def test_owner_user(self): request = self.factory.get('/whatever/') request.user = self.owner perm = IsOwner() self.assertTrue(perm.has_object_permission(request, None, self.entry)) request.user = self.other self.assertFalse(perm.has_object_permission(request, None, self.entry))
def test_is_owner_has_object_permission(user_factory, is_user): user = user_factory.build() mock_request = mock.MagicMock() permission = IsOwner() mock_request.user = user if is_user: obj = user else: obj = mock.MagicMock() obj.owner = user assert permission.has_object_permission(mock_request, mock.MagicMock(), obj)
def test_is_owner_has_permission(user_factory, use_pk, is_authenticated, expected): user = user_factory.build() mock_request = mock.MagicMock() mock_view = mock.MagicMock() permission = IsOwner() mock_request.user.is_authenticated = is_authenticated mock_request.user.pk = user.pk if use_pk: mock_view.kwargs = {'pk': user.pk} else: mock_view.kwargs = {} assert expected == permission.has_permission(mock_request, mock_view)
class IsOwnerTestCase(TestCase): def setUp(self): self.permission = IsOwner() self.view = MagicMock() def test_owner(self): request = MagicMock(user=MagicMock()) obj = MagicMock(owner=request.user) self.assertTrue(self.permission.has_object_permission(request, self.view, obj)) def test_not_owner(self): request = MagicMock(user=MagicMock()) obj = MagicMock(owner=MagicMock()) self.assertFalse(self.permission.has_object_permission(request, self.view, obj))
def get_permissions(self): if self.action == 'create': # create는 로그인 없이도 가능 return [AllowAny()] elif self.action in ['update', 'destroy']: # update와 destroy는 자기가 등록한 것만 가능 return [IsOwner()] return super().get_permissions()
def get_permissions(self): if self.action == 'create': return [AllowAny()] elif self.action in ['update', 'destroy']: return [IsOwner()] return super().get_permissions()
def setUp(self): self.permission = IsOwner() self.view = MagicMock()