mirror of https://gitlab.com/tildes/tildes.git
Deimos
6 years ago
3 changed files with 150 additions and 92 deletions
-
66tildes/tests/test_topic.py
-
85tildes/tests/test_topic_permissions.py
-
81tildes/tildes/models/topic/topic.py
@ -0,0 +1,85 @@ |
|||||
|
from pyramid.security import ( |
||||
|
Authenticated, |
||||
|
Everyone, |
||||
|
principals_allowed_by_permission, |
||||
|
) |
||||
|
|
||||
|
|
||||
|
def test_topic_viewing_permission(text_topic): |
||||
|
"""Ensure that anyone can view a topic by default.""" |
||||
|
principals = principals_allowed_by_permission(text_topic, 'view') |
||||
|
assert Everyone in principals |
||||
|
|
||||
|
|
||||
|
def test_deleted_topic_permissions_removed(topic): |
||||
|
"""Ensure that deleted topics lose all permissions except "view".""" |
||||
|
topic.is_deleted = True |
||||
|
|
||||
|
assert principals_allowed_by_permission(topic, 'view') == {Everyone} |
||||
|
|
||||
|
all_permissions = [ |
||||
|
perm for (_, _, perm) in topic.__acl__() if perm != 'view'] |
||||
|
for permission in all_permissions: |
||||
|
assert not principals_allowed_by_permission(topic, permission) |
||||
|
|
||||
|
|
||||
|
def test_text_topic_editing_permission(text_topic): |
||||
|
"""Ensure a text topic's owner (and nobody else) is able to edit it.""" |
||||
|
principals = principals_allowed_by_permission(text_topic, 'edit') |
||||
|
assert principals == {text_topic.user.user_id} |
||||
|
|
||||
|
|
||||
|
def test_link_topic_editing_permission(link_topic): |
||||
|
"""Ensure that nobody has edit permission on a link topic.""" |
||||
|
principals = principals_allowed_by_permission(link_topic, 'edit') |
||||
|
assert not principals |
||||
|
|
||||
|
|
||||
|
def test_topic_deleting_permission(text_topic): |
||||
|
"""Ensure that the topic's owner (and nobody else) is able to delete it.""" |
||||
|
principals = principals_allowed_by_permission(text_topic, 'delete') |
||||
|
assert principals == {text_topic.user.user_id} |
||||
|
|
||||
|
|
||||
|
def test_topic_view_author_permission(text_topic): |
||||
|
"""Ensure anyone can view a topic's author normally.""" |
||||
|
principals = principals_allowed_by_permission(text_topic, 'view_author') |
||||
|
assert Everyone in principals |
||||
|
|
||||
|
|
||||
|
def test_removed_topic_view_author_permission(topic): |
||||
|
"""Ensure only admins and the author can view a removed topic's author.""" |
||||
|
topic.is_removed = True |
||||
|
principals = principals_allowed_by_permission(topic, 'view_author') |
||||
|
assert principals == {'admin', topic.user_id} |
||||
|
|
||||
|
|
||||
|
def test_topic_view_content_permission(text_topic): |
||||
|
"""Ensure anyone can view a topic's content normally.""" |
||||
|
principals = principals_allowed_by_permission(text_topic, 'view_content') |
||||
|
assert Everyone in principals |
||||
|
|
||||
|
|
||||
|
def test_removed_topic_view_content_permission(topic): |
||||
|
"""Ensure only admins and the author can view a removed topic's content.""" |
||||
|
topic.is_removed = True |
||||
|
principals = principals_allowed_by_permission(topic, 'view_content') |
||||
|
assert principals == {'admin', topic.user_id} |
||||
|
|
||||
|
|
||||
|
def test_topic_comment_permission(text_topic): |
||||
|
"""Ensure authed users have comment perms on a topic by default.""" |
||||
|
principals = principals_allowed_by_permission(text_topic, 'comment') |
||||
|
assert Authenticated in principals |
||||
|
|
||||
|
|
||||
|
def test_locked_topic_comment_permission(topic): |
||||
|
"""Ensure only admins can post (top-level) comments on locked topics.""" |
||||
|
topic.is_locked = True |
||||
|
assert principals_allowed_by_permission(topic, 'comment') == {'admin'} |
||||
|
|
||||
|
|
||||
|
def test_removed_topic_comment_permission(topic): |
||||
|
"""Ensure only admins can post (top-level) comments on removed topics.""" |
||||
|
topic.is_removed = True |
||||
|
assert principals_allowed_by_permission(topic, 'comment') == {'admin'} |
Write
Preview
Loading…
Cancel
Save
Reference in new issue