4_apps = ['creme_core']
role.save()
field.user = get_user_model().objects.create(username='******',
role=role)
render_str = field.widget.render('position', None)
self.assertNotIn(
reverse(
'creme_config__create_instance_from_widget',
args=('creme_core', 'fake_position'),
),
render_str,
)
self.assertNotIn(str(FakePosition.creation_label), render_str)
def test_add_credentials02(self):
"Specific CType + ESET_OWN"
self.login()
role = UserRole(name='CEO')
role.allowed_apps = ['persons']
role.save()
url = self._build_add_creds_url(role)
response = self.assertGET200(url)
with self.assertNoException():
cred_ctypes = set(response.context['form'].fields['ctype'].ctypes)
get_ct = ContentType.objects.get_for_model
ct_contact = get_ct(Contact)
self.assertIn(ct_contact, cred_ctypes)
self.assertIn(get_ct(Organisation), cred_ctypes)
self.assertNotIn(get_ct(Activity), cred_ctypes) # App not allowed
set_type = SetCredentials.ESET_OWN
response = self.client.post(url,
data={
'can_view': True,
'can_change': True,
'can_delete': False,
'can_link': False,
'can_unlink': False,
'set_type': set_type,
'ctype': ct_contact.id,
})
self.assertNoFormError(response)
setcreds = role.credentials.all()
self.assertEqual(1, len(setcreds))
creds = setcreds[0]
self.assertEqual(EntityCredentials.VIEW | EntityCredentials.CHANGE,
creds.value)
self.assertEqual(SetCredentials.ESET_OWN, creds.set_type)
self.assertEqual(ct_contact.id, creds.ctype_id)
def test_delete_credentials01(self):
self.login()
role = UserRole(name='CEO')
role.allowed_apps = ['persons']
role.save()
create_creds = partial(SetCredentials.objects.create,
role=role,
set_type=SetCredentials.ESET_ALL)
sc1 = create_creds(value=EntityCredentials.VIEW)
sc2 = create_creds(value=EntityCredentials.CHANGE)
url = self.DEL_CREDS_URL
self.assertGET404(url)
self.assertPOST404(url)
self.assertPOST200(url, data={'id': sc1.id})
self.assertDoesNotExist(sc1)
self.assertStillExists(sc2)
def test_add_credentials03(self):
"Not super-user => error"
self.login_not_as_superuser()
role = UserRole(name='CEO')
role.allowed_apps = ['persons']
role.save()
url = self._build_add_creds_url(role)
self.assertGET403(url)
self.assertPOST403(url,
data={
'can_view': True,
'can_change': False,
'can_delete': False,
'can_link': False,
'can_unlink': False,
'set_type': SetCredentials.ESET_ALL,
'ctype': 0,
})
def create_user(admin=True):
role = UserRole(name='Average')
if admin:
role.admin_4_apps = ['creme_core']
else:
role.allowed_apps = ['creme_core']
role.save()
return get_user_model().objects.create(
username='******',
first_name='Joe',
last_name='Average',
email='*****@*****.**',
role=role,
)
def __init__(self, *args, **kwargs):
super().__init__(*args, **kwargs)
self.role = UserRole()
self.set_cred = SetCredentials()
def __init__(self, *args, **kwargs):
SessionWizardView.__init__(self, **kwargs)
self.role = UserRole()
