Skip to content

Commit

Permalink
#1270: Restored messages to tests manage dataset.
Browse files Browse the repository at this point in the history 
Fixed permissions that were causing to fail.
  • Loading branch information
susanodd committed Aug 23, 2024
1 parent 15f9e1e commit 1d05694
Show file tree
Hide file tree
Showing 2 changed files with 20 additions and 11 deletions.
9 changes: 4 additions & 5 deletions signbank/dictionary/adminviews.py
View file
Original file line number Diff line number Diff line change
Expand Up @@ -3811,7 +3811,7 @@ def check_user_permissions_for_managing_dataset(self, dataset_object):

# make sure the user can write to this dataset
# from guardian.shortcuts import get_objects_for_user
user_change_datasets = get_objects_for_user(self.request.user, 'change_permission', Dataset,
user_change_datasets = get_objects_for_user(self.request.user, 'change_dataset', Dataset,
accept_global_perms=False)
if not user_change_datasets or dataset_object not in user_change_datasets:
messages.add_message(self.request, messages.ERROR, _('No permission to modify dataset permissions.'))
Expand Down Expand Up @@ -3910,8 +3910,8 @@ def render_to_add_user_response(self, context):
manage_identifier = 'dataset_' + dataset_object.acronym.replace(' ','')

from guardian.shortcuts import assign_perm, remove_perm
datasets_user_can_change = get_objects_for_user(user_object, 'change_permission', Dataset, accept_global_perms=False)
datasets_user_can_view = get_objects_for_user(user_object, 'view_permission',
datasets_user_can_change = get_objects_for_user(user_object, 'change_dataset', Dataset, accept_global_perms=False)
datasets_user_can_view = get_objects_for_user(user_object, 'view_dataset',
Dataset, accept_global_perms=False, any_perm=True)
groups_user_is_in = Group.objects.filter(user=user_object)

Expand Down Expand Up @@ -4004,7 +4004,6 @@ def render_to_add_user_response(self, context):

if 'delete_view_perm' in self.request.GET:
manage_identifier += '_manage_view'

if dataset_object in datasets_user_can_view:
if user_object.is_staff or user_object.is_superuser:
messages.add_message(self.request, messages.ERROR,
Expand All @@ -4015,7 +4014,7 @@ def render_to_add_user_response(self, context):
# also need to remove change_dataset perm in this case
from guardian.shortcuts import remove_perm
remove_perm('dictionary.view_dataset', user_object, dataset_object)
remove_perm('change_dataset', user_object, dataset_object)
remove_perm('dictionary.change_dataset', user_object, dataset_object)
messages.add_message(self.request, messages.INFO,
_('View (and change) permission for user successfully revoked.'))
except (PermissionError, SystemError, OSError):
Expand Down
22 changes: 16 additions & 6 deletions signbank/dictionary/tests.py
View file
Original file line number Diff line number Diff line change
Expand Up @@ -1340,34 +1340,44 @@ def test_User_is_dataset_manager(self):
assign_perm('dictionary.change_dataset', self.user, self.test_dataset)

# Grant view permission
form_data ={'dataset_acronym': self.test_dataset.acronym, 'username': self.user2.username, 'add_view_perm': 'Grant'}
form_data = {'dataset_acronym': self.test_dataset.acronym, 'username': self.user2.username, 'add_view_perm': 'Grant'}
response = self.client.get(reverse('admin_dataset_manager'), form_data, follow=True)
self.assertContains(response, 'View permission for user successfully granted.'
.format(self.user2.username, self.user2.first_name, self.user2.last_name))
self.assertEqual(response.status_code, 200)

# Revoke view permission
form_data = {'dataset_acronym': self.test_dataset.acronym, 'username': self.user2.username,
'delete_view_perm': 'Revoke'}
'delete_view_perm': 'Revoke'}
response = self.client.get(reverse('admin_dataset_manager'), form_data, follow=True)
self.assertContains(response, 'View (and change) permission for user successfully revoked.'
.format(self.user2.username))
self.assertEqual(response.status_code, 200)

# Grant change permission without view permission
form_data ={'dataset_acronym': self.test_dataset.acronym, 'username': self.user2.username, 'add_change_perm': 'Grant'}
form_data = {'dataset_acronym': self.test_dataset.acronym, 'username': self.user2.username, 'add_change_perm': 'Grant'}
response = self.client.get(reverse('admin_dataset_manager'), form_data, follow=True)
self.assertContains(response, 'User does not have view permission for this dataset. Please grant view permission first.'
.format(self.user2.username, self.user2.first_name, self.user2.last_name))
self.assertEqual(response.status_code, 200)

# Grant change permission with view permission
# Grant view permission first
form_data = {'dataset_acronym': self.test_dataset.acronym, 'username': self.user2.username, 'add_view_perm': 'Grant'}
response = self.client.get(reverse('admin_dataset_manager'), form_data, follow=True)
# Grant change permission second
form_data ={'dataset_acronym': self.test_dataset.acronym, 'username': self.user2.username, 'add_change_perm': 'Grant'}
form_data = {'dataset_acronym': self.test_dataset.acronym, 'username': self.user2.username, 'add_change_perm': 'Grant'}
response = self.client.get(reverse('admin_dataset_manager'), form_data, follow=True)
self.assertContains(response, 'Change permission for user successfully granted.'
.format(self.user2.username))
self.assertEqual(response.status_code, 200)

# Revoke change permission
form_data ={'dataset_acronym': self.test_dataset.acronym, 'username': self.user2.username,
'delete_change_perm': 'Revoke'}
form_data = {'dataset_acronym': self.test_dataset.acronym, 'username': self.user2.username,
'delete_change_perm': 'Revoke'}
response = self.client.get(reverse('admin_dataset_manager'), form_data, follow=True)
self.assertContains(response, 'Change permission for user successfully revoked.'
.format(self.user2.username))
self.assertEqual(response.status_code, 200)

def test_Set_default_language(self):
Expand Down

0 comments on commit 1d05694

Please sign in to comment.