def test_check_admin_add_admin(self, client):
self.assertTrue(pli.has_admin())
# 200 => we added the role.
res = post_add_role(client, ADMIN_ROLE, user2["_id"])
self.assertEqual(200, res.status_code)
self.assertEqual(ADMIN_ROLE, PliUser.get(user2["_id"]).role)
def test_check_admin_not_add_bad_uid(self, client):
self.assertTrue(pli.has_admin())
# 400 => Not added
# That UID doesn't exist.
res = post_add_role(client, 'user', 543)
self.assertEqual(400, res.status_code)
def get_page_to_delete(id):
# Easy case, no id (or not logged in) => nothing to/can delete
if id is None or \
not current_user.is_authenticated:
return None
page = get_page_with_id(id)
# If the page doesn't exist you can't remove it.
if page is None:
return None
# If we own the page, we can delete it
if page["owner"] == current_user.get_id():
return page
# Admins can always delete
if has_admin():
return page
# Otherwise NO
return None
def get_deletable_pages():
if has_admin():
return get_db().usercontent.find({})
else:
return get_my_pages()
def test_check_non_admin_add(self, client):
self.assertFalse(pli.has_admin())
# 403 => We couldn't add the role.
res = post_add_role(client, EDITOR_ROLE, user3["_id"])
self.assertEqual(403, res.status_code)
self.assertEqual(USER_ROLE, PliUser.get(user3["_id"]).role)
def test_check_admin_add2(self, client):
self.assertTrue(pli.has_admin())
# This isn't a role
res = post_add_role(client, "not-a-role", user3["_id"])
self.assertEqual(400, res.status_code)
self.assertEqual(USER_ROLE, PliUser.get(user3["_id"]).role)
def test_check_none(self, client):
self.assertFalse(pli.has_editor())
self.assertFalse(pli.has_admin())
self.assertFalse(pli.has_peerleader())
self.assertTrue(pli.has_user())
def test_check_non_admin_edit_role_page(self, client):
self.assertFalse(pli.has_admin())
# 403 => Participant cannot access page
res = client.get('/change-roles')
self.assertEqual(403, res.status_code) \
def test_check_admin_edit_role_page(self, client):
self.assertTrue(pli.has_admin())
res = client.get('/change-roles')
self.assertEqual(200, res.status_code)