yetangitu/funkwhale
1
0
Fork 0
mirror of https://code.eliotberriot.com/funkwhale/funkwhale.git synced 2025-10-06 05:09:56 +02:00
Code Issues Releases Wiki Activity

See #152: added permission fields on user model and corresponding API permission

Browse source
This commit is contained in:
Eliot Berriot 2018-05-18 18:47:35 +02:00
parent 23e27e0dd9
commit ff65a4b935
No known key found for this signature in database
GPG key ID: DD6965E2476E5C27
5 changed files with 159 additions and 17 deletions
Download patch file Download diff file Expand all files Collapse all files

56
api/tests/users/test_permissions.py Normal file
View file

@ -0,0 +1,56 @@
import pytest
from rest_framework.views import APIView
from funkwhale_api.users import permissions
def test_has_user_permission_no_user(api_request):
view = APIView.as_view()
permission = permissions.HasUserPermission()
request = api_request.get('/')
assert permission.has_permission(request, view) is False
def test_has_user_permission_anonymous(anonymous_user, api_request):
view = APIView.as_view()
permission = permissions.HasUserPermission()
request = api_request.get('/')
setattr(request, 'user', anonymous_user)
assert permission.has_permission(request, view) is False
@pytest.mark.parametrize('value', [True, False])
def test_has_user_permission_logged_in_single(value, factories, api_request):
user = factories['users.User'](permission_federation=value)
class View(APIView):
required_permissions = ['federation']
view = View()
permission = permissions.HasUserPermission()
request = api_request.get('/')
setattr(request, 'user', user)
result = permission.has_permission(request, view)
assert result == user.has_permissions('federation') == value
@pytest.mark.parametrize('federation,library,expected', [
(True, False, False),
(False, True, False),
(False, False, False),
(True, True, True),
])
def test_has_user_permission_logged_in_single(
federation, library, expected, factories, api_request):
user = factories['users.User'](
permission_federation=federation,
permission_library=library,
)
class View(APIView):
required_permissions = ['federation', 'library']
view = View()
permission = permissions.HasUserPermission()
request = api_request.get('/')
setattr(request, 'user', user)
result = permission.has_permission(request, view)
assert result == user.has_permissions('federation', 'library') == expected