def test_post_with_collections(self):
root_collection = Collection.get_first_root_node()
evil_plans_collection = root_collection.add_child(name="Evil plans")
# Build a fake file
fake_file = ContentFile(b("A boring example document"))
fake_file.name = 'test.txt'
# Submit
post_data = {
'title': "Test document",
'file': fake_file,
'collection': evil_plans_collection.id,
}
response = self.client.post(reverse('tuiuiudocs:add'), post_data)
# User should be redirected back to the index
self.assertRedirects(response, reverse('tuiuiudocs:index'))
# Document should be created, and be placed in the Evil Plans collection
self.assertTrue(
models.Document.objects.filter(title="Test document").exists())
root_collection = Collection.get_first_root_node()
self.assertEqual(
models.Document.objects.get(title="Test document").collection,
evil_plans_collection)
def setUp(self):
# Create some user accounts for testing permissions
User = get_user_model()
self.user = User.objects.create_user(username='******',
email='*****@*****.**',
password='******')
self.owner = User.objects.create_user(username='******',
email='*****@*****.**',
password='******')
self.editor = User.objects.create_user(username='******',
email='*****@*****.**',
password='******')
self.editor.groups.add(Group.objects.get(name='Editors'))
self.administrator = User.objects.create_superuser(
username='******',
email='*****@*****.**',
password='******')
# Owner user must have the add_document permission
self.adders_group = Group.objects.create(name='Document adders')
GroupCollectionPermission.objects.create(
group=self.adders_group,
collection=Collection.get_first_root_node(),
permission=Permission.objects.get(codename='add_document'))
self.owner.groups.add(self.adders_group)
# Create a document for running tests on
self.document = models.Document.objects.create(
title="Test document", uploaded_by_user=self.owner)
def setUp(self):
# Create a group to edit
self.test_group = Group.objects.create(name='test group')
self.root_page = Page.objects.get(pk=1)
self.root_add_permission = GroupPagePermission.objects.create(
page=self.root_page, permission_type='add', group=self.test_group)
self.home_page = Page.objects.get(pk=2)
# Get the hook-registered permissions, and add one to this group
self.registered_permissions = Permission.objects.none()
for fn in hooks.get_hooks('register_permissions'):
self.registered_permissions = self.registered_permissions | fn()
self.existing_permission = self.registered_permissions.order_by(
'pk')[0]
self.another_permission = self.registered_permissions.order_by('pk')[1]
self.test_group.permissions.add(self.existing_permission)
# set up collections to test document permissions
self.root_collection = Collection.get_first_root_node()
self.evil_plans_collection = self.root_collection.add_child(
name="Evil plans")
self.add_doc_permission = Permission.objects.get(
content_type__app_label='tuiuiudocs', codename='add_document')
self.change_doc_permission = Permission.objects.get(
content_type__app_label='tuiuiudocs', codename='change_document')
GroupCollectionPermission.objects.create(
group=self.test_group,
collection=self.evil_plans_collection,
permission=self.add_doc_permission,
)
# Login
self.login()
def test_pagination_preserves_other_params(self):
root_collection = Collection.get_first_root_node()
evil_plans_collection = root_collection.add_child(name="Evil plans")
for i in range(1, 50):
self.image = Image.objects.create(title="Test image %i" % i,
file=get_test_image_file(),
collection=evil_plans_collection)
response = self.get({
'collection_id': evil_plans_collection.id,
'p': 2
})
self.assertEqual(response.status_code, 200)
response_body = response.content.decode('utf8')
# prev link should exist and include collection_id
self.assertTrue(
("?p=1&collection_id=%i" % evil_plans_collection.id)
in response_body
or ("?collection_id=%i&p=1" % evil_plans_collection.id)
in response_body)
# next link should exist and include collection_id
self.assertTrue(
("?p=3&collection_id=%i" % evil_plans_collection.id)
in response_body
or ("?collection_id=%i&p=3" % evil_plans_collection.id)
in response_body)
def setUp(self):
# Create some user accounts for testing permissions
User = get_user_model()
self.user = User.objects.create_user(username='******',
email='*****@*****.**',
password='******')
self.owner = User.objects.create_user(username='******',
email='*****@*****.**',
password='******')
self.editor = User.objects.create_user(username='******',
email='*****@*****.**',
password='******')
self.editor.groups.add(Group.objects.get(name='Editors'))
self.administrator = User.objects.create_superuser(
username='******',
email='*****@*****.**',
password='******')
# Owner user must have the add_image permission
image_adders_group = Group.objects.create(name="Image adders")
GroupCollectionPermission.objects.create(
group=image_adders_group,
collection=Collection.get_first_root_node(),
permission=Permission.objects.get(codename='add_image'),
)
self.owner.groups.add(image_adders_group)
# Create an image for running tests on
self.image = Image.objects.create(
title="Test image",
uploaded_by_user=self.owner,
file=get_test_image_file(),
)
def test_add(self):
response = self.post({
'title':
"Test image",
'file':
SimpleUploadedFile('test.png',
get_test_image_file().file.getvalue()),
})
# Should redirect back to index
self.assertRedirects(response, reverse('tuiuiuimages:index'))
# Check that the image was created
images = Image.objects.filter(title="Test image")
self.assertEqual(images.count(), 1)
# Test that size was populated correctly
image = images.first()
self.assertEqual(image.width, 640)
self.assertEqual(image.height, 480)
# Test that the file_size field was set
self.assertTrue(image.file_size)
# Test that it was placed in the root collection
root_collection = Collection.get_first_root_node()
self.assertEqual(image.collection, root_collection)
def setUp(self):
# Create an image to edit
self.image = Image.objects.create(
title="Test image",
file=get_test_image_file(),
)
# Create a user with change_image permission but not add_image
user = get_user_model().objects.create_user(
username='******',
email='*****@*****.**',
password='******')
change_permission = Permission.objects.get(
content_type__app_label='tuiuiuimages', codename='change_image')
admin_permission = Permission.objects.get(
content_type__app_label='tuiuiuadmin', codename='access_admin')
image_changers_group = Group.objects.create(name='Image changers')
image_changers_group.permissions.add(admin_permission)
GroupCollectionPermission.objects.create(
group=image_changers_group,
collection=Collection.get_first_root_node(),
permission=change_permission)
user.groups.add(image_changers_group)
self.assertTrue(
self.client.login(username='******', password='******'))
def test_add_post_with_collections(self):
"""
This tests that a POST request to the add view saves the document
and returns an edit form, when collections are active
"""
root_collection = Collection.get_first_root_node()
evil_plans_collection = root_collection.add_child(name="Evil plans")
response = self.client.post(
reverse('tuiuiudocs:add_multiple'), {
'files[]': SimpleUploadedFile('test.png',
b"Simple text document"),
'collection': evil_plans_collection.id
},
HTTP_X_REQUESTED_WITH='XMLHttpRequest')
# Check response
self.assertEqual(response.status_code, 200)
self.assertEqual(response['Content-Type'], 'application/json')
self.assertTemplateUsed(response, 'tuiuiudocs/multiple/edit_form.html')
# Check document
self.assertIn('doc', response.context)
self.assertEqual(response.context['doc'].title, 'test.png')
self.assertTrue(response.context['doc'].file_size)
# check that it is in the 'evil plans' collection
doc = models.Document.objects.get(title='test.png')
root_collection = Collection.get_first_root_node()
self.assertEqual(doc.collection, evil_plans_collection)
# Check form
self.assertIn('form', response.context)
self.assertEqual(response.context['form'].initial['title'], 'test.png')
# Check JSON
response_json = json.loads(response.content.decode())
self.assertIn('doc_id', response_json)
self.assertIn('form', response_json)
self.assertIn('success', response_json)
self.assertEqual(response_json['doc_id'], response.context['doc'].id)
self.assertTrue(response_json['success'])
# form should contain a collection chooser
self.assertIn('Collection', response_json['form'])
def test_get_with_collections(self):
root_collection = Collection.get_first_root_node()
root_collection.add_child(name="Evil plans")
response = self.client.get(reverse('tuiuiudocs:add'))
self.assertEqual(response.status_code, 200)
self.assertTemplateUsed(response, 'tuiuiudocs/documents/add.html')
self.assertContains(response, '<label for="id_collection">')
self.assertContains(response, "Evil plans")
def test_get_with_collections(self):
root_collection = Collection.get_first_root_node()
root_collection.add_child(name="Evil plans")
response = self.get()
self.assertEqual(response.status_code, 200)
self.assertTemplateUsed(response, 'tuiuiuimages/images/add.html')
self.assertContains(response, '<label for="id_collection">')
self.assertContains(response, "Evil plans")
def test_add_with_collections(self):
root_collection = Collection.get_first_root_node()
root_collection.add_child(name="Evil plans")
# Send request
response = self.client.get(reverse('tuiuiudocs:add_multiple'))
# Check response
self.assertEqual(response.status_code, 200)
self.assertTemplateUsed(response, 'tuiuiudocs/multiple/add.html')
# collection chooser should exisst
self.assertContains(response,
'<label for="id_adddocument_collection">')
self.assertContains(response, 'Evil plans')
def test_post(self):
response = self.post({
'name': "Holiday snaps",
})
# Should redirect back to index
self.assertRedirects(response, reverse('tuiuiuadmin_collections:index'))
# Check that the collection was created and is a child of root
self.assertEqual(Collection.objects.filter(name="Holiday snaps").count(), 1)
root_collection = Collection.get_first_root_node()
self.assertEqual(
Collection.objects.get(name="Holiday snaps").get_parent(),
root_collection
)
def test_simple(self):
response = self.get()
self.assertEqual(response.status_code, 200)
self.assertTemplateUsed(response, 'tuiuiuadmin/collections/index.html')
# Initially there should be no collections listed
# (Root should not be shown)
self.assertContains(response, "No collections have been created.")
root_collection = Collection.get_first_root_node()
self.collection = root_collection.add_child(name="Holiday snaps")
# Now the listing should contain our collection
response = self.get()
self.assertEqual(response.status_code, 200)
self.assertTemplateUsed(response, 'tuiuiuadmin/collections/index.html')
self.assertNotContains(response, "No collections have been created.")
self.assertContains(response, "Holiday snaps")
def test_group_create_adding_permissions(self):
response = self.post({
'name':
"test group",
'page_permissions-0-page': ['1'],
'page_permissions-0-permission_types': ['edit', 'publish'],
'page_permissions-TOTAL_FORMS': ['1'],
'document_permissions-0-collection':
[Collection.get_first_root_node().pk],
'document_permissions-0-permissions': [self.add_doc_permission.pk],
'document_permissions-TOTAL_FORMS': ['1'],
})
self.assertRedirects(response, reverse('tuiuiuusers_groups:index'))
# The test group now exists, with two page permissions
# and one 'add document' collection permission
new_group = Group.objects.get(name='test group')
self.assertEqual(new_group.page_permissions.all().count(), 2)
self.assertEqual(
new_group.collection_permissions.filter(
permission=self.add_doc_permission).count(), 1)
def test_as_ordinary_editor(self):
user = get_user_model().objects.create_user(username='******',
email='*****@*****.**',
password='******')
add_permission = Permission.objects.get(
content_type__app_label='tuiuiuimages', codename='add_image')
admin_permission = Permission.objects.get(
content_type__app_label='tuiuiuadmin', codename='access_admin')
image_adders_group = Group.objects.create(name='Image adders')
image_adders_group.permissions.add(admin_permission)
GroupCollectionPermission.objects.create(
group=image_adders_group,
collection=Collection.get_first_root_node(),
permission=add_permission)
user.groups.add(image_adders_group)
self.client.login(username='******', password='******')
response = self.client.get(reverse('tuiuiuimages:add_multiple'))
self.assertEqual(response.status_code, 200)
self.assertTemplateUsed(response, 'tuiuiuimages/multiple/add.html')
def test_duplicate_document_permissions_error(self):
# Try to submit multiple document permission entries for the same collection
root_collection = Collection.get_first_root_node()
response = self.post({
'name':
"test group",
'document_permissions-0-collection': [root_collection.pk],
'document_permissions-0-permissions': [self.add_doc_permission.pk],
'document_permissions-1-collection': [root_collection.pk],
'document_permissions-1-permissions':
[self.change_doc_permission.pk],
'document_permissions-TOTAL_FORMS': ['2'],
})
self.assertEqual(response.status_code, 200)
# formset should have a non-form error about the duplication
# (we don't know what index in permission_panels the formset will be,
# so just assert that it happens on at least one permission_panel)
self.assertTrue(
any(
hasattr(panel, 'non_form_errors') and panel.non_form_errors
for panel in response.context['permission_panels']))
def setUp(self):
# Build a fake file
fake_file = ContentFile(b("A boring example document"))
fake_file.name = 'test.txt'
self.root_collection = Collection.get_first_root_node()
self.evil_plans_collection = self.root_collection.add_child(
name="Evil plans")
self.nice_plans_collection = self.root_collection.add_child(
name="Nice plans")
# Create a document to edit
self.document = models.Document.objects.create(
title="Test document",
file=fake_file,
collection=self.nice_plans_collection)
# Create a user with change_document permission but not add_document
user = get_user_model().objects.create_user(
username='******',
email='*****@*****.**',
password='******')
change_permission = Permission.objects.get(
content_type__app_label='tuiuiudocs', codename='change_document')
admin_permission = Permission.objects.get(
content_type__app_label='tuiuiuadmin', codename='access_admin')
self.changers_group = Group.objects.create(name='Document changers')
GroupCollectionPermission.objects.create(
group=self.changers_group,
collection=self.root_collection,
permission=change_permission)
user.groups.add(self.changers_group)
user.user_permissions.add(admin_permission)
self.assertTrue(
self.client.login(username='******', password='******'))
def setUp(self):
add_doc_permission = Permission.objects.get(
content_type__app_label='tuiuiudocs', codename='add_document')
admin_permission = Permission.objects.get(
content_type__app_label='tuiuiuadmin', codename='access_admin')
root_collection = Collection.get_first_root_node()
self.evil_plans_collection = root_collection.add_child(
name="Evil plans")
conspirators_group = Group.objects.create(name="Evil conspirators")
conspirators_group.permissions.add(admin_permission)
GroupCollectionPermission.objects.create(
group=conspirators_group,
collection=self.evil_plans_collection,
permission=add_doc_permission)
user = get_user_model().objects.create_user(
username='******',
email='*****@*****.**',
password='******')
user.groups.add(conspirators_group)
self.client.login(username='******', password='******')
def test_add_with_collections(self):
root_collection = Collection.get_first_root_node()
evil_plans_collection = root_collection.add_child(name="Evil plans")
response = self.post({
'title':
"Test image",
'file':
SimpleUploadedFile('test.png',
get_test_image_file().file.getvalue()),
'collection':
evil_plans_collection.id,
})
# Should redirect back to index
self.assertRedirects(response, reverse('tuiuiuimages:index'))
# Check that the image was created
images = Image.objects.filter(title="Test image")
self.assertEqual(images.count(), 1)
# Test that it was placed in the Evil Plans collection
image = images.first()
self.assertEqual(image.collection, evil_plans_collection)
def get_queryset(self):
# Only return children of the root node, so that the root is not editable
return Collection.get_first_root_node().get_children()
def save_instance(self):
# Always create new collections as children of root
instance = self.form.save(commit=False)
root_collection = Collection.get_first_root_node()
root_collection.add_child(instance=instance)
return instance
def setUp(self):
self.root_collection = Collection.get_first_root_node()
self.holiday_photos_collection = self.root_collection.add_child(
name="Holiday photos")
self.evil_plans_collection = self.root_collection.add_child(
name="Evil plans")
def setUp(self):
# Permissions
document_content_type = ContentType.objects.get_for_model(Document)
add_doc_permission = Permission.objects.get(
content_type=document_content_type, codename='add_document'
)
change_doc_permission = Permission.objects.get(
content_type=document_content_type, codename='change_document'
)
# Collections
self.root_collection = Collection.get_first_root_node()
self.reports_collection = self.root_collection.add_child(name="Reports")
# Groups
doc_changers_group = Group.objects.create(name="Document changers")
GroupCollectionPermission.objects.create(
group=doc_changers_group,
collection=self.root_collection,
permission=change_doc_permission
)
report_changers_group = Group.objects.create(name="Report changers")
GroupCollectionPermission.objects.create(
group=report_changers_group,
collection=self.reports_collection,
permission=change_doc_permission
)
report_adders_group = Group.objects.create(name="Report adders")
GroupCollectionPermission.objects.create(
group=report_adders_group,
collection=self.reports_collection,
permission=add_doc_permission
)
# Users
User = get_user_model()
self.superuser = User.objects.create_superuser(
'superuser', '*****@*****.**', 'password'
)
self.inactive_superuser = User.objects.create_superuser(
'inactivesuperuser', '*****@*****.**', 'password', is_active=False
)
# a user with change_document permission through the 'Document changers' group
self.doc_changer = User.objects.create_user(
'docchanger', '*****@*****.**', 'password'
)
self.doc_changer.groups.add(doc_changers_group)
# a user that has change_document permission, but is inactive
self.inactive_doc_changer = User.objects.create_user(
'inactivedocchanger', '*****@*****.**', 'password', is_active=False
)
self.inactive_doc_changer.groups.add(doc_changers_group)
# a user with change_document permission on reports via the report_changers group
self.report_changer = User.objects.create_user(
'reportchanger', '*****@*****.**', 'password'
)
self.report_changer.groups.add(report_changers_group)
# a user with add_document permission on reports via the report_adders group
self.report_adder = User.objects.create_user(
'reportadder', '*****@*****.**', 'password'
)
self.report_adder.groups.add(report_adders_group)
# a user with no permissions
self.useless_user = User.objects.create_user(
'uselessuser', '*****@*****.**', 'password'
)
self.anonymous_user = AnonymousUser()
# Documents
# a document in the root owned by 'reportchanger'
self.changer_doc = Document.objects.create(
title="reportchanger's document", collection=self.root_collection,
uploaded_by_user=self.report_changer
)
# a document in reports owned by 'reportchanger'
self.changer_report = Document.objects.create(
title="reportchanger's report", collection=self.reports_collection,
uploaded_by_user=self.report_changer
)
# a document in reports owned by 'reportadder'
self.adder_report = Document.objects.create(
title="reportadder's report", collection=self.reports_collection,
uploaded_by_user=self.report_adder
)
# a document in reports owned by 'uselessuser'
self.useless_report = Document.objects.create(
title="uselessuser's report", collection=self.reports_collection,
uploaded_by_user=self.useless_user
)
# a document with no owner
self.anonymous_report = Document.objects.create(
title="anonymous report", collection=self.reports_collection
)
def setUp(self):
self.login()
self.root_collection = Collection.get_first_root_node()
self.collection = self.root_collection.add_child(name="Holiday snaps")