def test_process_request_no_permission(self):
"""A user without permission should not be able to impersonate."""
self.assertFalse(self.user.has_perm('accounts.can_impersonate'))
middleware = ImpersonationMiddleware()
request = self.request_factory.get('/')
request.session = {'impersonate_id': self.admin.pk}
request.user = self.user
middleware.process_request(request)
self.assertEqual(request.user, self.user)
def test_process_request_no_permission(self):
"""A user without permission should not be able to impersonate."""
self.assertFalse(self.user.has_perm('accounts.can_impersonate'))
middleware = ImpersonationMiddleware()
request = self.request_factory.get('/')
request.session = {'impersonate_id': self.admin.pk}
request.user = self.user
middleware.process_request(request)
self.assertEqual(request.user, self.user)
def test_process_request_user_does_not_exist(self):
"""If impersonate_id doesn't correspond to a valid user, do nothing."""
self.admin.is_superuser = True
self.admin.save()
self.assertTrue(self.admin.can_impersonate())
# Call the middleware
middleware = ImpersonationMiddleware()
request = self.request_factory.get('/')
request.session = {'impersonate_id': -1}
request.user = self.admin
middleware.process_request(request)
self.assertEqual(request.user, self.admin)
def test_process_request_no_impersonate_id(self):
"""If impersonate_id isn't specified, user should stay the same."""
# This user _could_ impersonate another user
self.admin.is_superuser = True
self.admin.save()
self.assertTrue(self.admin.can_impersonate())
middleware = ImpersonationMiddleware()
request = self.request_factory.get('/')
request.session = {}
request.user = self.admin
middleware.process_request(request)
self.assertEqual(request.user, self.admin)
def test_process_request_superuser(self):
"""Superusers should be able to impersonate."""
self.admin.is_superuser = True
self.admin.save()
self.assertTrue(self.admin.can_impersonate())
# Call the middleware
middleware = ImpersonationMiddleware()
request = self.request_factory.get('/')
request.session = {'impersonate_id': self.user.pk}
request.user = self.admin
middleware.process_request(request)
self.assertEqual(request.user, self.user)
def test_process_request_user_does_not_exist(self):
"""If impersonate_id doesn't correspond to a valid user, do nothing."""
self.admin.is_superuser = True
self.admin.save()
self.assertTrue(self.admin.can_impersonate())
# Call the middleware
middleware = ImpersonationMiddleware()
request = self.request_factory.get('/')
request.session = {'impersonate_id': -1}
request.user = self.admin
middleware.process_request(request)
self.assertEqual(request.user, self.admin)
def test_process_request_no_impersonate_id(self):
"""If impersonate_id isn't specified, user should stay the same."""
# This user _could_ impersonate another user
self.admin.is_superuser = True
self.admin.save()
self.assertTrue(self.admin.can_impersonate())
middleware = ImpersonationMiddleware()
request = self.request_factory.get('/')
request.session = {}
request.user = self.admin
middleware.process_request(request)
self.assertEqual(request.user, self.admin)
def test_process_request_superuser(self):
"""Superusers should be able to impersonate."""
self.admin.is_superuser = True
self.admin.save()
self.assertTrue(self.admin.can_impersonate())
# Call the middleware
middleware = ImpersonationMiddleware()
request = self.request_factory.get('/')
request.session = {'impersonate_id': self.user.pk}
request.user = self.admin
middleware.process_request(request)
self.assertEqual(request.user, self.user)
def test_process_request_admin_has_permission(self):
"""A user with permission should be able to impersonate another user."""
# Make sure user has can_impersonate permission
permission = Permission.objects.get_by_natural_key(
'can_impersonate', 'accounts', 'user')
self.admin.user_permissions.add(permission)
self.admin.save()
self.assertTrue(self.admin.has_perm('accounts.can_impersonate'))
# Call the middleware
middleware = ImpersonationMiddleware()
request = self.request_factory.get('/')
request.session = {'impersonate_id': self.user.pk}
request.user = self.admin
middleware.process_request(request)
self.assertEqual(request.user, self.user)
def test_process_request_admin_has_permission(self):
"""A user with permission should be able to impersonate another user."""
# Make sure user has can_impersonate permission
permission = Permission.objects.get_by_natural_key(
'can_impersonate', 'accounts', 'user')
self.admin.user_permissions.add(permission)
self.admin.save()
self.assertTrue(self.admin.has_perm('accounts.can_impersonate'))
# Call the middleware
middleware = ImpersonationMiddleware()
request = self.request_factory.get('/')
request.session = {'impersonate_id': self.user.pk}
request.user = self.admin
middleware.process_request(request)
self.assertEqual(request.user, self.user)
