tailbone/tests/views/test_roles.py

# -*- coding: utf-8; -*-

from unittest.mock import patch

from tailbone.views import roles as mod
from tests.util import WebTestCase


class TestRoleView(WebTestCase):

    def make_view(self):
        return mod.RoleView(self.request)

    def test_includeme(self):
        self.pyramid_config.include('tailbone.views.roles')

    def get_permissions(self):
        return {
            'widgets': {
                'label': "Widgets",
                'perms': {
                    'widgets.list': {
                        'label': "List widgets",
                    },
                    'widgets.polish': {
                        'label': "Polish the widgets",
                    },
                    'widgets.view': {
                        'label': "View widget",
                    },
                },
            },
        }

    def test_get_available_permissions(self):
        model = self.app.model
        auth = self.app.get_auth_handler()
        blokes = model.Role(name="Blokes")
        auth.grant_permission(blokes, 'widgets.list')
        self.session.add(blokes)
        barney = model.User(username='barney')
        barney.roles.append(blokes)
        self.session.add(barney)
        self.session.commit()
        view = self.make_view()
        all_perms = self.get_permissions()
        self.request.registry.settings['wutta_permissions'] = all_perms

        def has_perm(perm):
            if perm == 'widgets.list':
                return True
            return False

        with patch.object(self.request, 'has_perm', new=has_perm, create=True):

            # sanity check; current request has 1 perm
            self.assertTrue(self.request.has_perm('widgets.list'))
            self.assertFalse(self.request.has_perm('widgets.polish'))
            self.assertFalse(self.request.has_perm('widgets.view'))

            # when editing, user sees only the 1 perm
            with patch.object(view, 'editing', new=True):
                perms = view.get_available_permissions()
                self.assertEqual(list(perms), ['widgets'])
                self.assertEqual(list(perms['widgets']['perms']), ['widgets.list'])

            # but when viewing, same user sees all perms
            with patch.object(view, 'viewing', new=True):
                perms = view.get_available_permissions()
                self.assertEqual(list(perms), ['widgets'])
                self.assertEqual(list(perms['widgets']['perms']),
                                 ['widgets.list', 'widgets.polish', 'widgets.view'])

            # also, when admin user is editing, sees all perms
            self.request.is_admin = True
            with patch.object(view, 'editing', new=True):
                perms = view.get_available_permissions()
                self.assertEqual(list(perms), ['widgets'])
                self.assertEqual(list(perms['widgets']['perms']),
                                 ['widgets.list', 'widgets.polish', 'widgets.view'])
feat: refactor forms/grids/views/templates per wuttaweb compat this starts to get things more aligned between wuttaweb and tailbone. the use case in mind so far is for a wuttaweb view to be included in a tailbone app. form and grid classes now have some new methods to match wuttaweb, so templates call the shared method names where possible. templates can no longer assume they have tailbone-native master view, form, grid etc. so must inspect context more closely in some cases. 2024-08-15 14:34:20 -05:00			`# -- coding: utf-8; --`

			`from unittest.mock import patch`

			`from tailbone.views import roles as mod`
			`from tests.util import WebTestCase`


			`class TestRoleView(WebTestCase):`

			`def make_view(self):`
			`return mod.RoleView(self.request)`

			`def test_includeme(self):`
			`self.pyramid_config.include('tailbone.views.roles')`

			`def get_permissions(self):`
			`return {`
			`'widgets': {`
			`'label': "Widgets",`
			`'perms': {`
			`'widgets.list': {`
			`'label': "List widgets",`
			`},`
			`'widgets.polish': {`
			`'label': "Polish the widgets",`
			`},`
			`'widgets.view': {`
			`'label': "View widget",`
			`},`
			`},`
			`},`
			`}`

			`def test_get_available_permissions(self):`
			`model = self.app.model`
			`auth = self.app.get_auth_handler()`
			`blokes = model.Role(name="Blokes")`
			`auth.grant_permission(blokes, 'widgets.list')`
			`self.session.add(blokes)`
			`barney = model.User(username='barney')`
			`barney.roles.append(blokes)`
			`self.session.add(barney)`
			`self.session.commit()`
			`view = self.make_view()`
			`all_perms = self.get_permissions()`
			`self.request.registry.settings['wutta_permissions'] = all_perms`

			`def has_perm(perm):`
			`if perm == 'widgets.list':`
			`return True`
			`return False`

			`with patch.object(self.request, 'has_perm', new=has_perm, create=True):`

			`# sanity check; current request has 1 perm`
			`self.assertTrue(self.request.has_perm('widgets.list'))`
			`self.assertFalse(self.request.has_perm('widgets.polish'))`
			`self.assertFalse(self.request.has_perm('widgets.view'))`

			`# when editing, user sees only the 1 perm`
			`with patch.object(view, 'editing', new=True):`
			`perms = view.get_available_permissions()`
			`self.assertEqual(list(perms), ['widgets'])`
			`self.assertEqual(list(perms['widgets']['perms']), ['widgets.list'])`

			`# but when viewing, same user sees all perms`
			`with patch.object(view, 'viewing', new=True):`
			`perms = view.get_available_permissions()`
			`self.assertEqual(list(perms), ['widgets'])`
			`self.assertEqual(list(perms['widgets']['perms']),`
			`['widgets.list', 'widgets.polish', 'widgets.view'])`

			`# also, when admin user is editing, sees all perms`
			`self.request.is_admin = True`
			`with patch.object(view, 'editing', new=True):`
			`perms = view.get_available_permissions()`
			`self.assertEqual(list(perms), ['widgets'])`
			`self.assertEqual(list(perms['widgets']['perms']),`
			`['widgets.list', 'widgets.polish', 'widgets.view'])`