diff --git a/mayan/apps/metadata/tests/test_views.py b/mayan/apps/metadata/tests/test_views.py index 1ebc83eee7..d27c7511ee 100644 --- a/mayan/apps/metadata/tests/test_views.py +++ b/mayan/apps/metadata/tests/test_views.py @@ -7,14 +7,22 @@ from django.test.client import Client from django.test import TestCase from documents.models import DocumentType +from documents.permissions import ( + permission_document_properties_edit, permission_document_view +) from documents.tests.literals import ( TEST_DOCUMENT_TYPE, TEST_DOCUMENT_TYPE_2, TEST_SMALL_DOCUMENT_PATH ) +from documents.tests.test_views import GenericDocumentViewTestCase from user_management.tests.literals import ( - TEST_ADMIN_PASSWORD, TEST_ADMIN_USERNAME, TEST_ADMIN_EMAIL + TEST_USER_USERNAME, TEST_USER_PASSWORD ) from ..models import MetadataType +from ..permissions import ( + permission_metadata_document_add, permission_metadata_document_remove, + permission_metadata_document_edit +) from .literals import ( TEST_DOCUMENT_METADATA_VALUE_2, TEST_METADATA_TYPE_LABEL, @@ -23,23 +31,9 @@ from .literals import ( ) -class DocumentMetadataTestCase(TestCase): +class DocumentMetadataTestCase(GenericDocumentViewTestCase): def setUp(self): - self.admin_user = User.objects.create_superuser( - username=TEST_ADMIN_USERNAME, email=TEST_ADMIN_EMAIL, - password=TEST_ADMIN_PASSWORD - ) - self.client = Client() - # Login the admin user - logged_in = self.client.login( - username=TEST_ADMIN_USERNAME, password=TEST_ADMIN_PASSWORD - ) - self.assertTrue(logged_in) - self.assertTrue(self.admin_user.is_authenticated()) - - self.document_type = DocumentType.objects.create( - label=TEST_DOCUMENT_TYPE - ) + super(DocumentMetadataTestCase, self).setUp() self.metadata_type = MetadataType.objects.create( name=TEST_METADATA_TYPE_NAME, label=TEST_METADATA_TYPE_LABEL @@ -47,53 +41,68 @@ class DocumentMetadataTestCase(TestCase): self.document_type.metadata.create(metadata_type=self.metadata_type) - with open(TEST_SMALL_DOCUMENT_PATH) as file_object: - self.document = self.document_type.new_document( - file_object=File(file_object) - ) - def tearDown(self): - self.document_type.delete() - self.admin_user.delete() + super(DocumentMetadataTestCase, self).tearDown() self.metadata_type.delete() - def test_remove_metadata_view(self): - document_metadata = self.document.metadata.create( - metadata_type=self.metadata_type, value='' + def test_metadata_add_view_no_permission(self): + self.login( + username=TEST_USER_USERNAME, password=TEST_USER_PASSWORD ) - self.assertEqual(len(self.document.metadata.all()), 1) - - # Test display of metadata removal form - response = self.client.get( - reverse( - 'metadata:metadata_remove', args=(self.document.pk,), - ) + self.role.permissions.add( + permission_document_view.stored_permission ) - self.assertContains(response, 'emove', status_code=200) + response = self.post( + 'metadata:metadata_add', args=(self.document.pk,), + data={'metadata_type': self.metadata_type.pk} + ) + self.assertEqual(response.status_code, 302) - # Test post to metadata removal view - response = self.client.post( - reverse( - 'metadata:metadata_remove', args=(self.document.pk,), - ), data={ - 'form-0-id': document_metadata.metadata_type.pk, - 'form-0-update': True, - 'form-TOTAL_FORMS': '1', - 'form-INITIAL_FORMS': '0', - 'form-MAX_NUM_FORMS': '', - }, follow=True + self.assertEqual(len(self.document.metadata.all()), 0) + + def test_metadata_add_view_with_permission(self): + self.login( + username=TEST_USER_USERNAME, password=TEST_USER_PASSWORD + ) + + self.role.permissions.add( + permission_document_view.stored_permission + ) + + self.role.permissions.add( + permission_metadata_document_add.stored_permission + ) + self.role.permissions.add( + permission_metadata_document_edit.stored_permission + ) + + response = self.post( + 'metadata:metadata_add', args=(self.document.pk,), + data={'metadata_type': self.metadata_type.pk}, follow=True ) self.assertContains(response, 'Success', status_code=200) - self.assertEqual(len(self.document.metadata.all()), 0) + self.assertEqual(len(self.document.metadata.all()), 1) def test_metadata_edit_after_document_type_change(self): # Gitlab issue #204 # Problems to add required metadata after changin the document type + self.login( + username=TEST_USER_USERNAME, password=TEST_USER_PASSWORD + ) + + self.role.permissions.add( + permission_document_properties_edit.stored_permission + ) + + self.role.permissions.add( + permission_metadata_document_edit.stored_permission + ) + document_type_2 = DocumentType.objects.create( label=TEST_DOCUMENT_TYPE_2 ) @@ -108,18 +117,14 @@ class DocumentMetadataTestCase(TestCase): self.document.set_document_type(document_type=document_type_2) - response = self.client.get( - reverse( - 'metadata:metadata_edit', args=(self.document.pk,), - ), follow=True + response = self.get( + 'metadata:metadata_edit', args=(self.document.pk,), follow=True ) self.assertContains(response, 'Edit', status_code=200) - response = self.client.post( - reverse( - 'metadata:metadata_edit', args=(self.document.pk,), - ), data={ + response = self.post( + 'metadata:metadata_edit', args=(self.document.pk,), data={ 'form-0-id': document_metadata_2.pk, 'form-0-update': True, 'form-0-value': TEST_DOCUMENT_METADATA_VALUE_2, @@ -135,3 +140,81 @@ class DocumentMetadataTestCase(TestCase): self.document.metadata.get(metadata_type=metadata_type_2).value, TEST_DOCUMENT_METADATA_VALUE_2 ) + + def test_metadata_remove_view_no_permission(self): + self.login( + username=TEST_USER_USERNAME, password=TEST_USER_PASSWORD + ) + + document_metadata = self.document.metadata.create( + metadata_type=self.metadata_type, value='' + ) + + self.assertEqual(len(self.document.metadata.all()), 1) + + self.role.permissions.add( + permission_document_view.stored_permission + ) + + # Test display of metadata removal form + response = self.get( + 'metadata:metadata_remove', args=(self.document.pk,), + ) + + self.assertEqual(response.status_code, 404) + + # Test post to metadata removal view + response = self.post( + 'metadata:metadata_remove', args=(self.document.pk,), data={ + 'form-0-id': document_metadata.metadata_type.pk, + 'form-0-update': True, + 'form-TOTAL_FORMS': '1', + 'form-INITIAL_FORMS': '0', + 'form-MAX_NUM_FORMS': '', + }, follow=True + ) + + self.assertEqual(response.status_code, 404) + + self.assertEqual(len(self.document.metadata.all()), 1) + + def test_metadata_remove_view_with_permission(self): + self.login( + username=TEST_USER_USERNAME, password=TEST_USER_PASSWORD + ) + + document_metadata = self.document.metadata.create( + metadata_type=self.metadata_type, value='' + ) + + self.assertEqual(len(self.document.metadata.all()), 1) + + self.role.permissions.add( + permission_document_view.stored_permission + ) + + self.role.permissions.add( + permission_metadata_document_remove.stored_permission + ) + + # Test display of metadata removal form + response = self.get( + 'metadata:metadata_remove', args=(self.document.pk,), + ) + + self.assertContains(response, 'emove', status_code=200) + + # Test post to metadata removal view + response = self.post( + 'metadata:metadata_remove', args=(self.document.pk,), data={ + 'form-0-id': document_metadata.metadata_type.pk, + 'form-0-update': True, + 'form-TOTAL_FORMS': '1', + 'form-INITIAL_FORMS': '0', + 'form-MAX_NUM_FORMS': '', + }, follow=True + ) + + self.assertContains(response, 'Success', status_code=200) + + self.assertEqual(len(self.document.metadata.all()), 0) diff --git a/mayan/apps/metadata/views.py b/mayan/apps/metadata/views.py index 8e424b258b..260592cf46 100644 --- a/mayan/apps/metadata/views.py +++ b/mayan/apps/metadata/views.py @@ -36,11 +36,11 @@ from .permissions import ( def metadata_edit(request, document_id=None, document_id_list=None): if document_id: - document_id_list = unicode(document_id) - - documents = Document.objects.select_related('metadata').filter( - pk__in=document_id_list.split(',') - ) + documents = Document.objects.filter(pk=document_id) + elif document_id_list: + documents = Document.objects.select_related('metadata').filter( + pk__in=document_id_list + ) try: Permission.check_permissions( @@ -157,13 +157,13 @@ def metadata_edit(request, document_id=None, document_id_list=None): 'next': next, } - if len(documents) == 1: - context['object'] = documents[0] + if documents.count() == 1: + context['object'] = documents.first() context['title'] = ungettext( 'Edit document metadata', 'Edit documents metadata', - len(documents) + documents.count() ) return render_to_response( @@ -174,20 +174,17 @@ def metadata_edit(request, document_id=None, document_id_list=None): def metadata_multiple_edit(request): return metadata_edit( - request, document_id_list=request.GET.get('id_list', '') + request, document_id_list=request.GET.get( + 'id_list', request.POST.get('id_list', '') + ).split(',') ) def metadata_add(request, document_id=None, document_id_list=None): if document_id: - documents = [get_object_or_404(Document, pk=document_id)] + documents = Document.objects.filter(pk=document_id) elif document_id_list: - documents = [ - get_object_or_404( - Document.objects.select_related('document_type'), - pk=document_id - ) for document_id in document_id_list.split(',') - ] + documents = Document.objects.select_related('document_type').filter(pk__in=document_id_list) if len(set([document.document_type.pk for document in documents])) > 1: messages.error( request, _('Only select documents of the same type.') @@ -281,12 +278,12 @@ def metadata_add(request, document_id=None, document_id_list=None): } ) - if len(documents) == 1: + if documents.count() == 1: return HttpResponseRedirect('%s?%s' % ( reverse('metadata:metadata_edit', args=(document.pk,)), urlencode({'next': next})) ) - elif len(documents) > 1: + elif documents.count() > 1: return HttpResponseRedirect('%s?%s' % ( reverse('metadata:metadata_multiple_edit'), urlencode({'id_list': document_id_list, 'next': next})) @@ -300,13 +297,13 @@ def metadata_add(request, document_id=None, document_id_list=None): 'next': next, } - if len(documents) == 1: - context['object'] = documents[0] + if documents.count() == 1: + context['object'] = documents.first() context['title'] = ungettext( 'Add metadata types to document', 'Add metadata types to documents', - len(documents) + documents.count() ) return render_to_response( @@ -317,17 +314,19 @@ def metadata_add(request, document_id=None, document_id_list=None): def metadata_multiple_add(request): return metadata_add( - request, document_id_list=request.GET.get('id_list', []) + request, document_id_list=request.GET.get( + 'id_list', request.POST.get('id_list', '') + ).split(',') ) def metadata_remove(request, document_id=None, document_id_list=None): if document_id: - document_id_list = unicode(document_id) - - documents = Document.objects.select_related('metadata').filter( - pk__in=document_id_list.split(',') - ) + documents = Document.objects.filter(pk=document_id) + elif document_id_list: + documents = Document.objects.select_related('metadata').filter( + pk__in=document_id_list + ) try: Permission.check_permissions( @@ -446,13 +445,13 @@ def metadata_remove(request, document_id=None, document_id_list=None): 'next': next, } - if len(documents) == 1: - context['object'] = documents[0] + if documents.count() == 1: + context['object'] = documents.first() context['title'] = ungettext( 'Remove metadata types from the document', 'Remove metadata types from the documents', - len(documents) + documents.count() ) return render_to_response( @@ -463,7 +462,9 @@ def metadata_remove(request, document_id=None, document_id_list=None): def metadata_multiple_remove(request): return metadata_remove( - request, document_id_list=request.GET.get('id_list', []) + request, document_id_list=request.GET.get( + 'id_list', request.POST.get('id_list', '') + ).split(',') )