diff options
| author | Maxime Turcotte <maxime.turcotte@savoirfairelinux.com> | 2014-05-28 12:07:27 -0400 |
|---|---|---|
| committer | Tim Graham <timograham@gmail.com> | 2014-06-13 09:31:40 -0400 |
| commit | 504c89e8008c557a1e83c45535b549f77a3503b2 (patch) | |
| tree | 3e4345d28dbbbdfa18bb7abfb68950c67655c9ea /tests/admin_views | |
| parent | bf743a4d571bbb7da276bc21c61f6ada5d26942c (diff) | |
Fixed #6327 -- Added has_module_permission method to BaseModelAdmin
Thanks chrj for the suggestion.
Diffstat (limited to 'tests/admin_views')
| -rw-r--r-- | tests/admin_views/admin.py | 8 | ||||
| -rw-r--r-- | tests/admin_views/tests.py | 64 | ||||
| -rw-r--r-- | tests/admin_views/urls.py | 1 |
3 files changed, 73 insertions, 0 deletions
diff --git a/tests/admin_views/admin.py b/tests/admin_views/admin.py index db186f6027..22ff4536fa 100644 --- a/tests/admin_views/admin.py +++ b/tests/admin_views/admin.py @@ -124,6 +124,12 @@ class ArticleAdmin(admin.ModelAdmin): return super(ArticleAdmin, self).save_model(request, obj, form, change) +class ArticleAdmin2(admin.ModelAdmin): + + def has_module_permission(self, request): + return False + + class RowLevelChangePermissionModelAdmin(admin.ModelAdmin): def has_change_permission(self, request, obj=None): """ Only allow changing objects with even id number """ @@ -923,3 +929,5 @@ site.register(Group, GroupAdmin) site2 = admin.AdminSite(name="namespaced_admin") site2.register(User, UserAdmin) site2.register(Group, GroupAdmin) +site7 = admin.AdminSite(name="admin7") +site7.register(Article, ArticleAdmin2) diff --git a/tests/admin_views/tests.py b/tests/admin_views/tests.py index 185f252335..c8ae5e743c 100644 --- a/tests/admin_views/tests.py +++ b/tests/admin_views/tests.py @@ -1493,6 +1493,70 @@ class AdminViewPermissionsTest(TestCase): self.assertEqual(response.status_code, 302) self.assertEqual(response.url, 'http://example.com/dummy/foo/') + def test_has_module_permission(self): + """ + Ensure that has_module_permission() returns True for all users who + have any permission for that module (add, change, or delete), so that + the module is displayed on the admin index page. + """ + login_url = reverse('admin:login') + '?next=/test_admin/admin/' + + self.client.post(login_url, self.super_login) + response = self.client.get('/test_admin/admin/') + self.assertContains(response, 'admin_views') + self.assertContains(response, 'Articles') + self.client.get('/test_admin/admin/logout/') + + self.client.post(login_url, self.adduser_login) + response = self.client.get('/test_admin/admin/') + self.assertContains(response, 'admin_views') + self.assertContains(response, 'Articles') + self.client.get('/test_admin/admin/logout/') + + self.client.post(login_url, self.changeuser_login) + response = self.client.get('/test_admin/admin/') + self.assertContains(response, 'admin_views') + self.assertContains(response, 'Articles') + self.client.get('/test_admin/admin/logout/') + + self.client.post(login_url, self.deleteuser_login) + response = self.client.get('/test_admin/admin/') + self.assertContains(response, 'admin_views') + self.assertContains(response, 'Articles') + self.client.get('/test_admin/admin/logout/') + + def test_overriding_has_module_permission(self): + """ + Ensure that overriding has_module_permission() has the desired effect. + In this case, it always returns False, so the module should not be + displayed on the admin index page for any users. + """ + login_url = reverse('admin:login') + '?next=/test_admin/admin7/' + + self.client.post(login_url, self.super_login) + response = self.client.get('/test_admin/admin7/') + self.assertNotContains(response, 'admin_views') + self.assertNotContains(response, 'Articles') + self.client.get('/test_admin/admin7/logout/') + + self.client.post(login_url, self.adduser_login) + response = self.client.get('/test_admin/admin7/') + self.assertNotContains(response, 'admin_views') + self.assertNotContains(response, 'Articles') + self.client.get('/test_admin/admin7/logout/') + + self.client.post(login_url, self.changeuser_login) + response = self.client.get('/test_admin/admin7/') + self.assertNotContains(response, 'admin_views') + self.assertNotContains(response, 'Articles') + self.client.get('/test_admin/admin7/logout/') + + self.client.post(login_url, self.deleteuser_login) + response = self.client.get('/test_admin/admin7/') + self.assertNotContains(response, 'admin_views') + self.assertNotContains(response, 'Articles') + self.client.get('/test_admin/admin7/logout/') + @override_settings(PASSWORD_HASHERS=('django.contrib.auth.hashers.SHA1PasswordHasher',), ROOT_URLCONF="admin_views.urls") diff --git a/tests/admin_views/urls.py b/tests/admin_views/urls.py index c0c59d34fc..a9fa71040c 100644 --- a/tests/admin_views/urls.py +++ b/tests/admin_views/urls.py @@ -11,4 +11,5 @@ urlpatterns = [ url(r'^test_admin/admin3/', include(admin.site.urls), dict(form_url='pony')), url(r'^test_admin/admin4/', include(customadmin.simple_site.urls)), url(r'^test_admin/admin5/', include(admin.site2.urls)), + url(r'^test_admin/admin7/', include(admin.site7.urls)), ] |