def test_share_resource_with_group_bad_requests(self):
# here we are testing the share_resource_with_group view function with bad requests
bad_privilege = 'bad'
url_params = {
'shortkey': self.gen_res.short_id,
'privilege': bad_privilege,
'group_id': self.test_group.id
}
url = reverse('share_resource_with_group', kwargs=url_params)
request = self.factory.post(url, data={})
request.user = self.owner
# make it a ajax request
request.META['HTTP_X_REQUESTED_WITH'] = 'XMLHttpRequest'
response = share_resource_with_group(request,
shortkey=self.gen_res.short_id,
privilege=bad_privilege,
group_id=self.test_group.id)
self.assertEqual(response.status_code, status.HTTP_400_BAD_REQUEST)
response_data = json.loads(response.content.decode())
self.assertEqual(response_data['status'], 'error')
# test group can't be given ownership access
url_params = {
'shortkey': self.gen_res.short_id,
'privilege': 'owner',
'group_id': self.test_group.id
}
url = reverse('share_resource_with_group', kwargs=url_params)
request = self.factory.post(url, data={})
request.user = self.owner
# make it a ajax request
request.META['HTTP_X_REQUESTED_WITH'] = 'XMLHttpRequest'
response = share_resource_with_group(request,
shortkey=self.gen_res.short_id,
privilege='owner',
group_id=self.test_group.id)
self.assertEqual(response.status_code, status.HTTP_400_BAD_REQUEST)
response_data = json.loads(response.content.decode())
self.assertEqual(response_data['status'], 'error')
url_params = {
'shortkey': self.gen_res.short_id,
'privilege': 'view',
'group_id': self.test_group.id
}
url = reverse('share_resource_with_group', kwargs=url_params)
request = self.factory.post(url, data={})
# user does not have permission to grant test_group access to resource
request.user = self.user
# make it a ajax request
request.META['HTTP_X_REQUESTED_WITH'] = 'XMLHttpRequest'
with self.assertRaises(PermissionDenied):
share_resource_with_group(request,
shortkey=self.gen_res.short_id,
privilege='view',
group_id=self.test_group.id)
# clean up
hydroshare.delete_resource(self.gen_res.short_id)
def _share_resource_with_group(self, group, privilege):
url_params = {'shortkey': self.resource.short_id, 'privilege': privilege, 'group_id': group.id}
url = reverse('share_resource_with_group', kwargs=url_params)
request = self.factory.post(url)
self.set_request_message_attributes(request)
request.user = self.john
response = share_resource_with_group(request, shortkey=self.resource.short_id, privilege=privilege,
group_id=group.id)
return response
def _share_resource_with_group(self, group, privilege):
url_params = {'shortkey': self.resource.short_id, 'privilege': privilege, 'group_id': group.id}
url = reverse('share_resource_with_group', kwargs=url_params)
request = self.factory.post(url)
self._set_request_message_attributes(request)
request.user = self.john
response = share_resource_with_group(request, shortkey=self.resource.short_id, privilege=privilege,
group_id=group.id)
return response
def test_share_resource_with_group_bad_requests(self):
# here we are testing the share_resource_with_group view function with bad requests
bad_privilege = 'bad'
url_params = {'shortkey': self.gen_res.short_id, 'privilege': bad_privilege,
'group_id': self.test_group.id}
url = reverse('share_resource_with_group', kwargs=url_params)
request = self.factory.post(url, data={})
request.user = self.owner
# make it a ajax request
request.META['HTTP_X_REQUESTED_WITH'] = 'XMLHttpRequest'
response = share_resource_with_group(request, shortkey=self.gen_res.short_id,
privilege=bad_privilege, group_id=self.test_group.id)
self.assertEqual(response.status_code, status.HTTP_400_BAD_REQUEST)
response_data = json.loads(response.content)
self.assertEqual(response_data['status'], 'error')
# test group can't be given ownership access
url_params = {'shortkey': self.gen_res.short_id, 'privilege': 'owner',
'group_id': self.test_group.id}
url = reverse('share_resource_with_group', kwargs=url_params)
request = self.factory.post(url, data={})
request.user = self.owner
# make it a ajax request
request.META['HTTP_X_REQUESTED_WITH'] = 'XMLHttpRequest'
response = share_resource_with_group(request, shortkey=self.gen_res.short_id,
privilege='owner', group_id=self.test_group.id)
self.assertEqual(response.status_code, status.HTTP_400_BAD_REQUEST)
response_data = json.loads(response.content)
self.assertEqual(response_data['status'], 'error')
url_params = {'shortkey': self.gen_res.short_id, 'privilege': 'view',
'group_id': self.test_group.id}
url = reverse('share_resource_with_group', kwargs=url_params)
request = self.factory.post(url, data={})
# user does not have permission to grant test_group access to resource
request.user = self.user
# make it a ajax request
request.META['HTTP_X_REQUESTED_WITH'] = 'XMLHttpRequest'
with self.assertRaises(PermissionDenied):
share_resource_with_group(request, shortkey=self.gen_res.short_id,
privilege='view', group_id=self.test_group.id)
# clean up
hydroshare.delete_resource(self.gen_res.short_id)
def _check_share_with_group(self, privilege):
url_params = {'shortkey': self.gen_res.short_id, 'privilege': privilege,
'group_id': self.test_group.id}
url = reverse('share_resource_with_group', kwargs=url_params)
request = self.factory.post(url, data={})
request.user = self.owner
# make it a ajax request
request.META['HTTP_X_REQUESTED_WITH'] = 'XMLHttpRequest'
response = share_resource_with_group(request, shortkey=self.gen_res.short_id,
privilege=privilege, group_id=self.test_group.id)
self.assertEqual(response.status_code, status.HTTP_200_OK)
response_data = json.loads(response.content)
self.assertEqual(response_data['status'], 'success')
self.gen_res.raccess.refresh_from_db()
