Test edit

2019-10-25 10:14:50 +03:00 · 2019-10-25 10:14:50 +03:00 · 851ba7f9dd
commit 851ba7f9dd
parent 7ac7df9ea3
3 changed files with 76 additions and 5 deletions
--- a/apps/comment/tests.py
+++ b/apps/comment/tests.py
@ -5,8 +5,9 @@ from django.urls import reverse
 from django.contrib.contenttypes.models import ContentType
 from http.cookies import SimpleCookie
 from account.models import Role, User, UserRole
+from account.serializers.common import UserSerializer
 from comment.models import Comment
-
+import json

 class CommentModeratorPermissionTests(BasePermissionTests):
    def setUp(self):
@ -28,18 +29,53 @@ class CommentModeratorPermissionTests(BasePermissionTests):
        )
        self.userRole.save()

-        content_type = ContentType.objects.get(app_label='location', model='country')
+        self.content_type = ContentType.objects.get(app_label='location', model='country')

        self.user_test = get_tokens_for_user()
        self.comment = Comment.objects.create(text='Test comment', mark=1,
                                              user=self.user_test["user"],
-                                              object_id= self.country_ru.pk,
-                                              content_type_id=content_type.id,
+                                              object_id=self.country_ru.pk,
+                                              content_type_id=self.content_type.id,
                                              country=self.country_ru
                                              )
        self.comment.save()
        self.url = reverse('back:comment:comment-crud', kwargs={"id": self.comment.id})

+    def test_post(self):
+        self.url = reverse('back:comment:comment-list-create')
+
+        comment = {
+            "text": "Test comment POST",
+            "user_id": self.user_test["user"].id,
+            "object_id": self.country_ru.pk,
+            "content_type_id": self.content_type.id,
+            "country_id": self.country_ru.id
+        }
+        #
+        # response = self.client.post(self.url, format='json', data=comment)
+        # self.assertEqual(response.status_code, status.HTTP_401_UNAUTHORIZED)
+        json_user = json.dumps(self.moderator)
+        user = UserSerializer(data=self.moderator)
+        user.is_valid()
+        u_data = user.data
+        self.assertFalse(user.is_valid())
+        # comment = {
+        #     "text": "Test comment POST moder",
+        #     "user": user,
+        #     "object_id": self.country_ru.pk,
+        #     "content_type_id": self.content_type.id,
+        #     "country_id": self.country_ru.id
+        # }
+        # #
+        # tokens = User.create_jwt_tokens(self.moderator)
+        # self.client.cookies = SimpleCookie(
+        #     {'access_token': tokens.get('access_token'),
+        #      'refresh_token': tokens.get('access_token')})
+        #
+        # response = self.client.post(self.url, format='json', data=comment)
+        # self.assertEqual(response.status_code, status.HTTP_201_CREATED)
+
+        # self.assertTrue(True)

    def test_put_moderator(self):
        tokens = User.create_jwt_tokens(self.moderator)
--- a/apps/comment/views/back.py
+++ b/apps/comment/views/back.py
@ -8,7 +8,7 @@ class CommentLstView(generics.ListCreateAPIView):
    """Comment list create view."""
    serializer_class = serializers.CommentBaseSerializer
    queryset = models.Comment.objects.all()
-    permission_classes = [permissions.IsAuthenticatedOrReadOnly,]
+    permission_classes = [permissions.IsAuthenticatedOrReadOnly|IsCommentModerator]


 class CommentRUDView(generics.RetrieveUpdateDestroyAPIView):
--- a/apps/utils/permissions.py
+++ b/apps/utils/permissions.py
@ -72,6 +72,20 @@ class IsStandardUser(IsGuest):
    Object-level permission to only allow owners of an object to edit it.
    Assumes the model instance has an `owner` attribute.
    """
+    def has_permission(self, request, view):
+        rules = [
+            super().has_permission(request, view)
+        ]
+
+        # and request.user.email_confirmed,
+        if hasattr(request, 'user'):
+            rules = [
+                request.user.is_authenticated,
+                super().has_permission(request, view)
+            ]
+
+        return any(rules)
+
    def has_object_permission(self, request, view, obj):
        # Read permissions are allowed to any request
        rules = [
@ -131,6 +145,27 @@ class IsCommentModerator(IsStandardUser):
    Object-level permission to only allow owners of an object to edit it.
    Assumes the model instance has an `owner` attribute.
    """
+
+    def has_permission(self, request, view):
+        rules = [
+            super().has_permission(request, view)
+        ]
+
+        # and request.user.email_confirmed,
+        if hasattr(request.data, 'user') and hasattr(request.data, 'country_id'):
+            # Read permissions are allowed to any request.
+
+            role = Role.objects.filter(role=Role.COMMENTS_MODERATOR,
+                                       country_id=request.data.country_id) \
+                .first()  # 'Comments moderator'
+
+            rules = [
+                UserRole.objects.filter(user=request.user, role=role).exists(),
+                super().has_permission(request, view)
+            ]
+
+        return any(rules)
+
    def has_object_permission(self, request, view, obj):
        # Read permissions are allowed to any request.
        role = Role.objects.filter(role=Role.COMMENTS_MODERATOR,