if rest:
return jobs
else:
return HttpResponse(json.dumps(jobs), mimetype='application/json')
def recv_user_add(sender, editor, user, obj, **kwargs):
"""
receiver for object_permissions.signals.view_add_user, Logs action
"""
log_action('ADD_USER', editor, obj, user)
def recv_user_remove(sender, editor, user, obj, **kwargs):
"""
receiver for object_permissions.signals.view_remove_user, Logs action
"""
log_action('REMOVE_USER', editor, obj, user)
def recv_perm_edit(sender, editor, user, obj, **kwargs):
"""
receiver for object_permissions.signals.view_edit_user, Logs action
"""
log_action('MODIFY_PERMS', editor, obj, user)
view_add_user.connect(recv_user_add, sender=VirtualMachine)
view_remove_user.connect(recv_user_remove, sender=VirtualMachine)
view_edit_user.connect(recv_perm_edit, sender=VirtualMachine)
def test_view_add_user(self):
"""
Test view for adding a user:
Verifies:
* request from unauthorized user results in 403
* GET returns a 200 code, response is html
* POST with a user id adds user, response is html for user
* POST without user id returns error as json
* POST for invalid user id returns error as json
* adding user a second time returns error as json
"""
group = self.test_save()
c = Client()
url = '/group/%d/user/add/'
args = group.id
# anonymous user
response = c.get(url % args, follow=True)
self.assertEqual(200, response.status_code)
self.assertTemplateUsed(response, 'registration/login.html')
# unauthorized
self.assertTrue(
c.login(username=self.user0.username, password='******'))
response = c.get(url % args)
self.assertEqual(403, response.status_code)
response = c.post(url % args)
self.assertEqual(403, response.status_code)
# authorized get (perm granted)
grant(self.user0, 'admin', group)
response = c.get(url % args)
self.assertEqual(200, response.status_code)
self.assertEquals('text/html; charset=utf-8', response['content-type'])
self.assertTemplateUsed(response, 'group/add_user.html')
# authorized get (superuser)
revoke(self.user0, 'admin', group)
self.user0.is_superuser = True
self.user0.save()
response = c.get(url % args)
self.assertEqual(200, response.status_code)
self.assertEquals('text/html; charset=utf-8', response['content-type'])
self.assertTemplateUsed(response, 'group/add_user.html')
# missing user id
response = c.post(url % args)
self.assertEqual(200, response.status_code)
self.assertEquals('application/json', response['content-type'])
# invalid user
response = c.post(url % args, {'user': 0})
self.assertEqual(200, response.status_code)
self.assertEquals('application/json', response['content-type'])
# setup signal
self.signal_sender = self.signal_user = self.signal_obj = None
def callback(sender, user, obj, **kwargs):
self.signal_sender = sender
self.signal_user = user
self.signal_obj = obj
view_add_user.connect(callback)
# valid post
data = {'user': self.user0.id}
response = c.post(url % args, data)
self.assertEqual(200, response.status_code)
self.assertEquals('text/html; charset=utf-8', response['content-type'])
self.assertTemplateUsed(response, 'group/user_row.html')
self.assertTrue(group.user_set.filter(id=self.user0.id).exists())
# check signal fired
self.assertEqual(self.signal_sender, self.user0)
self.assertEqual(self.signal_user, self.user0)
self.assertEqual(self.signal_obj, group)
view_add_user.disconnect(callback)
# same user again
response = c.post(url % args, data)
self.assertEqual(200, response.status_code)
self.assertEquals('application/json', response['content-type'])
self.assertEquals(group.user_set.filter(id=self.user0.id).count(), 1)
def test_view_add_user(self):
"""
Test view for adding a user:
Verifies:
* request from unauthorized user results in 403
* GET returns a 200 code, response is html
* POST with a user id adds user, response is html for user
* POST without user id returns error as json
* POST for invalid user id returns error as json
* adding user a second time returns error as json
"""
group = self.test_save()
c = Client()
url = '/group/%d/user/add/'
args = group.id
# anonymous user
response = c.get(url % args, follow=True)
self.assertEqual(200, response.status_code)
self.assertTemplateUsed(response, 'registration/login.html')
# unauthorized
self.assertTrue(c.login(username=self.user0.username, password='******'))
response = c.get(url % args)
self.assertEqual(403, response.status_code)
response = c.post(url % args)
self.assertEqual(403, response.status_code)
# authorized get (perm granted)
grant(self.user0, 'admin', group)
response = c.get(url % args)
self.assertEqual(200, response.status_code)
self.assertEquals('text/html; charset=utf-8', response['content-type'])
self.assertTemplateUsed(response, 'group/add_user.html')
# authorized get (superuser)
revoke(self.user0, 'admin', group)
self.user0.is_superuser = True
self.user0.save()
response = c.get(url % args)
self.assertEqual(200, response.status_code)
self.assertEquals('text/html; charset=utf-8', response['content-type'])
self.assertTemplateUsed(response, 'group/add_user.html')
# missing user id
response = c.post(url % args)
self.assertEqual(200, response.status_code)
self.assertEquals('application/json', response['content-type'])
# invalid user
response = c.post(url % args, {'user':0})
self.assertEqual(200, response.status_code)
self.assertEquals('application/json', response['content-type'])
# setup signal
self.signal_sender = self.signal_user = self.signal_obj = None
def callback(sender, user, obj, **kwargs):
self.signal_sender = sender
self.signal_user = user
self.signal_obj = obj
view_add_user.connect(callback)
# valid post
data = {'user':self.user0.id}
response = c.post(url % args, data)
self.assertEqual(200, response.status_code)
self.assertEquals('text/html; charset=utf-8', response['content-type'])
self.assertTemplateUsed(response, 'muddle/group/user_row.html')
self.assertTrue(group.user_set.filter(id=self.user0.id).exists())
# check signal fired
self.assertEqual(self.signal_sender, self.user0)
self.assertEqual(self.signal_user, self.user0)
self.assertEqual(self.signal_obj, group)
view_add_user.disconnect(callback)
# same user again
response = c.post(url % args, data)
self.assertEqual(200, response.status_code)
self.assertEquals('application/json', response['content-type'])
self.assertEquals(group.user_set.filter(id=self.user0.id).count(), 1)
if rest:
return jobs
else:
return HttpResponse(json.dumps(jobs), mimetype='application/json')
def recv_user_add(sender, editor, user, obj, **kwargs):
"""
receiver for object_permissions.signals.view_add_user, Logs action
"""
log_action('ADD_USER', editor, obj, user)
def recv_user_remove(sender, editor, user, obj, **kwargs):
"""
receiver for object_permissions.signals.view_remove_user, Logs action
"""
log_action('REMOVE_USER', editor, obj, user)
def recv_perm_edit(sender, editor, user, obj, **kwargs):
"""
receiver for object_permissions.signals.view_edit_user, Logs action
"""
log_action('MODIFY_PERMS', editor, obj, user)
view_add_user.connect(recv_user_add, sender=VirtualMachine)
view_remove_user.connect(recv_user_remove, sender=VirtualMachine)
view_edit_user.connect(recv_perm_edit, sender=VirtualMachine)
