def test_permission_delete_restricted(self): self.client.login(username=self.user_non_granted.username, password="******") journal = JournalFactory() journal.save() self.client.login(username=self.user_granted.username, password="******") ct = ContentType.objects.get(app_label="erudit", model="journal") authorization = Authorization.objects.create( content_type=ct, user=self.user_granted, object_id=journal.id, authorization_codename=AC.can_manage_authorizations.codename) url = reverse('userspace:journal:authorization:delete', args=(journal.pk, authorization.pk, )) response = self.client.get(url) self.assertEqual(response.status_code, 403) journal.members.add(self.user_granted) journal.save() response = self.client.get(url, follow=True) self.assertEqual(response.status_code, 200)
def test_journal_contact_invalid(self): user = UserFactory() user2 = UserFactory() data = {'user': user} journal_in1 = JournalFactory() journal_in1.members.add(user) journal_in1.save() self.authorize_user_on_journal(user, journal_in1) journal_in2 = JournalFactory() journal_in2.members.add(user) journal_in2.members.add(user2) journal_in2.save() self.authorize_user_on_journal(user, journal_in2) form = IssueSubmissionForm(**data) choices = [c[0] for c in form.fields['contact'].choices] self.assertTrue(user.id in choices) self.assertTrue(user2.id in choices) data.update({'data': { 'journal': journal_in1.id, 'contact': user2.id, 'year': '2016', 'number': '123', } }) form = IssueSubmissionForm(**data) self.assertFalse(form.is_valid())
def test_user_cant_manage(self): user = UserFactory() journal = JournalFactory() is_granted = user.has_perm('authorization.manage_authorizations', journal) self.assertEqual(is_granted, False) journal.members.add(user) journal.save() is_granted = user.has_perm('authorization.manage_authorizations', journal) self.assertEqual(is_granted, False)
def test_user_can_manage(self): user = UserFactory() journal = JournalFactory() journal.members.add(user) journal.save() ct = ContentType.objects.get(app_label="erudit", model="journal") Rule.objects.create(content_type=ct, user=user, object_id=journal.id, permission="userspace.manage_permissions") is_granted = user.has_perm('userspace.manage_permissions', journal) self.assertEqual(is_granted, True)
def test_journal_filter(self): user = UserFactory() data = {'user': user} journal_in = JournalFactory() journal_in.members.add(user) journal_in.save() journal_not_in = JournalFactory() form = AuthorizationForm(**data) choices = [c[0] for c in form.fields['journal'].choices] self.assertTrue(journal_in.id in choices) self.assertFalse(journal_not_in.id in choices)
def test_user_can_manage(self): user = UserFactory() journal = JournalFactory() journal.members.add(user) journal.save() ct = ContentType.objects.get(app_label="erudit", model="journal") Authorization.objects.create( content_type=ct, user=user, object_id=journal.id, authorization_codename=AC.can_manage_authorizations.codename) is_granted = user.has_perm('authorization.manage_authorizations', journal) self.assertEqual(is_granted, True)
def test_permission_create_restricted(self): self.client.login(username=self.user_non_granted.username, password="******") url = reverse('userspace:permissions:perm_create') response = self.client.get(url) self.assertEqual(response.status_code, 302) journal = JournalFactory() journal.members.add(self.user_granted) journal.save() response = self.client.get(url) self.assertEqual(response.status_code, 302)
def test_permission_create_restricted(self): journal = JournalFactory() journal.members.add(self.user_granted) journal.save() self.client.login(username=self.user_non_granted.username, password="******") url = reverse('userspace:journal:authorization:create', args=(journal.pk, )) response = self.client.get(url) self.assertEqual(response.status_code, 403) response = self.client.get(url) self.assertEqual(response.status_code, 403)
def test_user_can_manage(self): journal = JournalFactory() user = UserFactory() journal.members.add(user) journal.save() ct = ContentType.objects.get(app_label="erudit", model="journal") Rule.objects.create(content_type=ct, user=user, object_id=journal.id, permission="editor.manage_issuesubmission") issue = IssueSubmissionFactory(journal=journal) is_granted = user.has_perm('editor.manage_issuesubmission', issue.journal) self.assertEqual(is_granted, True)
def test_permission_create_granted(self): journal = JournalFactory() journal.members.add(self.user_granted) journal.save() ct = ContentType.objects.get(app_label="erudit", model="journal") Rule.objects.create(content_type=ct, user=self.user_granted, object_id=journal.id, permission='userspace.manage_permissions') self.client.login(username=self.user_granted.username, password="******") url = reverse('userspace:permissions:perm_create') response = self.client.get(url) self.assertEqual(response.status_code, 200)
def test_contact_filter(self): user = UserFactory() user2 = UserFactory() data = {'user': user} journal_in = JournalFactory() journal_in.members.add(user) journal_in.save() journal_not_in = JournalFactory() journal_not_in.members.add(user2) journal_not_in.save() form = IssueSubmissionForm(**data) choices = [c[0] for c in form.fields['contact'].choices] self.assertTrue(user.id in choices) self.assertFalse(user2.id in choices)
def test_menu_permission_presence(self): journal = JournalFactory() user = UserFactory(username="******") user.set_password("user") user.save() journal.members.add(user) journal.save() ct = ContentType.objects.get(app_label="erudit", model="journal") Rule.objects.create(content_type=ct, user=user, object_id=journal.id, permission="userspace.manage_permissions") url = reverse('userspace:permissions:perm_list') self.client.login(username="******", password="******") response = self.client.get(reverse('userspace:dashboard')) self.assertContains(response, url)
def test_user_filter(self): user = UserFactory() data = {'user': user} user_in = UserFactory() user_not_in = UserFactory() journal_in = JournalFactory() journal_in.members.add(user) journal_in.members.add(user_in) journal_in.save() journal_not_in = JournalFactory() journal_not_in.members.add(user_not_in) form = RuleForm(**data) choices = [c[0] for c in form.fields['user'].choices] self.assertTrue(user.id in choices) self.assertTrue(user_in.id in choices) self.assertFalse(user_not_in.id in choices)
def test_issuesubmission_update_granted(self): journal = JournalFactory() journal.members.add(self.user_granted) journal.save() issue = IssueSubmissionFactory(journal=journal) self.client.login(username=self.user_granted.username, password="******") url = reverse('userspace:editor:update', args=(issue.pk, )) response = self.client.get(url) self.assertEqual(response.status_code, 404) ct = ContentType.objects.get(app_label="erudit", model="journal") Rule.objects.create(content_type=ct, user=self.user_granted, object_id=journal.id, permission="editor.manage_issuesubmission") response = self.client.get(url) self.assertEqual(response.status_code, 200)