class UserCanDeleteTestCase(OTMTestCase):
def setUp(self):
instance = make_instance()
# Fancy name, but no write, create, or delete permissions
instance.default_role.name = Role.ADMINISTRATOR
self.creator_user = make_officer_user(instance)
self.admin_user = make_admin_user(instance)
self.other_user = make_observer_user(instance, username='******')
self.tweaker_user = make_tweaker_user(instance)
self.conjurer_user = make_conjurer_user(instance)
self.plot = Plot(geom=instance.center, instance=instance)
self.plot.save_with_user(self.creator_user)
self.tree = Tree(plot=self.plot, instance=instance)
self.tree.save_with_user(self.creator_user)
self.rainBarrel = RainBarrel(geom=instance.center,
instance=instance,
capacity=5)
self.rainBarrel.save_with_user(self.creator_user)
def assert_can_delete(self, user, deletable, should_be_able_to_delete):
can = deletable.user_can_delete(user)
self.assertEqual(can, should_be_able_to_delete)
def test_user_can_delete(self):
self.assert_can_delete(self.conjurer_user, self.plot, True)
self.assert_can_delete(self.conjurer_user, self.rainBarrel, True)
self.assert_can_delete(self.conjurer_user, self.tree, True)
self.assert_can_delete(self.creator_user, self.plot, True)
self.assert_can_delete(self.creator_user, self.rainBarrel, True)
self.assert_can_delete(self.creator_user, self.tree, True)
self.assert_can_delete(self.admin_user, self.plot, True)
self.assert_can_delete(self.admin_user, self.rainBarrel, True)
self.assert_can_delete(self.admin_user, self.tree, True)
def test_user_cannot_delete(self):
self.assert_can_delete(self.tweaker_user, self.plot, False)
self.assert_can_delete(self.tweaker_user, self.rainBarrel, False)
self.assert_can_delete(self.tweaker_user, self.tree, False)
self.assert_can_delete(self.other_user, self.plot, False)
self.assert_can_delete(self.other_user, self.rainBarrel, False)
self.assert_can_delete(self.other_user, self.tree, False)
def test_admin_cannot_delete_by_flag(self):
instance = self.tree.get_instance()
role = self.admin_user.get_role(instance)
role.instance_permissions.clear()
self.assertTrue(self.admin_user.get_instance_user(instance).admin)
self.assertEqual(role.instance_permissions.count(), 0)
self.assert_can_delete(self.admin_user, self.tree, False)
class UserCanDeleteTestCase(OTMTestCase):
def setUp(self):
instance = make_instance()
# Fancy name, but no write, create, or delete permissions
instance.default_role.name = Role.ADMINISTRATOR
self.creator_user = make_officer_user(instance)
self.admin_user = make_admin_user(instance)
self.other_user = make_observer_user(instance, username='******')
self.tweaker_user = make_tweaker_user(instance)
self.conjurer_user = make_conjurer_user(instance)
self.plot = Plot(geom=instance.center, instance=instance)
self.plot.save_with_user(self.creator_user)
self.tree = Tree(plot=self.plot, instance=instance)
self.tree.save_with_user(self.creator_user)
self.rainBarrel = RainBarrel(geom=instance.center, instance=instance,
capacity=5)
self.rainBarrel.save_with_user(self.creator_user)
def assert_can_delete(self, user, deletable, should_be_able_to_delete):
can = deletable.user_can_delete(user)
self.assertEqual(can, should_be_able_to_delete)
def test_user_can_delete(self):
self.assert_can_delete(self.conjurer_user, self.plot, True)
self.assert_can_delete(self.conjurer_user, self.rainBarrel, True)
self.assert_can_delete(self.conjurer_user, self.tree, True)
self.assert_can_delete(self.creator_user, self.plot, True)
self.assert_can_delete(self.creator_user, self.rainBarrel, True)
self.assert_can_delete(self.creator_user, self.tree, True)
self.assert_can_delete(self.admin_user, self.plot, True)
self.assert_can_delete(self.admin_user, self.rainBarrel, True)
self.assert_can_delete(self.admin_user, self.tree, True)
def test_user_cannot_delete(self):
self.assert_can_delete(self.tweaker_user, self.plot, False)
self.assert_can_delete(self.tweaker_user, self.rainBarrel, False)
self.assert_can_delete(self.tweaker_user, self.tree, False)
self.assert_can_delete(self.other_user, self.plot, False)
self.assert_can_delete(self.other_user, self.rainBarrel, False)
self.assert_can_delete(self.other_user, self.tree, False)
def test_admin_cannot_delete_by_flag(self):
instance = self.tree.get_instance()
role = self.admin_user.get_role(instance)
role.instance_permissions.clear()
self.assertTrue(self.admin_user.get_instance_user(instance).admin)
self.assertEqual(role.instance_permissions.count(), 0)
self.assert_can_delete(self.admin_user, self.tree, False)
class UserRoleModelPermissionTest(MultiUserTestCase):
def setUp(self):
super(UserRoleModelPermissionTest, self).setUp()
self.plot = Plot(geom=self.p1, instance=self.instance)
self.plot.save_with_user(self.direct_user)
self.tree = Tree(plot=self.plot, instance=self.instance)
self.tree.save_with_user(self.direct_user)
def _change_user_role(self, user, role):
iuser = user.get_instance_user(self.instance)
iuser.role = role
iuser.save_with_user(self.commander_user)
def test_save_new_object_authorized_officer(self):
''' Save two new objects with authorized user,
nothing should happen'''
plot = Plot(geom=self.p1, instance=self.instance)
plot.save_with_user(self.direct_user)
tree = Tree(plot=plot, instance=self.instance)
tree.save_with_user(self.direct_user)
def test_save_new_object_authorized_conjurer(self):
''' Save two new objects with authorized user,
nothing should happen'''
plot = Plot(geom=self.p1, instance=self.instance)
plot.save_with_user(self.conjurer_user)
tree = Tree(plot=plot, instance=self.instance)
tree.save_with_user(self.conjurer_user)
def test_save_new_object_unauthorized_outlaw(self):
plot = Plot(geom=self.p1, instance=self.instance)
self.assertRaises(AuthorizeException,
plot.save_with_user, self.outlaw_user)
plot.save_base()
tree = Tree(plot=plot, instance=self.instance)
self.assertRaises(AuthorizeException,
tree.save_with_user, self.outlaw_user)
def test_save_new_object_unauthorized_tweaker(self):
plot = Plot(geom=self.p1, instance=self.instance)
self.assertRaises(AuthorizeException,
plot.save_with_user, self.tweaker_user)
plot.save_base()
tree = Tree(plot=plot, instance=self.instance)
self.assertRaises(AuthorizeException,
tree.save_with_user, self.tweaker_user)
def test_assign_commander_role_can_delete(self):
with self.assertRaises(AuthorizeException):
self.tree.delete_with_user(self.outlaw_user)
self._change_user_role(
self.outlaw_user, make_commander_role(self.tree.get_instance()))
self.tree.delete_with_user(self.outlaw_user)
self.assertEqual(Tree.objects.count(), 0)
def test_delete_object(self):
with self.assertRaises(AuthorizeException):
self.tree.delete_with_user(self.outlaw_user)
self.tree.delete_with_user(self.commander_user)
with self.assertRaises(AuthorizeException):
self.plot.delete_with_user(self.outlaw_user, cascade=True)
self.plot.delete_with_user(self.commander_user, cascade=True)
def test_delete_object_you_created(self):
outlaw_role = self.outlaw_user.get_role(self.instance)
self._change_user_role(self.direct_user, outlaw_role)
self.tree.delete_with_user(self.direct_user)
self.plot.delete_with_user(self.direct_user, cascade=True)
class UserRoleModelPermissionTest(MultiUserTestCase):
def setUp(self):
super(UserRoleModelPermissionTest, self).setUp()
self.plot = Plot(geom=self.p1, instance=self.instance)
self.plot.save_with_user(self.direct_user)
self.tree = Tree(plot=self.plot, instance=self.instance)
self.tree.save_with_user(self.direct_user)
def _change_user_role(self, user, role):
iuser = user.get_instance_user(self.instance)
iuser.role = role
iuser.save_with_user(self.commander_user)
def test_save_new_object_authorized_officer(self):
''' Save two new objects with authorized user,
nothing should happen'''
plot = Plot(geom=self.p1, instance=self.instance)
plot.save_with_user(self.direct_user)
tree = Tree(plot=plot, instance=self.instance)
tree.save_with_user(self.direct_user)
def test_save_new_object_authorized_conjurer(self):
''' Save two new objects with authorized user,
nothing should happen'''
plot = Plot(geom=self.p1, instance=self.instance)
plot.save_with_user(self.conjurer_user)
tree = Tree(plot=plot, instance=self.instance)
tree.save_with_user(self.conjurer_user)
def test_save_new_object_unauthorized_outlaw(self):
plot = Plot(geom=self.p1, instance=self.instance)
self.assertRaises(AuthorizeException,
plot.save_with_user, self.outlaw_user)
plot.save_base()
tree = Tree(plot=plot, instance=self.instance)
self.assertRaises(AuthorizeException,
tree.save_with_user, self.outlaw_user)
def test_save_new_object_unauthorized_tweaker(self):
plot = Plot(geom=self.p1, instance=self.instance)
self.assertRaises(AuthorizeException,
plot.save_with_user, self.tweaker_user)
plot.save_base()
tree = Tree(plot=plot, instance=self.instance)
self.assertRaises(AuthorizeException,
tree.save_with_user, self.tweaker_user)
def test_assign_commander_role_can_delete(self):
with self.assertRaises(AuthorizeException):
self.tree.delete_with_user(self.outlaw_user)
self._change_user_role(
self.outlaw_user, make_commander_role(self.tree.get_instance()))
self.tree.delete_with_user(self.outlaw_user)
self.assertEqual(Tree.objects.count(), 0)
def test_delete_object(self):
with self.assertRaises(AuthorizeException):
self.tree.delete_with_user(self.outlaw_user)
self.tree.delete_with_user(self.commander_user)
with self.assertRaises(AuthorizeException):
self.plot.delete_with_user(self.outlaw_user, cascade=True)
self.plot.delete_with_user(self.commander_user, cascade=True)
def test_delete_object_you_created(self):
outlaw_role = self.outlaw_user.get_role(self.instance)
self._change_user_role(self.direct_user, outlaw_role)
self.tree.delete_with_user(self.direct_user)
self.plot.delete_with_user(self.direct_user, cascade=True)
