TandoorRecipes/cookbook/tests/other/test_permission_helper.py

97 lines
4.3 KiB
Python

import pytest
from django.contrib import auth
from django.contrib.auth.models import Group
from django.urls import reverse
from django_scopes import scopes_disabled
from cookbook.forms import ImportExportBase
from cookbook.helper.ingredient_parser import IngredientParser
from cookbook.helper.permission_helper import has_group_permission, is_space_owner, switch_user_active_space, is_object_owner
from cookbook.models import ExportLog, UserSpace, Food, Space, Comment, RecipeBook, RecipeBookEntry
def test_has_group_permission(u1_s1, a_u, space_2):
with scopes_disabled():
# test that a normal user has user permissions
assert has_group_permission(auth.get_user(u1_s1), ('guest',))
assert has_group_permission(auth.get_user(u1_s1), ('user',))
assert not has_group_permission(auth.get_user(u1_s1), ('admin',))
# test that permissions are not taken from non active spaces
us = UserSpace.objects.create(user=auth.get_user(u1_s1), space=space_2, active=False)
us.groups.add(Group.objects.get(name='admin'))
assert not has_group_permission(auth.get_user(u1_s1), ('admin',))
# disable all spaces and enable space 2 permission to check if permission is now valid
auth.get_user(u1_s1).userspace_set.update(active=False)
us.active = True
us.save()
assert has_group_permission(auth.get_user(u1_s1), ('admin',))
# test that group permission checks fail if more than one userspace is active
auth.get_user(u1_s1).userspace_set.update(active=True)
assert not has_group_permission(auth.get_user(u1_s1), ('user',))
# test that anonymous users don't have any permissions
assert not has_group_permission(auth.get_user(a_u), ('guest',))
assert not has_group_permission(auth.get_user(a_u), ('user',))
assert not has_group_permission(auth.get_user(a_u), ('admin',))
def test_is_owner(u1_s1, u2_s1, u1_s2, a_u, space_1, recipe_1_s1):
with scopes_disabled():
s = Space.objects.create(name='Test', created_by=auth.get_user(u1_s1))
assert is_object_owner(auth.get_user(u1_s1), s)
assert not is_object_owner(auth.get_user(u2_s1), s)
assert not is_object_owner(auth.get_user(u1_s2), s)
assert not is_object_owner(auth.get_user(a_u), s)
rb = RecipeBook.objects.create(name='Test', created_by=auth.get_user(u1_s1), space=space_1)
assert is_object_owner(auth.get_user(u1_s1), rb)
assert not is_object_owner(auth.get_user(u2_s1), rb)
assert not is_object_owner(auth.get_user(u1_s2), rb)
assert not is_object_owner(auth.get_user(a_u), rb)
rbe = RecipeBookEntry.objects.create(book=rb, recipe=recipe_1_s1)
assert is_object_owner(auth.get_user(u1_s1), rbe)
assert not is_object_owner(auth.get_user(u2_s1), rbe)
assert not is_object_owner(auth.get_user(u1_s2), rbe)
assert not is_object_owner(auth.get_user(a_u), rbe)
def test_is_space_owner(u1_s1, u2_s1, space_1, space_2):
with scopes_disabled():
f = Food.objects.create(name='Test', space=space_1)
space_1.created_by = auth.get_user(u1_s1)
space_1.save()
assert is_space_owner(auth.get_user(u1_s1), f)
assert is_space_owner(space_1.created_by, f)
assert not is_space_owner(auth.get_user(u2_s1), f)
f.space = space_2
f.save()
assert not is_space_owner(auth.get_user(u1_s1), f)
assert not is_space_owner(space_1.created_by, f)
assert not is_space_owner(auth.get_user(u2_s1), f)
def test_switch_user_active_space(u1_s1, u1_s2, space_1, space_2):
with scopes_disabled():
# can switch to already active space
assert switch_user_active_space(auth.get_user(u1_s1), space_1) == auth.get_user(u1_s1).userspace_set.filter(active=True).get()
# cannot switch to a space the user does not belong to
assert switch_user_active_space(auth.get_user(u1_s1), space_2) is None
# can join another space and be member of two spaces
us = UserSpace.objects.create(user=auth.get_user(u1_s1), space=space_2, active=False)
assert len(auth.get_user(u1_s1).userspace_set.all()) == 2
# can switch into newly created space
assert switch_user_active_space(auth.get_user(u1_s1), space_2) == us