feat: expose User "roles" for editing

2024-08-13 21:43:56 -05:00 · 2024-08-13 21:43:56 -05:00 · 97e914c2e0
commit 97e914c2e0
parent bdfa0197b2
13 changed files with 492 additions and 39 deletions
--- a/tests/forms/test_widgets.py
+++ b/tests/forms/test_widgets.py
@ -4,8 +4,8 @@ import colander
 import deform
 from pyramid import testing

-from wuttaweb.forms import widgets
-from wuttaweb.forms.schema import PersonRef
+from wuttaweb.forms import widgets as mod
+from wuttaweb.forms.schema import PersonRef, RoleRefs
 from tests.util import WebTestCase


@ -25,7 +25,7 @@ class TestObjectRefWidget(WebTestCase):

        # standard (editable)
        node = colander.SchemaNode(PersonRef(self.request, session=self.session))
-        widget = widgets.ObjectRefWidget(self.request)
+        widget = mod.ObjectRefWidget(self.request)
        field = self.make_field(node)
        html = widget.serialize(field, person.uuid)
        self.assertIn('<b-select ', html)
@ -33,7 +33,45 @@ class TestObjectRefWidget(WebTestCase):
        # readonly
        node = colander.SchemaNode(PersonRef(self.request, session=self.session))
        node.model_instance = person
-        widget = widgets.ObjectRefWidget(self.request)
+        widget = mod.ObjectRefWidget(self.request)
        field = self.make_field(node)
        html = widget.serialize(field, person.uuid, readonly=True)
        self.assertEqual(html.strip(), '<span>Betty Boop</span>')
+
+
+class TestRoleRefsWidget(WebTestCase):
+
+    def make_field(self, node, **kwargs):
+        # TODO: not sure why default renderer is in use even though
+        # pyramid_deform was included in setup?  but this works..
+        kwargs.setdefault('renderer', deform.Form.default_renderer)
+        return deform.Field(node, **kwargs)
+
+    def test_serialize(self):
+        model = self.app.model
+        auth = self.app.get_auth_handler()
+        admin = auth.get_role_administrator(self.session)
+        blokes = model.Role(name="Blokes")
+        self.session.add(blokes)
+        self.session.commit()
+
+        # nb. we let the field construct the widget via our type
+        node = colander.SchemaNode(RoleRefs(self.request, session=self.session))
+        field = self.make_field(node)
+        widget = field.widget
+
+        # readonly values list includes admin
+        html = widget.serialize(field, {admin.uuid, blokes.uuid}, readonly=True)
+        self.assertIn(admin.name, html)
+        self.assertIn(blokes.name, html)
+
+        # editable values list *excludes* admin (by default)
+        html = widget.serialize(field, {admin.uuid, blokes.uuid})
+        self.assertNotIn(admin.uuid, html)
+        self.assertIn(blokes.uuid, html)
+
+        # but admin is included for root user
+        self.request.is_root = True
+        html = widget.serialize(field, {admin.uuid, blokes.uuid})
+        self.assertIn(admin.uuid, html)
+        self.assertIn(blokes.uuid, html)