def test_negation_request_objects(self):
request_user = self.get_request()
request_admin = self.get_request()
request_user.user = self.user
request_admin.user = self.admin
self.assertTrue(AuthenticatedPermissions().check(request_user))
self.assertTrue(AuthenticatedPermissions().check(request_admin))
self.assertFalse(NegatePermissions().check(request_user))
self.assertFalse(NegatePermissions().check(request_admin))
self.user.is_public = True
self.user.save()
self.admin.is_public = True
self.admin.save()
self.assertTrue(NegatePermissions().check(request_user))
self.assertTrue(NegatePermissions().check(request_admin))
class UpdatingOnlyAuthorization(TastypieAuthorization):
permissions = AuthenticatedPermissions()
def create_list(self, object_list, bundle):
raise Unauthorized()
def update_list(self, object_list, bundle):
raise Unauthorized()
def update_detail(self, object_list, bundle):
return AuthenticatedPermissions().check(bundle.request)
def delete_list(self, object_list, bundle):
raise Unauthorized()
def delete_detail(self, object_list, bundle):
raise Unauthorized()
def update_detail(self, object_list, bundle):
return AuthenticatedPermissions().check(bundle.request)
class ResponseClassView(PermissionsTemplateView):
template_name = 'tests/passed.html'
permissions = AuthenticatedPermissions()
permissions_response_class = AccessDeniedView
class AuthenticatedView(PermissionsTemplateView):
template_name = 'tests/passed.html'
permissions = AuthenticatedPermissions()
class MenuView(PermissionsTemplateView):
template_name = 'tests/menu.html'
permissions = AuthenticatedPermissions()
def test_is_superuser(self):
request = self.get_request()
self.assertFalse(AuthenticatedPermissions().check(request))
request.user = self.admin
self.assertTrue(AuthenticatedPermissions().check(request))
self.assertTrue(SuperuserPermissions().check(request))
def test_is_authenticated(self):
request = self.get_request()
self.assertFalse(AuthenticatedPermissions().check(request))
request.user = self.user
self.assertTrue(AuthenticatedPermissions().check(request))