def test_edit_plugin_and_cancel(self):
placeholder = self.get_placeholder()
admin = self.get_admin()
data = {
'plugin_type': 'TextPlugin',
'placeholder': placeholder.pk,
'language': 'en',
}
superuser = self.get_superuser()
with UserLoginContext(self, superuser):
with SettingsOverride(CMS_PLACEHOLDER_CONF=self.placeholderconf):
request = self.get_post_request(data)
response = admin.add_plugin(request)
self.assertEqual(response.status_code, 200)
plugin_id = int(response.content)
data = {
'body': 'Hello World',
}
request = self.get_post_request(data)
response = admin.edit_plugin(request, plugin_id)
self.assertEqual(response.status_code, 200)
text_plugin = Text.objects.get(pk=plugin_id)
self.assertEquals('Hello World', text_plugin.body)
# edit again, but this time press cancel
data = {
'body': 'Hello World!!',
'_cancel': True,
}
request = self.get_post_request(data)
response = admin.edit_plugin(request, plugin_id)
self.assertEqual(response.status_code, 200)
text_plugin = Text.objects.get(pk=plugin_id)
self.assertEquals('Hello World', text_plugin.body)
def test_plugin_edit_requires_permissions(self):
"""User wants to edit a plugin to the example app placeholder but has no permissions"""
self._create_example()
self._create_plugin()
normal_guy = self._testuser()
admin = self.get_admin()
request = self._post_request(normal_guy)
response = admin.edit_plugin(request, self._plugin.id)
self.assertEqual(response.status_code,
HttpResponseForbidden.status_code)
# The user gets the permission only for the plugin
self._give_permission(normal_guy, Text, 'change')
request = self._post_request(normal_guy)
response = admin.edit_plugin(request, self._plugin.id)
self.assertEqual(response.status_code,
HttpResponseForbidden.status_code)
# the user gets the permission only for the app
self._delete_permission(normal_guy, Text, 'change')
self._give_permission(normal_guy, Example1, 'change')
request = self._post_request(normal_guy)
response = admin.edit_plugin(request, self._plugin.id)
self.assertEqual(response.status_code,
HttpResponseForbidden.status_code)
# user gets permissions for the plugin and the app
self._give_permission(normal_guy, Text, 'change')
request = self._post_request(normal_guy)
response = admin.edit_plugin(request, self._plugin.id)
# It looks like it breaks here because of a missing csrf token in the request
# I have no idea how to fix this
self.assertEqual(response.status_code, HttpResponse.status_code,
response)
def test_plugin_edit_requires_permissions(self):
"""User wants to edit a plugin to the example app placeholder but has no permissions"""
self._create_example()
self._create_plugin()
normal_guy = self._testuser()
admin = self.get_admin()
request = self._post_request(normal_guy)
response = admin.edit_plugin(request, self._plugin.id)
self.assertEqual(response.status_code, HttpResponseForbidden.status_code)
# The user gets the permission only for the plugin
self._give_permission(normal_guy, Text, 'change')
request = self._post_request(normal_guy)
response = admin.edit_plugin(request, self._plugin.id)
self.assertEqual(response.status_code, HttpResponseForbidden.status_code)
# the user gets the permission only for the app
self._delete_permission(normal_guy, Text, 'change')
self._give_permission(normal_guy, Example1, 'change')
request = self._post_request(normal_guy)
response = admin.edit_plugin(request, self._plugin.id)
self.assertEqual(response.status_code, HttpResponseForbidden.status_code)
# user gets permissions for the plugin and the app
self._give_permission(normal_guy, Text, 'change')
request = self._post_request(normal_guy)
response = admin.edit_plugin(request, self._plugin.id)
# It looks like it breaks here because of a missing csrf token in the request
# I have no idea how to fix this
self.assertEqual(response.status_code, HttpResponse.status_code, response)
def test_edit_plugin_and_cancel(self):
placeholder = self.get_placeholder()
admin = self.get_admin()
data = {
'plugin_type': 'TextPlugin',
'placeholder': placeholder.pk,
'language': 'en',
}
superuser = self.get_superuser()
with UserLoginContext(self, superuser):
with SettingsOverride(CMS_PLACEHOLDER_CONF=self.placeholderconf):
request = self.get_post_request(data)
response = admin.add_plugin(request)
self.assertEqual(response.status_code, 200)
plugin_id = int(response.content)
data = {
'body': 'Hello World',
}
request = self.get_post_request(data)
response = admin.edit_plugin(request, plugin_id)
self.assertEqual(response.status_code, 200)
text_plugin = Text.objects.get(pk=plugin_id)
self.assertEquals('Hello World', text_plugin.body)
# edit again, but this time press cancel
data = {
'body': 'Hello World!!',
'_cancel': True,
}
request = self.get_post_request(data)
response = admin.edit_plugin(request, plugin_id)
self.assertEqual(response.status_code, 200)
text_plugin = Text.objects.get(pk=plugin_id)
self.assertEquals('Hello World', text_plugin.body)
def test_edit_plugin_and_cancel(self):
placeholder = self.get_placeholder()
admin = self.get_admin()
data = {"plugin_type": "TextPlugin", "placeholder": placeholder.pk, "language": "en"}
superuser = self.get_superuser()
with UserLoginContext(self, superuser):
with SettingsOverride(CMS_PLACEHOLDER_CONF=self.placeholderconf):
request = self.get_post_request(data)
response = admin.add_plugin(request)
self.assertEqual(response.status_code, 200)
plugin_id = int(response.content)
data = {"body": "Hello World"}
request = self.get_post_request(data)
response = admin.edit_plugin(request, plugin_id)
self.assertEqual(response.status_code, 200)
text_plugin = Text.objects.get(pk=plugin_id)
self.assertEquals("Hello World", text_plugin.body)
# edit again, but this time press cancel
data = {"body": "Hello World!!", "_cancel": True}
request = self.get_post_request(data)
response = admin.edit_plugin(request, plugin_id)
self.assertEqual(response.status_code, 200)
text_plugin = Text.objects.get(pk=plugin_id)
self.assertEquals("Hello World", text_plugin.body)
def _test_plugin_action_requires_permissions(self, key):
self._create_example()
if key=='change':
self._create_plugin()
normal_guy = self._testuser()
admin = self.get_admin()
# check all combinations of plugin, app and object permission
for perms in itertools.product(*[[False, True]]*3):
self._set_perms(normal_guy, [Text, Example1, self.example_object], perms, key)
request = self._post_request(normal_guy)
if key=='add':
response = admin.add_plugin(request)
elif key=='change':
response = admin.edit_plugin(request, self._plugin.id)
should_pass = perms[0] and (perms[1] or perms[2])
expected_status_code = HttpResponse.status_code if should_pass else HttpResponseForbidden.status_code
self.assertEqual(response.status_code, expected_status_code)
# cleanup
self._set_perms(normal_guy, [Text, Example1, self.example_object], (False,)*3, key)
def _test_plugin_action_requires_permissions(self, key):
self._create_example()
if key == 'change':
self._create_plugin()
normal_guy = self._testuser()
admin = self.get_admin()
# check all combinations of plugin, app and object permission
for perms in itertools.product(*[[False, True]] * 3):
self._set_perms(normal_guy, [Text, Example1, self.example_object],
perms, key)
request = self._post_request(normal_guy)
if key == 'add':
response = admin.add_plugin(request)
elif key == 'change':
response = admin.edit_plugin(request, self._plugin.id)
should_pass = perms[0] and (perms[1] or perms[2])
expected_status_code = HttpResponse.status_code if should_pass else HttpResponseForbidden.status_code
self.assertEqual(response.status_code, expected_status_code)
# cleanup
self._set_perms(normal_guy, [Text, Example1, self.example_object],
(False, ) * 3, key)
