def test_has_perm(self): # if no permissions are set fallback to default SocialObjectPermission.objects.all().delete() # default of nobody should always be false settings.DEFAULT_SOCIAL_PERMISSION_GROUP = 0 # Nobody self.requesting_user.has_perm(perm='view', obj=self.post) self.failIf(self.requesting_user.has_perm(perm='view', obj=self.post)) # default of everyone should always be true settings.DEFAULT_SOCIAL_PERMISSION_GROUP = 3 # Everybody self.failUnless(self.requesting_user.has_perm(perm='view', obj=self.post)) # default of friend should be true if requesting user is a friend settings.DEFAULT_SOCIAL_PERMISSION_GROUP = 1 # Friends direct_friendship = Friendship(to_user=self.requesting_user, from_user=self.target_user) direct_friendship.save() self.failUnless(self.requesting_user.has_perm(perm='view', obj=self.post)) direct_friendship.delete() # default of friends of friends should be true if requesting user is a friend of a friend settings.DEFAULT_SOCIAL_PERMISSION_GROUP = 2 # Friends of Friends Friendship(to_user = self.intermediate_user, from_user=self.target_user).save() indirect_friendship = Friendship(to_user = self.requesting_user, from_user=self.intermediate_user) indirect_friendship.save() self.failUnless(self.requesting_user.has_perm(perm='view', obj=self.post)) indirect_friendship.delete() # if no default is set and no perms are found raise a conf error del settings.DEFAULT_SOCIAL_PERMISSION_GROUP SocialObjectPermission.objects.all().delete() self.failUnlessRaises(ImproperlyConfigured, self.requesting_user.has_perm, perm='view', obj=self.post) # if a permission does exist use it to determine access # nobody perm should always be false nobody_perm = SocialObjectPermission(user=self.target_user, can_view=True, social_group=0, content_type=ContentType.objects.get_for_model(self.post)) nobody_perm.save() self.failIf(self.requesting_user.has_perm(perm='view', obj=self.post)) nobody_perm.delete() # everyone perm should always be true everyone_perm = SocialObjectPermission(user=self.target_user, can_view=True, social_group=3, content_type=ContentType.objects.get_for_model(self.post)) everyone_perm.save() self.failUnless(self.requesting_user.has_perm(perm='view', obj=self.post)) everyone_perm.delete() # permission takes priority by group id # hence nobody takes priority over everyone since it has a lower group number nobody_perm = SocialObjectPermission(user=self.target_user, can_view=True, social_group=0, content_type=ContentType.objects.get_for_model(self.post)) nobody_perm.save() everyone_perm = SocialObjectPermission(user=self.target_user, can_view=True, social_group=3, content_type=ContentType.objects.get_for_model(self.post)) everyone_perm.save() self.failIf(self.requesting_user.has_perm(perm='view', obj=self.post))
def test_is_member_friends_of_friends(self): # return true if requesting user is a friend direct_friendship = Friendship(to_user=self.requesting_user, from_user=self.target_user) direct_friendship.save() self.failUnless(models.is_member_friends_of_friends(self.target_user, self.requesting_user)) direct_friendship.delete() # return true if requesting user is a friend of a friend Friendship(to_user = self.intermediate_user, from_user=self.target_user).save() indirect_friendship = Friendship(to_user = self.requesting_user, from_user=self.intermediate_user) indirect_friendship.save() self.failUnless(models.is_member_friends_of_friends(self.target_user, self.requesting_user)) indirect_friendship.delete() # return false if requesting user is not a friend, nor a friend of a friend self.failIf(models.is_member_friends_of_friends(self.target_user, self.requesting_user))