def test_shows_the_individual_subscription_authorization_section_with_management(
self):
# Setup
journal = JournalFactory(collection=self.collection)
journal.members.add(self.user_granted)
journal.save()
ct = ContentType.objects.get(app_label="erudit", model="journal")
Authorization.objects.create(
content_type=ct,
user=self.user_granted,
object_id=journal.id,
authorization_codename=AC.can_manage_authorizations.codename)
plan = JournalManagementPlanFactory.create(max_accounts=10)
JournalManagementSubscriptionFactory.create(journal=journal, plan=plan)
self.client.login(username=self.user_granted.username, password="******")
url = reverse('userspace:journal:authorization:list',
args=(journal.pk, ))
# Run
response = self.client.get(
url, {'codename': AC.can_manage_authorizations.codename})
# Check
self.assertEqual(response.status_code, 200)
self.assertTrue(AC.can_manage_individual_subscription.codename in
response.context['authorizations'])
def test_permission_delete_restricted(self):
self.client.login(username=self.user_non_granted.username,
password="******")
journal = JournalFactory(collection=self.collection)
journal.save()
self.client.login(username=self.user_granted.username,
password="******")
ct = ContentType.objects.get(app_label="erudit", model="journal")
authorization = Authorization.objects.create(
content_type=ct,
user=self.user_granted,
object_id=journal.id,
authorization_codename=AC.can_manage_authorizations.codename)
url = reverse('userspace:journal:authorization:delete',
args=(journal.pk, authorization.pk, ))
response = self.client.get(url)
self.assertEqual(response.status_code, 403)
journal.members.add(self.user_granted)
journal.save()
response = self.client.get(url, follow=True)
self.assertEqual(response.status_code, 200)
def test_permission_delete_restricted(self):
self.client.login(username=self.user_non_granted.username,
password="******")
journal = JournalFactory(collection=self.collection)
journal.save()
self.client.login(username=self.user_granted.username, password="******")
ct = ContentType.objects.get(app_label="erudit", model="journal")
authorization = Authorization.objects.create(
content_type=ct,
user=self.user_granted,
object_id=journal.id,
authorization_codename=AC.can_manage_authorizations.codename)
url = reverse('userspace:journal:authorization:delete',
args=(
journal.pk,
authorization.pk,
))
response = self.client.get(url)
self.assertEqual(response.status_code, 403)
journal.members.add(self.user_granted)
journal.save()
response = self.client.get(url, follow=True)
self.assertEqual(response.status_code, 200)
def test_can_return_an_http_403_error_if_the_journal_has_no_management_subscription(
self):
# Setup
journal = JournalFactory(collection=self.collection)
journal.members.add(self.user_granted)
journal.save()
ct = ContentType.objects.get(app_label="erudit", model="journal")
Authorization.objects.create(
content_type=ct,
user=self.user_granted,
object_id=journal.id,
authorization_codename=AC.can_manage_authorizations.codename)
self.client.login(username=self.user_granted.username, password="******")
url = reverse('userspace:journal:authorization:create',
args=(journal.pk, ))
# Run
response = self.client.get(
url, {'codename': AC.can_manage_individual_subscription.codename})
# Check
self.assertEqual(response.status_code, 403)
def test_shows_the_individual_subscription_authorization_section_with_management(self):
# Setup
journal = JournalFactory(collection=self.collection)
journal.members.add(self.user_granted)
journal.save()
ct = ContentType.objects.get(app_label="erudit", model="journal")
Authorization.objects.create(
content_type=ct,
user=self.user_granted,
object_id=journal.id,
authorization_codename=AC.can_manage_authorizations.codename)
plan = JournalManagementPlanFactory.create(max_accounts=10)
JournalManagementSubscriptionFactory.create(journal=journal, plan=plan)
self.client.login(username=self.user_granted.username,
password="******")
url = reverse('userspace:journal:authorization:list', args=(journal.pk, ))
# Run
response = self.client.get(url, {'codename': AC.can_manage_authorizations.codename})
# Check
self.assertEqual(response.status_code, 200)
self.assertTrue(
AC.can_manage_individual_subscription.codename
in response.context['authorizations'])
def test_knows_if_a_user_cannot_manage_authorizations(self):
user = UserFactory()
journal = JournalFactory(collection=self.collection)
is_granted = user.has_perm('authorization.manage_authorizations', journal)
self.assertEqual(is_granted, False)
journal.members.add(user)
journal.save()
is_granted = user.has_perm('authorization.manage_authorizations', journal)
self.assertEqual(is_granted, False)
def test_knows_if_a_user_cannot_manage_authorizations(self):
user = UserFactory()
journal = JournalFactory(collection=self.collection)
is_granted = user.has_perm('authorization.manage_authorizations',
journal)
self.assertEqual(is_granted, False)
journal.members.add(user)
journal.save()
is_granted = user.has_perm('authorization.manage_authorizations',
journal)
self.assertEqual(is_granted, False)
def test_knows_if_a_user_can_manage_authorizations(self):
user = UserFactory()
journal = JournalFactory(collection=self.collection)
journal.members.add(user)
journal.save()
ct = ContentType.objects.get(app_label="erudit", model="journal")
Authorization.objects.create(
content_type=ct,
user=user,
object_id=journal.id,
authorization_codename=AC.can_manage_authorizations.codename)
is_granted = user.has_perm('authorization.manage_authorizations', journal)
self.assertEqual(is_granted, True)
def test_knows_if_a_user_can_manage_authorizations(self):
user = UserFactory()
journal = JournalFactory(collection=self.collection)
journal.members.add(user)
journal.save()
ct = ContentType.objects.get(app_label="erudit", model="journal")
Authorization.objects.create(
content_type=ct,
user=user,
object_id=journal.id,
authorization_codename=AC.can_manage_authorizations.codename)
is_granted = user.has_perm('authorization.manage_authorizations',
journal)
self.assertEqual(is_granted, True)
def test_permission_list_restricted(self):
journal = JournalFactory(collection=self.collection)
journal.members.add(self.user_granted)
journal.save()
self.client.login(username=self.user_non_granted.username,
password="******")
url = reverse('userspace:journal:authorization:list', args=(journal.pk, ))
response = self.client.get(url)
self.assertEqual(response.status_code, 403)
response = self.client.get(url)
self.assertEqual(response.status_code, 403)
def test_permission_list_restricted(self):
journal = JournalFactory(collection=self.collection)
journal.members.add(self.user_granted)
journal.save()
self.client.login(username=self.user_non_granted.username,
password="******")
url = reverse('userspace:journal:authorization:list',
args=(journal.pk, ))
response = self.client.get(url)
self.assertEqual(response.status_code, 403)
response = self.client.get(url)
self.assertEqual(response.status_code, 403)
def test_user_can_manage(self):
journal = JournalFactory(collection=self.collection)
user = UserFactory()
journal.members.add(user)
journal.save()
ct = ContentType.objects.get(app_label="erudit", model="journal")
Authorization.objects.create(
content_type=ct,
user=user,
object_id=journal.id,
authorization_codename=AC.can_manage_issuesubmission.codename)
issue = IssueSubmissionFactory(journal=journal)
is_granted = user.has_perm('editor.manage_issuesubmission',
issue.journal)
self.assertEqual(is_granted, True)
def test_user_can_manage(self):
journal = JournalFactory(collection=self.collection)
user = UserFactory()
journal.members.add(user)
journal.save()
ct = ContentType.objects.get(app_label="erudit", model="journal")
Authorization.objects.create(
content_type=ct,
user=user,
object_id=journal.id,
authorization_codename=AC.can_manage_issuesubmission.codename)
issue = IssueSubmissionFactory(journal=journal)
is_granted = user.has_perm('editor.manage_issuesubmission',
issue.journal)
self.assertEqual(is_granted, True)
def test_contact_filter(self):
user = UserFactory()
user2 = UserFactory()
journal_in = JournalFactory(collection=self.collection)
journal_in.members.add(user)
journal_in.save()
journal_not_in = JournalFactory(collection=self.collection)
journal_not_in.members.add(user2)
journal_not_in.save()
data = {'user': user, 'journal': journal_in}
form = IssueSubmissionForm(**data)
choices = [c[0] for c in form.fields['contact'].choices]
self.assertTrue(user.id in choices)
self.assertFalse(user2.id in choices)
def test_issuesubmission_add_granted(self):
journal = JournalFactory(collection=self.collection)
journal.save()
journal.members.add(self.user_granted)
self.client.login(username=self.user_granted.username, password="******")
url = reverse('userspace:journal:editor:add',
kwargs={'journal_pk': journal.pk})
response = self.client.get(url)
self.assertEqual(response.status_code, 403)
ct = ContentType.objects.get(app_label="erudit", model="journal")
Authorization.objects.create(
content_type=ct,
user=self.user_granted,
object_id=journal.id,
authorization_codename=AC.can_manage_issuesubmission.codename)
response = self.client.get(url)
self.assertEqual(response.status_code, 200)
def test_issuesubmission_add_granted(self):
journal = JournalFactory(collection=self.collection)
journal.save()
journal.members.add(self.user_granted)
self.client.login(username=self.user_granted.username,
password="******")
url = reverse('userspace:journal:editor:add', kwargs={'journal_pk': journal.pk})
response = self.client.get(url)
self.assertEqual(response.status_code, 403)
ct = ContentType.objects.get(app_label="erudit", model="journal")
Authorization.objects.create(
content_type=ct,
user=self.user_granted,
object_id=journal.id,
authorization_codename=AC.can_manage_issuesubmission.codename)
response = self.client.get(url)
self.assertEqual(response.status_code, 200)
def test_returns_an_http_404_error_if_the_codename_is_not_known(self):
# Setup
journal = JournalFactory(collection=self.collection)
journal.members.add(self.user_granted)
journal.save()
ct = ContentType.objects.get(app_label="erudit", model="journal")
Authorization.objects.create(
content_type=ct,
user=self.user_granted,
object_id=journal.id,
authorization_codename=AC.can_manage_authorizations.codename)
self.client.login(username=self.user_granted.username,
password="******")
url = reverse('userspace:journal:authorization:create', args=(journal.pk, ))
# Run
response = self.client.get(url, {'codename': 'dummy'})
# Check
self.assertEqual(response.status_code, 404)