mirror of
https://github.com/pretix/pretix.git
synced 2026-05-06 15:24:02 +00:00
Make tests pass
This commit is contained in:
Raphael Michel
@@ -76,7 +76,7 @@ class EventsTest(SoupTest):
|
||||
date_from=datetime.datetime(2014, 9, 5, tzinfo=datetime.timezone.utc),
|
||||
)
|
||||
|
||||
self.team1 = Team.objects.create(organizer=self.orga1, all_organizer_permissions=True, all_event_permissions=True)
|
||||
self.team1 = Team.objects.create(organizer=self.orga1, all_event_permissions=True, limit_organizer_permissions={"organizer.events:create": True})
|
||||
self.team1.members.add(self.user)
|
||||
self.team1.limit_events.add(self.event1)
|
||||
|
||||
|
||||
@@ -162,7 +162,8 @@ def test_event_export_schedule(client, env):
|
||||
|
||||
@pytest.mark.django_db(transaction=True)
|
||||
def test_event_limited_permission(client, env):
|
||||
env[2].limit_event_permissions = []
|
||||
env[2].all_event_permissions = False
|
||||
env[2].limit_event_permissions = {"event.orders:read": True}
|
||||
env[2].save()
|
||||
user2 = User.objects.create_user("dummy2@dummy.dummy", "dummy")
|
||||
|
||||
@@ -198,7 +199,7 @@ def test_event_limited_permission(client, env):
|
||||
response = client.get(f"/control/event/dummy/dummy/orders/export/{s2.pk}/delete")
|
||||
assert response.status_code == 404
|
||||
|
||||
env[2].limit_event_permissions = {"event:settings.general:write": True}
|
||||
env[2].limit_event_permissions = {"event.settings.general:write": True, "event.orders:read": True}
|
||||
env[2].save()
|
||||
response = client.get("/control/event/dummy/dummy/orders/export/")
|
||||
assert b"RULE1" in response.content
|
||||
@@ -330,7 +331,7 @@ def test_organizer_export_schedule(client, env):
|
||||
@pytest.mark.django_db(transaction=True)
|
||||
def test_organizer_limited_permission(client, env):
|
||||
env[2].all_organizer_permissions = False
|
||||
env[2].all_event_permissions = False
|
||||
env[2].all_event_permissions = True
|
||||
env[2].save()
|
||||
user2 = User.objects.create_user("dummy2@dummy.dummy", "dummy")
|
||||
|
||||
@@ -366,7 +367,7 @@ def test_organizer_limited_permission(client, env):
|
||||
response = client.post(f"/control/organizer/dummy/export/{s2.pk}/run")
|
||||
assert response.status_code == 404
|
||||
|
||||
env[2].limit_event_permissions = {"event:settings.general:write": True}
|
||||
env[2].limit_organizer_permissions = {"organizer.settings.general:write": True}
|
||||
env[2].save()
|
||||
response = client.get("/control/organizer/dummy/export/")
|
||||
assert b"RULE1" in response.content
|
||||
|
||||
@@ -67,7 +67,7 @@ def env():
|
||||
)
|
||||
event.settings.set('ticketoutput_testdummy__enabled', True)
|
||||
user = User.objects.create_user('dummy@dummy.dummy', 'dummy')
|
||||
t = Team.objects.create(organizer=o, all_event_permissions=True)
|
||||
t = Team.objects.create(organizer=o, all_event_permissions=True, all_organizer_permissions=True)
|
||||
t.members.add(user)
|
||||
t.limit_events.add(event)
|
||||
o = Order.objects.create(
|
||||
|
||||
@@ -422,7 +422,8 @@ def test_wrong_event_permission(perf_patch, client, env, perm, url, code, http_m
|
||||
t = Team(
|
||||
pk=2, organizer=env[2], all_events=True
|
||||
)
|
||||
setattr(t, perm, False)
|
||||
t.all_event_permissions = False
|
||||
t.limit_event_permissions.pop(perm, None)
|
||||
t.save()
|
||||
t.members.add(env[1])
|
||||
client.login(email='dummy@dummy.dummy', password='dummy')
|
||||
@@ -440,7 +441,7 @@ def test_limited_event_permission_for_other_event(perf_patch, client, env, perm,
|
||||
organizer=env[2], name='Dummy', slug='dummy2',
|
||||
date_from=now(), plugins='pretix.plugins.banktransfer'
|
||||
)
|
||||
t = Team.objects.create(pk=2, organizer=env[2], can_change_event_settings=True)
|
||||
t = Team.objects.create(pk=2, organizer=env[2], all_event_permissions=True)
|
||||
t.members.add(env[1])
|
||||
t.limit_events.add(event2)
|
||||
|
||||
@@ -458,13 +459,15 @@ def test_current_permission(client, env):
|
||||
pk=2, organizer=env[2], all_events=True
|
||||
)
|
||||
setattr(t, 'event.settings.general:write', True)
|
||||
t.all_event_permissions = False
|
||||
t.limit_event_permissions['event.settings.general:write'] = True
|
||||
t.save()
|
||||
t.members.add(env[1])
|
||||
|
||||
client.login(email='dummy@dummy.dummy', password='dummy')
|
||||
response = client.get('/control/event/dummy/dummy/settings/')
|
||||
assert response.status_code == 200
|
||||
setattr(t, 'event.settings.general:write', False)
|
||||
t.limit_event_permissions.pop('event.settings.general:write', None)
|
||||
t.save()
|
||||
response = client.get('/control/event/dummy/dummy/settings/')
|
||||
assert response.status_code == 403
|
||||
@@ -474,7 +477,8 @@ def test_current_permission(client, env):
|
||||
@pytest.mark.parametrize("perm,url,code,http_method", event_permission_urls)
|
||||
def test_correct_event_permission_all_events(perf_patch, client, env, perm, url, code, http_method):
|
||||
t = Team(pk=2, organizer=env[2], all_events=True)
|
||||
setattr(t, perm, True)
|
||||
t.all_event_permissions = False
|
||||
t.limit_event_permissions[perm] = True
|
||||
t.save()
|
||||
t.members.add(env[1])
|
||||
client.login(email='dummy@dummy.dummy', password='dummy')
|
||||
@@ -492,7 +496,8 @@ def test_correct_event_permission_all_events(perf_patch, client, env, perm, url,
|
||||
@pytest.mark.parametrize("perm,url,code,http_method", event_permission_urls)
|
||||
def test_correct_event_permission_limited(perf_patch, client, env, perm, url, code, http_method):
|
||||
t = Team(pk=2, organizer=env[2])
|
||||
setattr(t, perm, True)
|
||||
t.all_event_permissions = False
|
||||
t.limit_event_permissions[perm] = True
|
||||
t.save()
|
||||
t.members.add(env[1])
|
||||
t.limit_events.add(env[0])
|
||||
@@ -584,8 +589,11 @@ organizer_permission_urls = [
|
||||
@pytest.mark.django_db
|
||||
@pytest.mark.parametrize("perm,url,code", organizer_permission_urls)
|
||||
def test_wrong_organizer_permission(perf_patch, client, env, perm, url, code):
|
||||
t = Team(pk=2, organizer=env[2])
|
||||
setattr(t, perm, False)
|
||||
t = Team(pk=2, organizer=env[2], all_events=True)
|
||||
t.all_organizer_permissions = False
|
||||
t.limit_organizer_permissions.pop(perm, None)
|
||||
t.all_event_permissions = False
|
||||
t.limit_event_permissions.pop(perm, None)
|
||||
t.save()
|
||||
t.members.add(env[1])
|
||||
client.login(email='dummy@dummy.dummy', password='dummy')
|
||||
@@ -596,8 +604,14 @@ def test_wrong_organizer_permission(perf_patch, client, env, perm, url, code):
|
||||
@pytest.mark.django_db
|
||||
@pytest.mark.parametrize("perm,url,code", organizer_permission_urls)
|
||||
def test_correct_organizer_permission(perf_patch, client, env, perm, url, code):
|
||||
t = Team(pk=2, organizer=env[2])
|
||||
setattr(t, perm, True)
|
||||
t = Team(pk=2, organizer=env[2], all_events=True)
|
||||
if perm.startswith("event."):
|
||||
t.all_organizer_permissions = False
|
||||
t.all_event_permissions = False
|
||||
t.limit_event_permissions[perm] = True
|
||||
else:
|
||||
t.all_organizer_permissions = False
|
||||
t.limit_organizer_permissions[perm] = True
|
||||
t.save()
|
||||
t.members.add(env[1])
|
||||
client.login(email='dummy@dummy.dummy', password='dummy')
|
||||
|
||||
@@ -140,7 +140,8 @@ def test_typeahead(organizer, admin_user, client, gift_card):
|
||||
|
||||
# Unprivileged user can only do exact match
|
||||
team.all_events = True
|
||||
team.limit_event_permissions["event.orders:read"] = False
|
||||
team.all_event_permissions = False
|
||||
team.limit_event_permissions = {"event.vouchers:read": True}
|
||||
team.save()
|
||||
|
||||
r = client.get('/control/organizer/dummy/ticket_select2?query=' + op.secret[0:3])
|
||||
|
||||
@@ -98,7 +98,8 @@ class OrderSearchTest(SoupTest):
|
||||
assert 'DEFFO2' not in resp
|
||||
|
||||
def test_team_limit_event_wrong_permission(self):
|
||||
self.team.limit_event_permissions["event.orders:read"] = False
|
||||
self.team.all_event_permissions = False
|
||||
self.team.limit_event_permissions = {"event.vouchers:read": True}
|
||||
self.team.save()
|
||||
resp = self.client.get('/control/search/orders/').content.decode()
|
||||
assert 'ABCFO1' not in resp
|
||||
@@ -113,7 +114,8 @@ class OrderSearchTest(SoupTest):
|
||||
|
||||
def test_team_all_events_wrong_permission(self):
|
||||
self.team.all_events = True
|
||||
self.team.limit_event_permissions["event.orders:read"] = False
|
||||
self.team.all_event_permissions = False
|
||||
self.team.limit_event_permissions = {"event.vouchers:read": True}
|
||||
self.team.save()
|
||||
resp = self.client.get('/control/search/orders/').content.decode()
|
||||
assert 'ABCFO1' not in resp
|
||||
@@ -283,7 +285,8 @@ class PaymentSearchTest(SoupTest):
|
||||
assert 'DEFFO2' not in resp
|
||||
|
||||
def test_team_limit_event_wrong_permission(self):
|
||||
self.team.limit_event_permissions["event.orders:read"] = False
|
||||
self.team.all_event_permissions = False
|
||||
self.team.limit_event_permissions = {"event.vouchers:read": True}
|
||||
self.team.save()
|
||||
resp = self.client.get('/control/search/payments/').content.decode()
|
||||
assert 'ABCFO1' not in resp
|
||||
@@ -298,7 +301,8 @@ class PaymentSearchTest(SoupTest):
|
||||
|
||||
def test_team_all_events_wrong_permission(self):
|
||||
self.team.all_events = True
|
||||
self.team.limit_event_permissions["event.orders:read"] = False
|
||||
self.team.all_event_permissions = False
|
||||
self.team.limit_event_permissions = {"event.vouchers:read": True}
|
||||
self.team.save()
|
||||
resp = self.client.get('/control/search/payments/').content.decode()
|
||||
assert 'ABCFO1' not in resp
|
||||
|
||||
@@ -231,15 +231,16 @@ def test_create_team(event, admin_user, admin_team, client):
|
||||
client.login(email='dummy@dummy.dummy', password='dummy')
|
||||
client.post('/control/organizer/dummy/team/add', {
|
||||
'name': 'Foo',
|
||||
'organizer.events:create': 'on',
|
||||
'limit_organizer_permissions': ['organizer.events:create'],
|
||||
'limit_events': str(event.pk),
|
||||
'event.settings.general:write': 'on'
|
||||
'limit_event_permissions': ['event.settings.general:write']
|
||||
}, follow=True)
|
||||
with scopes_disabled():
|
||||
t = Team.objects.last()
|
||||
assert t.can_change_event_settings
|
||||
assert t.can_create_events
|
||||
assert not t.can_change_organizer_settings
|
||||
assert not t.all_event_permissions
|
||||
assert t.limit_event_permissions == {"event.settings.general:write": True}
|
||||
assert not t.all_organizer_permissions
|
||||
assert t.limit_organizer_permissions == {"organizer.events:create": True}
|
||||
assert list(t.limit_events.all()) == [event]
|
||||
assert list(t.members.all()) == [admin_user]
|
||||
|
||||
@@ -249,13 +250,16 @@ def test_update_team(event, admin_user, admin_team, client):
|
||||
client.login(email='dummy@dummy.dummy', password='dummy')
|
||||
client.post('/control/organizer/dummy/team/{}/edit'.format(admin_team.pk), {
|
||||
'name': 'Admin',
|
||||
'organizer.teams:write': 'on',
|
||||
'limit_organizer_permissions': ['organizer.teams:write'],
|
||||
'limit_events': str(event.pk),
|
||||
'event.settings.general:write': 'on'
|
||||
'all_event_permissions': 'on',
|
||||
'all_organizer_permissions': '',
|
||||
}, follow=True)
|
||||
admin_team.refresh_from_db()
|
||||
assert admin_team.can_change_event_settings
|
||||
assert not admin_team.can_change_organizer_settings
|
||||
assert admin_team.all_event_permissions
|
||||
assert admin_team.limit_event_permissions == {}
|
||||
assert not admin_team.all_organizer_permissions
|
||||
assert admin_team.limit_organizer_permissions == {"organizer.teams:write": True}
|
||||
with scopes_disabled():
|
||||
assert list(admin_team.limit_events.all()) == [event]
|
||||
|
||||
|
||||
Reference in New Issue
Block a user