def test_form_delete_customer(
staff_user, customer_user, admin_user, permission_manage_staff
):
# Deleting a customer with valid data should be valid
data = {"csrf": "example-data"}
form = CustomerDeleteForm(data, instance=customer_user, user=staff_user)
assert form.is_valid()
# Deleting your own account is not allowed
form = CustomerDeleteForm(data, instance=staff_user, user=staff_user)
assert not form.is_valid()
# Deleting a superuser is not allowed
form = CustomerDeleteForm(data, instance=admin_user, user=staff_user)
assert not form.is_valid()
# Deleting another staff is not allowed without relevant permissions
another_staff_user = User.objects.create(is_staff=True, email="*****@*****.**")
form = CustomerDeleteForm(data, instance=another_staff_user, user=staff_user)
assert not form.is_valid()
# Deleting another staff user is allowed with relevant permissions
staff_user.user_permissions.add(permission_manage_staff)
staff_user = User.objects.get(pk=staff_user.pk)
form = CustomerDeleteForm({}, instance=another_staff_user, user=staff_user)
assert form.is_valid()
def test_form_delete_customer(
staff_user, customer_user, admin_user, permission_manage_staff):
data = {'csrf': 'example-data'}
form = CustomerDeleteForm(data, instance=customer_user, user=staff_user)
assert form.is_valid()
# Deleting your own account is not allowed
form = CustomerDeleteForm(data, instance=staff_user, user=staff_user)
assert not form.is_valid()
# Deleting a superuser is not allowed
form = CustomerDeleteForm(data, instance=admin_user, user=staff_user)
assert not form.is_valid()
# Deleting another staff is not allowed without relevant permission
another_staff_user = User.objects.create(is_staff=True, email='*****@*****.**')
form = CustomerDeleteForm(
data, instance=another_staff_user, user=staff_user)
assert not form.is_valid()
staff_user.user_permissions.add(permission_manage_staff)
staff_user = User.objects.get(pk=staff_user.pk)
form = CustomerDeleteForm({}, instance=another_staff_user, user=staff_user)
assert form.is_valid()