Example #1
0
 def test_nonowner_nopass_snippet(self):
   self.client.login(username='******',password='******')
       
   # Test that without password we can't do anything
   request = self.factory.get('/'+str(self.sam_snippet.id)+'/')
   request.session = self.client.session
   self.assertFalse( auth.allow( request, self.sam_snippet, "view_access_token" ) )
   self.assertFalse( auth.allow( request, self.sam_snippet, "view" ) )
   self.assertFalse( auth.allow( request, self.sam_snippet, "add_comment" ) )
   self.assertFalse( auth.allow( request, self.sam_snippet, "delete" ) )
Example #2
0
 def test_nonowner_withpass_snippet(self):
   self.client.login(username='******',password='******')
   
   # Test that non-owner can only view with password
   request = self.factory.get('/'+str(self.sam_snippet.id)+'/?access_token=asda')
   request.session = self.client.session
   self.assertTrue( auth.allow( request, self.sam_snippet, "view_access_token" ) )
   self.assertTrue( auth.allow( request, self.sam_snippet, "view" ) )
   self.assertFalse( auth.allow( request, self.sam_snippet, "add_comment" ) )
   self.assertFalse( auth.allow( request, self.sam_snippet, "delete" ) )
Example #3
0
 def test_auth_public(self):
   request = self.factory.get('/'+str(self.public_snippet.id))
   request.session = self.client.session
   self.assertTrue( auth.allow( request, self.public_snippet, "view" ) )
   self.assertTrue( auth.allow( request, self.public_snippet, "add_comment" ) )
   self.assertFalse( auth.allow( request, self.public_snippet, "view_access_token" ) )
   self.assertFalse( auth.allow( request, self.public_snippet, "delete" ) )
   request = self.factory.get('/'+str(self.public_snippet.id)+'/?access_token=asda')
   request.session = self.client.session
   self.assertTrue( auth.allow( request, self.public_snippet, "view_access_token" ) )
   self.assertTrue( auth.allow( request, self.public_snippet, "delete" ) )
   request = self.factory.get('/'+str(self.public_snippet.id)+'/?snippet_access_token=asda')
   request.session = self.client.session
   self.assertTrue( auth.allow( request, self.public_snippet, "view_access_token" ) )
   self.assertTrue( auth.allow( request, self.public_snippet, "delete" ) )
Example #4
0
 def test_owner_anything(self):
   self.client.login(username='******',password='******')
   request = self.factory.get('/'+str(self.john_snippet.id))
   request.session = self.client.session
   self.assertTrue( auth.allow( request, self.john_snippet, "view" ) )
   self.assertTrue( auth.allow( request, self.john_snippet, "add_comment" ) )
   self.assertTrue( auth.allow( request, self.john_snippet, "view_access_token" ) )
   self.assertTrue( auth.allow( request, self.john_snippet, "delete" ) )
   
   self.client.login(username='******',password='******')
   request = self.factory.get('/'+str(self.sam_snippet.id))
   request.session = self.client.session
   self.assertTrue( auth.allow( request, self.sam_snippet, "view" ) )
   self.assertTrue( auth.allow( request, self.sam_snippet, "add_comment" ) )
   self.assertTrue( auth.allow( request, self.sam_snippet, "view_access_token" ) )
   self.assertTrue( auth.allow( request, self.sam_snippet, "delete" ) )