def test_permission_delete_restricted(self):
self.client.login(username=self.user_non_granted.username,
password="******")
journal = JournalFactory()
journal.save()
self.client.login(username=self.user_granted.username,
password="******")
ct = ContentType.objects.get(app_label="erudit", model="journal")
authorization = Authorization.objects.create(
content_type=ct,
user=self.user_granted,
object_id=journal.id,
authorization_codename=AC.can_manage_authorizations.codename)
url = reverse('userspace:journal:authorization:delete',
args=(journal.pk, authorization.pk, ))
response = self.client.get(url)
self.assertEqual(response.status_code, 403)
journal.members.add(self.user_granted)
journal.save()
response = self.client.get(url, follow=True)
self.assertEqual(response.status_code, 200)
def test_journal_contact_invalid(self):
user = UserFactory()
user2 = UserFactory()
data = {'user': user}
journal_in1 = JournalFactory()
journal_in1.members.add(user)
journal_in1.save()
self.authorize_user_on_journal(user, journal_in1)
journal_in2 = JournalFactory()
journal_in2.members.add(user)
journal_in2.members.add(user2)
journal_in2.save()
self.authorize_user_on_journal(user, journal_in2)
form = IssueSubmissionForm(**data)
choices = [c[0] for c in form.fields['contact'].choices]
self.assertTrue(user.id in choices)
self.assertTrue(user2.id in choices)
data.update({'data': {
'journal': journal_in1.id,
'contact': user2.id,
'year': '2016',
'number': '123', }
})
form = IssueSubmissionForm(**data)
self.assertFalse(form.is_valid())
def test_user_cant_manage(self):
user = UserFactory()
journal = JournalFactory()
is_granted = user.has_perm('authorization.manage_authorizations', journal)
self.assertEqual(is_granted, False)
journal.members.add(user)
journal.save()
is_granted = user.has_perm('authorization.manage_authorizations', journal)
self.assertEqual(is_granted, False)
def test_user_can_manage(self):
user = UserFactory()
journal = JournalFactory()
journal.members.add(user)
journal.save()
ct = ContentType.objects.get(app_label="erudit", model="journal")
Rule.objects.create(content_type=ct,
user=user,
object_id=journal.id,
permission="userspace.manage_permissions")
is_granted = user.has_perm('userspace.manage_permissions', journal)
self.assertEqual(is_granted, True)
def test_journal_filter(self):
user = UserFactory()
data = {'user': user}
journal_in = JournalFactory()
journal_in.members.add(user)
journal_in.save()
journal_not_in = JournalFactory()
form = AuthorizationForm(**data)
choices = [c[0] for c in form.fields['journal'].choices]
self.assertTrue(journal_in.id in choices)
self.assertFalse(journal_not_in.id in choices)
def test_user_can_manage(self):
user = UserFactory()
journal = JournalFactory()
journal.members.add(user)
journal.save()
ct = ContentType.objects.get(app_label="erudit", model="journal")
Authorization.objects.create(
content_type=ct,
user=user,
object_id=journal.id,
authorization_codename=AC.can_manage_authorizations.codename)
is_granted = user.has_perm('authorization.manage_authorizations', journal)
self.assertEqual(is_granted, True)
def test_permission_create_restricted(self):
self.client.login(username=self.user_non_granted.username,
password="******")
url = reverse('userspace:permissions:perm_create')
response = self.client.get(url)
self.assertEqual(response.status_code, 302)
journal = JournalFactory()
journal.members.add(self.user_granted)
journal.save()
response = self.client.get(url)
self.assertEqual(response.status_code, 302)
def test_permission_create_restricted(self):
journal = JournalFactory()
journal.members.add(self.user_granted)
journal.save()
self.client.login(username=self.user_non_granted.username,
password="******")
url = reverse('userspace:journal:authorization:create', args=(journal.pk, ))
response = self.client.get(url)
self.assertEqual(response.status_code, 403)
response = self.client.get(url)
self.assertEqual(response.status_code, 403)
def test_user_can_manage(self):
journal = JournalFactory()
user = UserFactory()
journal.members.add(user)
journal.save()
ct = ContentType.objects.get(app_label="erudit", model="journal")
Rule.objects.create(content_type=ct,
user=user,
object_id=journal.id,
permission="editor.manage_issuesubmission")
issue = IssueSubmissionFactory(journal=journal)
is_granted = user.has_perm('editor.manage_issuesubmission',
issue.journal)
self.assertEqual(is_granted, True)
def test_permission_create_granted(self):
journal = JournalFactory()
journal.members.add(self.user_granted)
journal.save()
ct = ContentType.objects.get(app_label="erudit", model="journal")
Rule.objects.create(content_type=ct,
user=self.user_granted,
object_id=journal.id,
permission='userspace.manage_permissions')
self.client.login(username=self.user_granted.username,
password="******")
url = reverse('userspace:permissions:perm_create')
response = self.client.get(url)
self.assertEqual(response.status_code, 200)
def test_contact_filter(self):
user = UserFactory()
user2 = UserFactory()
data = {'user': user}
journal_in = JournalFactory()
journal_in.members.add(user)
journal_in.save()
journal_not_in = JournalFactory()
journal_not_in.members.add(user2)
journal_not_in.save()
form = IssueSubmissionForm(**data)
choices = [c[0] for c in form.fields['contact'].choices]
self.assertTrue(user.id in choices)
self.assertFalse(user2.id in choices)
def test_menu_permission_presence(self):
journal = JournalFactory()
user = UserFactory(username="******")
user.set_password("user")
user.save()
journal.members.add(user)
journal.save()
ct = ContentType.objects.get(app_label="erudit", model="journal")
Rule.objects.create(content_type=ct,
user=user,
object_id=journal.id,
permission="userspace.manage_permissions")
url = reverse('userspace:permissions:perm_list')
self.client.login(username="******", password="******")
response = self.client.get(reverse('userspace:dashboard'))
self.assertContains(response, url)
def test_user_filter(self):
user = UserFactory()
data = {'user': user}
user_in = UserFactory()
user_not_in = UserFactory()
journal_in = JournalFactory()
journal_in.members.add(user)
journal_in.members.add(user_in)
journal_in.save()
journal_not_in = JournalFactory()
journal_not_in.members.add(user_not_in)
form = RuleForm(**data)
choices = [c[0] for c in form.fields['user'].choices]
self.assertTrue(user.id in choices)
self.assertTrue(user_in.id in choices)
self.assertFalse(user_not_in.id in choices)
def test_issuesubmission_update_granted(self):
journal = JournalFactory()
journal.members.add(self.user_granted)
journal.save()
issue = IssueSubmissionFactory(journal=journal)
self.client.login(username=self.user_granted.username,
password="******")
url = reverse('userspace:editor:update', args=(issue.pk, ))
response = self.client.get(url)
self.assertEqual(response.status_code, 404)
ct = ContentType.objects.get(app_label="erudit", model="journal")
Rule.objects.create(content_type=ct,
user=self.user_granted,
object_id=journal.id,
permission="editor.manage_issuesubmission")
response = self.client.get(url)
self.assertEqual(response.status_code, 200)
