def dispatch(self, request, *args, **kwargs): self.link = get_object_or_404(link_models.Link, pk=self.kwargs['iid']) self.relation = self.link.relation if request.user.is_anonymous(): return redirect( reverse('friendly_login') + '?next=%s' % request.path) if not perms.user_can_change_link(request.user, self.link): raise PermissionDenied return super().dispatch(request, *args, **kwargs)
def dispatch(self, request, *args, **kwargs): self.link = get_object_or_404( link_models.Link, pk=self.kwargs['linkid'] ) self.relation = self.link.relation if request.user.is_anonymous(): return redirect(reverse('friendly_login') + '?next=%s' % request.path) if not perms.user_can_change_link(request.user, self.link): raise PermissionDenied return super().dispatch(request, *args, **kwargs)
def test_editor_user_can_view_edit_links(self): self.login_editor() response = self.client.get(self.item1.get_absolute_url()) self.assertEqual(response.status_code, 200) self.assertContains(response, self.relation.name) self.assertContains(response, "Edit link") self.assertContains(response, reverse('aristotle_mdr_links:edit_link', args=[self.link1.pk])) self.ra.register( item=self.item2, state=self.ra.public_state, user=self.su ) response = self.client.get(self.item2.get_absolute_url()) self.assertEqual(response.status_code, 200) self.assertContains(response, self.relation.name) self.assertFalse(perms.user_can_change_link(self.editor,self.link2)) self.assertNotContains(response, reverse('aristotle_mdr_links:edit_link', args=[self.link2.pk]))
def test_editor_user_can_view_edit_links(self): self.login_editor() response = self.client.get(self.item1.get_absolute_url()) self.assertEqual(response.status_code, 200) self.assertContains(response, self.relation.name) self.assertContains(response, "Edit link") self.assertContains( response, reverse('aristotle_mdr_links:edit_link', args=[self.link1.pk])) self.ra.register(item=self.item2, state=self.ra.public_state, user=self.su) response = self.client.get(self.item2.get_absolute_url()) self.assertEqual(response.status_code, 200) self.assertContains(response, self.relation.name) self.assertFalse(perms.user_can_change_link(self.editor, self.link2)) self.assertNotContains( response, reverse('aristotle_mdr_links:edit_link', args=[self.link2.pk]))
def can_edit_link(user, link): return perms.user_can_change_link(user, link)
def test_registrar_can_edit_no_links(self): user = self.registrar self.assertFalse(perms.user_can_change_link(user, self.link1)) self.assertFalse(perms.user_can_change_link(user, self.link2))
def test_viewer_can_edit_no_links(self): user = self.viewer self.assertFalse(perms.user_can_change_link(user, self.link1)) self.assertFalse(perms.user_can_change_link(user, self.link2))
def test_editor_can_edit_some_links(self): user = self.editor self.assertTrue(perms.user_can_change_link(user, self.link1)) self.assertFalse(perms.user_can_change_link(user, self.link2))
def test_superuser_can_edit_links(self): user = self.su self.assertTrue(perms.user_can_change_link(user, self.link1)) self.assertTrue(perms.user_can_change_link(user, self.link2))
def test_registrar_can_edit_no_links(self): user = self.registrar self.assertFalse(perms.user_can_change_link(user,self.link1)) self.assertFalse(perms.user_can_change_link(user,self.link2))
def test_viewer_can_edit_no_links(self): user = self.viewer self.assertFalse(perms.user_can_change_link(user,self.link1)) self.assertFalse(perms.user_can_change_link(user,self.link2))
def test_editor_can_edit_some_links(self): user = self.editor self.assertTrue(perms.user_can_change_link(user,self.link1)) self.assertFalse(perms.user_can_change_link(user,self.link2))
def test_superuser_can_edit_links(self): user = self.su self.assertTrue(perms.user_can_change_link(user,self.link1)) self.assertTrue(perms.user_can_change_link(user,self.link2))
def can_edit_link(user, link): return perms.user_can_change_link(user, link)