def test_user_cant_manage(self):
issue = IssueSubmissionFactory()
user = UserFactory()
is_granted = user.has_perm('editor.manage_issuesubmission',
issue.journal)
self.assertEqual(is_granted, False)
def setUp(self):
self.user_granted = UserFactory(username="******")
self.user_granted.set_password("user")
self.user_granted.save()
self.user_non_granted = UserFactory(username="******")
self.user_non_granted.set_password("user")
self.user_non_granted.save()
def test_user_can_manage(self):
policy = PolicyFactory()
user = UserFactory()
policy.managers.add(user)
policy.save()
is_granted = user.has_perm('subscription.manage_policy', policy)
self.assertEqual(is_granted, True)
def test_menu_permission_absence(self):
user = UserFactory(username="******")
user.set_password("user")
user.save()
url = reverse('userspace:permissions:perm_list')
self.client.login(username="******", password="******")
response = self.client.get(reverse('userspace:dashboard'))
self.assertNotContains(response, url)
def test_user_cant_manage(self):
user = UserFactory()
journal = JournalFactory()
is_granted = user.has_perm('userspace.manage_permissions', journal)
self.assertEqual(is_granted, False)
journal.members.add(user)
journal.save()
is_granted = user.has_perm('userspace.manage_permissions', journal)
self.assertEqual(is_granted, False)
def test_menu_subscription_presence(self):
policy = PolicyFactory()
user = UserFactory(username="******")
user.set_password("user")
user.save()
policy.managers.add(user)
policy.save()
url = reverse('userspace:subscription:account_list')
self.client.login(username="******", password="******")
response = self.client.get(reverse('userspace:dashboard'))
self.assertContains(response, url)
def test_user_can_manage(self):
user = UserFactory()
journal = JournalFactory()
journal.members.add(user)
journal.save()
ct = ContentType.objects.get(app_label="erudit", model="journal")
Rule.objects.create(content_type=ct,
user=user,
object_id=journal.id,
permission="userspace.manage_permissions")
is_granted = user.has_perm('userspace.manage_permissions', journal)
self.assertEqual(is_granted, True)
def test_user_can_manage(self):
journal = JournalFactory()
user = UserFactory()
journal.members.add(user)
journal.save()
ct = ContentType.objects.get(app_label="erudit", model="journal")
Rule.objects.create(content_type=ct,
user=user,
object_id=journal.id,
permission="editor.manage_issuesubmission")
issue = IssueSubmissionFactory(journal=journal)
is_granted = user.has_perm('editor.manage_issuesubmission',
issue.journal)
self.assertEqual(is_granted, True)
def test_menu_permission_presence(self):
journal = JournalFactory()
user = UserFactory(username="******")
user.set_password("user")
user.save()
journal.members.add(user)
journal.save()
ct = ContentType.objects.get(app_label="erudit", model="journal")
Rule.objects.create(content_type=ct,
user=user,
object_id=journal.id,
permission="userspace.manage_permissions")
url = reverse('userspace:permissions:perm_list')
self.client.login(username="******", password="******")
response = self.client.get(reverse('userspace:dashboard'))
self.assertContains(response, url)
class ViewsTestCase(TestCase):
def setUp(self):
self.user_granted = UserFactory(username="******")
self.user_granted.set_password("user")
self.user_granted.save()
self.user_non_granted = UserFactory(username="******")
self.user_non_granted.set_password("user")
self.user_non_granted.save()
def test_permission_list_restricted(self):
self.client.login(username=self.user_non_granted.username,
password="******")
url = reverse('userspace:permissions:perm_list')
response = self.client.get(url)
self.assertEqual(response.status_code, 302)
journal = JournalFactory()
journal.members.add(self.user_granted)
journal.save()
response = self.client.get(url)
self.assertEqual(response.status_code, 302)
def test_permission_list_granted(self):
journal = JournalFactory()
journal.members.add(self.user_granted)
journal.save()
ct = ContentType.objects.get(app_label="erudit", model="journal")
Rule.objects.create(content_type=ct,
user=self.user_granted,
object_id=journal.id,
permission="userspace.manage_permissions")
self.client.login(username=self.user_granted.username,
password="******")
url = reverse('userspace:permissions:perm_list')
response = self.client.get(url)
self.assertEqual(response.status_code, 200)
def test_permission_create_restricted(self):
self.client.login(username=self.user_non_granted.username,
password="******")
url = reverse('userspace:permissions:perm_create')
response = self.client.get(url)
self.assertEqual(response.status_code, 302)
journal = JournalFactory()
journal.members.add(self.user_granted)
journal.save()
response = self.client.get(url)
self.assertEqual(response.status_code, 302)
def test_permission_create_granted(self):
journal = JournalFactory()
journal.members.add(self.user_granted)
journal.save()
ct = ContentType.objects.get(app_label="erudit", model="journal")
Rule.objects.create(content_type=ct,
user=self.user_granted,
object_id=journal.id,
permission='userspace.manage_permissions')
self.client.login(username=self.user_granted.username,
password="******")
url = reverse('userspace:permissions:perm_create')
response = self.client.get(url)
self.assertEqual(response.status_code, 200)
def test_permission_delete_restricted(self):
self.client.login(username=self.user_non_granted.username,
password="******")
journal = JournalFactory()
journal.save()
ct = ContentType.objects.get(app_label="erudit", model="journal")
rule = Rule.objects.create(content_type=ct,
user=self.user_granted,
object_id=journal.id,
permission='userspace.manage_permissions')
url = reverse('userspace:permissions:perm_delete', args=(rule.pk, ))
response = self.client.get(url)
self.assertEqual(response.status_code, 404)
journal.members.add(self.user_non_granted)
journal.save()
response = self.client.get(url)
self.assertEqual(response.status_code, 302)
def test_permission_delete_granted(self):
journal = JournalFactory()
journal.members.add(self.user_granted)
journal.save()
ct = ContentType.objects.get(app_label="erudit", model="journal")
rule = Rule.objects.create(content_type=ct,
user=self.user_granted,
object_id=journal.id,
permission='userspace.manage_permissions')
self.client.login(username=self.user_granted.username,
password="******")
url = reverse('userspace:permissions:perm_delete', args=(rule.pk, ))
response = self.client.get(url)
self.assertEqual(response.status_code, 200)
def test_staff_can_manage(self):
user = UserFactory(is_staff=True)
journal = JournalFactory()
is_granted = user.has_perm('userspace.manage_permissions', journal)
self.assertEqual(is_granted, True)
class ViewsTestCase(TestCase):
def setUp(self):
self.user_granted = UserFactory(username="******")
self.user_granted.set_password("user")
self.user_granted.save()
self.user_non_granted = UserFactory(username="******")
self.user_non_granted.set_password("user")
self.user_non_granted.save()
def test_acccount_list_restricted(self):
self.client.login(username=self.user_non_granted.username,
password="******")
url = reverse('userspace:subscription:account_list')
response = self.client.get(url)
self.assertEqual(response.status_code, 302)
def test_acccount_list_granted(self):
policy = PolicyFactory()
policy.managers.add(self.user_granted)
policy.save()
self.client.login(username=self.user_granted.username,
password="******")
url = reverse('userspace:subscription:account_list')
response = self.client.get(url)
self.assertEqual(response.status_code, 200)
def test_acccount_add_restricted(self):
self.client.login(username=self.user_non_granted.username,
password="******")
url = reverse('userspace:subscription:account_add')
response = self.client.get(url)
self.assertEqual(response.status_code, 302)
def test_acccount_add_granted(self):
policy = PolicyFactory()
policy.managers.add(self.user_granted)
policy.save()
self.client.login(username=self.user_granted.username,
password="******")
url = reverse('userspace:subscription:account_add')
response = self.client.get(url)
self.assertEqual(response.status_code, 200)
def test_acccount_update_restricted(self):
policy = PolicyFactory()
account = IndividualAccountFactory(policy=policy)
self.client.login(username=self.user_non_granted.username,
password="******")
url = reverse('userspace:subscription:account_update',
args=(account.pk, ))
response = self.client.get(url)
self.assertEqual(response.status_code, 404)
def test_acccount_update_granted(self):
policy = PolicyFactory()
policy.managers.add(self.user_granted)
policy.save()
account = IndividualAccountFactory(policy=policy)
self.client.login(username=self.user_granted.username,
password="******")
url = reverse('userspace:subscription:account_update',
args=(account.pk, ))
response = self.client.get(url)
self.assertEqual(response.status_code, 200)
def test_acccount_delete_restricted(self):
policy = PolicyFactory()
policy.save()
account = IndividualAccountFactory(policy=policy)
self.client.login(username=self.user_non_granted.username,
password="******")
url = reverse('userspace:subscription:account_delete',
args=(account.pk, ))
response = self.client.get(url)
self.assertEqual(response.status_code, 404)
def test_acccount_delete_granted(self):
policy = PolicyFactory()
policy.managers.add(self.user_granted)
policy.save()
account = IndividualAccountFactory(policy=policy)
self.client.login(username=self.user_granted.username,
password="******")
url = reverse('userspace:subscription:account_delete',
args=(account.pk, ))
response = self.client.get(url)
self.assertEqual(response.status_code, 200)
def test_acccount_reset_password_restricted(self):
policy = PolicyFactory()
policy.save()
account = IndividualAccountFactory(policy=policy)
self.client.login(username=self.user_non_granted.username,
password="******")
url = reverse('userspace:subscription:account_reset_pwd',
args=(account.pk, ))
response = self.client.get(url)
self.assertEqual(response.status_code, 404)
def test_acccount_reset_password_granted(self):
policy = PolicyFactory()
policy.managers.add(self.user_granted)
policy.save()
account = IndividualAccountFactory(policy=policy)
self.client.login(username=self.user_granted.username,
password="******")
url = reverse('userspace:subscription:account_reset_pwd',
args=(account.pk, ))
response = self.client.get(url)
self.assertEqual(response.status_code, 200)
def test_staff_can_manage(self):
policy = PolicyFactory()
user = UserFactory(is_staff=True)
is_granted = user.has_perm('subscription.manage_policy', policy)
self.assertEqual(is_granted, True)
def test_user_cant_manage(self):
policy = PolicyFactory()
user = UserFactory()
is_granted = user.has_perm('subscription.manage_policy', policy)
self.assertEqual(is_granted, False)
def test_staff_can_manage(self):
user = UserFactory(is_staff=True)
issue = IssueSubmissionFactory()
is_granted = user.has_perm('editor.manage_issuesubmission', issue)
self.assertEqual(is_granted, True)
class ViewsTestCase(TestCase):
def setUp(self):
self.user_granted = UserFactory(username="******")
self.user_granted.set_password("user")
self.user_granted.save()
self.user_non_granted = UserFactory(username="******")
self.user_non_granted.set_password("user")
self.user_non_granted.save()
def test_issuesubmission_restricted(self):
self.client.login(username=self.user_non_granted.username,
password="******")
url = reverse('userspace:editor:issues')
response = self.client.get(url)
self.assertEqual(response.status_code, 302)
def test_issuesubmission_granted(self):
journal = JournalFactory()
journal.members.add(self.user_granted)
journal.save()
self.client.login(username=self.user_granted.username,
password="******")
url = reverse('userspace:editor:issues')
response = self.client.get(url)
self.assertEqual(response.status_code, 302)
ct = ContentType.objects.get(app_label="erudit", model="journal")
Rule.objects.create(content_type=ct,
user=self.user_granted,
object_id=journal.id,
permission="editor.manage_issuesubmission")
response = self.client.get(url)
self.assertEqual(response.status_code, 200)
def test_issuesubmission_add_restricted(self):
self.client.login(username=self.user_non_granted.username,
password="******")
url = reverse('userspace:editor:add')
response = self.client.get(url)
self.assertEqual(response.status_code, 302)
def test_issuesubmission_add_granted(self):
journal = JournalFactory()
journal.members.add(self.user_granted)
journal.save()
self.client.login(username=self.user_granted.username,
password="******")
url = reverse('userspace:editor:add')
response = self.client.get(url)
self.assertEqual(response.status_code, 302)
ct = ContentType.objects.get(app_label="erudit", model="journal")
Rule.objects.create(content_type=ct,
user=self.user_granted,
object_id=journal.id,
permission="editor.manage_issuesubmission")
response = self.client.get(url)
self.assertEqual(response.status_code, 200)
def test_issuesubmission_update_restricted(self):
issue = IssueSubmissionFactory()
self.client.login(username=self.user_non_granted.username,
password="******")
url = reverse('userspace:editor:update', args=(issue.pk, ))
response = self.client.get(url)
self.assertEqual(response.status_code, 404,)
def test_issuesubmission_update_granted(self):
journal = JournalFactory()
journal.members.add(self.user_granted)
journal.save()
issue = IssueSubmissionFactory(journal=journal)
self.client.login(username=self.user_granted.username,
password="******")
url = reverse('userspace:editor:update', args=(issue.pk, ))
response = self.client.get(url)
self.assertEqual(response.status_code, 404)
ct = ContentType.objects.get(app_label="erudit", model="journal")
Rule.objects.create(content_type=ct,
user=self.user_granted,
object_id=journal.id,
permission="editor.manage_issuesubmission")
response = self.client.get(url)
self.assertEqual(response.status_code, 200)
