feat: expose Role permissions for editing

tests/forms/test_widgets.py

@@ -5,7 +5,7 @@ import deform
 from pyramid import testing
 
 from wuttaweb.forms import widgets as mod
-from wuttaweb.forms.schema import PersonRef, RoleRefs
+from wuttaweb.forms.schema import PersonRef, RoleRefs, Permissions
 from tests.util import WebTestCase
 
 
@@ -75,3 +75,41 @@ class TestRoleRefsWidget(WebTestCase):
         html = widget.serialize(field, {admin.uuid, blokes.uuid})
         self.assertIn(admin.uuid, html)
         self.assertIn(blokes.uuid, html)
+
+
+class TestPermissionsWidget(WebTestCase):
+
+    def make_field(self, node, **kwargs):
+        # TODO: not sure why default renderer is in use even though
+        # pyramid_deform was included in setup?  but this works..
+        kwargs.setdefault('renderer', deform.Form.default_renderer)
+        return deform.Field(node, **kwargs)
+
+    def test_serialize(self):
+        permissions = {
+            'widgets': {
+                'label': "Widgets",
+                'perms': {
+                    'widgets.polish': {
+                        'label': "Polish the widgets",
+                    },
+                },
+            },
+        }
+
+        # nb. we let the field construct the widget via our type
+        node = colander.SchemaNode(Permissions(self.request, permissions, session=self.session))
+        field = self.make_field(node)
+        widget = field.widget
+
+        # readonly output does *not* include the perm by default
+        html = widget.serialize(field, set(), readonly=True)
+        self.assertNotIn("Polish the widgets", html)
+
+        # readonly output includes the perm if set
+        html = widget.serialize(field, {'widgets.polish'}, readonly=True)
+        self.assertIn("Polish the widgets", html)
+
+        # editable output always includes the perm
+        html = widget.serialize(field, set())
+        self.assertIn("Polish the widgets", html)