def test_edit_buttons(self):
"""Ensure admin/user edit buttons are shown."""
def get_links(id):
"""Grab profile, return edit links."""
url = reverse('users.profile', args=[id])
r = self.client.get(url)
return pq(r.content)('#profile-actions a')
# Anonymous user.
links = get_links(self.user.id)
assert links.length == 1
assert links.eq(0).attr('href') == reverse('users.abuse',
args=[self.user.id])
# Non-admin, someone else's profile.
self.client.login(email='*****@*****.**')
links = get_links(9945)
assert links.length == 1
assert links.eq(0).attr('href') == reverse('users.abuse', args=[9945])
# Non-admin, own profile.
links = get_links(self.user.id)
assert links.length == 1
assert links.eq(0).attr('href') == reverse('users.edit')
# Admin, someone else's profile.
admingroup = Group(rules='Users:Edit')
admingroup.save()
GroupUser.objects.create(group=admingroup, user=self.user)
cache.clear()
# Admin, own profile.
links = get_links(self.user.id)
assert links.length == 2
assert links.eq(0).attr('href') == reverse('users.edit')
def test_can_view_stats(self):
c = Collection.objects.create(author=self.user, slug='boom')
fake_request = mock.Mock()
fake_request.groups = ()
fake_request.user.is_authenticated.return_value = True
# Owner.
fake_request.user = self.user
eq_(c.can_view_stats(fake_request), True)
# Bad user.
fake_request.user = UserProfile.objects.create(username='******',
email='ez@dee')
eq_(c.can_view_stats(fake_request), False)
# Member of group with Collections:Edit permission.
fake_request.groups = (Group(name='Collections Agency',
rules='CollectionStats:View'), )
eq_(c.can_view_stats(fake_request), True)
# Developer.
CollectionUser.objects.create(collection=c, user=self.user)
fake_request.groups = ()
fake_request.user = self.user
eq_(c.can_view_stats(fake_request), True)
def test_password_empty(self):
admingroup = Group(rules='Users:Edit')
admingroup.save()
GroupUser.objects.create(group=admingroup, user=self.user)
homepage = {'username': '******', 'email': '*****@*****.**',
'homepage': 'http://cbc.ca', 'lang': 'en-US'}
res = self.client.post(self.url, homepage)
assert res.status_code == 302