Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
[#1407] Fix for resource_delete auth and added tests.
- Loading branch information
David Read
committed
Oct 29, 2014
1 parent
b166b50
commit fc5e993
Showing
3 changed files
with
85 additions
and
2 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,31 @@ | ||
import nose.tools | ||
|
||
import ckan.new_tests.helpers as helpers | ||
import ckan.new_tests.factories as factories | ||
import ckan.logic as logic | ||
import ckan.model as model | ||
|
||
assert_equals = nose.tools.assert_equals | ||
assert_raises = nose.tools.assert_raises | ||
|
||
|
||
class TestDelete: | ||
|
||
def setup(self): | ||
helpers.reset_db() | ||
|
||
def test_resource_delete(self): | ||
user = factories.User() | ||
sysadmin = factories.Sysadmin() | ||
resource = factories.Resource(user=user) | ||
context = {} | ||
params = {'id': resource['id']} | ||
|
||
helpers.call_action('resource_delete', context, **params) | ||
|
||
# Not even a sysadmin can see it now | ||
assert_raises(logic.NotFound, helpers.call_action, 'resource_show', | ||
{'user': sysadmin['name']}, **params) | ||
# It is still there but with state=deleted | ||
res_obj = model.Resource.get(resource['id']) | ||
assert_equals(res_obj.state, 'deleted') |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,52 @@ | ||
|
||
'''Unit tests for ckan/logic/auth/delete.py. | ||
''' | ||
|
||
import nose | ||
|
||
import ckan.new_tests.helpers as helpers | ||
import ckan.new_tests.factories as factories | ||
import ckan.logic.auth.delete as auth_delete | ||
from ckan import model | ||
|
||
logic = helpers.logic | ||
assert_equals = nose.tools.assert_equals | ||
|
||
|
||
class TestResourceDelete(object): | ||
|
||
def setup(self): | ||
helpers.reset_db() | ||
|
||
def test_anon_cant_delete(self): | ||
context = {'user': None, 'model': model} | ||
params = {} | ||
nose.tools.assert_raises(logic.NotAuthorized, helpers.call_auth, | ||
'resource_delete', context=context, **params) | ||
|
||
def test_no_org_user_cant_delete(self): | ||
user = factories.User() | ||
org = factories.Organization() | ||
dataset = factories.Dataset(owner_org=org['id'], | ||
resources=[factories.Resource()]) | ||
|
||
response = auth_delete.resource_delete( | ||
{'user': user['name'], 'model': model}, | ||
{'id': dataset['resources'][0]['id']}) | ||
|
||
assert_equals(response['success'], False) | ||
|
||
def test_org_user_can_delete(self): | ||
user = factories.User() | ||
org_users = [{'name': user['name'], 'capacity': 'editor'}] | ||
org = factories.Organization(users=org_users) | ||
dataset = factories.Dataset(owner_org=org['id'], | ||
resources=[factories.Resource()], | ||
user=user) | ||
|
||
response = auth_delete.resource_delete( | ||
{'user': user['name'], 'model': model}, | ||
{'id': dataset['resources'][0]['id']}) | ||
|
||
assert_equals(response['success'], True) |