Compare commits
No commits in common. "dbbfa79f10eda4ee44f22f2cd5a57efe3c5c39e3" and "948e9deb547f20ca60620a2a435e718138b60755" have entirely different histories.
dbbfa79f10
...
948e9deb54
@ -134,19 +134,6 @@ class Project(models.Model):
|
||||
def auth(self):
|
||||
return sign_data(f'{self.pk}-{self.nonce}', 12)
|
||||
|
||||
@classmethod
|
||||
def for_user(cls, user, project_keys=[], ensemble_keys=[]):
|
||||
projects = cls.objects.select_related('ensemble')
|
||||
if user.is_superuser:
|
||||
return projects
|
||||
|
||||
f = models.Q(pk__in=project_keys) | models.Q(ensemble__slug__in=ensemble_keys)
|
||||
|
||||
if user.is_authenticated:
|
||||
f |= models.Q(ensemble__admins=user.pk)
|
||||
|
||||
return projects.filter(f)
|
||||
|
||||
def __str__(self):
|
||||
return self.name
|
||||
|
||||
|
||||
@ -30,12 +30,9 @@ class AccessTestCase(TestCase):
|
||||
cls.ensembles[obj.slug] = obj
|
||||
|
||||
cls.projects = {}
|
||||
for details in cls.PROJECTS:
|
||||
when = details.pop('when', 0)
|
||||
ensemble = details.pop('ensemble')
|
||||
details['event_date'] = now + timedelta(days=when) if when else None
|
||||
obj = cls.ensembles[ensemble].projects.create(**details)
|
||||
cls.projects[details['name']] = obj
|
||||
for name, ensemble, when in cls.PROJECTS:
|
||||
obj = cls.ensembles[ensemble].projects.create(name=name, event_date=now+timedelta(days=when))
|
||||
cls.projects[name] = obj
|
||||
|
||||
return
|
||||
|
||||
|
||||
@ -19,24 +19,23 @@ class InterfaceAccessTestCase(AccessTestCase):
|
||||
)
|
||||
|
||||
PROJECTS = (
|
||||
{'name': 'Baker St', 'ensemble': 'bleeding-gums', 'when': -12},
|
||||
{'name': 'Navy Recruitment Day', 'ensemble': 'party-posse', 'when': 6},
|
||||
{'name': 'Barbershop Contest', 'ensemble': 'be-sharps', 'when': 28},
|
||||
{'name': 'Open Mic Night', 'ensemble': 'bleeding-gums', 'when': 1 },
|
||||
{'name': 'Current Repertoire', 'ensemble': 'be-sharps'},
|
||||
('Baker St', 'bleeding-gums', -12),
|
||||
('Navy Recruitment Day', 'party-posse', 6),
|
||||
('Barbershop Contest', 'be-sharps', 28),
|
||||
('Open Mic Night', 'bleeding-gums', 1)
|
||||
)
|
||||
|
||||
def test_bad_login(self):
|
||||
with self.assertRaisesMessage(self.failureException, 'Failed to login as admin'):
|
||||
self.login('admin', 'admin')
|
||||
|
||||
def test_superuser_ensembles(self):
|
||||
def test_admin_ensembles(self):
|
||||
self.login('admin', 'secret')
|
||||
response = self.client.get('/ensembles')
|
||||
self.assertObjectList(response, ['The Be Sharps', 'Lisa & the Bleeding Gums', 'Party Posse'])
|
||||
self.assertContains(response, 'Django Admin')
|
||||
|
||||
def test_superuser_ensemble_permissions(self):
|
||||
def test_admin_ensemble_permissions(self):
|
||||
self.login('admin', 'secret')
|
||||
response = self.client.get('/ensembles/party-posse')
|
||||
self.assertTrue(response.context['request'].is_admin)
|
||||
@ -49,10 +48,10 @@ class InterfaceAccessTestCase(AccessTestCase):
|
||||
'/ensembles/be-sharps/new-project': True,
|
||||
})
|
||||
|
||||
def test_superuser_projects(self):
|
||||
def test_admin_projects(self):
|
||||
self.login('admin', 'secret')
|
||||
response = self.client.get('/projects')
|
||||
self.assertObjectList(response, ['Current Repertoire', 'Open Mic Night', 'Navy Recruitment Day', 'Barbershop Contest'])
|
||||
self.assertObjectList(response, ['Open Mic Night', 'Navy Recruitment Day', 'Barbershop Contest'])
|
||||
|
||||
self.assertObjectList(self.client.get('/ensembles/bleeding-gums'), ['Open Mic Night'])
|
||||
self.assertObjectList(self.client.get('/ensembles/bleeding-gums?inactive'), ['Open Mic Night', 'Baker St'])
|
||||
@ -95,7 +94,7 @@ class InterfaceAccessTestCase(AccessTestCase):
|
||||
def test_user_projects(self):
|
||||
self.login('homer', 'maggie')
|
||||
response = self.client.get('/projects')
|
||||
self.assertObjectList(response, ['Current Repertoire', 'Barbershop Contest'])
|
||||
self.assertObjectList(response, ['Barbershop Contest'])
|
||||
response = self.client.get('/projects/3')
|
||||
self.assertTrue(response.context['request'].is_admin)
|
||||
|
||||
@ -111,7 +110,7 @@ class InterfaceAccessTestCase(AccessTestCase):
|
||||
|
||||
self.authorize(models.Project, pk=4)
|
||||
response = self.client.get('/projects')
|
||||
self.assertObjectList(response, ['Current Repertoire', 'Open Mic Night', 'Barbershop Contest'])
|
||||
self.assertObjectList(response, ['Open Mic Night', 'Barbershop Contest'])
|
||||
response = self.client.get('/projects/4')
|
||||
self.assertFalse(response.context['request'].is_admin)
|
||||
|
||||
|
||||
@ -254,14 +254,20 @@ class ProjectListView(ProjectMixin, ListView):
|
||||
return True
|
||||
|
||||
def get_project_queryset(self):
|
||||
return models.Project.for_user(self.request.user,
|
||||
self.get_authorized_keys('project'),
|
||||
self.get_authorized_keys('ensemble'))
|
||||
projects = models.Project.objects.select_related('ensemble')
|
||||
if self.request.is_admin:
|
||||
return projects
|
||||
|
||||
f = Q(pk__in=self.get_authorized_keys('project').keys()) | Q(ensemble__slug__in=self.get_authorized_keys('ensemble').keys())
|
||||
|
||||
if self.request.user.is_authenticated:
|
||||
f |= Q(ensemble__admins=self.request.user.pk)
|
||||
|
||||
return projects.filter(f)
|
||||
|
||||
def get_queryset(self):
|
||||
qs = self.get_project_queryset()
|
||||
f = Q(event_date__gte=(timezone.now()-timezone.timedelta(7))) | Q(event_date=None)
|
||||
return qs.filter(f, active=True)
|
||||
return qs.filter(active=True, event_date__gte=timezone.now()-timezone.timedelta(7))
|
||||
|
||||
class ProjectCreateView(EnsembleMixin, CreateView):
|
||||
admin_required = True
|
||||
|
||||
@ -4,7 +4,7 @@ from django.contrib.auth.models import User
|
||||
from interface.models import Ensemble, Project
|
||||
from . import models
|
||||
|
||||
class LibraryTestCase(AccessTestCase):
|
||||
class IntegrationTestCase(AccessTestCase):
|
||||
|
||||
USERS = (
|
||||
{'username': 'admin', 'password': 'secret', 'is_superuser': True, 'is_staff': True},
|
||||
@ -18,10 +18,10 @@ class LibraryTestCase(AccessTestCase):
|
||||
)
|
||||
|
||||
PROJECTS = (
|
||||
{'name': 'Baker St', 'ensemble': 'bleeding-gums', 'when': -12},
|
||||
{'name': 'Navy Recruitment Day', 'ensemble': 'party-posse', 'when': 6},
|
||||
{'name': 'Barbershop Contest', 'ensemble': 'be-sharps', 'when': 28},
|
||||
{'name': 'Open Mic Night', 'ensemble': 'bleeding-gums', 'when': 1 },
|
||||
('Baker St', 'bleeding-gums', -12),
|
||||
('Navy Recruitment Day', 'party-posse', 6),
|
||||
('Barbershop Contest', 'be-sharps', 28),
|
||||
('Open Mic Night', 'bleeding-gums', 1)
|
||||
)
|
||||
|
||||
COLLECTIONS = (
|
||||
@ -33,16 +33,6 @@ class LibraryTestCase(AccessTestCase):
|
||||
{'name': 'Baby on Board', 'collection': 'ned'},
|
||||
)
|
||||
|
||||
PROTECTED_URLS = (
|
||||
'/collections/1',
|
||||
'/collections/1/add',
|
||||
'/collections/2/works/1',
|
||||
'/collections/2/works/1/edit',
|
||||
'/collections/2/works/1/partset',
|
||||
'/collections/2/works/1/add_to_project',
|
||||
'/collections/2/works/1/upload',
|
||||
)
|
||||
|
||||
@classmethod
|
||||
def setUpTestData(cls):
|
||||
super().setUpTestData()
|
||||
@ -75,13 +65,6 @@ class LibraryTestCase(AccessTestCase):
|
||||
def test_integration(self):
|
||||
pass
|
||||
|
||||
def test_get_views(self):
|
||||
|
||||
self.assertAccess({ x: False for x in self.PROTECTED_URLS })
|
||||
|
||||
self.login('admin', 'secret')
|
||||
self.assertAccess({ x: True for x in self.PROTECTED_URLS })
|
||||
|
||||
def test_superuser_access(self):
|
||||
self.login('admin', 'secret')
|
||||
self.assertAccess({
|
||||
|
||||
@ -248,7 +248,7 @@ class WorkUpdateView(CollectionMixin, UpdateView):
|
||||
|
||||
|
||||
|
||||
class WorkAddToProject(CollectionMixin, FormView):
|
||||
class WorkAddToProject(ProjectMixin, FormView):
|
||||
admin_required = True
|
||||
form_class = forms.ProjectSelectForm
|
||||
template_name = "interface/default_form.html"
|
||||
@ -261,12 +261,8 @@ class WorkAddToProject(CollectionMixin, FormView):
|
||||
f = super(WorkAddToProject, self).get_form()
|
||||
qs = f.fields['project'].queryset
|
||||
|
||||
# Limit to projects for ensembles where we are an admin and they haven't occured yet
|
||||
qs = qs.filter(ensemble__admins=self.request.user, event_date__gt=now())
|
||||
|
||||
# dont show projects already added to
|
||||
work = self.get_object()
|
||||
qs = qs.exclude(pk__in=work.projects.all())
|
||||
qs = qs.filter(ensemble_id=self.request.ensemble_id).exclude(pk__in=work.projects.all())
|
||||
|
||||
f.fields['project'].queryset = qs
|
||||
return f
|
||||
|
||||
Loading…
x
Reference in New Issue
Block a user