def setUp(self):
self.permission = AllowExtensionReviewerReadOnly()
self.user = AnonymousUser()
self.request_factory = RequestFactory()
self.unsafe_methods = ('patch', 'post', 'put', 'delete')
self.safe_methods = ('get', 'options', 'head')
def setUp(self):
self.permission = AllowExtensionReviewerReadOnly()
self.user = AnonymousUser()
self.request_factory = RequestFactory()
self.unsafe_methods = ('patch', 'post', 'put', 'delete')
self.safe_methods = ('get', 'options', 'head')
class TestAllowExtensionReviewerReadOnly(TestCase):
fixtures = fixture('user_2519')
def setUp(self):
self.permission = AllowExtensionReviewerReadOnly()
self.user = AnonymousUser()
self.request_factory = RequestFactory()
self.unsafe_methods = ('patch', 'post', 'put', 'delete')
self.safe_methods = ('get', 'options', 'head')
def _request(self, verb):
request = getattr(self.request_factory, verb)('/')
request.user = self.user
if self.user.is_authenticated():
request.groups = request.user.groups.all()
return request
def test_has_permission_anonymous(self):
for verb in self.safe_methods + self.unsafe_methods:
eq_(self.permission.has_permission(self._request(verb), 'myview'),
False)
def test_has_permission_no_rights(self):
self.user = UserProfile.objects.get(pk=2519)
for verb in self.safe_methods + self.unsafe_methods:
eq_(self.permission.has_permission(self._request(verb), 'myview'),
False)
def test_has_permission_reviewer(self):
self.user = UserProfile.objects.get(pk=2519)
self.grant_permission(self.user, 'ContentTools:AddonReview')
for verb in self.safe_methods:
eq_(self.permission.has_permission(self._request(verb), 'myview'),
True)
# Unsafe methods are still disallowed.
for verb in self.unsafe_methods:
eq_(self.permission.has_permission(self._request(verb), 'myview'),
False)
def test_has_object_permission(self):
obj = Mock()
for verb in self.safe_methods + self.unsafe_methods:
eq_(self.permission.has_object_permission(self._request(verb),
'myview', obj), False)
def test_has_object_permission_no_rights(self):
self.user = UserProfile.objects.get(pk=2519)
obj = Mock()
for verb in self.safe_methods + self.unsafe_methods:
eq_(self.permission.has_object_permission(self._request(verb),
'myview', obj), False)
def test_has_object_permission_reviewer(self):
self.user = UserProfile.objects.get(pk=2519)
self.grant_permission(self.user, 'ContentTools:AddonReview')
obj = Mock()
for verb in self.safe_methods:
eq_(self.permission.has_object_permission(self._request(verb),
'myview', obj), True)
# Unsafe methods are still disallowed.
for verb in self.unsafe_methods:
eq_(self.permission.has_object_permission(self._request(verb),
'myview', obj), False)
class TestAllowExtensionReviewerReadOnly(TestCase):
fixtures = fixture('user_2519')
def setUp(self):
self.permission = AllowExtensionReviewerReadOnly()
self.user = AnonymousUser()
self.request_factory = RequestFactory()
self.unsafe_methods = ('patch', 'post', 'put', 'delete')
self.safe_methods = ('get', 'options', 'head')
def _request(self, verb):
request = getattr(self.request_factory, verb)('/')
request.user = self.user
if self.user.is_authenticated():
request.groups = request.user.groups.all()
return request
def test_has_permission_anonymous(self):
for verb in self.safe_methods + self.unsafe_methods:
eq_(self.permission.has_permission(self._request(verb), 'myview'),
False)
def test_has_permission_no_rights(self):
self.user = UserProfile.objects.get(pk=2519)
for verb in self.safe_methods + self.unsafe_methods:
eq_(self.permission.has_permission(self._request(verb), 'myview'),
False)
def test_has_permission_reviewer(self):
self.user = UserProfile.objects.get(pk=2519)
self.grant_permission(self.user, 'ContentTools:AddonReview')
for verb in self.safe_methods:
eq_(self.permission.has_permission(self._request(verb), 'myview'),
True)
# Unsafe methods are still disallowed.
for verb in self.unsafe_methods:
eq_(self.permission.has_permission(self._request(verb), 'myview'),
False)
def test_has_object_permission(self):
obj = Mock()
for verb in self.safe_methods + self.unsafe_methods:
eq_(self.permission.has_object_permission(self._request(verb),
'myview', obj), False)
def test_has_object_permission_no_rights(self):
self.user = UserProfile.objects.get(pk=2519)
obj = Mock()
for verb in self.safe_methods + self.unsafe_methods:
eq_(self.permission.has_object_permission(self._request(verb),
'myview', obj), False)
def test_has_object_permission_reviewer(self):
self.user = UserProfile.objects.get(pk=2519)
self.grant_permission(self.user, 'ContentTools:AddonReview')
obj = Mock()
for verb in self.safe_methods:
eq_(self.permission.has_object_permission(self._request(verb),
'myview', obj), True)
# Unsafe methods are still disallowed.
for verb in self.unsafe_methods:
eq_(self.permission.has_object_permission(self._request(verb),
'myview', obj), False)
