def restricted_forum(**kwargs): """Creates a restricted forum. :arg permission_code: Defaults to "forums_forum.view_in_forum" Any additional arguments are passed to the created forum. .. Note:: Always saves the forum it creates. :returns: the created restricted forum """ # Pop off the permission_code permission_code = kwargs.pop( 'permission_code', 'forums_forum.view_in_forum') # Remove save=True if it's there--we always save. kwargs.pop('save', True) new_forum = forum(save=True, **kwargs) # Make it restricted. ct = ContentType.objects.get_for_model(new_forum) permission(codename=permission_code, content_type=ct, object_id=new_forum.id, save=True) return new_forum
def test_move_thread(self): """Move a thread.""" t = forum_post(save=True).thread f = forum(save=True) u = user(save=True) g = group(save=True) # Give the user permission to move threads between the two forums. ct = ContentType.objects.get_for_model(f) permission(codename='forums_forum.thread_move_forum', content_type=ct, object_id=f.id, group=g, save=True) permission(codename='forums_forum.thread_move_forum', content_type=ct, object_id=t.forum.id, group=g, save=True) g.user_set.add(u) self.client.login(username=u.username, password='******') response = post(self.client, 'forums.move_thread', {'forum': f.id}, args=[t.forum.slug, t.id]) eq_(200, response.status_code) t = Thread.uncached.get(pk=t.pk) eq_(f.id, t.forum.id)
def test_edit_post_moderator(self): """Editing post as a moderator works.""" p = forum_post(save=True) t = p.thread f = t.forum # Create the moderator group, give it the edit permission # and add a moderator. moderator_group = group(save=True) ct = ContentType.objects.get_for_model(f) permission(codename='forums_forum.post_edit_forum', content_type=ct, object_id=f.id, group=moderator_group, save=True) moderator = user(save=True) moderator_group.user_set.add(moderator) self.client.login(username=moderator.username, password='******') r = post(self.client, 'forums.edit_post', {'content': 'More new content'}, args=[f.slug, t.id, p.id]) eq_(200, r.status_code) edited_p = Post.uncached.get(pk=p.pk) eq_('More new content', edited_p.content)
def test_delete_post_belongs_to_thread_and_forum(self): # Delete post action - post belongs to thread and thread # belongs to forum. f = forum(save=True) t = thread(forum=f, save=True) # Post belongs to a different forum and thread. p = forum_post(save=True) u = p.author # Give the user the permission to delete posts. g = group(save=True) ct = ContentType.objects.get_for_model(f) permission(codename='forums_forum.post_delete_forum', content_type=ct, object_id=p.thread.forum_id, group=g, save=True) permission(codename='forums_forum.post_delete_forum', content_type=ct, object_id=f.id, group=g, save=True) g.user_set.add(u) self.client.login(username=u.username, password='******') # Post isn't in the passed forum: r = get(self.client, 'forums.delete_post', args=[f.slug, p.thread.id, p.id]) eq_(404, r.status_code) # Post isn't in the passed thread: r = get(self.client, 'forums.delete_post', args=[p.thread.forum.slug, t.id, p.id]) eq_(404, r.status_code)
def restricted_forum(**kwargs): """Creates a restricted forum. :arg permission_code: Defaults to "forums_forum.view_in_forum" Any additional arguments are passed to the created forum. .. Note:: Always saves the forum it creates. :returns: the created restricted forum """ # Pop off the permission_code permission_code = kwargs.pop('permission_code', 'forums_forum.view_in_forum') # Remove save=True if it's there--we always save. kwargs.pop('save', True) new_forum = forum(save=True, **kwargs) # Make it restricted. ct = ContentType.objects.get_for_model(new_forum) permission(codename=permission_code, content_type=ct, object_id=new_forum.id, save=True) return new_forum
def test_forums_search_authorized_forums(self): """Only authorized people can search certain forums""" # Create two threads: one in a restricted forum and one not. forum1 = forum(name=u'ou812forum', save=True) thread1 = thread(forum=forum1, save=True) post(thread=thread1, content=u'audio', save=True) forum2 = restricted_forum(name=u'restrictedkeepout', save=True) thread2 = thread(forum=forum2, save=True) post(thread=thread2, content=u'audio restricted', save=True) self.refresh() # Do a search as an anonymous user but don't specify the # forums to filter on. Should only see one of the posts. response = self.client.get(reverse('search'), { 'author': '', 'created': '0', 'created_date': '', 'updated': '0', 'updated_date': '', 'sortby': '0', 'a': '1', 'w': '4', 'q': 'audio', 'format': 'json' }) eq_(200, response.status_code) content = json.loads(response.content) eq_(content['total'], 1) # Do a search as an authorized user but don't specify the # forums to filter on. Should see both posts. u = user(save=True) g = group(save=True) g.user_set.add(u) ct = ContentType.objects.get_for_model(forum2) permission(codename='forums_forum.view_in_forum', content_type=ct, object_id=forum2.id, group=g, save=True) self.client.login(username=u.username, password='******') response = self.client.get(reverse('search'), { 'author': '', 'created': '0', 'created_date': '', 'updated': '0', 'updated_date': '', 'sortby': '0', 'a': '1', 'w': '4', 'q': 'audio', 'format': 'json' }) # Sees both results eq_(200, response.status_code) content = json.loads(response.content) eq_(content['total'], 2)
def test_restricted_is_invisible(self): """Forums with restricted view_in permission shouldn't show up.""" restricted_forum = forum(save=True) # Make it restricted. ct = ContentType.objects.get_for_model(restricted_forum) permission(codename='forums_forum.view_in_forum', content_type=ct, object_id=restricted_forum.id, save=True) response = get(self.client, 'forums.forums') self.assertNotContains(response, restricted_forum.slug)
def _restricted_forum(permission_code='forums_forum.view_in_forum'): """Return a forum with specified restriction.""" restricted_forum = forum(save=True) # Make it restricted. ct = ContentType.objects.get_for_model(restricted_forum) permission(codename=permission_code, content_type=ct, object_id=restricted_forum.id, save=True) return restricted_forum
def test_restricted_hide_reply(self): """Reply fields don't show if user has no permission to post.""" t = forum_post(save=True).thread f = t.forum ct = ContentType.objects.get_for_model(f) # If the forum has the permission and the user isn't assigned said # permission, then they can't post. permission(codename='forums_forum.post_in_forum', content_type=ct, object_id=f.id, save=True) u = user(save=True) self.client.login(username=u.username, password='******') response = get(self.client, 'forums.posts', args=[f.slug, t.pk]) self.assertNotContains(response, 'thread-reply')
def test_restricted_hide_new_thread(self): """'Post new thread' doesn't show if user has no permission to post. """ f = forum(save=True) ct = ContentType.objects.get_for_model(f) # If the forum has the permission and the user isn't assigned said # permission, then they can't post. permission(codename='forums_forum.post_in_forum', content_type=ct, object_id=f.id, save=True) u = user(save=True) self.client.login(username=u.username, password='******') response = get(self.client, 'forums.threads', args=[f.slug]) self.assertNotContains(response, 'Post a new thread')
def test_access_restriction(self): """Assert Forums are inaccessible to the public when restricted.""" # If the a forum has 'forums_forum.view_in_forum' permission defined, # then it isn't public by default. If it has # 'forums_forum.post_in_forum', then it isn't postable to by default. f = forum(save=True) ct = ContentType.objects.get_for_model(f) permission(codename='forums_forum.view_in_forum', content_type=ct, object_id=f.id, save=True) permission(codename='forums_forum.post_in_forum', content_type=ct, object_id=f.id, save=True) unprivileged_user = user(save=True) assert not f.allows_viewing_by(unprivileged_user) assert not f.allows_posting_by(unprivileged_user)
def test_edit_thread_moderator(self): """Editing post as a moderator works.""" t = forum_post(save=True).thread f = t.forum u = user(save=True) g = group(save=True) ct = ContentType.objects.get_for_model(f) permission(codename='forums_forum.thread_edit_forum', content_type=ct, object_id=f.id, group=g, save=True) g.user_set.add(u) self.client.login(username=u.username, password='******') r = post(self.client, 'forums.edit_thread', {'title': 'new title'}, args=[f.slug, t.id]) eq_(200, r.status_code) edited_t = Thread.objects.get(id=t.id) eq_('new title', edited_t.title)
def test_delete_thread_belongs_to_forum(self): """Delete thread action - thread belongs to forum.""" f = forum(save=True) t = thread(save=True) # Thread belongs to a different forum u = user(save=True) # Give the user the permission to delete threads. g = group(save=True) ct = ContentType.objects.get_for_model(f) permission(codename='forums_forum.thread_delete_forum', content_type=ct, object_id=f.id, group=g, save=True) permission(codename='forums_forum.thread_delete_forum', content_type=ct, object_id=t.forum.id, group=g, save=True) g.user_set.add(u) self.client.login(username=u.username, password='******') r = get(self.client, 'forums.delete_thread', args=[f.slug, t.id]) eq_(404, r.status_code)
def test_discussion_forum_with_restricted_forums(self): """Tests who can see restricted forums in search form.""" # This is a long test, but it saves us from doing the setup # twice. forum1 = forum(name=u'ou812forum', save=True) thread1 = thread(forum=forum1, title=u'audio 2', save=True) post(thread=thread1, save=True) forum2 = restricted_forum(name=u'restrictedkeepout', save=True) thread2 = thread(forum=forum2, title=u'audio 2', save=True) post(thread=thread2, save=True) self.refresh() # Get the Advanced Search Form as an anonymous user response = self.client.get(reverse('search.advanced'), {'a': '2'}) eq_(200, response.status_code) # Regular forum should show up assert 'ou812forum' in response.content # Restricted forum should not show up assert 'restrictedkeepout' not in response.content u = user(save=True) g = group(save=True) g.user_set.add(u) ct = ContentType.objects.get_for_model(forum2) permission(codename='forums_forum.view_in_forum', content_type=ct, object_id=forum2.id, group=g, save=True) # Get the Advanced Search Form as a logged in user self.client.login(username=u.username, password='******') response = self.client.get(reverse('search.advanced'), {'a': '2'}) eq_(200, response.status_code) # Both forums should show up for authorized user assert 'ou812forum' in response.content assert 'restrictedkeepout' in response.content
def test_edit_thread_moderator(self): """Editing post as a moderator works.""" t = forum_post(save=True).thread f = t.forum u = user(save=True) g = group(save=True) ct = ContentType.objects.get_for_model(f) permission(codename='forums_forum.thread_edit_forum', content_type=ct, object_id=f.id, group=g, save=True) g.user_set.add(u) self.client.login(username=u.username, password='******') r = post(self.client, 'forums.edit_thread', {'title': 'new title'}, args=[f.slug, t.id]) eq_(200, r.status_code) edited_t = Thread.uncached.get(id=t.id) eq_('new title', edited_t.title)
def test_move_thread(self): """Move a thread.""" t = forum_post(save=True).thread f = forum(save=True) u = user(save=True) g = group(save=True) # Give the user permission to move threads between the two forums. ct = ContentType.objects.get_for_model(f) permission(codename='forums_forum.thread_move_forum', content_type=ct, object_id=f.id, group=g, save=True) permission(codename='forums_forum.thread_move_forum', content_type=ct, object_id=t.forum.id, group=g, save=True) g.user_set.add(u) self.client.login(username=u.username, password='******') response = post(self.client, 'forums.move_thread', {'forum': f.id}, args=[t.forum.slug, t.id]) eq_(200, response.status_code) t = Thread.objects.get(pk=t.pk) eq_(f.id, t.forum.id)
def setUp(self): url = reverse('forums.threads', args=[u'test-forum']) self.context = {'request': RequestFactory().get(url)} self.group = group(save=True) # Set up forum_1 f = self.forum_1 = forum(save=True) ct = ContentType.objects.get_for_model(self.forum_1) permission(codename='forums_forum.thread_edit_forum', content_type=ct, object_id=f.id, group=self.group, save=True) permission(codename='forums_forum.post_edit_forum', content_type=ct, object_id=f.id, group=self.group, save=True) permission(codename='forums_forum.post_delete_forum', content_type=ct, object_id=f.id, group=self.group, save=True) permission(codename='forums_forum.thread_delete_forum', content_type=ct, object_id=f.id, group=self.group, save=True) permission(codename='forums_forum.thread_sticky_forum', content_type=ct, object_id=f.id, group=self.group, save=True) permission(codename='forums_forum.thread_move_forum', content_type=ct, object_id=f.id, group=self.group, save=True) # Set up forum_2 f = self.forum_2 = forum(save=True) permission(codename='forums_forum.thread_move_forum', content_type=ct, object_id=f.id, group=self.group, save=True)
def setUp(self): url = reverse('forums.threads', args=[u'test-forum']) self.context = {'request': test_utils.RequestFactory().get(url)} self.group = group(save=True) # Set up forum_1 f = self.forum_1 = forum(save=True) ct = ContentType.objects.get_for_model(self.forum_1) permission(codename='forums_forum.thread_edit_forum', content_type=ct, object_id=f.id, group=self.group, save=True) permission(codename='forums_forum.post_edit_forum', content_type=ct, object_id=f.id, group=self.group, save=True) permission(codename='forums_forum.post_delete_forum', content_type=ct, object_id=f.id, group=self.group, save=True) permission(codename='forums_forum.thread_delete_forum', content_type=ct, object_id=f.id, group=self.group, save=True) permission(codename='forums_forum.thread_sticky_forum', content_type=ct, object_id=f.id, group=self.group, save=True) permission(codename='forums_forum.thread_move_forum', content_type=ct, object_id=f.id, group=self.group, save=True) # Set up forum_2 f = self.forum_2 = forum(save=True) permission(codename='forums_forum.thread_move_forum', content_type=ct, object_id=f.id, group=self.group, save=True)