def update(self, instance, validated_data): metadata = JsonField.to_json(validated_data.get('metadata')) if metadata is None: metadata = dict() owner = validated_data.get('organization') if self.partial and metadata: if not isinstance(instance.metadata, dict): instance.metadata = {} instance.metadata.update(metadata) validated_data['metadata'] = instance.metadata if self.partial and owner: # give the new owner permissions set_owners_permission(owner, instance) if is_organization(owner.profile): owners_team = get_or_create_organization_owners_team( owner.profile) members_team = get_organization_members_team(owner.profile) OwnerRole.add(owners_team, instance) ReadOnlyRole.add(members_team, instance) # clear cache safe_delete('{}{}'.format(PROJ_PERM_CACHE, instance.pk)) project = super(ProjectSerializer, self)\ .update(instance, validated_data) project.xform_set.exclude(shared=project.shared)\ .update(shared=project.shared, shared_data=project.shared) return instance
def update(self, instance, validated_data): metadata = JsonField.to_json(validated_data.get('metadata')) if metadata is None: metadata = dict() owner = validated_data.get('organization') if self.partial and metadata: if not isinstance(instance.metadata, dict): instance.metadata = {} instance.metadata.update(metadata) validated_data['metadata'] = instance.metadata if self.partial and owner: # give the new owner permissions set_owners_permission(owner, instance) if is_organization(owner.profile): owners_team = get_organization_owners_team(owner.profile) members_team = get_organization_members_team(owner.profile) OwnerRole.add(owners_team, instance) ReadOnlyRole.add(members_team, instance) # clear cache safe_delete('{}{}'.format(PROJ_PERM_CACHE, instance.pk)) project = super(ProjectSerializer, self)\ .update(instance, validated_data) project.xform_set.exclude(shared=project.shared)\ .update(shared=project.shared, shared_data=project.shared) return instance
def test_non_owners_should_be_able_to_change_member_permissions(self): self._org_create() self._publish_xls_form_to_project() chuck_data = {'username': '******', 'email': '*****@*****.**'} chuck_profile = self._create_user_profile(chuck_data) view = OrganizationProfileViewSet.as_view({'post': 'members'}) data = { 'username': chuck_profile.user.username, 'role': OwnerRole.name } request = self.factory.post('/', data=json.dumps(data), content_type="application/json", **self.extra) response = view(request, user=self.organization.user.username) self.assertEqual(response.status_code, 201) owners_team = get_organization_owners_team(self.organization) self.assertIn(chuck_profile.user, owners_team.user_set.all()) alice_data = {'username': '******', 'email': '*****@*****.**'} alice_profile = self._create_user_profile(alice_data) data = {'username': alice_profile.user.username} request = self.factory.post('/', data=json.dumps(data), content_type="application/json", **self.extra) response = view(request, user=self.organization.user.username) self.assertEqual(response.status_code, 201) member_team = get_organization_members_team(self.organization) self.assertIn(alice_profile.user, member_team.user_set.all()) view = TeamViewSet.as_view({'post': 'share'}) post_data = { 'role': EditorRole.name, 'project': self.project.pk, 'org': self.organization.user.username } request = self.factory.post('/', data=post_data, **self.extra) response = view(request, pk=member_team.pk) self.assertEqual(response.status_code, 204) post_data = { 'role': ReadOnlyRole.name, 'project': self.project.pk, 'org': self.organization.user.username } extra = { 'HTTP_AUTHORIZATION': 'Token %s' % chuck_profile.user.auth_token } request = self.factory.post('/', data=post_data, **extra) response = view(request, pk=member_team.pk) self.assertEqual(response.status_code, 204)
def test_non_owners_should_be_able_to_change_member_permissions(self): self._org_create() self._publish_xls_form_to_project() chuck_data = {'username': '******', 'email': '*****@*****.**'} chuck_profile = self._create_user_profile(chuck_data) view = OrganizationProfileViewSet.as_view({ 'post': 'members' }) data = {'username': chuck_profile.user.username, 'role': OwnerRole.name} request = self.factory.post( '/', data=json.dumps(data), content_type="application/json", **self.extra) response = view(request, user=self.organization.user.username) self.assertEqual(response.status_code, 201) owners_team = get_organization_owners_team(self.organization) self.assertIn(chuck_profile.user, owners_team.user_set.all()) alice_data = {'username': '******', 'email': '*****@*****.**'} alice_profile = self._create_user_profile(alice_data) data = {'username': alice_profile.user.username} request = self.factory.post( '/', data=json.dumps(data), content_type="application/json", **self.extra) response = view(request, user=self.organization.user.username) self.assertEqual(response.status_code, 201) member_team = get_organization_members_team(self.organization) self.assertIn(alice_profile.user, member_team.user_set.all()) view = TeamViewSet.as_view({ 'post': 'share' }) post_data = {'role': EditorRole.name, 'project': self.project.pk, 'org': self.organization.user.username} request = self.factory.post( '/', data=post_data, **self.extra) response = view(request, pk=member_team.pk) self.assertEqual(response.status_code, 204) post_data = {'role': ReadOnlyRole.name, 'project': self.project.pk, 'org': self.organization.user.username} extra = { 'HTTP_AUTHORIZATION': 'Token %s' % chuck_profile.user.auth_token} request = self.factory.post( '/', data=post_data, **extra) response = view(request, pk=member_team.pk) self.assertEqual(response.status_code, 204)