def test_share_resource_with_group_bad_requests(self): # here we are testing the share_resource_with_group view function with bad requests bad_privilege = 'bad' url_params = { 'shortkey': self.gen_res.short_id, 'privilege': bad_privilege, 'group_id': self.test_group.id } url = reverse('share_resource_with_group', kwargs=url_params) request = self.factory.post(url, data={}) request.user = self.owner # make it a ajax request request.META['HTTP_X_REQUESTED_WITH'] = 'XMLHttpRequest' response = share_resource_with_group(request, shortkey=self.gen_res.short_id, privilege=bad_privilege, group_id=self.test_group.id) self.assertEqual(response.status_code, status.HTTP_400_BAD_REQUEST) response_data = json.loads(response.content.decode()) self.assertEqual(response_data['status'], 'error') # test group can't be given ownership access url_params = { 'shortkey': self.gen_res.short_id, 'privilege': 'owner', 'group_id': self.test_group.id } url = reverse('share_resource_with_group', kwargs=url_params) request = self.factory.post(url, data={}) request.user = self.owner # make it a ajax request request.META['HTTP_X_REQUESTED_WITH'] = 'XMLHttpRequest' response = share_resource_with_group(request, shortkey=self.gen_res.short_id, privilege='owner', group_id=self.test_group.id) self.assertEqual(response.status_code, status.HTTP_400_BAD_REQUEST) response_data = json.loads(response.content.decode()) self.assertEqual(response_data['status'], 'error') url_params = { 'shortkey': self.gen_res.short_id, 'privilege': 'view', 'group_id': self.test_group.id } url = reverse('share_resource_with_group', kwargs=url_params) request = self.factory.post(url, data={}) # user does not have permission to grant test_group access to resource request.user = self.user # make it a ajax request request.META['HTTP_X_REQUESTED_WITH'] = 'XMLHttpRequest' with self.assertRaises(PermissionDenied): share_resource_with_group(request, shortkey=self.gen_res.short_id, privilege='view', group_id=self.test_group.id) # clean up hydroshare.delete_resource(self.gen_res.short_id)
def _share_resource_with_group(self, group, privilege): url_params = {'shortkey': self.resource.short_id, 'privilege': privilege, 'group_id': group.id} url = reverse('share_resource_with_group', kwargs=url_params) request = self.factory.post(url) self.set_request_message_attributes(request) request.user = self.john response = share_resource_with_group(request, shortkey=self.resource.short_id, privilege=privilege, group_id=group.id) return response
def _share_resource_with_group(self, group, privilege): url_params = {'shortkey': self.resource.short_id, 'privilege': privilege, 'group_id': group.id} url = reverse('share_resource_with_group', kwargs=url_params) request = self.factory.post(url) self._set_request_message_attributes(request) request.user = self.john response = share_resource_with_group(request, shortkey=self.resource.short_id, privilege=privilege, group_id=group.id) return response
def test_share_resource_with_group_bad_requests(self): # here we are testing the share_resource_with_group view function with bad requests bad_privilege = 'bad' url_params = {'shortkey': self.gen_res.short_id, 'privilege': bad_privilege, 'group_id': self.test_group.id} url = reverse('share_resource_with_group', kwargs=url_params) request = self.factory.post(url, data={}) request.user = self.owner # make it a ajax request request.META['HTTP_X_REQUESTED_WITH'] = 'XMLHttpRequest' response = share_resource_with_group(request, shortkey=self.gen_res.short_id, privilege=bad_privilege, group_id=self.test_group.id) self.assertEqual(response.status_code, status.HTTP_400_BAD_REQUEST) response_data = json.loads(response.content) self.assertEqual(response_data['status'], 'error') # test group can't be given ownership access url_params = {'shortkey': self.gen_res.short_id, 'privilege': 'owner', 'group_id': self.test_group.id} url = reverse('share_resource_with_group', kwargs=url_params) request = self.factory.post(url, data={}) request.user = self.owner # make it a ajax request request.META['HTTP_X_REQUESTED_WITH'] = 'XMLHttpRequest' response = share_resource_with_group(request, shortkey=self.gen_res.short_id, privilege='owner', group_id=self.test_group.id) self.assertEqual(response.status_code, status.HTTP_400_BAD_REQUEST) response_data = json.loads(response.content) self.assertEqual(response_data['status'], 'error') url_params = {'shortkey': self.gen_res.short_id, 'privilege': 'view', 'group_id': self.test_group.id} url = reverse('share_resource_with_group', kwargs=url_params) request = self.factory.post(url, data={}) # user does not have permission to grant test_group access to resource request.user = self.user # make it a ajax request request.META['HTTP_X_REQUESTED_WITH'] = 'XMLHttpRequest' with self.assertRaises(PermissionDenied): share_resource_with_group(request, shortkey=self.gen_res.short_id, privilege='view', group_id=self.test_group.id) # clean up hydroshare.delete_resource(self.gen_res.short_id)
def _check_share_with_group(self, privilege): url_params = {'shortkey': self.gen_res.short_id, 'privilege': privilege, 'group_id': self.test_group.id} url = reverse('share_resource_with_group', kwargs=url_params) request = self.factory.post(url, data={}) request.user = self.owner # make it a ajax request request.META['HTTP_X_REQUESTED_WITH'] = 'XMLHttpRequest' response = share_resource_with_group(request, shortkey=self.gen_res.short_id, privilege=privilege, group_id=self.test_group.id) self.assertEqual(response.status_code, status.HTTP_200_OK) response_data = json.loads(response.content) self.assertEqual(response_data['status'], 'success') self.gen_res.raccess.refresh_from_db()