예제 #1
0
    def test_organisation_user_delete_view_doesnt_let_user_delete_others(self):
        org_user_delete_view = CustomOrganizationUserDelete()
        org_user = OrganizationUserFactory()
        org = org_user.organization
        user_1 = org_user.user

        user_2 = UserFactory()
        assign_perm(GUARDIAN_PERMISSION, user_1, org)
        request = RequestFactory().post("/", {'submit': "Delete"})
        request.user = user_1
        org_user_delete_view.get_object = lambda: org_user

        response = org_user_delete_view.dispatch(
            request, organization_pk=unicode(org.pk), user_pk=unicode(user_2.pk))
        self.assertIsInstance(response, HttpResponseForbidden)
예제 #2
0
    def test_organisation_user_delete_view_doesnt_let_user_delete_others(self):
        org_user_delete_view = CustomOrganizationUserDelete()
        org_user = OrganizationUserFactory()
        org = org_user.organization
        user_1 = org_user.user

        user_2 = UserFactory()
        assign_perm(GUARDIAN_PERMISSION, user_1, org)
        request = RequestFactory().post("/", {'submit': "Delete"})
        request.user = user_1
        org_user_delete_view.get_object = lambda: org_user

        response = org_user_delete_view.dispatch(
            request, organization_pk=unicode(org.pk), user_pk=unicode(user_2.pk))
        self.assertIsInstance(response, HttpResponseForbidden)
예제 #3
0
    def test_organisation_user_delete_view_is_accessible_to_admin(self):
        org_user_delete_view = CustomOrganizationUserDelete()
        org_user = OrganizationUserFactory(is_admin=True)
        org = org_user.organization
        user_1 = org_user.user

        user_2 = UserFactory()
        assign_perm(GUARDIAN_PERMISSION, user_1, org)
        request = RequestFactory().post("/", {'submit': "Delete"})
        request.user = user_1

        org_user_delete_view.get_object = lambda: org_user

        response = org_user_delete_view.dispatch(
            request, organization_pk=org.pk, user_pk=user_2.pk)

        self.assertEqual(
            reverse('organization_user_list', args=[org.pk]), response['Location'])
예제 #4
0
    def test_organisation_user_delete_view_is_accessible_to_admin(self):
        org_user_delete_view = CustomOrganizationUserDelete()
        org_user = OrganizationUserFactory(is_admin=True)
        org = org_user.organization
        user_1 = org_user.user

        user_2 = UserFactory()
        assign_perm(GUARDIAN_PERMISSION, user_1, org)
        request = RequestFactory().post("/", {'submit': "Delete"})
        request.user = user_1

        org_user_delete_view.get_object = lambda: org_user

        response = org_user_delete_view.dispatch(
            request, organization_pk=org.pk, user_pk=user_2.pk)

        self.assertEqual(
            reverse('organization_user_list', args=[org.pk]), response['Location'])