def test_restricted(self):
db.session.delete(self.post)
user = User(username="******", email="*****@*****.**")
db.session.add(user)
user2 = User(username="******", email="*****@*****.**")
db.session.add(user2)
db.session.commit()
admin = User(username="******",
email="*****@*****.**",
role=User.MODERATOR)
assert user.id
post = Post(title="test",
author=user,
access=Post.PRIVATE)
db.session.add(post)
db.session.commit()
posts = Post.query.restricted(user)
assert Post.query.restricted(user).count() == 1
assert Post.query.restricted(admin).count() == 1
assert Post.query.restricted(None).count() == 0
assert Post.query.restricted(user2).count() == 0
post.access = Post.PUBLIC
db.session.commit()
posts = Post.query.restricted(user)
assert Post.query.restricted(user).count() == 1
assert Post.query.restricted(admin).count() == 1
assert Post.query.restricted(None).count() == 1
assert Post.query.restricted(user2).count() == 1
post.access = Post.FRIENDS
db.session.commit()
assert Post.query.restricted(user).count() == 1
assert Post.query.restricted(admin).count() == 1
assert Post.query.restricted(None).count() == 0
assert Post.query.restricted(user2).count() == 0
user2.follow(user)
user.follow(user2)
db.session.commit()
assert Post.query.restricted(user2).count() == 1
def test_restricted(self):
db.session.delete(self.post)
db.session.delete(self.comment)
user = User(username="******", email="*****@*****.**")
db.session.add(user)
user2 = User(username="******", email="*****@*****.**")
db.session.add(user2)
db.session.commit()
admin = User(username="******",
email="*****@*****.**",
role=User.MODERATOR)
post = Post(title="test", author=user, access=Post.PRIVATE)
db.session.add(post)
db.session.commit()
comment = Comment(author=user, post=post, comment="test")
db.session.add(comment)
db.session.commit()
assert Comment.query.restricted(user).count() == 1
assert Comment.query.restricted(admin).count() == 1
assert Comment.query.restricted(None).count() == 0
assert Comment.query.restricted(user2).count() == 0
post.access = Post.PUBLIC
db.session.commit()
posts = Post.query.restricted(user)
assert Comment.query.restricted(user).count() == 1
assert Comment.query.restricted(admin).count() == 1
assert Comment.query.restricted(None).count() == 1
assert Comment.query.restricted(user2).count() == 1
post.access = Post.FRIENDS
db.session.commit()
assert Comment.query.restricted(user).count() == 1
assert Comment.query.restricted(admin).count() == 1
assert Comment.query.restricted(None).count() == 0
assert Comment.query.restricted(user2).count() == 0
user2.follow(user)
user.follow(user2)
db.session.commit()
assert Comment.query.restricted(user2).count() == 1
def test_can_access(self):
user = User(username="******", email="*****@*****.**")
db.session.add(user)
user2 = User(username="******", email="*****@*****.**")
db.session.add(user2)
db.session.commit()
admin = User(username="******",
email="*****@*****.**",
role=User.MODERATOR)
post = Post(title="test",
author_id=user.id,
access=Post.PRIVATE)
assert post.can_access(user)
assert post.can_access(admin)
assert not post.can_access(user2)
assert not post.can_access(None)
post.access = Post.PUBLIC
assert post.can_access(user)
assert post.can_access(admin)
assert post.can_access(user2)
assert post.can_access(None)
post.access = Post.FRIENDS
assert post.can_access(user)
assert post.can_access(admin)
assert not post.can_access(user2)
assert not post.can_access(None)
user.follow(user2)
user2.follow(user)
assert post.can_access(user2)
def test_can_access(self):
user = User(username="******", email="*****@*****.**")
db.session.add(user)
user2 = User(username="******", email="*****@*****.**")
db.session.add(user2)
db.session.commit()
admin = User(username="******",
email="*****@*****.**",
role=User.MODERATOR)
post = Post(title="test", author_id=user.id, access=Post.PRIVATE)
assert post.can_access(user)
assert post.can_access(admin)
assert not post.can_access(user2)
assert not post.can_access(None)
post.access = Post.PUBLIC
assert post.can_access(user)
assert post.can_access(admin)
assert post.can_access(user2)
assert post.can_access(None)
post.access = Post.FRIENDS
assert post.can_access(user)
assert post.can_access(admin)
assert not post.can_access(user2)
assert not post.can_access(None)
user.follow(user2)
user2.follow(user)
assert post.can_access(user2)
