1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
|
# -*- coding: utf-8 -*-
from django.test import TestCase, RequestFactory
from django.http import HttpResponse
from django.views.generic import DetailView
from django.contrib.auth import get_user_model
from django.contrib.auth.models import AnonymousUser
from django.core.exceptions import PermissionDenied
from django_extensions.auth.mixins import ModelUserFieldPermissionMixin
from tests.testapp.models import HasOwnerModel
class EmptyResponseView(DetailView):
model = HasOwnerModel
def get(self, request, *args, **kwargs):
return HttpResponse()
class OwnerView(ModelUserFieldPermissionMixin, EmptyResponseView):
model_permission_user_field = "owner"
class ModelUserFieldPermissionMixinTests(TestCase):
factory = RequestFactory()
User = get_user_model()
@classmethod
def setUpTestData(cls):
cls.user = cls.User.objects.create(username="Joe", password="pass")
cls.ownerModel = HasOwnerModel.objects.create(owner=cls.user)
# Test if owner model has access
def test_permission_pass(self):
request = self.factory.get("/permission-required/" + str(self.ownerModel.id))
request.user = self.user
resp = OwnerView.as_view()(request)
self.assertEqual(resp.status_code, 200)
# # Test if non owner model is redirected
def test_permission_denied_and_redirect(self):
request = self.factory.get("/permission-required/" + str(self.ownerModel.id))
request.user = AnonymousUser()
resp = OwnerView.as_view()(request)
self.assertRaises(PermissionDenied)
self.assertEqual(resp.status_code, 302)
|
