Mercurial Mercurial > comt / comparison
summary | shortlog | changelog | graph | tags | bookmarks | branches | files | changeset | file | latest | revisions | annotate | diff | comparison | raw | help
Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
src/cm/tests/test_security.py
changeset 606 52f3e090eed9
parent 287 fc5ed157ebfe
child 608 047aab3a53cf
equal deleted inserted replaced
605:830993bdf983 606:52f3e090eed9 
     1 from django.test import TestCase
 
     1 from django.test import TestCase
 
     2 from django.test.client import Client
 
     2 from django.test.client import Client
 
     3 from django.core import management
 
     3 from django.core import management
 
     4 
     4 from django.core.cache import cache
 
     5 
     5 
     6 from cm.models import *
 
     6 from cm.models import *
 
     7 from cm.security import *
 
     7 from cm.security import *
 
     8 from cm.tests.test_comment_positioning import create_comment
 
     8 from cm.tests.test_comment_positioning import create_comment
 
     9 
     9 
    10 class FalseRequest(object):
 
    10 class FalseRequest(object):
 
    11     def __init__(self, user):
 
    11     def __init__(self, user):
 
    12         self.user = user
 
    12         self.user = user
 
    13 
    13 
    14 class SecurityTest(TestCase):
 
    14 class SecurityTest(TestCase):
 
    15     fixtures = ['roles_generic','test_content']
 
    15     fixtures = ['initial_data', 'roles_generic','test_content']
 
    16     
    16     
    17     def test_access_rights(self):
 
    17     def test_access_rights(self):
 
    18         # anon user sees no text
 
    18         # anon user sees no text
 
    19         request = FalseRequest(None)                
    19         request = FalseRequest(None)                
    20         self.assertEqual(get_texts_with_perm(request, 'can_view_text').count(), 2)
 
    20         self.assertEqual(get_texts_with_perm(request, 'can_view_text').count(), 2)
 
    51         
    51         
    52         c2.state = 'approved'
 
    52         c2.state = 'approved'
 
    53         c2.save()
 
    53         c2.save()
 
    54         c3.state = 'approved'
 
    54         c3.state = 'approved'
 
    55         c3.save()
 
    55         c3.save()
 
       
    56         cache.clear()
 
    56 
    57 
    57         self.assertFalse(has_own_perm(FalseRequest(user3), "can_edit_comment" + "_own", text2, c3),'CANNOT edit own comment (there is a reply)')
 
    58         self.assertFalse(has_own_perm(FalseRequest(user3), "can_edit_comment" + "_own", text2, c3),'CANNOT edit own comment (there is a reply)')
 
    58         self.assertTrue(has_own_perm(FalseRequest(user2), "can_edit_comment" + "_own", text2, c2),"CAN edit own comment (is moderator)")
 
    59         self.assertTrue(has_own_perm(FalseRequest(user2), "can_edit_comment" + "_own", text2, c2),"CAN edit own comment (is moderator)")
 
    59         self.assertTrue(has_perm(FalseRequest(user2), "can_edit_comment", text2),"CAN edit other comment (is moderator)")
 
    60         self.assertTrue(has_perm(FalseRequest(user2), "can_edit_comment", text2),"CAN edit other comment (is moderator)")
 
    60         
    61
comt