Skip to content

Commit

Permalink
Sigma admins now have all rights on /group-member-value/*. Add relate…
Browse files Browse the repository at this point in the history 
…d tests (100 tests milestone reached !)
  • Loading branch information
TheBirdie authored and TheBirdie committed Jan 30, 2016
1 parent 126fb60 commit 7e5fcdc
Show file tree
Hide file tree
Showing 3 changed files with 21 additions and 4 deletions.
2 changes: 1 addition & 1 deletion sigma_core/models/group_member_value.py
View file
Original file line number Diff line number Diff line change
Expand Up @@ -28,4 +28,4 @@ def has_write_permission(request):
return request.user.is_authenticated()

def has_object_write_permission(self, request):
return request.user.is_authenticated() and self.membership.user == request.user
return request.user.is_authenticated() and (self.membership.user == request.user or request.user.is_sigma_admin())
20 changes: 18 additions & 2 deletions sigma_core/tests/test_group_member_value.py
View file
Original file line number Diff line number Diff line change
Expand Up @@ -11,7 +11,7 @@
from sigma_core.models.group_member_value import GroupMemberValue
from sigma_core.models.group_field import GroupField
from sigma_core.models.validator import Validator
from sigma_core.tests.factories import UserFactory, GroupFieldFactory, GroupFactory, GroupMemberFactory, GroupMemberValueFactory
from sigma_core.tests.factories import AdminUserFactory, UserFactory, GroupFieldFactory, GroupFactory, GroupMemberFactory, GroupMemberValueFactory
from sigma_core.serializers.group_member_value import GroupMemberValueSerializer


Expand All @@ -32,7 +32,7 @@ def setUpTestData(self):
# User[1]: Requested join, not accepted
# User[2]: Group member
# User[3]: Group admin
self.users = [UserFactory(), UserFactory(), UserFactory(), UserFactory(), UserFactory()]
self.users = [UserFactory(), UserFactory(), UserFactory(), UserFactory(), UserFactory(), AdminUserFactory()]

# Associated GroupMember
self.group_member = [
Expand Down Expand Up @@ -117,6 +117,9 @@ def test_create_group_member(self):
def test_create_group_admin(self):
self.try_create(3, self.group_member[3].id, self.group_fields[0].id, "ABC", status.HTTP_201_CREATED)

def test_create_sigma_admin(self):
self.try_create(5, self.group_member[3].id, self.group_fields[0].id, "ABC", status.HTTP_201_CREATED)

def test_create_group_field_validation_ok(self):
self.try_create(2, self.group_member[2].id, self.group_fields[1].id, "some@email.com", status.HTTP_201_CREATED)

Expand Down Expand Up @@ -155,6 +158,10 @@ def test_list_group_member2(self):
self.assertEqual(len(r), GroupMemberValue.objects.all().filter(membership__group=self.group2.id).count())
self.assertEqual(len(r), 2)

def test_list_sigma_admin(self):
r = self.try_list(5, status.HTTP_200_OK)
self.assertEqual(len(r), GroupMemberValue.objects.all().count())

#################### TEST GROUP MEMBER VALUE LISTING #######################
def try_update(self, userIdx, memberValue, fieldNewValue, expectedHttpResponse):
if userIdx >= 0:
Expand Down Expand Up @@ -185,6 +192,9 @@ def test_update_membership(self):
def test_update_self_ok(self):
self.try_update(1, GroupMemberValueFactory(field=self.group_fields[0], value="Blah", membership=self.group_member[1]), "ABC", status.HTTP_200_OK)

def test_update_sigma_admin(self):
self.try_update(5, GroupMemberValueFactory(field=self.group_fields[0], value="Blah", membership=self.group_member[1]), "ABC", status.HTTP_200_OK)

#################### TEST GROUP MEMBER VALUE RETRIEVE ######################
def try_retrieve(self, userIdx, memberValue, expectedHttpResponse):
if userIdx >= 0:
Expand All @@ -207,6 +217,9 @@ def test_retrieve_self_value_not_accepted(self):
def test_retrieve_other_member_ok(self):
self.try_retrieve(2, GroupMemberValueFactory(field=self.group_fields[0], value="Blah", membership=self.group_member[1]), status.HTTP_200_OK)

def test_retrieve_sigma_admin(self):
self.try_retrieve(5, GroupMemberValueFactory(field=self.group_fields[0], value="Blah", membership=self.group_member[1]), status.HTTP_200_OK)

#################### TEST GROUP MEMBER VALUE DESTROY #######################
def try_delete(self, userIdx, memberValue, expectedHttpResponse):
if userIdx >= 0:
Expand All @@ -229,5 +242,8 @@ def test_delete_other_member(self):
def test_delete_self_value_not_accepted(self):
self.try_delete(1, GroupMemberValueFactory(field=self.group_fields[0], value="Blah", membership=self.group_member[1]), status.HTTP_204_NO_CONTENT)

def test_delete_sigma_admin(self):
self.try_delete(5, GroupMemberValueFactory(field=self.group_fields[0], value="Blah", membership=self.group_member[1]), status.HTTP_204_NO_CONTENT)

def test_delete_other_member(self):
self.try_delete(2, GroupMemberValueFactory(field=self.group_fields[0], value="Blah", membership=self.group_member[1]), status.HTTP_403_FORBIDDEN)
3 changes: 2 additions & 1 deletion sigma_core/views/group_member_value.py
View file
Original file line number Diff line number Diff line change
Expand Up @@ -50,7 +50,8 @@ def create(self, request):
if not serializer.is_valid():
return Response(serializer.errors, status=status.HTTP_400_BAD_REQUEST)
mship = serializer.validated_data.get('membership')
if mship.user != request.user:
# Only Sigma admins can create values for other members
if mship.user != request.user and not request.user.is_sigma_admin():
return Response(status=status.HTTP_400_BAD_REQUEST)

serializer.save()
Expand Down

0 comments on commit 7e5fcdc

Please sign in to comment.