Пример #1
0
    def test_delete_post_belongs_to_thread_and_forum(self):
        # Delete post action - post belongs to thread and thread
        # belongs to forum.
        f = ForumFactory()
        t = ThreadFactory(forum=f)
        # Post belongs to a different forum and thread.
        p = PostFactory()
        u = p.author

        # Give the user the permission to delete posts.
        g = GroupFactory()
        ct = ContentType.objects.get_for_model(f)
        PermissionFactory(codename='forums_forum.post_delete_forum',
                          content_type=ct, object_id=p.thread.forum_id, group=g)
        PermissionFactory(codename='forums_forum.post_delete_forum',
                          content_type=ct, object_id=f.id, group=g)
        g.user_set.add(u)

        self.client.login(username=u.username, password='******')

        # Post isn't in the passed forum:
        r = get(self.client, 'forums.delete_post',
                args=[f.slug, p.thread.id, p.id])
        eq_(404, r.status_code)

        # Post isn't in the passed thread:
        r = get(self.client, 'forums.delete_post',
                args=[p.thread.forum.slug, t.id, p.id])
        eq_(404, r.status_code)
Пример #2
0
    def setUp(self):
        url = reverse('forums.threads', args=[u'test-forum'])
        self.context = {'request': RequestFactory().get(url)}

        self.group = GroupFactory()

        # Set up forum_1
        f = self.forum_1 = ForumFactory()
        ct = ContentType.objects.get_for_model(self.forum_1)
        permission_names = [
            'forums_forum.thread_edit_forum',
            'forums_forum.post_edit_forum',
            'forums_forum.post_delete_forum',
            'forums_forum.thread_delete_forum',
            'forums_forum.thread_sticky_forum',
            'forums_forum.thread_move_forum',
        ]
        for name in permission_names:
            PermissionFactory(codename=name,
                              content_type=ct,
                              object_id=f.id,
                              group=self.group)

        # Set up forum_2
        f = self.forum_2 = ForumFactory()
        PermissionFactory(codename='forums_forum.thread_move_forum',
                          content_type=ct,
                          object_id=f.id,
                          group=self.group)
Пример #3
0
    def test_move_thread(self):
        """Move a thread."""
        t = ThreadFactory()
        f = ForumFactory()
        u = UserFactory()
        g = GroupFactory()

        # Give the user permission to move threads between the two forums.
        ct = ContentType.objects.get_for_model(f)
        PermissionFactory(codename="forums_forum.thread_move_forum",
                          content_type=ct,
                          object_id=f.id,
                          group=g)
        PermissionFactory(
            codename="forums_forum.thread_move_forum",
            content_type=ct,
            object_id=t.forum.id,
            group=g,
        )
        g.user_set.add(u)

        self.client.login(username=u.username, password="******")
        response = post(self.client,
                        "forums.move_thread", {"forum": f.id},
                        args=[t.forum.slug, t.id])
        eq_(200, response.status_code)
        t = Thread.objects.get(pk=t.pk)
        eq_(f.id, t.forum.id)
Пример #4
0
    def test_access_restriction(self):
        """Assert Forums are inaccessible to the public when restricted."""
        # If the a forum has 'forums_forum.view_in_forum' permission defined,
        # then it isn't public by default. If it has
        # 'forums_forum.post_in_forum', then it isn't postable to by default.
        f = ForumFactory()
        ct = ContentType.objects.get_for_model(f)
        PermissionFactory(codename='forums_forum.view_in_forum', content_type=ct, object_id=f.id)
        PermissionFactory(codename='forums_forum.post_in_forum', content_type=ct, object_id=f.id)

        unprivileged_user = UserFactory()
        assert not f.allows_viewing_by(unprivileged_user)
        assert not f.allows_posting_by(unprivileged_user)
Пример #5
0
    def test_edit_post_moderator(self):
        """Editing post as a moderator works."""
        p = PostFactory()
        t = p.thread
        f = t.forum

        # Create the moderator group, give it the edit permission
        # and add a moderator.
        moderator_group = GroupFactory()
        ct = ContentType.objects.get_for_model(f)
        PermissionFactory(
            codename="forums_forum.post_edit_forum",
            content_type=ct,
            object_id=f.id,
            group=moderator_group,
        )
        moderator = UserFactory()
        moderator_group.user_set.add(moderator)

        self.client.login(username=moderator.username, password="******")

        r = post(
            self.client,
            "forums.edit_post",
            {"content": "More new content"},
            args=[f.slug, t.id, p.id],
        )
        eq_(200, r.status_code)

        edited_p = Post.objects.get(pk=p.pk)
        eq_("More new content", edited_p.content)
Пример #6
0
 def permission_code(forum, created, extracted, **kwargs):
     assert created
     permission = extracted or "forums_forum.view_in_forum"
     ct = ContentType.objects.get_for_model(forum)
     PermissionFactory(codename=permission,
                       content_type=ct,
                       object_id=forum.id)
Пример #7
0
    def test_delete_thread_belongs_to_forum(self):
        """Delete thread action - thread belongs to forum."""
        f = ForumFactory()
        t = ThreadFactory()  # Thread belongs to a different forum
        u = UserFactory()

        # Give the user the permission to delete threads.
        g = GroupFactory()
        ct = ContentType.objects.get_for_model(f)
        PermissionFactory(codename='forums_forum.thread_delete_forum',
                          content_type=ct, object_id=f.id, group=g)
        PermissionFactory(codename='forums_forum.thread_delete_forum',
                          content_type=ct, object_id=t.forum.id, group=g)
        g.user_set.add(u)

        self.client.login(username=u.username, password='******')
        r = get(self.client, 'forums.delete_thread', args=[f.slug, t.id])
        eq_(404, r.status_code)
Пример #8
0
    def test_restricted_is_invisible(self):
        """Forums with restricted view_in permission shouldn't show up."""
        restricted_forum = ForumFactory()
        # Make it restricted.
        ct = ContentType.objects.get_for_model(restricted_forum)
        PermissionFactory(codename='forums_forum.view_in_forum', content_type=ct,
                          object_id=restricted_forum.id)

        response = get(self.client, 'forums.forums')
        self.assertNotContains(response, restricted_forum.slug)
Пример #9
0
    def test_restricted_hide_new_thread(self):
        """'Post new thread' doesn't show if user has no permission to post.
        """
        f = ForumFactory()
        ct = ContentType.objects.get_for_model(f)
        # If the forum has the permission and the user isn't assigned said
        # permission, then they can't post.
        PermissionFactory(codename='forums_forum.post_in_forum', content_type=ct, object_id=f.id)
        u = UserFactory()

        self.client.login(username=u.username, password='******')
        response = get(self.client, 'forums.threads', args=[f.slug])
        self.assertNotContains(response, 'Post a new thread')
Пример #10
0
    def test_restricted_hide_reply(self):
        """Reply fields don't show if user has no permission to post."""
        t = ThreadFactory()
        f = t.forum
        ct = ContentType.objects.get_for_model(f)
        # If the forum has the permission and the user isn't assigned said
        # permission, then they can't post.
        PermissionFactory(codename='forums_forum.post_in_forum', content_type=ct, object_id=f.id)
        u = UserFactory()

        self.client.login(username=u.username, password='******')
        response = get(self.client, 'forums.posts', args=[f.slug, t.pk])
        self.assertNotContains(response, 'thread-reply')
Пример #11
0
    def test_sticky_thread_belongs_to_forum(self):
        """Sticky action - thread belongs to forum."""
        f = ForumFactory()
        t = ThreadFactory()  # Thread belongs to a different forum
        u = UserFactory()

        # Give the user the permission to sticky threads.
        g = GroupFactory()
        ct = ContentType.objects.get_for_model(f)
        PermissionFactory(codename="forums_forum.thread_sticky_forum",
                          content_type=ct,
                          object_id=f.id,
                          group=g)
        PermissionFactory(
            codename="forums_forum.thread_sticky_forum",
            content_type=ct,
            object_id=t.forum.id,
            group=g,
        )
        g.user_set.add(u)

        self.client.login(username=u.username, password="******")
        r = post(self.client, "forums.sticky_thread", {}, args=[f.slug, t.id])
        eq_(404, r.status_code)
Пример #12
0
    def test_edit_thread_moderator(self):
        """Editing post as a moderator works."""
        t = ThreadFactory()
        f = t.forum
        u = UserFactory()
        g = GroupFactory()
        ct = ContentType.objects.get_for_model(f)
        PermissionFactory(codename='forums_forum.thread_edit_forum', content_type=ct,
                          object_id=f.id, group=g)
        g.user_set.add(u)

        self.client.login(username=u.username, password='******')
        r = post(self.client, 'forums.edit_thread',
                 {'title': 'new title'}, args=[f.slug, t.id])
        eq_(200, r.status_code)
        edited_t = Thread.objects.get(id=t.id)
        eq_('new title', edited_t.title)
Пример #13
0
    def test_discussion_forum_with_restricted_forums(self):
        """Tests who can see restricted forums in search form."""
        # This is a long test, but it saves us from doing the setup
        # twice.
        forum1 = ForumFactory(name=u'ou812forum')
        thread1 = ThreadFactory(forum=forum1, title=u'audio 2')
        PostFactory(thread=thread1)

        forum2 = RestrictedForumFactory(name=u'restrictedkeepout')
        thread2 = ThreadFactory(forum=forum2, title=u'audio 2')
        PostFactory(thread=thread2)

        self.refresh()

        # Get the Advanced Search Form as an anonymous user
        response = self.client.get(reverse('search.advanced'), {'a': '2'})
        eq_(200, response.status_code)

        # Regular forum should show up
        assert 'ou812forum' in response.content

        # Restricted forum should not show up
        assert 'restrictedkeepout' not in response.content

        u = UserFactory()
        g = GroupFactory()
        g.user_set.add(u)
        ct = ContentType.objects.get_for_model(forum2)
        PermissionFactory(
            codename='forums_forum.view_in_forum',
            content_type=ct,
            object_id=forum2.id,
            group=g)

        # Get the Advanced Search Form as a logged in user
        self.client.login(username=u.username, password='******')
        response = self.client.get(reverse('search.advanced'), {'a': '2'})
        eq_(200, response.status_code)

        # Both forums should show up for authorized user
        assert 'ou812forum' in response.content
        assert 'restrictedkeepout' in response.content
Пример #14
0
    def test_forums_search_authorized_forums_specifying_forums(self):
        """Only authorized people can search certain forums they specified"""
        # Create two threads: one in a restricted forum and one not.
        forum1 = ForumFactory(name="ou812forum")
        thread1 = ThreadFactory(forum=forum1)
        PostFactory(thread=thread1, content="audio")

        forum2 = RestrictedForumFactory(name="restrictedkeepout")
        thread2 = ThreadFactory(forum=forum2)
        PostFactory(thread=thread2, content="audio restricted")

        self.refresh()

        # Do a search as an anonymous user and specify both
        # forums. Should only see the post from the unrestricted
        # forum.
        response = self.client.get(
            reverse("search.advanced"),
            {
                "author": "",
                "created": "0",
                "created_date": "",
                "updated": "0",
                "updated_date": "",
                "sortby": "0",
                "forum": [forum1.id, forum2.id],
                "a": "1",
                "w": "4",
                "q": "audio",
                "format": "json",
            },
        )

        eq_(200, response.status_code)
        content = json.loads(response.content)
        eq_(content["total"], 1)

        # Do a search as an authorized user and specify both
        # forums. Should see both posts.
        u = UserFactory()
        g = GroupFactory()
        g.user_set.add(u)
        ct = ContentType.objects.get_for_model(forum2)
        PermissionFactory(codename="forums_forum.view_in_forum",
                          content_type=ct,
                          object_id=forum2.id,
                          group=g)

        self.client.login(username=u.username, password="******")
        response = self.client.get(
            reverse("search.advanced"),
            {
                "author": "",
                "created": "0",
                "created_date": "",
                "updated": "0",
                "updated_date": "",
                "sortby": "0",
                "forum": [forum1.id, forum2.id],
                "a": "1",
                "w": "4",
                "q": "audio",
                "format": "json",
            },
        )

        # Sees both results
        eq_(200, response.status_code)
        content = json.loads(response.content)
        eq_(content["total"], 2)
Пример #15
0
    def test_forums_search_authorized_forums_specifying_forums(self):
        """Only authorized people can search certain forums they specified"""
        # Create two threads: one in a restricted forum and one not.
        forum1 = ForumFactory(name=u'ou812forum')
        thread1 = ThreadFactory(forum=forum1)
        PostFactory(thread=thread1, content=u'audio')

        forum2 = RestrictedForumFactory(name=u'restrictedkeepout')
        thread2 = ThreadFactory(forum=forum2)
        PostFactory(thread=thread2, content=u'audio restricted')

        self.refresh()

        # Do a search as an anonymous user and specify both
        # forums. Should only see the post from the unrestricted
        # forum.
        response = self.client.get(reverse('search.advanced'), {
            'author': '',
            'created': '0',
            'created_date': '',
            'updated': '0',
            'updated_date': '',
            'sortby': '0',
            'forum': [forum1.id, forum2.id],
            'a': '1',
            'w': '4',
            'q': 'audio',
            'format': 'json'
        })

        eq_(200, response.status_code)
        content = json.loads(response.content)
        eq_(content['total'], 1)

        # Do a search as an authorized user and specify both
        # forums. Should see both posts.
        u = UserFactory()
        g = GroupFactory()
        g.user_set.add(u)
        ct = ContentType.objects.get_for_model(forum2)
        PermissionFactory(
            codename='forums_forum.view_in_forum',
            content_type=ct,
            object_id=forum2.id,
            group=g)

        self.client.login(username=u.username, password='******')
        response = self.client.get(reverse('search.advanced'), {
            'author': '',
            'created': '0',
            'created_date': '',
            'updated': '0',
            'updated_date': '',
            'sortby': '0',
            'forum': [forum1.id, forum2.id],
            'a': '1',
            'w': '4',
            'q': 'audio',
            'format': 'json'
        })

        # Sees both results
        eq_(200, response.status_code)
        content = json.loads(response.content)
        eq_(content['total'], 2)