def test_check_admin_add_admin(self, client):
self.assertTrue(pli.has_admin())
# 200 => we added the role.
res = post_add_role(client, ADMIN_ROLE, user2["_id"])
self.assertEqual(200, res.status_code)
self.assertEqual(ADMIN_ROLE, PliUser.get(user2["_id"]).role)
def test_check_admin_add(self, client):
self.assertTrue(ADMIN_PERM.can())
# 200 => we added the role.
res = post_add_role(client, PEERLEADER_ROLE, user2["_id"])
self.assertEqual(200, res.status_code)
self.assertEqual(PEERLEADER_ROLE, PliUser.get(user2["_id"]).role)
def test_check_admin_add_self(self, client):
self.assertTrue(pli.has_admin)
# 200 => we added the role.
res = post_add_role(client, PEERLEADER_ROLE, user1["_id"])
self.assertEqual(200, res.status_code)
# Check that the role caching isn't broken.
self.assertTrue(pli.has_editor())
self.assertEqual(PEERLEADER_ROLE, PliUser.get(user1["_id"]).role)
def edit_role():
info = RoleInfoForm(request.form)
if not info.validate():
return "", 400
else:
target = PliUser.get(info.user.data)
if target is None:
# User doesn't exist...
return "", 400
return target.edit_role(info.role.data)
def get_u(uid):
return PliUser(uid, False)
def test_check_non_admin_add(self, client):
self.assertFalse(pli.has_admin())
# 403 => We couldn't add the role.
res = post_add_role(client, EDITOR_ROLE, user3["_id"])
self.assertEqual(403, res.status_code)
self.assertEqual(USER_ROLE, PliUser.get(user3["_id"]).role)
def test_check_admin_add2(self, client):
self.assertTrue(pli.has_admin())
# This isn't a role
res = post_add_role(client, "not-a-role", user3["_id"])
self.assertEqual(400, res.status_code)
self.assertEqual(USER_ROLE, PliUser.get(user3["_id"]).role)
def test_check_not_logged_in(self, client):
res = post_add_role(client, "not-a-role", user3["_id"])
self.assertEqual(400, res.status_code)
self.assertEqual(USER_ROLE, PliUser.get(user3["_id"]).role)