class ConsultantFlowTests(TestCase): """ Test class for chacking Consultant functionality. """ def setUp(self): self.product = Product.objects.create(name='TV', price=1000) self.order = Order.objects.create(product=self.product) self.group = Group(name="Consultant") self.group.save() self.client = APIClient() self.client.defaults[ 'HTTP_AUTHORIZATION'] = 'Basic ' + base64.b64encode( b'test:test').decode("ascii") self.user = User.objects.create_user(username="******", email="*****@*****.**", password="******") def tearDown(self): Order.objects.all().delete() self.user.delete() self.group.delete() self.product.delete() def test_get_waiting_orders_list(self): """only consultant can view list of waiting orders""" response = self.client.get("/order/", {'status': 1}) self.assertEqual(response.status_code, 403) self.user.groups.add(self.group) self.user.save() response = self.client.get("/order/", {'status': 1}) self.assertEqual(response.status_code, 200) def test_set_done_order_status(self): """only consultant can set order status to 'done'""" response = self.client.patch("/order/1/", {'status': 2}) self.assertEqual(response.status_code, 403) self.user.groups.add(self.group) self.user.save() response = self.client.patch("/order/1/", {'status': 2}) self.assertEqual(response.status_code, 200)
def test_not_group_member_in_group_allowed(self): from django.contrib.auth.models import Group group = Group(name="allowed_group2") group.save() policy = OpenIDClientPolicy(openid_client=self.oidc_client) policy.save() policy.allow_groups.set([group]) user = get_user_model()(username="******", email="*****@*****.**") user.save() self.assertTrue(not policy.is_user_allowed(user)) group.delete() user.delete() policy.delete()
def eliminar_rol_view(request, id_rol, template_name='Gestion_de_roles/eliminar_rol.html'): """ La funcion Eliminar elimina un rol seleccionado :param id_rol: el id del rol que sera eliminado :return: """ rol_seleccionado = Group.objects.get(pk=id_rol) nombre = rol_seleccionado.name if request.method == 'POST' and 'Aceptar' in request.POST: Group.delete(rol_seleccionado) Sistema().registrar("Eliminado rol "+rol_seleccionado.name,request.user.username,"Ninguno") return HttpResponseRedirect('/listar_roles/') else: return render(request, template_name ,{'nombre':nombre})
def test_group_signal(self): """ Test signals related to User: Verifies: * organization is created/deleted with Group """ group = Group(name='tester') group.save() # org created org = group.organization self.assertTrue(group.organization, 'profile was not created') # org deleted group.delete() self.assertFalse(Organization.objects.filter(id=org.id).exists())
def test_adding_hook(self): '''test that adding an hook is affective''' new_user = User(username='******', password='******') new_user.save() new_group = Group(name='test group') new_group.save() self.assertEqual( len( Callback.objects.filter(hook=self.save_user_hook, status='waiting')), 1) new_group.delete() self.assertEqual( len( Callback.objects.filter(hook=self.delete_group_hook, status='waiting')), 1)
def eliminar_rol_view(request, id_rol, template_name='Gestion_de_roles/eliminar_rol.html'): """ La funcion Eliminar elimina un rol seleccionado :param id_rol: el id del rol que sera eliminado :return: """ rol_seleccionado = Group.objects.get(pk=id_rol) nombre = rol_seleccionado.name if request.method == 'POST' and 'Aceptar' in request.POST: Group.delete(rol_seleccionado) Sistema().registrar("Eliminado rol " + rol_seleccionado.name, request.user.username, "Ninguno") return HttpResponseRedirect('/listar_roles/') else: return render(request, template_name, {'nombre': nombre})
def delete(self, request): ret = {"status": 0} data = QueryDict(request.body) #通过form表单传,在body体里 gid = data.get("gid", "") try: group_obj = Group.objects.get(id=gid) except Group.DoesNotExist: ret['status'] = 1 ret['errmsg'] = "用户组不存在" if group_obj.user_set.count() > 0: ret['status'] = 1 ret['errmsg'] = "用户组内存在用户" elif group_obj.permissions.count() > 0: ret['status'] = 1 ret['errmsg'] = "用户组内存在权限设置" else: Group.delete(group_obj) return JsonResponse(ret)
class AccountantFlowTests(TestCase): """ Test class for Accountant Consultant functionality. """ def setUp(self): self.product = Product.objects.create(name='TV', price=1000) self.order = Order.objects.create(product=self.product) self.group = Group(name="Accountant") self.group.save() self.client = APIClient() self.client.defaults[ 'HTTP_AUTHORIZATION'] = 'Basic ' + base64.b64encode( b'test:test').decode("ascii") self.user = User.objects.create_user(username="******", email="*****@*****.**", password="******") def tearDown(self): Order.objects.all().delete() self.user.delete() self.group.delete() self.product.delete() def test_get_orders_list_by_date_filter(self): """only accountant can view list of orders filtered by date""" response = self.client.get("/order/", { 'start_date': '01.01.2019', 'finish_date': '24.12.2020' }) self.assertEqual(response.status_code, 403) self.user.groups.add(self.group) self.user.save() response = self.client.get("/order/", { 'start_date': '01.01.2019', 'finish_date': '24.12.2020' }) self.assertEqual(response.status_code, 200)
def create(self, request): data = request.data.copy() permissions = data.pop('permissions', []) if not self.request.user.has_perm('users.add_role'): return Response("User has no permissions to create a Role", status=status.HTTP_403_FORBIDDEN) all_permissions_group = PermissionConfig.objects.first() try: with transaction.atomic(): group = Group(name='{}-{}'.format( data['name'], request.user.aerosimple_user.airport)) group.save() for perm in permissions: p = Permission.objects.get(id=perm) if p in all_permissions_group.permissions.all(): group.permissions.add(p) else: group.delete() return Response( "id {} is not a valid Permission".format(p.id), status=status.HTTP_400_BAD_REQUEST) role = Role(name=data['name']) role.permission_group = group role.airport = request.user.aerosimple_user.airport role.save() except ValidationError: raise return Response(RoleSerializer(role).data, status=status.HTTP_201_CREATED)
def create(self, request): reqdata = request.data user = request.user # Create a new group try: g = Group(name=reqdata['group_name']) g.save() g.user_set.add(user) except IntegrityError: msg = {'error when persisting Group': 'name uniqueness constraint not satisfied or unknown ' + 'internal error'} if g.pk: g.delete() return Response(msg, status=status.HTTP_500_INTERNAL_SERVER_ERROR) try: rug = RegistryUserGroup( group=g, description=reqdata['description'], owner=user) rug.save() except: msg = {'error when persisting RegistryUserGroup': 'name uniqueness constraint not satisfied or unknown ' + 'internal error'} if rug.pk: rug.delete() return Response(msg, status=status.HTTP_500_INTERNAL_SERVER_ERROR) serializer = RegistryUserGroupSerializer( rug, many=False, context={ 'request': request}) return Response(serializer.data)
class mediaItemsTest(TestCase): def setUp(self): self.client = Client() self.user1 = User.objects.create_user('user1', '*****@*****.**', 'user1') self.user2 = User.objects.create_user('user2', '*****@*****.**', 'user2') self.user3 = User.objects.create_user('user3', '*****@*****.**', 'user3') self.user4 = User.objects.create_user('user4', '*****@*****.**', 'user4') self.group1 = Group(name='@family') self.group1.save() #create some media items root = os.path.dirname(__file__) f = open("%s%s" % (root, '/tests/test_pic.JPG'), 'rb') f.close() mi1 = MediaItem(owner_id=self.user1, media_file='./tests/test_pic.JPG').save() mi2 = MediaItem(owner_id=self.user1, media_file='./tests/test_pic.JPG').save() mi3 = MediaItem(owner_id=self.user2, media_file='./tests/test_pic.JPG').save() mi4 = MediaItem(owner_id=self.user3, media_file='./tests/test_pic.JPG').save() mi5 = MediaItem(owner_id=self.user4, media_file='./tests/test_pic.JPG').save() def test_mediaitems_rest(self): base_url = reverse('mediaItems') self.client.get(base_url) url = "%s%s" % (base_url, "/user1") self.client.get(url) url = "%s%s" % (base_url, "/@me/@family") self.client.get(url) url = "%s%s" % (base_url, "/@me/@self") self.client.get(url) url = "%s%s" % (base_url, "/@me/@self/@all") self.client.get(url) url = "%s%s" % (base_url, "/@me/@self/@all/pic_home") self.client.get(url) def test_create_mediaitem(self): self.client.login(username='******', password='******') base_url = reverse('mediaItems') root = os.path.dirname(__file__) f = open("%s%s" % (root, '/tests/test_pic.JPG'), 'rb') response = self.client.post("%s%s" % (base_url, "/user1/@self/@all"), {'mediaitem': f}) f.close() #response 201 created, mediaitem-id self.assertContains(response, "mediaitem-id", status_code=201) #send another identical request and make sure the created location is different f = open("%s%s" % (root, '/tests/test_pic.JPG'), 'rb') response2 = self.client.post("%s%s" % (base_url, "/user1/@self/@all"), {'mediaitem': f}) f.close() #response 201 created location self.assertContains(response2, "location", status_code=201) #the first response is different from the second self.assertNotEquals(json.loads(response.content)['location'], json.loads(response2.content)['location'], "The file as overriden by two identical requests") def test_update_mediaitem(self): pass def tearDown(self): self.user1.delete() self.user2.delete() self.user3.delete() self.user4.delete() self.group1.delete()
def group(request, group_id=0): if request.method == "GET": if group_id == 0: #Function to create dict of attributes def group_to_dict(group): return { 'id': group.id, 'name': group.name, 'permissions': [{ 'id': perm.id, 'name': perm.name } for perm in group.permissions.all()] } #Create array of items data = [group_to_dict(group) for group in Group.objects.all()] #return data via http return HttpResponse(json.dumps(data), mimetype="application/json") else: group = Group.objects.get(id=group_id) data = get_group_data(request, group) return HttpResponse(json.dumps(data), mimetype="application/json") elif request.method == "POST": #get the data data = json.loads(request.body) if group_id == 0: group = Group() else: group = Group.objects.get(id=group_id) #assign properties if "name" in data: group.name = data["name"] #check if has permissions if "permissions" in data: #loop through permissions for permData in data["permissions"]: if "status" in permData: if permData["status"] == "add": perm = Permission.objects.get(id=permData["id"]) group.permissions.add(perm) if permData["status"] == "delete": perm = Permission.objects.get(id=permData["id"]) group.permissions.remove(perm) #save the group group.save() #merge with data for output data = get_group_data(request, group) #build response response = HttpResponse(json.dumps(data), mimetype="application/json") response.status_code = 201 #return data via http return response elif request.method == "PUT": group = Group.objects.get(id=group_id) request.method = "POST" request._load_post_and_files() logger.debug(request.POST) data = json.loads(request.POST.get('data')) if "permissions" in data: for perm in data['permissions']: #if group.permissions.exists(id=perm['id'])==False: group.permissions.add(Permission.objects.get(id=perm['id'])) elif request.method == "DELETE": group = Group.objects.get(id=group_id) group.delete() response = HttpResponse(json.dumps({'status': 'success'}), mimetype="application/json") response.status_code = 201 #return data via http return response
def revert_deputies_group(apps, schema_editor): # Group = apps.get_model('auth', 'Group') deputy_group = Group(name='deputies') deputy_group.delete()
"data": None, "msg": "用户组添加失败" }) if op in ['delete', 'modify' ] and request.user.has_perm('VManagePlatform.change_group'): try: group = Group.objects.get(id=request.POST.get('id')) except: return JsonResponse({ "code": 500, "data": None, "msg": "操作失败用户组不存在" }) if op == 'delete': try: group.delete() return JsonResponse({ "code": 200, "data": None, "msg": "操作成功" }) except: return JsonResponse({ "code": 500, "data": None, "msg": "用户组删除失败,用户组不存在" }) elif op == 'modify': try: group.name = request.POST.get('name') #如果权限key不存在就单做清除权限
def group(request, group_id=0): if request.method == "GET": if group_id == 0: #Function to create dict of attributes def group_to_dict(group): return {'id': group.id, 'name': group.name, 'permissions': [{'id': perm.id, 'name': perm.name} for perm in group.permissions.all()]} #Create array of items data = [group_to_dict(group) for group in Group.objects.all()] #return data via http return HttpResponse(json.dumps(data), mimetype="application/json") else: group = Group.objects.get(id=group_id) data = get_group_data(request, group) return HttpResponse(json.dumps(data), mimetype="application/json") elif request.method == "POST": #get the data data = json.loads(request.body) if group_id == 0: group = Group() else: group = Group.objects.get(id=group_id) #assign properties if "name" in data: group.name = data["name"] #check if has permissions if "permissions" in data: #loop through permissions for permData in data["permissions"]: if "status" in permData: if permData["status"] == "add": perm = Permission.objects.get(id=permData["id"]) group.permissions.add(perm) if permData["status"] == "delete": perm = Permission.objects.get(id=permData["id"]) group.permissions.remove(perm) #save the group group.save() #merge with data for output data = get_group_data(request, group) #build response response = HttpResponse(json.dumps(data), mimetype="application/json") response.status_code = 201 #return data via http return response elif request.method == "PUT": group = Group.objects.get(id=group_id) request.method = "POST" request._load_post_and_files() logger.debug(request.POST) data = json.loads(request.POST.get('data')) if "permissions" in data: for perm in data['permissions']: #if group.permissions.exists(id=perm['id'])==False: group.permissions.add(Permission.objects.get(id=perm['id'])) elif request.method == "DELETE": group = Group.objects.get(id=group_id) group.delete() response = HttpResponse(json.dumps({'status': 'success'}), mimetype="application/json") response.status_code = 201 #return data via http return response
class TestTethysAppAdmin(unittest.TestCase): def setUp(self): from tethys_apps.models import TethysApp self.src_dir = os.path.dirname( os.path.dirname(os.path.dirname(__file__))) self.root_app_path = os.path.join(self.src_dir, 'apps', 'tethysapp-test_app') self.app_model = TethysApp(name='test_app', package='test_app') self.app_model.save() from django.contrib.auth.models import ContentType, Group, Permission app_content_type_id = ContentType.objects.get(app_label='tethys_apps', model='tethysapp').pk self.perm_model = Permission(name='Test Perm | Test', content_type_id=app_content_type_id, codename='test_perm:test') self.perm_model.save() self.group_model = Group(name='test_group') self.group_model.save() def tearDown(self): self.app_model.delete() self.perm_model.delete() self.group_model.delete() def test_TethysAppSettingInline(self): expected_template = 'tethys_portal/admin/edit_inline/tabular.html' TethysAppSettingInline.model = mock.MagicMock() ret = TethysAppSettingInline(mock.MagicMock(), mock.MagicMock()) self.assertEqual(expected_template, ret.template) def test_has_delete_permission(self): TethysAppSettingInline.model = mock.MagicMock() ret = TethysAppSettingInline(mock.MagicMock(), mock.MagicMock()) self.assertFalse(ret.has_delete_permission(mock.MagicMock())) def test_has_add_permission(self): TethysAppSettingInline.model = mock.MagicMock() ret = TethysAppSettingInline(mock.MagicMock(), mock.MagicMock()) self.assertFalse(ret.has_add_permission(mock.MagicMock())) def test_CustomSettingInline(self): expected_readonly_fields = ('name', 'description', 'type', 'required') expected_fields = ('name', 'description', 'type', 'value', 'required') expected_model = CustomSetting ret = CustomSettingInline(mock.MagicMock(), mock.MagicMock()) self.assertEqual(expected_readonly_fields, ret.readonly_fields) self.assertEqual(expected_fields, ret.fields) self.assertEqual(expected_model, ret.model) def test_DatasetServiceSettingInline(self): expected_readonly_fields = ('name', 'description', 'required', 'engine') expected_fields = ('name', 'description', 'dataset_service', 'engine', 'required') expected_model = DatasetServiceSetting ret = DatasetServiceSettingInline(mock.MagicMock(), mock.MagicMock()) self.assertEqual(expected_readonly_fields, ret.readonly_fields) self.assertEqual(expected_fields, ret.fields) self.assertEqual(expected_model, ret.model) def test_SpatialDatasetServiceSettingInline(self): expected_readonly_fields = ('name', 'description', 'required', 'engine') expected_fields = ('name', 'description', 'spatial_dataset_service', 'engine', 'required') expected_model = SpatialDatasetServiceSetting ret = SpatialDatasetServiceSettingInline(mock.MagicMock(), mock.MagicMock()) self.assertEqual(expected_readonly_fields, ret.readonly_fields) self.assertEqual(expected_fields, ret.fields) self.assertEqual(expected_model, ret.model) def test_WebProcessingServiceSettingInline(self): expected_readonly_fields = ('name', 'description', 'required') expected_fields = ('name', 'description', 'web_processing_service', 'required') expected_model = WebProcessingServiceSetting ret = WebProcessingServiceSettingInline(mock.MagicMock(), mock.MagicMock()) self.assertEqual(expected_readonly_fields, ret.readonly_fields) self.assertEqual(expected_fields, ret.fields) self.assertEqual(expected_model, ret.model) def test_PersistentStoreConnectionSettingInline(self): expected_readonly_fields = ('name', 'description', 'required') expected_fields = ('name', 'description', 'persistent_store_service', 'required') expected_model = PersistentStoreConnectionSetting ret = PersistentStoreConnectionSettingInline(mock.MagicMock(), mock.MagicMock()) self.assertEqual(expected_readonly_fields, ret.readonly_fields) self.assertEqual(expected_fields, ret.fields) self.assertEqual(expected_model, ret.model) def test_PersistentStoreDatabaseSettingInline(self): expected_readonly_fields = ('name', 'description', 'required', 'spatial', 'initialized') expected_fields = ('name', 'description', 'spatial', 'initialized', 'persistent_store_service', 'required') expected_model = PersistentStoreDatabaseSetting ret = PersistentStoreDatabaseSettingInline(mock.MagicMock(), mock.MagicMock()) self.assertEqual(expected_readonly_fields, ret.readonly_fields) self.assertEqual(expected_fields, ret.fields) self.assertEqual(expected_model, ret.model) # Need to check def test_PersistentStoreDatabaseSettingInline_get_queryset(self): obj = PersistentStoreDatabaseSettingInline(mock.MagicMock(), mock.MagicMock()) mock_request = mock.MagicMock() obj.get_queryset(mock_request) def test_TethysAppQuotasSettingInline(self): expected_readonly_fields = ('name', 'description', 'default', 'units') expected_fields = ('name', 'description', 'value', 'default', 'units') expected_model = TethysAppQuota ret = TethysAppQuotasSettingInline(mock.MagicMock(), mock.MagicMock()) self.assertEquals(expected_readonly_fields, ret.readonly_fields) self.assertEquals(expected_fields, ret.fields) self.assertEquals(expected_model, ret.model) # Need to check # def test_TethysAppQuotasSettingInline_get_queryset(self): # obj = TethysAppQuotasSettingInline(mock.MagicMock(), mock.MagicMock()) # mock_request = mock.MagicMock() # obj.get_queryset(mock_request) def test_TethysAppAdmin(self): expected_readonly_fields = ( 'package', 'manage_app_storage', ) expected_fields = ( 'package', 'name', 'description', 'icon', 'tags', 'enabled', 'show_in_apps_library', 'enable_feedback', 'manage_app_storage', ) expected_inlines = [ CustomSettingInline, PersistentStoreConnectionSettingInline, PersistentStoreDatabaseSettingInline, DatasetServiceSettingInline, SpatialDatasetServiceSettingInline, WebProcessingServiceSettingInline, TethysAppQuotasSettingInline ] ret = TethysAppAdmin(mock.MagicMock(), mock.MagicMock()) self.assertEqual(expected_readonly_fields, ret.readonly_fields) self.assertEqual(expected_fields, ret.fields) self.assertEqual(expected_inlines, ret.inlines) def test_TethysAppAdmin_has_delete_permission(self): ret = TethysAppAdmin(mock.MagicMock(), mock.MagicMock()) self.assertFalse(ret.has_delete_permission(mock.MagicMock())) def test_TethysAppAdmin_has_add_permission(self): ret = TethysAppAdmin(mock.MagicMock(), mock.MagicMock()) self.assertFalse(ret.has_add_permission(mock.MagicMock())) @mock.patch('tethys_apps.admin.get_quota') @mock.patch('tethys_apps.admin._convert_storage_units') def test_TethysAppAdmin_manage_app_storage(self, mock_convert, mock_get_quota): ret = TethysAppAdmin(mock.MagicMock(), mock.MagicMock()) app = mock.MagicMock() app.id = 1 mock_convert.return_value = '0 bytes' mock_get_quota.return_value = {'quota': None} url = reverse('admin:clear_workspace', kwargs={'app_id': app.id}) expected_html = format_html(""" <span>{} of {}</span> <a id="clear-workspace" class="btn btn-danger btn-sm" href="{url}"> Clear Workspace</a> """.format('0 bytes', "∞", url=url)) actual_html = ret.manage_app_storage(app) self.assertEquals(expected_html.replace(" ", ""), actual_html.replace(" ", "")) mock_convert.return_value = '0 bytes' mock_get_quota.return_value = {'quota': 5, 'units': 'gb'} url = reverse('admin:clear_workspace', kwargs={'app_id': app.id}) expected_html = format_html(""" <span>{} of {}</span> <a id="clear-workspace" class="btn btn-danger btn-sm" href="{url}"> Clear Workspace</a> """.format('0 bytes', "0 bytes", url=url)) actual_html = ret.manage_app_storage(app) self.assertEquals(expected_html.replace(" ", ""), actual_html.replace(" ", "")) def test_TethysExtensionAdmin(self): expected_readonly_fields = ('package', 'name', 'description') expected_fields = ('package', 'name', 'description', 'enabled') ret = TethysExtensionAdmin(mock.MagicMock(), mock.MagicMock()) self.assertEqual(expected_readonly_fields, ret.readonly_fields) self.assertEqual(expected_fields, ret.fields) def test_TethysExtensionAdmin_has_delete_permission(self): ret = TethysExtensionAdmin(mock.MagicMock(), mock.MagicMock()) self.assertFalse(ret.has_delete_permission(mock.MagicMock())) def test_TethysExtensionAdmin_has_add_permission(self): ret = TethysExtensionAdmin(mock.MagicMock(), mock.MagicMock()) self.assertFalse(ret.has_add_permission(mock.MagicMock())) @mock.patch('django.contrib.auth.admin.UserAdmin.change_view') @mock.patch('django.contrib.auth.admin.UserAdmin.add_view') def test_admin_site_register_custom_user(self, mock_ua_add_view, mock_ua_change_view): from django.contrib import admin ret = CustomUser(mock.MagicMock(), mock.MagicMock()) # Add custom inline when change_view is called ret.change_view(mock.MagicMock()) mock_ua_change_view.assert_called() self.assertIn(UserQuotasSettingInline, ret.inlines) # Remove custom inline when change_view is called ret.add_view(mock.MagicMock()) mock_ua_add_view.assert_called() self.assertNotIn(UserQuotasSettingInline, ret.inlines) # Repeat to complete full cycle (change -> add -> change -> add) # Add custom inline when change_view is called ret.change_view(mock.MagicMock()) mock_ua_change_view.assert_called() self.assertIn(UserQuotasSettingInline, ret.inlines) # Remove custom inline when change_view is called ret.add_view(mock.MagicMock()) mock_ua_add_view.assert_called() self.assertNotIn(UserQuotasSettingInline, ret.inlines) # Check registration registry = admin.site._registry self.assertIn(User, registry) self.assertIsInstance(registry[User], CustomUser) def test_admin_site_register_tethys_app_admin(self): from django.contrib import admin registry = admin.site._registry self.assertIn(TethysApp, registry) self.assertIsInstance(registry[TethysApp], TethysAppAdmin) def test_admin_site_register_tethys_app_extension(self): from django.contrib import admin registry = admin.site._registry self.assertIn(TethysExtension, registry) self.assertIsInstance(registry[TethysExtension], TethysExtensionAdmin) def test_admin_site_register_proxy_app(self): from django.contrib import admin registry = admin.site._registry self.assertIn(ProxyApp, registry) @mock.patch('tethys_apps.admin.GroupObjectPermission.objects') @mock.patch('tethys_apps.admin.TethysApp.objects.all') def test_make_gop_app_access_form(self, mock_all_apps, mock_gop): mock_all_apps.return_value = [self.app_model] mock_gop.filter().values().distinct.return_value = [{'group_id': 9999}] ret = make_gop_app_access_form() self.assertIn('test_app_permissions', ret.base_fields) self.assertIn('test_app_groups', ret.base_fields) @mock.patch('tethys_apps.admin.Group.objects') @mock.patch('tethys_apps.admin.Permission.objects') @mock.patch('tethys_apps.admin.GroupObjectPermission.objects') @mock.patch('tethys_apps.admin.TethysApp.objects.all') def test_gop_form_init(self, mock_all_apps, mock_gop, mock_perms, mock_groups): mock_all_apps.return_value = [self.app_model] mock_obj = mock.MagicMock(pk=True) mock_gop.values().distinct().filter.return_value = [{ 'object_pk': self.app_model.pk }] mock_gop.values_list().filter().distinct.side_effect = [ [9999], [9999], mock.MagicMock(exclude=mock.MagicMock( return_value=[self.app_model.pk, 9999])), [self.app_model.pk] ] mock_perms.filter().exclude.side_effect = [ mock_perms.none(), '_permissions_test' ] mock_groups.filter().exclude.return_value = '_groups_test' gop_app_access_form_dynamic = make_gop_app_access_form() ret = gop_app_access_form_dynamic(instance=mock_obj) self.assertIn(self.app_model, ret.fields['apps'].initial) self.assertEqual(ret.fields['test_app_permissions'].initial, '_permissions_test') self.assertEqual(ret.fields['test_app_groups'].initial, '_groups_test') @mock.patch('tethys_apps.admin.TethysApp.objects.all') def test_gop_form_clean(self, mock_all_apps): mock_all_apps.return_value = [self.app_model] mock_obj = mock.MagicMock(pk=True) mock_data = mock.MagicMock(getlist=mock.MagicMock(return_value=[9999])) gop_app_access_form_dynamic = make_gop_app_access_form() ret = gop_app_access_form_dynamic(instance=mock_obj) ret.data = mock_data ret.cleaned_data = {} ret.clean() self.assertIn('test_app_permissions', ret.cleaned_data) self.assertIn('test_app_groups', ret.cleaned_data) @mock.patch('tethys_apps.admin.remove_perm') @mock.patch('tethys_apps.admin.assign_perm') @mock.patch('tethys_apps.admin.TethysApp.objects.all') def test_gop_form_save_new(self, mock_all_apps, _, __): mock_all_apps.return_value = [self.app_model] mock_obj = mock.MagicMock(pk=False) mock_data = mock.MagicMock(getlist=mock.MagicMock(return_value=[9999])) gop_app_access_form_dynamic = make_gop_app_access_form() ret = gop_app_access_form_dynamic(instance=mock_obj) ret.data = mock_data ret.cleaned_data = {'apps': [self.app_model]} ret.fields = {'apps': ret.fields['apps']} ret.save() self.assertEqual(mock_obj.save.call_count, 1) @mock.patch('tethys_apps.admin.assign_perm') @mock.patch('tethys_apps.admin.remove_perm') @mock.patch('tethys_apps.admin.TethysApp.objects') def test_gop_form_save_edit_apps(self, mock_apps, mock_remove_perm, mock_assign_perm): mock_apps.all.return_value = [self.app_model] mock_diff = mock.MagicMock(return_value=[self.app_model]) mock_apps.filter.return_value = mock.MagicMock(difference=mock_diff, return_value=True) mock_obj = mock.MagicMock(pk=True) mock_data = mock.MagicMock(getlist=mock.MagicMock(return_value=[9999])) gop_app_access_form_dynamic = make_gop_app_access_form() ret = gop_app_access_form_dynamic(instance=mock_obj) ret.data = mock_data ret.cleaned_data = {'apps': [self.app_model]} ret.fields = {'apps': ret.fields['apps']} ret.save() mock_remove_perm.assert_called_with('test_app:access_app', mock_obj, self.app_model) mock_assign_perm.assert_called_with('test_app:access_app', mock_obj, self.app_model) @mock.patch('tethys_apps.admin.assign_perm') @mock.patch('tethys_apps.admin.remove_perm') @mock.patch('tethys_apps.admin.TethysApp.objects') def test_gop_form_save_edit_permissions(self, mock_apps, mock_remove_perm, mock_assign_perm): mock_apps.all.return_value = [self.app_model] mock_diff = mock.MagicMock( side_effect=[[self.app_model], [self.perm_model]]) mock_apps.filter.return_value = mock.MagicMock(difference=mock_diff, return_value=True) mock_obj = mock.MagicMock(pk=True) mock_data = mock.MagicMock(getlist=mock.MagicMock(return_value=[9999])) gop_app_access_form_dynamic = make_gop_app_access_form() ret = gop_app_access_form_dynamic(instance=mock_obj) ret.data = mock_data ret.cleaned_data = { 'apps': [self.app_model], 'test_app_permissions': [self.perm_model] } ret.fields = { 'apps': ret.fields['apps'], 'test_app_permissions': ret.fields['apps'] } ret.save() mock_remove_perm.assert_called_with('test_perm:test', mock_obj, mock_apps.filter()) mock_assign_perm.assert_called_with('test_perm:test', mock_obj, mock_apps.filter()) @mock.patch('tethys_apps.admin.assign_perm') @mock.patch('tethys_apps.admin.remove_perm') @mock.patch('tethys_apps.admin.GroupObjectPermission.objects') @mock.patch('tethys_apps.admin.TethysApp.objects') def test_gop_form_save_edit_groups(self, mock_apps, mock_gop, mock_remove_perm, mock_assign_perm): mock_apps.all.return_value = [self.app_model] mock_diff = mock.MagicMock( side_effect=[[self.app_model], mock.MagicMock(values_list=mock.MagicMock( distinct=[self.group_model.pk]))]) mock_apps.filter.return_value = mock.MagicMock(difference=mock_diff, return_value=True) mock_obj = mock.MagicMock(pk=True) mock_data = mock.MagicMock(getlist=mock.MagicMock(return_value=[9999])) mock_gop.filter().values_list().distinct.return_value = [ self.perm_model.pk ] gop_app_access_form_dynamic = make_gop_app_access_form() ret = gop_app_access_form_dynamic(instance=mock_obj) ret.data = mock_data ret.cleaned_data = { 'apps': [self.app_model], 'test_app_groups': mock.MagicMock() } ret.cleaned_data['test_app_groups'].values_list( ).distinct.return_value = [self.group_model.pk] ret.fields = { 'apps': ret.fields['apps'], 'test_app_groups': ret.fields['apps'] } ret.save() mock_remove_perm.assert_called_with('test_perm:test', mock_obj, mock_apps.filter()) mock_assign_perm.assert_called_with('test_perm:test', mock_obj, mock_apps.filter()) @mock.patch('tethys_apps.admin.tethys_log.warning') @mock.patch('tethys_apps.admin.make_gop_app_access_form') def test_admin_programming_error(self, mock_gop_form, mock_logwarning): mock_gop_form.side_effect = ProgrammingError register_custom_group() mock_gop_form.assert_called() mock_logwarning.assert_called_with('Unable to register CustomGroup.') @mock.patch('tethys_apps.admin.tethys_log.warning') @mock.patch('tethys_apps.admin.admin.site.register') def test_admin_user_keys_programming_error(self, mock_register, mock_logwarning): mock_register.side_effect = ProgrammingError register_user_keys_admin() mock_register.assert_called() mock_logwarning.assert_called_with('Unable to register UserKeys.')
class CashierFlowTests(TestCase): """ Test class for chacking Cashier functionality. """ def setUp(self): self.product = Product.objects.create(name='TV', price=1000) self.group = Group(name="Cashier") self.group.save() self.client = APIClient() self.client.defaults[ 'HTTP_AUTHORIZATION'] = 'Basic ' + base64.b64encode( b'test:test').decode("ascii") self.user = User.objects.create_user(username="******", email="*****@*****.**", password="******") def tearDown(self): Order.objects.all().delete() self.user.delete() self.group.delete() self.product.delete() def test_create_order(self): """only cashier can create an order""" response = self.client.post("/order/", {'product': 1}) self.assertEqual(response.status_code, 403) self.user.groups.add(self.group) self.user.save() response = self.client.post("/order/", {'product': 1}) self.assertEqual(response.status_code, 201) def test_list_of_done_orders(self): """only cashier can view list of done orders""" response = self.client.get("/order/", {'status': 2}) self.assertEqual(response.status_code, 403) self.user.groups.add(self.group) self.user.save() response = self.client.get("/order/", {'status': 2}) self.assertEqual(response.status_code, 200) def test_set_paid_order_status(self): """only cashier can set order status to 'paid'""" Order.objects.create(product=self.product) response = self.client.patch("/order/1/", {'status': 3}) self.assertEqual(response.status_code, 403) self.user.groups.add(self.group) self.user.save() response = self.client.patch("/order/1/", {'status': 3}) self.assertEqual(response.status_code, 200) def test_get_order_bill(self): """only cashier can get order bill""" Order.objects.create(product=self.product) response = self.client.get("/bill/1/") self.assertEqual(response.status_code, 403) self.user.groups.add(self.group) self.user.save() response = self.client.get("/bill/1/") self.assertEqual(response.status_code, 200)
def if_exists_delete_group(groupname): try: group = Group.objects.get(name=groupname) Group.delete(group) except Group.DoesNotExist: pass
class PeopleTest(TestCase): def setUp(self): #create the client to be used self.client = Client() #create users self.user1 = User.objects.create_user('user1', '*****@*****.**', 'user1') self.user2 = User.objects.create_user('user2', '*****@*****.**', 'user2') self.user3 = User.objects.create_user('user3', '*****@*****.**', 'user3') self.user4 = User.objects.create_user('user4', '*****@*****.**', 'user4') self.user5 = User.objects.create_user('user5', '*****@*****.**', 'user5') self.user6 = User.objects.create_user('user6', '*****@*****.**', 'user6') self.user7 = User.objects.create_user('user7', '', 'user7') #create a group self.group1 = Group(name='@family') self.group1.save() self.group2 = Group(name="data_view_permission") self.group2.save() permission = Permission.objects.get(codename="data_view") self.group2.permissions.add(permission) #create a relationship r = Relationship(initial_user = self.user5, group = self.group1, target_user = self.user6) r.save() r = Relationship(initial_user = self.user5, group = self.group1, target_user = self.user7) r.save() r = Relationship(initial_user = self.user6, group = self.group1, target_user = self.user7) r.save() #give users permissions self.user5.groups.add(self.group2) #create values for users profiles self.user1.first_name = "First1" self.user1.last_name = "Last1" self.user1.email = "*****@*****.**" self.user1.save() def test_people_rest(self): """ These functions will throw an error if urls are not set. """ base_url = reverse('people') self.client.get(base_url) url = "%s%s" % (base_url, "/user1") self.client.get(url) url = "%s%s" % (url, "/@friends") self.client.get(url) url = "%s%s" % (url, "/user3") self.client.get(url) url = "%s%s" % (base_url, "/@me/@friends") self.client.get(url) def test_person_get(self): #get person without beeing authenticated url = "%s%s" % (reverse('people'), "/@me/@self") response = self.client.get(url) self.assertEquals(response.status_code, 401, "The user should not be able to " "query data without beeing authenticated") #authenticate and get person (user1) self.client.login(username='******', password='******') #query the authenticated users information url = "%s%s" % (reverse('people'), "/@me/@self") response = self.client.get(url) self.assertContains(response, '"id":', status_code=200) url = "%s%s" % (reverse('people'), "/user1/@self") response = self.client.get(url) self.assertContains(response, '"id":', status_code=200) #check the saved user1 data from django user response_dict = json.loads(response.content) self.assertEquals(response_dict['first_name'], 'First1', 'The first_name was not First1 for user1') self.assertEquals(response_dict['last_name'], 'Last1', 'The first_name was not Last1 for user1') self.assertEquals(response_dict['email']['value'], '*****@*****.**', 'The email was not [email protected] for user1') #query other persons url = "%s%s" % (reverse('people'), "/user2/@self") response = self.client.get(url) self.assertEquals(response.status_code, 403, "The user should not be able to query " "other persons without permissions") #query a user without permission should return 403 url = "%s%s" % (reverse('people'), "/user1/@family/user6") response = self.client.get(url) self.assertEquals(response.status_code, 403, "A user should not be able to query others data " "without permissions") #logout user1 and login as user5 with permissions self.client.logout() self.client.login(username='******', password='******') url = "%s%s" % (reverse('people'), "/user5/@family/user6") response = self.client.get(url) self.assertContains(response, '"id":', status_code=200) #query with with help of others relationship url = "%s%s" % (reverse('people'), "/user6/@family/user7") response = self.client.get(url) self.assertContains(response, '"id":', status_code=200) #query with not existing relationship url = "%s%s" % (reverse('people'), "/user1/@family/user2") response = self.client.get(url) self.assertEquals(response.status_code, 404, 'querying with relationship that does not exist ' 'should return not found') #query with not existing user url = "%s%s" % (reverse('people'), "/so-me_cool+user/@self") response = self.client.get(url) self.assertEquals(response.status_code, 404, 'querying with relationship that does not exist ' 'should return not found') #check that it is not a django error page self.assertNotContains(response, "<html>", status_code=404) def test_person_collection_get(self): #not signed in should return unauthorized url = "%s%s" % (reverse('people'), "/user5/@family") response = self.client.get(url) self.assertEquals(response.status_code, 401, 'Response should have been 401 as the user ' 'was not authenticated') #sign in self.client.login(username='******', password='******') response = self.client.get(url) self.assertContains(response, '"id"', status_code=200) #query user 5 family should return user6 and user7 self.assertContains(response, '"username": "******"', status_code = 200) self.assertContains(response, '"username": "******"', status_code = 200) #query user5 @self should return user5 url = "%s%s" % (reverse('people'), "/user5/@self") response = self.client.get(url) self.assertContains(response, '"username": "******"', status_code = 200) #tests querying with different GET parameters #give permission to user5 data_view self.user5.user_permissions.add(Permission.objects.get(codename='data_view')) #set age, gender and car values to each person person_values1 = { 'age': 25, 'gender': 'male', 'car': False } person_values2 = { 'age': 26, 'gender': 'female', 'car': True } person1 = Person.objects.filter(user=self.user1)[0] person1.update(json.dumps(person_values1)) person2 = Person.objects.filter(user=self.user2)[0] person2.update(json.dumps(person_values2)) #should return all users url = "%s%s" % (reverse('people'), "/@all/@self") response = self.client.get(url) self.assertContains(response, '"username": "******"', status_code = 200) self.assertContains(response, '"username": "******"', status_code = 200) self.assertContains(response, '"username": "******"', status_code = 200) self.assertContains(response, '"age": 25', status_code = 200) self.assertContains(response, '"age": 26', status_code = 200) #should only return user1 url = "%s%s" % (reverse('people'), "/@all/@self?age=25") response = self.client.get(url) self.assertContains(response, '"username": "******"', status_code = 200) self.assertNotContains(response, '"username": "******"', status_code = 200) #should only contain user2 url = "%s%s" % (reverse('people'), "/@all/@self?age__max=25&gender=male&car=false") response = self.client.get(url) self.assertContains(response, '"username": "******"', status_code = 200) self.assertNotContains(response, '"username": "******"', status_code = 200) #should only contain user1 url = "%s%s" % (reverse('people'), "/@all/@self?age__min=26") response = self.client.get(url) self.assertNotContains(response, '"username": "******"', status_code = 200) self.assertContains(response, '"username": "******"', status_code = 200) #querying a range should return only user2 url = "%s%s" % (reverse('people'), "/@all/@self?age__min=26&age__max=26") response = self.client.get(url) self.assertNotContains(response, '"username": "******"', status_code = 200) self.assertContains(response, '"username": "******"', status_code = 200) def test_person_update(self): #updating the person with PUT requests #opensocial defines this with POST request but that conflicts with #the relationship creation and REST principles #authenticate and get person (user1) self.client.login(username='******', password='******') #get a person url = "%s%s" % (reverse('people'), "/@me/@self") response = self.client.get(url) person_dict = json.loads(response.content) #change some value in person person_dict['first_name'] = 'Toffe' person_dict['last_name'] = 'guess' #update the person response = self.client.put(url, data=json.dumps(person_dict), content_type='application/json') #update the person twice with same values should return a person response = self.client.put(url, data=json.dumps(person_dict), content_type='application/json') #get the same person and check the value response = self.client.get(url) new_person_dict = json.loads(response.content) self.assertEquals(new_person_dict['first_name'], 'Toffe', 'The first name was not updated') self.assertEquals(new_person_dict['last_name'], 'guess', 'The last name was not updated') #test that only part of the profile can be updated new_values = {'new_value': True} response = self.client.put(url, data=json.dumps(new_values), content_type='application/json') new_person_dict = json.loads(response.content) self.assertEquals(new_person_dict['last_name'], 'guess', 'The last name was not the same after update') self.assertEquals(new_person_dict['new_value'], True, 'The new value was added') def test_relationship_create(self): # if the user is not authenticated it cannot create relationships url = "%s%s" % (reverse('people'), "/user1/@friends") response = self.client.post(url, {'id': 'user2', 'displayName': '', 'thumbnailUrl': ''}) self.assertEquals(response.status_code, 401, "The post request without authentication did not " "return 401 Unauthorized") # authenticate user self.client.login(username='******', password='******') # test success with normal create relationship query # post to /people/@me/@friends with target person as post content url = "%s%s" % (reverse('people'), "/@me/@friends") response = self.client.post(url, json.dumps({'id': 'user2', 'displayName': '', 'thumbnailUrl': ''}), content_type='application/json') self.assertEquals(response.status_code, 201, "The create relationship request did not " "return 201 created") # test success with other group # post to /people/@me/family with target person as post content url = "%s%s" % (reverse('people'), "/@me/@family") response = self.client.post(url, {'id': 'user2', 'displayName': '', 'thumbnailUrl': ''}) self.assertEquals(response.status_code, 201, "The create relationship request did not " "return 201 created") # test creation with not existing group, # should not matter and returns 201 url = "%s%s" % (reverse('people'), "/@me/no_group") response = self.client.post(url, {'id': 'user2', 'displayName': '', 'thumbnailUrl': ''}) self.assertEquals(response.status_code, 201, "Creating relationship with non existing group " "did not return 201 created") # test creation with not existing user url = "%s%s" % (reverse('people'), "/user1/@friends") response = self.client.post(url, {'id': 'non_exist', 'displayName': '', 'thumbnailUrl': ''}) self.assertEquals(response.status_code, 404, "Creating relationship with non existing user " "did not return 404 not found") # group_id should dafault to @friends url = "%s%s" % (reverse('people'), "/user1") response = self.client.post(url, {'id': 'user3', 'displayName': '', 'thumbnailUrl': ''}) self.assertEquals(response.status_code, 201, "Creating relationship with default @friends " "as group did not return 201 created") # user_id should default to @me and group to @friends url = reverse('people') response = self.client.post(url, {'id': 'user4', 'displayName': '', 'thumbnailUrl': ''}) self.assertEquals(response.status_code, 201, "Creating relationship with default @me as user " "did not return 201 created") # test duplicate relationship # post to /people/@me/@friends with target person as post conent url = reverse('people') response = self.client.post(url, {'id': 'user3', 'displayName': '', 'thumbnailUrl': ''}) self.assertEquals(response.status_code, 409, "Creating duplicate identical relationships " "did not return 409 conflict") # user can only create relationships for himself/herself url = "%s%s" % (reverse('people'), "/user2/@friends") response = self.client.post(url, {'id': 'user3', 'displayName': '', 'thumbnailUrl': ''}) self.assertEquals(response.status_code, 403, "Creating relationship for other users " "did not return 403 forbidden") #try to create relationship for not existing user also other then @me url = "%s%s" % (reverse('people'), "/no_user/@friends") response = self.client.post(url, {'id': 'user3', 'displayName': '', 'thumbnailUrl': ''}) self.assertEquals(response.status_code, 403, "Creating relationship for other users " "did not return 403 forbidden") def test_relationship_delete(self): #authenticate the user self.client.login(username='******', password='******') #delete one of the relationships created in setup url = "%s%s" % (reverse('people'), "/user5/@family/user6") response = self.client.delete(url) self.assertContains(response, '', status_code=200) #query the family members and check that user6 is there url = "%s%s" % (reverse('people'), "/user5/@family") response = self.client.get(url) self.assertNotContains(response, 'user6', status_code=200) def test_person_supported_fields(self): url = "%s%s" % (reverse('people'), '/@supportedFields') response = self.client.get(url) self.assertEquals(json.loads(response.content), ["username", "first_name", "last_name", "displayName", "time.create_time", "email.value", "id", "time.expire_time", "email"], "The supported fields returned was not correct") #return fields with the json types as values url = "%s%s" % (reverse('people'), '/@supportedFields?types=true') response = self.client.get(url) self.assertEquals(json.loads(response.content), {"username": "******", "last_name": "string", "time.create_time": "string", "email.value": "string", "id": "string", "first_name": "string", "displayName": "string", "time.expire_time": "string", "email": "object"}, "The supported field types returned was not correct") def tearDown(self): self.user1.delete() self.user2.delete() self.user3.delete() self.user4.delete() self.user5.delete() self.user6.delete() self.user7.delete() self.group1.delete() self.group2.delete()
class TestPlugin(BaseTestCase): _pages_data = ({ 'en': { 'title': 'Page title', 'template': 'page.html', 'publish': True }, 'fr': { 'title': 'Titre', 'publish': True }, 'it': { 'title': 'Titolo pagina', 'publish': False } }, ) def setup_plugin(self, group, mode='in_group'): from cms.api import add_plugin page1, = self.get_pages() placeholder = page1.placeholders.get(slot='content') parent_plugin = add_plugin(placeholder, ConditionalContainerPlugin, u'en', permitted_group=group, mode=mode) parent_plugin.save() text_content = u"Child plugin" text_plugin = add_plugin( placeholder, u"TextPlugin", u"en", body=text_content, target=parent_plugin, ) text_plugin.save() parent_plugin.child_plugin_instances = [text_plugin] return page1, text_plugin, parent_plugin, text_content def setUp(self): # create permissions group self.group = Group(name="My Test Group") self.group.save() self.group2 = Group(name="My Test Group 2") self.group2.save() self.user = User.objects.create_user(username="******", email="*****@*****.**", password="******") self.user.groups.add(self.group) self.user.save() def tearDown(self): self.user.delete() self.group.delete() def test_plugin_context(self): from cms.api import add_plugin placeholder = Placeholder.objects.create(slot='content') model_instance = add_plugin(placeholder, ConditionalContainerPlugin, 'en', permitted_group=self.group) plugin_instance = model_instance.get_plugin_class_instance() context = plugin_instance.render({}, model_instance, None) self.assertNotIn('instance', context) context = plugin_instance.render({"user": self.user}, model_instance, None) self.assertIn('instance', context) def test_children_shown(self): page1, text_plugin, parent_plugin, text_content = self.setup_plugin( group=self.group) request = self.get_page_request(page1, self.user, r'/en/', lang='en') renderer = ContentRenderer(request=request) context = RequestContext(request, { "user": self.user, "cms_content_renderer": renderer }) child_html = renderer.render_plugin(text_plugin, context) parent_html = renderer.render_plugin(parent_plugin, context) self.assertEqual(child_html, text_content) self.assertEqual(parent_html, text_content) def test_children_not_shown(self): page1, text_plugin, parent_plugin, text_content = self.setup_plugin( group=self.group2) request = self.get_page_request(page1, self.user, r'/en/', lang='en') renderer = ContentRenderer(request=request) context = RequestContext(request, { "user": self.user, "cms_content_renderer": renderer }) child_html = renderer.render_plugin(text_plugin, context) parent_html = renderer.render_plugin(parent_plugin, context) self.assertEqual(child_html, text_content) self.assertEqual(parent_html, '') def test_children_not_shown_anon(self): page1, text_plugin, parent_plugin, text_content = self.setup_plugin( group=self.group2) request = self.get_page_request(page1, AnonymousUser(), r'/en/', lang='en') renderer = ContentRenderer(request=request) context = RequestContext(request, { "user": AnonymousUser(), "cms_content_renderer": renderer }) child_html = renderer.render_plugin(text_plugin, context) parent_html = renderer.render_plugin(parent_plugin, context) self.assertEqual(child_html, text_content) self.assertEqual(parent_html, '') def test_exclude_mode_not_member(self): page1, text_plugin, parent_plugin, text_content = self.setup_plugin( group=self.group2, mode='not_in_group') request = self.get_page_request(page1, self.user, r'/en/', lang='en') renderer = ContentRenderer(request=request) context = RequestContext(request, { "user": self.user, "cms_content_renderer": renderer }) child_html = renderer.render_plugin(text_plugin, context) parent_html = renderer.render_plugin(parent_plugin, context) self.assertEqual(child_html, text_content) self.assertEqual(parent_html, text_content) def test_exclude_mode_member(self): page1, text_plugin, parent_plugin, text_content = self.setup_plugin( group=self.group, mode='not_in_group') request = self.get_page_request(page1, self.user, r'/en/', lang='en') renderer = ContentRenderer(request=request) context = RequestContext(request, { "user": self.user, "cms_content_renderer": renderer }) child_html = renderer.render_plugin(text_plugin, context) parent_html = renderer.render_plugin(parent_plugin, context) self.assertEqual(child_html, text_content) self.assertEqual(parent_html, '') def test_exclude_mode_anon(self): page1, text_plugin, parent_plugin, text_content = self.setup_plugin( group=self.group, mode='not_in_group') request = self.get_page_request(page1, AnonymousUser(), r'/en/', lang='en') renderer = ContentRenderer(request=request) context = RequestContext(request, { "user": AnonymousUser(), "cms_content_renderer": renderer }) child_html = renderer.render_plugin(text_plugin, context) parent_html = renderer.render_plugin(parent_plugin, context) self.assertEqual(child_html, text_content) self.assertEqual(parent_html, '') def test_exclude_anon_mode_not_member(self): page1, text_plugin, parent_plugin, text_content = self.setup_plugin( group=self.group2, mode='not_in_group_plus_anon') request = self.get_page_request(page1, self.user, r'/en/', lang='en') renderer = ContentRenderer(request=request) context = RequestContext(request, { "user": self.user, "cms_content_renderer": renderer }) child_html = renderer.render_plugin(text_plugin, context) parent_html = renderer.render_plugin(parent_plugin, context) self.assertEqual(child_html, text_content) self.assertEqual(parent_html, text_content) def test_exclude_anon_mode_member(self): page1, text_plugin, parent_plugin, text_content = self.setup_plugin( group=self.group, mode='not_in_group_plus_anon') request = self.get_page_request(page1, self.user, r'/en/', lang='en') renderer = ContentRenderer(request=request) context = RequestContext(request, { "user": self.user, "cms_content_renderer": renderer }) child_html = renderer.render_plugin(text_plugin, context) parent_html = renderer.render_plugin(parent_plugin, context) self.assertEqual(child_html, text_content) self.assertEqual(parent_html, '') def test_exclude_anon_mode_anon(self): page1, text_plugin, parent_plugin, text_content = self.setup_plugin( group=self.group, mode='not_in_group_plus_anon') request = self.get_page_request(page1, AnonymousUser(), r'/en/', lang='en') renderer = ContentRenderer(request=request) context = RequestContext(request, { "user": AnonymousUser(), "cms_content_renderer": renderer }) child_html = renderer.render_plugin(text_plugin, context) parent_html = renderer.render_plugin(parent_plugin, context) self.assertEqual(child_html, text_content) self.assertEqual(parent_html, text_content) def test_anon_mode_anon(self): page1, text_plugin, parent_plugin, text_content = self.setup_plugin( group=self.group, mode='anonymous') request = self.get_page_request(page1, AnonymousUser(), r'/en/', lang='en') renderer = ContentRenderer(request=request) context = RequestContext(request, { "user": AnonymousUser(), "cms_content_renderer": renderer }) child_html = renderer.render_plugin(text_plugin, context) parent_html = renderer.render_plugin(parent_plugin, context) self.assertEqual(child_html, text_content) self.assertEqual(parent_html, text_content) def test_anon_mode_registered(self): page1, text_plugin, parent_plugin, text_content = self.setup_plugin( group=self.group, mode='anonymous') request = self.get_page_request(page1, self.user, r'/en/', lang='en') renderer = ContentRenderer(request=request) context = RequestContext(request, { "user": self.user, "cms_content_renderer": renderer }) child_html = renderer.render_plugin(text_plugin, context) parent_html = renderer.render_plugin(parent_plugin, context) self.assertEqual(child_html, text_content) self.assertEqual(parent_html, '')