def test_ViewerCanAlterComment(self): post = models.DiscussionPost.objects.create(author=self.viewer1, workgroup=self.wg1, title="test", body="test") comment = models.DiscussionComment.objects.create(author=self.viewer2, post=post, body="test") self.assertFalse(perms.user_can_alter_comment(self.viewer1, comment)) self.assertTrue(perms.user_can_alter_comment(self.manager, comment)) self.assertTrue(perms.user_can_alter_comment(self.viewer2, comment))
def delete_comment(request,cid): comment = get_object_or_404(MDR.DiscussionComment,pk=cid) post = comment.post if not perms.user_can_alter_comment(request.user,comment): raise PermissionDenied comment.delete() return HttpResponseRedirect(reverse("aristotle:discussionsPost",args=[post.pk]))
def delete_comment(request, cid): comment = get_object_or_404(MDR.DiscussionComment, pk=cid) post = comment.post if not perms.user_can_alter_comment(request.user, comment): raise PermissionDenied comment.delete() return HttpResponseRedirect(reverse("aristotle:discussionsPost", args=[post.pk]))
def edit_comment(request,cid): comment = get_object_or_404(MDR.DiscussionComment,pk=cid) post = comment.post if not perms.user_can_alter_comment(request.user,comment): raise PermissionDenied if request.method == 'POST': form = MDRForms.discussions.CommentForm(request.POST) if form.is_valid(): comment.body = form.cleaned_data['body'] comment.save() return HttpResponseRedirect(reverse("aristotle:discussionsPost",args=[comment.post.pk])+"#comment_%s"%comment.id) else: form = MDRForms.discussions.CommentForm(instance=comment) return render(request,"aristotle_mdr/discussions/edit_comment.html",{ 'post':post, 'comment_form':form})
def edit_comment(request, cid): comment = get_object_or_404(MDR.DiscussionComment, pk=cid) post = comment.post if not perms.user_can_alter_comment(request.user, comment): raise PermissionDenied if request.method == 'POST': form = MDRForms.discussions.CommentForm(request.POST) if form.is_valid(): comment.body = form.cleaned_data['body'] comment.save() return HttpResponseRedirect(reverse("aristotle:discussionsPost", args=[comment.post.pk]) + "#comment_%s" % comment.id) else: form = MDRForms.discussions.CommentForm(instance=comment) return render(request, "aristotle_mdr/discussions/edit_comment.html", { 'post': post, 'comment_form': form})
def test_ViewerCanAlterComment(self): post = models.DiscussionPost(author=self.viewer1,workgroup=self.wg1,title="test",body="test") comment = models.DiscussionComment(author=self.viewer2,post=post,body="test") self.assertFalse(perms.user_can_alter_comment(self.viewer1,comment)) self.assertTrue(perms.user_can_alter_comment(self.manager,comment)) self.assertTrue(perms.user_can_alter_comment(self.viewer2,comment))
def test_user_can_alter_comment(self): self.assertTrue(perms.user_can_alter_comment(self.su,None))
def can_alter_comment(user,comment): try: return perms.user_can_alter_comment(user,comment) except: return False
def can_alter_comment(user,comment): try: return perms.user_can_alter_comment(user,comment) except: #pragma: no cover return False
def can_alter_comment(user, comment): try: return perms.user_can_alter_comment(user, comment) except: return False