phzhik/gault-millau
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

Test edit

Browse Source
This commit is contained in:
Виктор Гладких 2019-10-25 10:14:50 +03:00
parent 7ac7df9ea3
commit 851ba7f9dd
3 changed files with 76 additions and 5 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

42
apps/comment/tests.py
View File

@ -5,8 +5,9 @@ from django.urls import reverse
from django.contrib.contenttypes.models import ContentType from django.contrib.contenttypes.models import ContentType
from http.cookies import SimpleCookie from http.cookies import SimpleCookie
from account.models import Role, User, UserRole from account.models import Role, User, UserRole
from account.serializers.common import UserSerializer
from comment.models import Comment from comment.models import Comment
import json
class CommentModeratorPermissionTests(BasePermissionTests): class CommentModeratorPermissionTests(BasePermissionTests):
def setUp(self): def setUp(self):
@ -28,18 +29,53 @@ class CommentModeratorPermissionTests(BasePermissionTests):
) )
self.userRole.save() self.userRole.save()
content_type = ContentType.objects.get(app_label='location', model='country') self.content_type = ContentType.objects.get(app_label='location', model='country')
self.user_test = get_tokens_for_user() self.user_test = get_tokens_for_user()
self.comment = Comment.objects.create(text='Test comment', mark=1, self.comment = Comment.objects.create(text='Test comment', mark=1,
user=self.user_test["user"], user=self.user_test["user"],
object_id=self.country_ru.pk, object_id=self.country_ru.pk,
content_type_id=content_type.id, content_type_id=self.content_type.id,
country=self.country_ru country=self.country_ru
) )
self.comment.save() self.comment.save()
self.url = reverse('back:comment:comment-crud', kwargs={"id": self.comment.id}) self.url = reverse('back:comment:comment-crud', kwargs={"id": self.comment.id})
def test_post(self):
self.url = reverse('back:comment:comment-list-create')
comment = {
"text": "Test comment POST",
"user_id": self.user_test["user"].id,
"object_id": self.country_ru.pk,
"content_type_id": self.content_type.id,
"country_id": self.country_ru.id
}
#
# response = self.client.post(self.url, format='json', data=comment)
# self.assertEqual(response.status_code, status.HTTP_401_UNAUTHORIZED)
json_user = json.dumps(self.moderator)
user = UserSerializer(data=self.moderator)
user.is_valid()
u_data = user.data
self.assertFalse(user.is_valid())
# comment = {
# "text": "Test comment POST moder",
# "user": user,
# "object_id": self.country_ru.pk,
# "content_type_id": self.content_type.id,
# "country_id": self.country_ru.id
# }
# #
# tokens = User.create_jwt_tokens(self.moderator)
# self.client.cookies = SimpleCookie(
# {'access_token': tokens.get('access_token'),
# 'refresh_token': tokens.get('access_token')})
#
# response = self.client.post(self.url, format='json', data=comment)
# self.assertEqual(response.status_code, status.HTTP_201_CREATED)
# self.assertTrue(True)
def test_put_moderator(self): def test_put_moderator(self):
tokens = User.create_jwt_tokens(self.moderator) tokens = User.create_jwt_tokens(self.moderator)

2
apps/comment/views/back.py
View File

@ -8,7 +8,7 @@ class CommentLstView(generics.ListCreateAPIView):
"""Comment list create view.""" """Comment list create view."""
serializer_class = serializers.CommentBaseSerializer serializer_class = serializers.CommentBaseSerializer
queryset = models.Comment.objects.all() queryset = models.Comment.objects.all()
permission_classes = [permissions.IsAuthenticatedOrReadOnly,] permission_classes = [permissions.IsAuthenticatedOrReadOnly|IsCommentModerator]
class CommentRUDView(generics.RetrieveUpdateDestroyAPIView): class CommentRUDView(generics.RetrieveUpdateDestroyAPIView):

35
apps/utils/permissions.py
View File

@ -72,6 +72,20 @@ class IsStandardUser(IsGuest):
Object-level permission to only allow owners of an object to edit it. Object-level permission to only allow owners of an object to edit it.
Assumes the model instance has an `owner` attribute. Assumes the model instance has an `owner` attribute.
""" """
def has_permission(self, request, view):
rules = [
super().has_permission(request, view)
]
# and request.user.email_confirmed,
if hasattr(request, 'user'):
rules = [
request.user.is_authenticated,
super().has_permission(request, view)
]
return any(rules)
def has_object_permission(self, request, view, obj): def has_object_permission(self, request, view, obj):
# Read permissions are allowed to any request # Read permissions are allowed to any request
rules = [ rules = [
@ -131,6 +145,27 @@ class IsCommentModerator(IsStandardUser):
Object-level permission to only allow owners of an object to edit it. Object-level permission to only allow owners of an object to edit it.
Assumes the model instance has an `owner` attribute. Assumes the model instance has an `owner` attribute.
""" """
def has_permission(self, request, view):
rules = [
super().has_permission(request, view)
]
# and request.user.email_confirmed,
if hasattr(request.data, 'user') and hasattr(request.data, 'country_id'):
# Read permissions are allowed to any request.
role = Role.objects.filter(role=Role.COMMENTS_MODERATOR,
country_id=request.data.country_id) \
.first() # 'Comments moderator'
rules = [
UserRole.objects.filter(user=request.user, role=role).exists(),
super().has_permission(request, view)
]
return any(rules)
def has_object_permission(self, request, view, obj): def has_object_permission(self, request, view, obj):
# Read permissions are allowed to any request. # Read permissions are allowed to any request.
role = Role.objects.filter(role=Role.COMMENTS_MODERATOR, role = Role.objects.filter(role=Role.COMMENTS_MODERATOR,