def test_readonly_no_downloads_has_role(self):
self._publish_transportation_form()
alice = self._create_user('alice', 'alice')
self.assertFalse(ReadOnlyRoleNoDownload.user_has_role(alice,
self.xform))
self.assertFalse(ReadOnlyRoleNoDownload.has_role(
perms_for(alice, self.xform), self.xform))
ReadOnlyRoleNoDownload.add(alice, self.xform)
self.assertTrue(ReadOnlyRoleNoDownload.user_has_role(alice,
self.xform))
self.assertTrue(ReadOnlyRoleNoDownload.has_role(
perms_for(alice, self.xform), self.xform))
def test_project_share_readonly_no_downloads(self):
# create project and publish form to project
self._publish_xls_form_to_project()
alice_data = {'username': '******', 'email': '*****@*****.**'}
alice_profile = self._create_user_profile(alice_data)
tom_data = {'username': '******', 'email': '*****@*****.**'}
tom_data = self._create_user_profile(tom_data)
projectid = self.project.pk
self.assertFalse(
ReadOnlyRoleNoDownload.user_has_role(alice_profile.user,
self.project))
data = {'username': '******', 'role': ReadOnlyRoleNoDownload.name}
request = self.factory.post('/', data=data, **self.extra)
view = ProjectViewSet.as_view({
'post': 'share',
'get': 'retrieve'
})
response = view(request, pk=projectid)
self.assertEqual(response.status_code, 204)
data = {'username': '******', 'role': ReadOnlyRole.name}
request = self.factory.post('/', data=data, **self.extra)
response = view(request, pk=projectid)
self.assertEqual(response.status_code, 204)
request = self.factory.get('/', **self.extra)
response = view(request, pk=self.project.pk)
# get the users
users = response.data.get('users')
self.assertEqual(len(users), 3)
for user in users:
if user.get('user') == 'bob':
self.assertEquals(user.get('role'), 'owner')
elif user.get('user') == 'alice':
self.assertEquals(user.get('role'), 'readonly-no-download')
elif user.get('user') == 'tom':
self.assertEquals(user.get('role'), 'readonly')
def has_object_permission(self, request, view, obj):
model_cls = Project
user = request.user
if not isinstance(obj.content_object, (XForm, DataView)):
return False
xform = obj.content_object if isinstance(obj.content_object, XForm) \
else obj.content_object.xform
if view.action == 'partial_update' and \
ReadOnlyRoleNoDownload.user_has_role(user, xform):
# allow readonlynodownload and above roles to edit widget
return True
return self._has_object_permission(request, model_cls, user,
obj.content_object.project)
def has_object_permission(self, request, view, obj):
model_cls = Project
user = request.user
if not isinstance(obj.content_object, (XForm, DataView)):
return False
xform = obj.content_object if isinstance(obj.content_object, XForm) \
else obj.content_object.xform
if view.action == 'partial_update' and \
ReadOnlyRoleNoDownload.user_has_role(user, xform):
# allow readonlynodownload and above roles to edit widget
return True
return self._has_object_permission(request, model_cls, user,
obj.content_object.project)