def test_restricted(self): db.session.delete(self.post) user = User(username="******", email="*****@*****.**") db.session.add(user) user2 = User(username="******", email="*****@*****.**") db.session.add(user2) db.session.commit() admin = User(username="******", email="*****@*****.**", role=User.MODERATOR) assert user.id post = Post(title="test", author=user, access=Post.PRIVATE) db.session.add(post) db.session.commit() posts = Post.query.restricted(user) assert Post.query.restricted(user).count() == 1 assert Post.query.restricted(admin).count() == 1 assert Post.query.restricted(None).count() == 0 assert Post.query.restricted(user2).count() == 0 post.access = Post.PUBLIC db.session.commit() posts = Post.query.restricted(user) assert Post.query.restricted(user).count() == 1 assert Post.query.restricted(admin).count() == 1 assert Post.query.restricted(None).count() == 1 assert Post.query.restricted(user2).count() == 1 post.access = Post.FRIENDS db.session.commit() assert Post.query.restricted(user).count() == 1 assert Post.query.restricted(admin).count() == 1 assert Post.query.restricted(None).count() == 0 assert Post.query.restricted(user2).count() == 0 user2.follow(user) user.follow(user2) db.session.commit() assert Post.query.restricted(user2).count() == 1
def test_restricted(self): db.session.delete(self.post) db.session.delete(self.comment) user = User(username="******", email="*****@*****.**") db.session.add(user) user2 = User(username="******", email="*****@*****.**") db.session.add(user2) db.session.commit() admin = User(username="******", email="*****@*****.**", role=User.MODERATOR) post = Post(title="test", author=user, access=Post.PRIVATE) db.session.add(post) db.session.commit() comment = Comment(author=user, post=post, comment="test") db.session.add(comment) db.session.commit() assert Comment.query.restricted(user).count() == 1 assert Comment.query.restricted(admin).count() == 1 assert Comment.query.restricted(None).count() == 0 assert Comment.query.restricted(user2).count() == 0 post.access = Post.PUBLIC db.session.commit() posts = Post.query.restricted(user) assert Comment.query.restricted(user).count() == 1 assert Comment.query.restricted(admin).count() == 1 assert Comment.query.restricted(None).count() == 1 assert Comment.query.restricted(user2).count() == 1 post.access = Post.FRIENDS db.session.commit() assert Comment.query.restricted(user).count() == 1 assert Comment.query.restricted(admin).count() == 1 assert Comment.query.restricted(None).count() == 0 assert Comment.query.restricted(user2).count() == 0 user2.follow(user) user.follow(user2) db.session.commit() assert Comment.query.restricted(user2).count() == 1
def test_can_access(self): user = User(username="******", email="*****@*****.**") db.session.add(user) user2 = User(username="******", email="*****@*****.**") db.session.add(user2) db.session.commit() admin = User(username="******", email="*****@*****.**", role=User.MODERATOR) post = Post(title="test", author_id=user.id, access=Post.PRIVATE) assert post.can_access(user) assert post.can_access(admin) assert not post.can_access(user2) assert not post.can_access(None) post.access = Post.PUBLIC assert post.can_access(user) assert post.can_access(admin) assert post.can_access(user2) assert post.can_access(None) post.access = Post.FRIENDS assert post.can_access(user) assert post.can_access(admin) assert not post.can_access(user2) assert not post.can_access(None) user.follow(user2) user2.follow(user) assert post.can_access(user2)