def test_correct_organizer_permission(perf_patch, client, env, perm, url, code):
t = Team(organizer=env[2])
setattr(t, perm, True)
t.save()
t.members.add(env[1])
client.login(email='*****@*****.**', password='******')
response = client.get('/control/' + url)
assert response.status_code == code
def test_wrong_event_permission(perf_patch, client, env, perm, url, code):
t = Team(organizer=env[2], all_events=True)
setattr(t, perm, False)
t.save()
t.members.add(env[1])
client.login(email='*****@*****.**', password='******')
response = client.get('/control/event/dummy/dummy/' + url)
assert response.status_code == 403
def test_correct_organizer_permission(perf_patch, client, env, perm, url, code):
t = Team(organizer=env[2])
setattr(t, perm, True)
t.save()
t.members.add(env[1])
client.login(email='*****@*****.**', password='******')
response = client.get('/control/' + url)
assert response.status_code == code
def test_wrong_event_permission(perf_patch, client, env, perm, url, code):
t = Team(
organizer=env[2], all_events=True
)
setattr(t, perm, False)
t.save()
t.members.add(env[1])
client.login(email='*****@*****.**', password='******')
response = client.get('/control/event/dummy/dummy/' + url)
assert response.status_code == 403
def test_correct_event_permission_all_events(perf_patch, client, env, perm, url, code):
t = Team(organizer=env[2], all_events=True)
setattr(t, perm, True)
t.save()
t.members.add(env[1])
client.login(email='*****@*****.**', password='******')
session = client.session
session['pretix_auth_login_time'] = int(time.time())
session.save()
response = client.get('/control/event/dummy/dummy/' + url)
assert response.status_code == code
def test_correct_event_permission_limited(perf_patch, client, env, perm, url, code, http_method):
t = Team(organizer=env[2])
setattr(t, perm, True)
t.save()
t.members.add(env[1])
t.limit_events.add(env[0])
client.login(email='*****@*****.**', password='******')
session = client.session
session['pretix_auth_login_time'] = int(time.time())
session.save()
if http_method and http_method == HTTP_POST:
response = client.post('/control/event/dummy/dummy/' + url)
else:
response = client.get('/control/event/dummy/dummy/' + url)
assert response.status_code == code
def test_current_permission(client, env):
t = Team(
organizer=env[2], all_events=True
)
setattr(t, 'can_change_event_settings', True)
t.save()
t.members.add(env[1])
client.login(email='*****@*****.**', password='******')
response = client.get('/control/event/dummy/dummy/settings/')
assert response.status_code == 200
setattr(t, 'can_change_event_settings', False)
t.save()
response = client.get('/control/event/dummy/dummy/settings/')
assert response.status_code == 403
def test_current_permission(client, env):
t = Team(organizer=env[2], all_events=True)
setattr(t, 'can_change_event_settings', True)
t.save()
t.members.add(env[1])
client.login(email='*****@*****.**', password='******')
response = client.get('/control/event/dummy/dummy/settings/')
assert response.status_code == 200
setattr(t, 'can_change_event_settings', False)
t.save()
response = client.get('/control/event/dummy/dummy/settings/')
assert response.status_code == 403