def test_has_perm(self, mock_get_org_id):
"""Test has_perm method"""
permissions = SEEDOrgPermissions()
mock_request = mock.MagicMock()
mock_request.user = self.user
# assert False if org/org user does not exist
mock_get_org_id.return_value = '1000000'
mock_request.method = 'GET'
self.assertFalse(permissions.has_perm(mock_request))
# check self.org_user has right permissions
mock_get_org_id.return_value = self.org.id
assert self.org_user.role_level >= ROLE_MEMBER
for view_type in SEEDOrgPermissions.perm_map:
mock_request.method = view_type
self.assertTrue(permissions.has_perm(mock_request))
# test with lower role_level
self.org_user.role_level = ROLE_VIEWER
self.org_user.save()
assert self.org_user.role_level < ROLE_MEMBER
for view_type in ['GET', 'OPTIONS', 'HEAD']:
mock_request.method = view_type
self.assertTrue(permissions.has_perm(mock_request))
for view_type in ['POST', 'PATCH', 'PUT', 'DELETE']:
mock_request.method = view_type
self.assertFalse(permissions.has_perm(mock_request))
# test with admin
mock_request.user = self.superuser
self.assertTrue(permissions.has_perm(mock_request))
def test_has_permission(self, mock_is_authenticated, mock_has_perm):
"""Test has_permission method"""
permissions = SEEDOrgPermissions()
mock_request = mock.MagicMock()
mock_request.user = self.user
mock_view = mock.MagicMock()
# queryset its not used, but needs to be checked as work around
mock_view.queryset = True
# assert false if not has_perm
mock_has_perm.return_value = False
mock_is_authenticated.return_value = True
self.assertFalse(permissions.has_permission(mock_request, mock_view))
# assert false if not authenticated
mock_has_perm.return_value = True
mock_is_authenticated.return_value = False
self.assertFalse(permissions.has_permission(mock_request, mock_view))
# assert false if not has_perm and is not authenticated
mock_has_perm.return_value = False
mock_is_authenticated.return_value = False
self.assertFalse(permissions.has_permission(mock_request, mock_view))
# assert true if has_perm and is authenticated
mock_has_perm.return_value = True
mock_is_authenticated.return_value = True
self.assertTrue(permissions.has_permission(mock_request, mock_view))
# test get_queryset called
# pylint: disable=redefined-variable-type
mock_view.queryset = None
mock_get_queryset = mock.MagicMock()
type(mock_view).get_queryset = mock_get_queryset
permissions.has_permission(mock_request, mock_view)
self.assertTrue(mock_get_queryset.called)
# assert raises error if no queryset
mock_value_error = mock.PropertyMock(side_effect=ValueError)
type(mock_view).get_queryset = mock_value_error
mock_view.queryset = None
self.assertRaises(
AssertionError,
permissions.has_permission,
mock_request,
mock_view
)