def test_can_edit_project(self):
team, user, outsider = self.team, self.user, self.outsider
default_project, test_project = self.default_project, self.test_project
# The default project cannot be edited at all.
for r in [ROLE_CONTRIBUTOR, ROLE_MANAGER, ROLE_ADMIN, ROLE_OWNER]:
with self.role(r):
self.assertFalse(can_edit_project(team, user, default_project))
self.assertFalse(can_edit_project(team, outsider, default_project))
# Projects can only be edited by admins+.
for r in [ROLE_ADMIN, ROLE_OWNER]:
with self.role(r):
self.assertTrue(can_edit_project(team, user, test_project))
for r in [ROLE_CONTRIBUTOR, ROLE_MANAGER]:
with self.role(r):
self.assertFalse(can_edit_project(team, user, test_project))
self.assertFalse(can_edit_project(team, outsider, test_project))
def perform_update(self, serializer):
if not team_permissions.can_edit_project(self.team, self.request.user,
serializer.instance):
raise PermissionDenied()
serializer.save()