From ec7460a0fe1a6090f876e697814c58d8b1aae9d2 Mon Sep 17 00:00:00 2001 From: Roberto Rosario Date: Wed, 21 Oct 2015 20:51:11 -0400 Subject: [PATCH] Update folder_document_remove view work with the ACL queryset only code. --- mayan/apps/folders/tests/test_views.py | 79 ++++++++++++++++++-------- mayan/apps/folders/views.py | 41 ++++++++----- 2 files changed, 81 insertions(+), 39 deletions(-) diff --git a/mayan/apps/folders/tests/test_views.py b/mayan/apps/folders/tests/test_views.py index 6b5033dcbe..998878b7c1 100644 --- a/mayan/apps/folders/tests/test_views.py +++ b/mayan/apps/folders/tests/test_views.py @@ -1,6 +1,7 @@ from __future__ import absolute_import, unicode_literals from django.contrib.auth import get_user_model +from django.contrib.auth.models import Group from django.core.files import File from django.core.urlresolvers import reverse from django.test.client import Client @@ -8,44 +9,29 @@ from django.test import TestCase from documents.models import DocumentType from documents.tests import TEST_DOCUMENT_TYPE, TEST_SMALL_DOCUMENT_PATH +from documents.tests.test_views import GenericDocumentViewTestCase +from permissions import Permission +from permissions.models import Role +from permissions.tests.literals import TEST_ROLE_LABEL from user_management.tests import ( - TEST_ADMIN_PASSWORD, TEST_ADMIN_USERNAME, TEST_ADMIN_EMAIL + TEST_ADMIN_PASSWORD, TEST_ADMIN_USERNAME, TEST_ADMIN_EMAIL, TEST_GROUP, + TEST_USER_EMAIL, TEST_USER_USERNAME, TEST_USER_PASSWORD ) from ..models import Folder +from ..permissions import permission_folder_remove_document from .literals import TEST_FOLDER_LABEL, TEST_FOLDER_EDITED_LABEL -class FolderViewTestCase(TestCase): - def setUp(self): - self.admin_user = get_user_model().objects.create_superuser( - username=TEST_ADMIN_USERNAME, email=TEST_ADMIN_EMAIL, - password=TEST_ADMIN_PASSWORD - ) - - self.document_type = DocumentType.objects.create( - label=TEST_DOCUMENT_TYPE - ) - - with open(TEST_SMALL_DOCUMENT_PATH) as file_object: - self.document = self.document_type.new_document( - file_object=File(file_object) - ) - - self.client = Client() - # Login the admin user +class FolderViewTestCase(GenericDocumentViewTestCase): + def test_folder_create_view(self): logged_in = self.client.login( username=TEST_ADMIN_USERNAME, password=TEST_ADMIN_PASSWORD ) self.assertTrue(logged_in) self.assertTrue(self.admin_user.is_authenticated()) - def tearDown(self): - self.admin_user.delete() - self.document_type - - def test_folder_create_view(self): response = self.client.post( reverse('folders:folder_create'), data={ 'label': TEST_FOLDER_LABEL @@ -58,6 +44,12 @@ class FolderViewTestCase(TestCase): self.assertEqual(Folder.objects.first().user, self.admin_user) def test_folder_delete_view(self): + logged_in = self.client.login( + username=TEST_ADMIN_USERNAME, password=TEST_ADMIN_PASSWORD + ) + self.assertTrue(logged_in) + self.assertTrue(self.admin_user.is_authenticated()) + folder = Folder.objects.create( label=TEST_FOLDER_LABEL, user=self.admin_user ) @@ -70,6 +62,12 @@ class FolderViewTestCase(TestCase): self.assertEqual(Folder.objects.count(), 0) def test_folder_edit_view(self): + logged_in = self.client.login( + username=TEST_ADMIN_USERNAME, password=TEST_ADMIN_PASSWORD + ) + self.assertTrue(logged_in) + self.assertTrue(self.admin_user.is_authenticated()) + folder = Folder.objects.create( label=TEST_FOLDER_LABEL, user=self.admin_user ) @@ -86,6 +84,12 @@ class FolderViewTestCase(TestCase): self.assertEqual(folder.user, self.admin_user) def test_folder_add_document_view(self): + logged_in = self.client.login( + username=TEST_ADMIN_USERNAME, password=TEST_ADMIN_PASSWORD + ) + self.assertTrue(logged_in) + self.assertTrue(self.admin_user.is_authenticated()) + folder = Folder.objects.create( label=TEST_FOLDER_LABEL, user=self.admin_user ) @@ -105,6 +109,12 @@ class FolderViewTestCase(TestCase): ) def test_folder_add_multiple_documents_view(self): + logged_in = self.client.login( + username=TEST_ADMIN_USERNAME, password=TEST_ADMIN_PASSWORD + ) + self.assertTrue(logged_in) + self.assertTrue(self.admin_user.is_authenticated()) + folder = Folder.objects.create( label=TEST_FOLDER_LABEL, user=self.admin_user ) @@ -124,6 +134,12 @@ class FolderViewTestCase(TestCase): ) def test_folder_remove_document_view(self): + logged_in = self.client.login( + username=TEST_USER_USERNAME, password=TEST_USER_PASSWORD + ) + self.assertTrue(logged_in) + self.assertTrue(self.admin_user.is_authenticated()) + folder = Folder.objects.create( label=TEST_FOLDER_LABEL, user=self.admin_user, ) @@ -132,6 +148,21 @@ class FolderViewTestCase(TestCase): self.assertEqual(folder.documents.count(), 1) + response = self.client.post( + reverse( + 'folders:folder_document_multiple_remove', args=(folder.pk,) + ), data={ + 'id_list': (self.document.pk,), + } + ) + + self.assertEqual(response.status_code, 302) + + folder = Folder.objects.get(pk=folder.pk) + self.assertEqual(folder.documents.count(), 1) + + self.role.permissions.add(permission_folder_remove_document.stored_permission) + response = self.client.post( reverse( 'folders:folder_document_multiple_remove', args=(folder.pk,) diff --git a/mayan/apps/folders/views.py b/mayan/apps/folders/views.py index e63b2e88da..38bcb16f2b 100644 --- a/mayan/apps/folders/views.py +++ b/mayan/apps/folders/views.py @@ -247,32 +247,43 @@ def folder_document_remove(request, folder_id, document_id=None, document_id_lis folder = get_object_or_404(Folder, pk=folder_id) if document_id: - folder_documents = [get_object_or_404(Document, pk=document_id)] + queryset = Document.objects.filter(pk=document_id) elif document_id_list: - folder_documents = [get_object_or_404(Document, pk=document_id) for document_id in document_id_list.split(',')] - else: + queryset = Document.objects.filter(pk__in=document_id_list) + + if not queryset: messages.error(request, _('Must provide at least one folder document.')) return HttpResponseRedirect(request.META.get('HTTP_REFERER', reverse(settings.LOGIN_REDIRECT_URL))) - logger.debug('folder_documents (pre permission check): %s', folder_documents) try: - Permission.check_permissions(request.user, (permission_folder_remove_document,)) + Permission.check_permissions( + request.user, (permission_folder_remove_document,) + ) except PermissionDenied: - folder_documents = AccessControlList.objects.filter_by_access(permission_folder_remove_document, request.user, folder_documents) - - logger.debug('folder_documents (post permission check): %s', folder_documents) + queryset = AccessControlList.objects.filter_by_access( + permission_folder_remove_document, request.user, queryset + ) previous = request.POST.get('previous', request.GET.get('previous', request.META.get('HTTP_REFERER', reverse(settings.LOGIN_REDIRECT_URL)))) next = request.POST.get('next', request.GET.get('next', post_action_redirect if post_action_redirect else request.META.get('HTTP_REFERER', reverse(settings.LOGIN_REDIRECT_URL)))) if request.method == 'POST': - for folder_document in folder_documents: + for folder_document in queryset: try: folder.documents.remove(folder_document) - messages.success(request, _('Document: %s removed successfully.') % folder_document) + messages.success( + request, _( + 'Document: %s removed successfully.' + ) % folder_document + ) except Exception as exception: - messages.error(request, _('Document: %(document)s delete error: %(error)s') % { - 'document': folder_document, 'error': exception}) + messages.error( + request, _( + 'Document: %(document)s delete error: %(error)s' + ) % { + 'document': folder_document, 'error': exception + } + ) return HttpResponseRedirect(next) @@ -283,12 +294,12 @@ def folder_document_remove(request, folder_id, document_id=None, document_id_lis 'title': ungettext( 'Remove the selected document from the folder: %(folder)s?', 'Remove the selected documents from the folder: %(folder)s?', - len(folder_documents) + queryset.count() ) % {'folder': folder} } - if len(folder_documents) == 1: - context['object'] = folder_documents[0] + if queryset.count() == 1: + context['object'] = queryset.first() return render_to_response( 'appearance/generic_confirm.html', context,