This repository has been archived by the owner on Aug 26, 2022. It is now read-only.
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Adding authority, with jinja filter and permission checks. Lots of te…
…sts.
- Loading branch information
Paul Craciunoiu
committed
May 22, 2010
1 parent
d9b10c1
commit df36d80
Showing
18 changed files
with
428 additions
and
53 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,77 @@ | ||
[ | ||
{ | ||
"pk": 1, | ||
"model": "authority.permission", | ||
"fields": { | ||
"date_requested": "2010-05-20 10:37:22", | ||
"group": 1, | ||
"creator": 1, | ||
"object_id": 1, | ||
"user": null, | ||
"content_type": 16, | ||
"codename": "forums_forum.thread_edit_forum", | ||
"approved": 1, | ||
"date_approved": "2010-05-20 10:39:57" | ||
} | ||
}, | ||
{ | ||
"pk": 2, | ||
"model": "authority.permission", | ||
"fields": { | ||
"date_requested": "2010-05-20 10:37:22", | ||
"group": 1, | ||
"creator": 1, | ||
"object_id": 1, | ||
"user": null, | ||
"content_type": 16, | ||
"codename": "forums_forum.post_edit_forum", | ||
"approved": 1, | ||
"date_approved": "2010-05-20 10:37:22" | ||
} | ||
}, | ||
{ | ||
"pk": 3, | ||
"model": "authority.permission", | ||
"fields": { | ||
"date_requested": "2010-05-20 10:37:22", | ||
"group": 1, | ||
"creator": 1, | ||
"object_id": 1, | ||
"user": null, | ||
"content_type": 16, | ||
"codename": "forums_forum.post_delete_forum", | ||
"approved": 1, | ||
"date_approved": "2010-05-20 10:37:22" | ||
} | ||
}, | ||
{ | ||
"pk": 4, | ||
"model": "authority.permission", | ||
"fields": { | ||
"date_requested": "2010-05-20 10:37:22", | ||
"group": 1, | ||
"creator": 1, | ||
"object_id": 1, | ||
"user": null, | ||
"content_type": 16, | ||
"codename": "forums_forum.thread_delete_forum", | ||
"approved": 1, | ||
"date_approved": "2010-05-20 10:37:22" | ||
} | ||
}, | ||
{ | ||
"pk": 5, | ||
"model": "authority.permission", | ||
"fields": { | ||
"date_requested": "2010-05-20 10:37:22", | ||
"group": 1, | ||
"creator": 1, | ||
"object_id": 1, | ||
"user": null, | ||
"content_type": 16, | ||
"codename": "forums_forum.thread_sticky_forum", | ||
"approved": 1, | ||
"date_approved": "2010-05-20 10:37:22" | ||
} | ||
} | ||
] |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,11 @@ | ||
from .models import Forum | ||
|
||
import authority | ||
|
||
|
||
class ForumPermission(authority.permissions.BasePermission): | ||
label = 'forums_forum' | ||
checks = ('thread_edit', 'thread_sticky', 'thread_locked', | ||
'thread_delete', 'post_edit', 'post_delete') | ||
|
||
authority.register(Forum, ForumPermission) |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,122 @@ | ||
from nose.tools import eq_ | ||
import test_utils | ||
|
||
from django.test import TestCase | ||
from django.contrib.auth.models import User | ||
|
||
from sumo.helpers import has_perm | ||
from sumo.urlresolvers import reverse | ||
from forums.models import Forum | ||
|
||
|
||
class ForumTestPermissions(TestCase): | ||
fixtures = ['users.json', 'posts.json', 'forums_permissions.json'] | ||
|
||
def setUp(self): | ||
url = reverse('forums.threads', args=[u'test-forum']) | ||
self.context = {'request': test_utils.RequestFactory().get(url)} | ||
self.forum_1 = Forum.objects.get(pk=1) | ||
self.forum_2 = Forum.objects.get(pk=2) | ||
|
||
def test_has_perm_thread_edit(self): | ||
""" | ||
User in ForumsModerator group can edit thread in forum_1, but not in | ||
forum_2. | ||
""" | ||
self.context['request'].user = User.objects.get(pk=47963) | ||
allowed = has_perm(self.context, 'forums_forum.thread_edit_forum', | ||
self.forum_1) | ||
eq_(allowed, True) | ||
allowed = has_perm(self.context, 'forums_forum.thread_edit_forum', | ||
self.forum_2) | ||
eq_(allowed, False) | ||
|
||
def test_has_perm_thread_delete(self): | ||
""" | ||
User in ForumsModerator group can delete thread in forum_1, but not in | ||
forum_2. | ||
""" | ||
self.context['request'].user = User.objects.get(pk=47963) | ||
allowed = has_perm(self.context, 'forums_forum.thread_delete_forum', | ||
self.forum_1) | ||
eq_(allowed, True) | ||
allowed = has_perm(self.context, 'forums_forum.thread_delete_forum', | ||
self.forum_2) | ||
eq_(allowed, False) | ||
|
||
def test_has_perm_thread_sticky(self): | ||
""" | ||
User in ForumsModerator group can change sticky status of thread in | ||
forum_1, but not in forum_2. | ||
""" | ||
self.context['request'].user = User.objects.get(pk=47963) | ||
allowed = has_perm(self.context, 'forums_forum.thread_sticky_forum', | ||
self.forum_1) | ||
eq_(allowed, True) | ||
allowed = has_perm(self.context, 'forums_forum.thread_sticky_forum', | ||
self.forum_2) | ||
eq_(allowed, False) | ||
|
||
def test_has_perm_thread_locked(self): | ||
""" | ||
Sanity check: ForumsModerator group has no permission to change locked | ||
status in forum_1. | ||
""" | ||
self.context['request'].user = User.objects.get(pk=47963) | ||
allowed = has_perm(self.context, 'forums_forum.thread_locked_forum', | ||
self.forum_1) | ||
eq_(allowed, False) | ||
|
||
def test_has_perm_post_edit(self): | ||
""" | ||
User in ForumsModerator group can edit any post in forum_1, but not | ||
in forum_2. | ||
""" | ||
self.context['request'].user = User.objects.get(pk=47963) | ||
allowed = has_perm(self.context, 'forums_forum.post_edit_forum', | ||
self.forum_1) | ||
eq_(allowed, True) | ||
allowed = has_perm(self.context, 'forums_forum.post_edit_forum', | ||
self.forum_2) | ||
eq_(allowed, False) | ||
|
||
def test_has_perm_post_delete(self): | ||
""" | ||
User in ForumsModerator group can delete any post in forum_1, but not | ||
in forum_2. | ||
""" | ||
self.context['request'].user = User.objects.get(pk=47963) | ||
allowed = has_perm(self.context, 'forums_forum.post_delete_forum', | ||
self.forum_1) | ||
eq_(allowed, True) | ||
allowed = has_perm(self.context, 'forums_forum.post_delete_forum', | ||
self.forum_2) | ||
eq_(allowed, False) | ||
|
||
def test_no_perm_thread_delete(self): | ||
""" | ||
User not in ForumsModerator group cannot delete thread in any forum. | ||
""" | ||
self.context['request'].user = User.objects.get(pk=118533) | ||
allowed = has_perm(self.context, 'forums_forum.thread_delete_forum', | ||
self.forum_1) | ||
eq_(allowed, False) | ||
allowed = has_perm(self.context, 'forums_forum.thread_delete_forum', | ||
self.forum_2) | ||
eq_(allowed, False) | ||
|
||
def test_admin_perm_thread(self): | ||
"""Super user can do anything on any forum.""" | ||
self.context['request'].user = User.objects.get(pk=1) | ||
|
||
# Loop over all forums perms and both forums | ||
perms = ('thread_edit_forum', 'thread_delete_forum', 'post_edit_forum', | ||
'thread_sticky_forum', 'thread_locked_forum', | ||
'post_delete_forum') | ||
forums = (self.forum_1, self.forum_2) | ||
|
||
for perm in perms: | ||
for forum in forums: | ||
allowed = has_perm(self.context, 'forums_forum.' + perm, | ||
forum) | ||
eq_(allowed, True) |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Oops, something went wrong.