Created
February 3, 2011 08:31
-
-
Save Ciantic/809208 to your computer and use it in GitHub Desktop.
First working test.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # REPLACE urls parameter of the TestCase and create test.html in order to test | |
| # this | |
| from django.conf.urls.defaults import * #@UnusedWildImport | |
| from django.contrib.auth.models import Permission, User | |
| from django.http import HttpResponse | |
| from django.test import TestCase | |
| from django.test.client import Client | |
| from django.views.generic.base import View, TemplateView | |
| def login_required(request, *args, **kwargs): | |
| return request.user.is_authenticated() | |
| def permission_required(perm): | |
| def has_perms(request, *args, **kwargs): | |
| return request.user.has_perm(perm) | |
| return has_perms | |
| class ForbiddenView(View): | |
| """ForbiddenView | |
| Derived from *View* since python method resolution order can make unsafe | |
| ForbiddenMixin, see this test why: https://gist.github.com/808516 | |
| """ | |
| forbidden_checks = None | |
| """List of functions (request, *args, **kwargs) -> bool.""" | |
| def dispatch(self, request, *args, **kwargs): | |
| if self.forbidden_checks: | |
| for checker in self.forbidden_checks: | |
| if not checker(request, *args, **kwargs): | |
| return HttpResponse("Not for you man", status=403) | |
| return super(ForbiddenView, self).dispatch(request, *args, **kwargs) | |
| class AuthedView(TemplateView, ForbiddenView): | |
| """Forbidden""" | |
| forbidden_checks = [login_required] | |
| template_name = "test.html" | |
| class NonAuthedView(AuthedView): | |
| """Derived from Authed view | |
| But overriden to not have forbidden checks | |
| """ | |
| forbidden_checks = None | |
| class PermedView(AuthedView): | |
| forbidden_checks = [permission_required('auth.change_user')] | |
| urlpatterns = patterns('', | |
| (r'^authed/$', AuthedView.as_view()), | |
| (r'^nonauthed/$', NonAuthedView.as_view()), | |
| (r'^permed/$', PermedView.as_view()), | |
| ) | |
| class TestForbiddenMixin(TestCase): | |
| urls = 'pagesystem.tests.forbiddenmixin' | |
| def setUp(self): | |
| self.usr = User.objects.create(username='test', is_staff=True) | |
| self.usr.set_password('1234') | |
| self.usr.save() | |
| self.usr.user_permissions.add(Permission.objects.get_by_natural_key('change_user', 'auth', 'user')) | |
| def test_auth(self): | |
| c = Client() | |
| self.assertEqual(c.get("/authed/").status_code, 403) | |
| self.assertEqual(c.get("/nonauthed/").status_code, 200) | |
| self.assertEqual(c.get("/permed/").status_code, 403) | |
| c.login(username='test', password='1234') | |
| self.assertEqual(c.get("/authed/").content, 'ok') | |
| self.assertEqual(c.get("/nonauthed/").content, 'ok') | |
| self.assertEqual(c.get("/permed/").content, 'ok') | |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment