summaryrefslogtreecommitdiff
path: root/tests
diff options
context:
space:
mode:
Diffstat (limited to 'tests')
-rw-r--r--tests/admin_changelist/test_date_hierarchy.py6
-rw-r--r--tests/admin_changelist/tests.py39
-rw-r--r--tests/admin_filters/tests.py57
-rw-r--r--tests/admin_views/admin.py4
-rw-r--r--tests/admin_views/test_templatetags.py4
-rw-r--r--tests/admin_views/tests.py147
-rw-r--r--tests/auth_tests/test_management.py4
-rw-r--r--tests/modeladmin/tests.py44
8 files changed, 296 insertions, 9 deletions
diff --git a/tests/admin_changelist/test_date_hierarchy.py b/tests/admin_changelist/test_date_hierarchy.py
index 96590ccc82..f19e38f9bf 100644
--- a/tests/admin_changelist/test_date_hierarchy.py
+++ b/tests/admin_changelist/test_date_hierarchy.py
@@ -1,6 +1,7 @@
from datetime import datetime
from django.contrib.admin.options import IncorrectLookupParameters
+from django.contrib.auth.models import User
from django.test import RequestFactory, TestCase
from django.utils.timezone import make_aware
@@ -11,9 +12,14 @@ from .models import Event
class DateHierarchyTests(TestCase):
factory = RequestFactory()
+ @classmethod
+ def setUpTestData(cls):
+ cls.superuser = User.objects.create_superuser(username='super', email='a@b.com', password='xxx')
+
def assertDateParams(self, query, expected_from_date, expected_to_date):
query = {'date__%s' % field: val for field, val in query.items()}
request = self.factory.get('/', query)
+ request.user = self.superuser
changelist = EventAdmin(Event, custom_site).get_changelist_instance(request)
_, _, lookup_params, _ = changelist.get_filters(request)
self.assertEqual(lookup_params['date__gte'], expected_from_date)
diff --git a/tests/admin_changelist/tests.py b/tests/admin_changelist/tests.py
index 68aaa78996..20587613a7 100644
--- a/tests/admin_changelist/tests.py
+++ b/tests/admin_changelist/tests.py
@@ -50,6 +50,7 @@ class ChangeListTests(TestCase):
def setUp(self):
self.factory = RequestFactory()
+ self.superuser = User.objects.create_superuser(username='super', email='a@b.com', password='xxx')
def _create_superuser(self, username):
return User.objects.create_superuser(username=username, email='a@b.com', password='xxx')
@@ -70,6 +71,7 @@ class ChangeListTests(TestCase):
m = OrderedByFBandAdmin(Band, custom_site)
request = self.factory.get('/band/')
+ request.user = self.superuser
cl = m.get_changelist_instance(request)
self.assertEqual(cl.get_ordering_field_columns(), {3: 'desc', 2: 'asc'})
@@ -80,12 +82,14 @@ class ChangeListTests(TestCase):
"""
m = ChildAdmin(Child, custom_site)
request = self.factory.get('/child/')
+ request.user = self.superuser
cl = m.get_changelist_instance(request)
self.assertEqual(cl.queryset.query.select_related, {'parent': {}})
def test_select_related_as_tuple(self):
ia = InvitationAdmin(Invitation, custom_site)
request = self.factory.get('/invitation/')
+ request.user = self.superuser
cl = ia.get_changelist_instance(request)
self.assertEqual(cl.queryset.query.select_related, {'player': {}})
@@ -93,6 +97,7 @@ class ChangeListTests(TestCase):
ia = InvitationAdmin(Invitation, custom_site)
ia.list_select_related = ()
request = self.factory.get('/invitation/')
+ request.user = self.superuser
cl = ia.get_changelist_instance(request)
self.assertIs(cl.queryset.query.select_related, False)
@@ -105,6 +110,7 @@ class ChangeListTests(TestCase):
ia = GetListSelectRelatedAdmin(Invitation, custom_site)
request = self.factory.get('/invitation/')
+ request.user = self.superuser
cl = ia.get_changelist_instance(request)
self.assertEqual(cl.queryset.query.select_related, {'player': {}, 'band': {}})
@@ -115,6 +121,7 @@ class ChangeListTests(TestCase):
"""
new_child = Child.objects.create(name='name', parent=None)
request = self.factory.get('/child/')
+ request.user = self.superuser
m = ChildAdmin(Child, custom_site)
cl = m.get_changelist_instance(request)
cl.formset = None
@@ -131,6 +138,7 @@ class ChangeListTests(TestCase):
"""
new_child = Child.objects.create(name='name', parent=None)
request = self.factory.get('/child/')
+ request.user = self.superuser
# Set a new empty display value on AdminSite.
admin.site.empty_value_display = '???'
m = ChildAdmin(Child, admin.site)
@@ -149,6 +157,7 @@ class ChangeListTests(TestCase):
"""
new_child = Child.objects.create(name='name', parent=None)
request = self.factory.get('/child/')
+ request.user = self.superuser
m = EmptyValueChildAdmin(Child, admin.site)
cl = m.get_changelist_instance(request)
cl.formset = None
@@ -172,6 +181,7 @@ class ChangeListTests(TestCase):
new_parent = Parent.objects.create(name='parent')
new_child = Child.objects.create(name='name', parent=new_parent)
request = self.factory.get('/child/')
+ request.user = self.superuser
m = ChildAdmin(Child, custom_site)
cl = m.get_changelist_instance(request)
cl.formset = None
@@ -194,6 +204,7 @@ class ChangeListTests(TestCase):
new_parent = Parent.objects.create(name='parent')
new_child = Child.objects.create(name='name', parent=new_parent)
request = self.factory.get('/child/')
+ request.user = self.superuser
m = ChildAdmin(Child, custom_site)
# Test with list_editable fields
@@ -233,6 +244,7 @@ class ChangeListTests(TestCase):
for i in range(200):
Child.objects.create(name='name %s' % i, parent=new_parent)
request = self.factory.get('/child/', data={'p': -1}) # Anything outside range
+ request.user = self.superuser
m = ChildAdmin(Child, custom_site)
# Test with list_editable fields
@@ -248,6 +260,7 @@ class ChangeListTests(TestCase):
Child.objects.create(name='name %s' % i, parent=new_parent)
request = self.factory.get('/child/')
+ request.user = self.superuser
m = CustomPaginationAdmin(Child, custom_site)
cl = m.get_changelist_instance(request)
@@ -267,6 +280,7 @@ class ChangeListTests(TestCase):
m = BandAdmin(Band, custom_site)
request = self.factory.get('/band/', data={'genres': blues.pk})
+ request.user = self.superuser
cl = m.get_changelist_instance(request)
cl.get_results(request)
@@ -286,6 +300,7 @@ class ChangeListTests(TestCase):
m = GroupAdmin(Group, custom_site)
request = self.factory.get('/group/', data={'members': lead.pk})
+ request.user = self.superuser
cl = m.get_changelist_instance(request)
cl.get_results(request)
@@ -307,6 +322,7 @@ class ChangeListTests(TestCase):
m = ConcertAdmin(Concert, custom_site)
request = self.factory.get('/concert/', data={'group__members': lead.pk})
+ request.user = self.superuser
cl = m.get_changelist_instance(request)
cl.get_results(request)
@@ -327,6 +343,7 @@ class ChangeListTests(TestCase):
m = QuartetAdmin(Quartet, custom_site)
request = self.factory.get('/quartet/', data={'members': lead.pk})
+ request.user = self.superuser
cl = m.get_changelist_instance(request)
cl.get_results(request)
@@ -347,6 +364,7 @@ class ChangeListTests(TestCase):
m = ChordsBandAdmin(ChordsBand, custom_site)
request = self.factory.get('/chordsband/', data={'members': lead.pk})
+ request.user = self.superuser
cl = m.get_changelist_instance(request)
cl.get_results(request)
@@ -366,6 +384,7 @@ class ChangeListTests(TestCase):
m = ParentAdmin(Parent, custom_site)
request = self.factory.get('/parent/', data={'child__name': 'Daniel'})
+ request.user = self.superuser
cl = m.get_changelist_instance(request)
# Make sure distinct() was called
@@ -382,6 +401,7 @@ class ChangeListTests(TestCase):
m = ParentAdmin(Parent, custom_site)
request = self.factory.get('/parent/', data={SEARCH_VAR: 'daniel'})
+ request.user = self.superuser
cl = m.get_changelist_instance(request)
# Make sure distinct() was called
@@ -401,6 +421,7 @@ class ChangeListTests(TestCase):
m = ConcertAdmin(Concert, custom_site)
request = self.factory.get('/concert/', data={SEARCH_VAR: 'vox'})
+ request.user = self.superuser
cl = m.get_changelist_instance(request)
# There's only one Concert instance
@@ -414,10 +435,12 @@ class ChangeListTests(TestCase):
m.search_fields = ['group__pk']
request = self.factory.get('/concert/', data={SEARCH_VAR: band.pk})
+ request.user = self.superuser
cl = m.get_changelist_instance(request)
self.assertEqual(cl.queryset.count(), 1)
request = self.factory.get('/concert/', data={SEARCH_VAR: band.pk + 5})
+ request.user = self.superuser
cl = m.get_changelist_instance(request)
self.assertEqual(cl.queryset.count(), 0)
@@ -429,10 +452,12 @@ class ChangeListTests(TestCase):
m.search_fields = ['name__iexact']
request = self.factory.get('/', data={SEARCH_VAR: 'woodstock'})
+ request.user = self.superuser
cl = m.get_changelist_instance(request)
self.assertCountEqual(cl.queryset, [concert])
request = self.factory.get('/', data={SEARCH_VAR: 'wood'})
+ request.user = self.superuser
cl = m.get_changelist_instance(request)
self.assertCountEqual(cl.queryset, [])
@@ -445,10 +470,12 @@ class ChangeListTests(TestCase):
Field.register_lookup(Contains, 'cc')
try:
request = self.factory.get('/', data={SEARCH_VAR: 'Hype'})
+ request.user = self.superuser
cl = m.get_changelist_instance(request)
self.assertCountEqual(cl.queryset, [concert])
request = self.factory.get('/', data={SEARCH_VAR: 'Woodstock'})
+ request.user = self.superuser
cl = m.get_changelist_instance(request)
self.assertCountEqual(cl.queryset, [])
finally:
@@ -467,10 +494,12 @@ class ChangeListTests(TestCase):
m.search_fields = ['group__members__age__exactly']
request = self.factory.get('/', data={SEARCH_VAR: '20'})
+ request.user = self.superuser
cl = m.get_changelist_instance(request)
self.assertCountEqual(cl.queryset, [concert])
request = self.factory.get('/', data={SEARCH_VAR: '21'})
+ request.user = self.superuser
cl = m.get_changelist_instance(request)
self.assertCountEqual(cl.queryset, [])
finally:
@@ -486,10 +515,12 @@ class ChangeListTests(TestCase):
m.search_fields = ['pk__exact']
request = self.factory.get('/', data={SEARCH_VAR: 'abc'})
+ request.user = self.superuser
cl = m.get_changelist_instance(request)
self.assertCountEqual(cl.queryset, [abc])
request = self.factory.get('/', data={SEARCH_VAR: 'abcd'})
+ request.user = self.superuser
cl = m.get_changelist_instance(request)
self.assertCountEqual(cl.queryset, [abcd])
@@ -501,11 +532,13 @@ class ChangeListTests(TestCase):
m = BandAdmin(Band, custom_site)
for lookup_params in ({}, {'name': 'test'}):
request = self.factory.get('/band/', lookup_params)
+ request.user = self.superuser
cl = m.get_changelist_instance(request)
self.assertFalse(cl.queryset.query.distinct)
# A ManyToManyField in params does have distinct applied.
request = self.factory.get('/band/', {'genres': '0'})
+ request.user = self.superuser
cl = m.get_changelist_instance(request)
self.assertTrue(cl.queryset.query.distinct)
@@ -520,6 +553,7 @@ class ChangeListTests(TestCase):
Child.objects.create(name='filtered %s' % i, parent=parent)
request = self.factory.get('/child/')
+ request.user = self.superuser
# Test default queryset
m = ChildAdmin(Child, custom_site)
@@ -540,8 +574,7 @@ class ChangeListTests(TestCase):
Regression test for #13196: output of functions should be localized
in the changelist.
"""
- superuser = User.objects.create_superuser(username='super', email='super@localhost', password='secret')
- self.client.force_login(superuser)
+ self.client.force_login(self.superuser)
event = Event.objects.create(date=datetime.date.today())
response = self.client.get(reverse('admin:admin_changelist_event_changelist'))
self.assertContains(response, formats.localize(event.date))
@@ -597,6 +630,7 @@ class ChangeListTests(TestCase):
# Add "show all" parameter to request
request = self.factory.get('/child/', data={ALL_VAR: ''})
+ request.user = self.superuser
# Test valid "show all" request (number of total objects is under max)
m = ChildAdmin(Child, custom_site)
@@ -856,6 +890,7 @@ class ChangeListTests(TestCase):
# instantiating and setting up ChangeList object
m = GroupAdmin(Group, custom_site)
request = self.factory.get('/group/')
+ request.user = self.superuser
cl = m.get_changelist_instance(request)
per_page = cl.list_per_page = 10
diff --git a/tests/admin_filters/tests.py b/tests/admin_filters/tests.py
index 554b1a4e23..2e16909dc3 100644
--- a/tests/admin_filters/tests.py
+++ b/tests/admin_filters/tests.py
@@ -263,7 +263,7 @@ class ListFiltersTests(TestCase):
self.request_factory = RequestFactory()
# Users
- self.alfred = User.objects.create_user('alfred', 'alfred@example.com')
+ self.alfred = User.objects.create_superuser('alfred', 'alfred@example.com', 'password')
self.bob = User.objects.create_user('bob', 'bob@example.com')
self.lisa = User.objects.create_user('lisa', 'lisa@example.com')
@@ -308,6 +308,7 @@ class ListFiltersTests(TestCase):
modeladmin = BookmarkChoicesAdmin(Bookmark, site)
request = self.request_factory.get('/', {})
+ request.user = self.alfred
changelist = modeladmin.get_changelist_instance(request)
filterspec = changelist.get_filters(request)[0][0]
choices = list(filterspec.choices(changelist))
@@ -318,10 +319,12 @@ class ListFiltersTests(TestCase):
modeladmin = BookAdmin(Book, site)
request = self.request_factory.get('/')
+ request.user = self.alfred
changelist = modeladmin.get_changelist(request)
request = self.request_factory.get('/', {'date_registered__gte': self.today,
'date_registered__lt': self.tomorrow})
+ request.user = self.alfred
changelist = modeladmin.get_changelist_instance(request)
# Make sure the correct queryset is returned
@@ -343,6 +346,7 @@ class ListFiltersTests(TestCase):
request = self.request_factory.get('/', {'date_registered__gte': self.today.replace(day=1),
'date_registered__lt': self.next_month})
+ request.user = self.alfred
changelist = modeladmin.get_changelist_instance(request)
# Make sure the correct queryset is returned
@@ -368,6 +372,7 @@ class ListFiltersTests(TestCase):
request = self.request_factory.get('/', {'date_registered__gte': self.today.replace(month=1, day=1),
'date_registered__lt': self.next_year})
+ request.user = self.alfred
changelist = modeladmin.get_changelist_instance(request)
# Make sure the correct queryset is returned
@@ -395,6 +400,7 @@ class ListFiltersTests(TestCase):
'date_registered__gte': str(self.one_week_ago),
'date_registered__lt': str(self.tomorrow),
})
+ request.user = self.alfred
changelist = modeladmin.get_changelist_instance(request)
# Make sure the correct queryset is returned
@@ -416,6 +422,7 @@ class ListFiltersTests(TestCase):
# Null/not null queries
request = self.request_factory.get('/', {'date_registered__isnull': 'True'})
+ request.user = self.alfred
changelist = modeladmin.get_changelist_instance(request)
# Make sure the correct queryset is returned
@@ -431,6 +438,7 @@ class ListFiltersTests(TestCase):
self.assertEqual(choice['query_string'], '?date_registered__isnull=True')
request = self.request_factory.get('/', {'date_registered__isnull': 'False'})
+ request.user = self.alfred
changelist = modeladmin.get_changelist_instance(request)
# Make sure the correct queryset is returned
@@ -459,6 +467,7 @@ class ListFiltersTests(TestCase):
modeladmin = BookAdmin(Book, site)
request = self.request_factory.get('/', {'year__isnull': 'True'})
+ request.user = self.alfred
changelist = modeladmin.get_changelist_instance(request)
# Make sure the correct queryset is returned
@@ -473,6 +482,7 @@ class ListFiltersTests(TestCase):
self.assertEqual(choices[-1]['query_string'], '?year__isnull=True')
request = self.request_factory.get('/', {'year': '2002'})
+ request.user = self.alfred
changelist = modeladmin.get_changelist_instance(request)
# Make sure the correct choice is selected
@@ -486,6 +496,7 @@ class ListFiltersTests(TestCase):
# Make sure that correct filters are returned with custom querysets
modeladmin = BookAdminWithCustomQueryset(self.alfred, Book, site)
request = self.request_factory.get('/')
+ request.user = self.alfred
changelist = modeladmin.get_changelist_instance(request)
filterspec = changelist.get_filters(request)[0][0]
@@ -502,6 +513,7 @@ class ListFiltersTests(TestCase):
modeladmin = BookAdmin(Book, site)
request = self.request_factory.get('/')
+ request.user = self.alfred
changelist = modeladmin.get_changelist_instance(request)
# Make sure that all users are present in the author's list filter
@@ -510,6 +522,7 @@ class ListFiltersTests(TestCase):
self.assertEqual(sorted(filterspec.lookup_choices), sorted(expected))
request = self.request_factory.get('/', {'author__isnull': 'True'})
+ request.user = self.alfred
changelist = modeladmin.get_changelist_instance(request)
# Make sure the correct queryset is returned
@@ -524,6 +537,7 @@ class ListFiltersTests(TestCase):
self.assertEqual(choices[-1]['query_string'], '?author__isnull=True')
request = self.request_factory.get('/', {'author__id__exact': self.alfred.pk})
+ request.user = self.alfred
changelist = modeladmin.get_changelist_instance(request)
# Make sure the correct choice is selected
@@ -538,6 +552,7 @@ class ListFiltersTests(TestCase):
modeladmin = BookAdmin(Book, site)
request = self.request_factory.get('/')
+ request.user = self.alfred
changelist = modeladmin.get_changelist_instance(request)
# Make sure that all users are present in the contrib's list filter
@@ -546,6 +561,7 @@ class ListFiltersTests(TestCase):
self.assertEqual(sorted(filterspec.lookup_choices), sorted(expected))
request = self.request_factory.get('/', {'contributors__isnull': 'True'})
+ request.user = self.alfred
changelist = modeladmin.get_changelist_instance(request)
# Make sure the correct queryset is returned
@@ -560,6 +576,7 @@ class ListFiltersTests(TestCase):
self.assertEqual(choices[-1]['query_string'], '?contributors__isnull=True')
request = self.request_factory.get('/', {'contributors__id__exact': self.bob.pk})
+ request.user = self.alfred
changelist = modeladmin.get_changelist_instance(request)
# Make sure the correct choice is selected
@@ -574,6 +591,7 @@ class ListFiltersTests(TestCase):
# FK relationship -----
request = self.request_factory.get('/', {'books_authored__isnull': 'True'})
+ request.user = self.alfred
changelist = modeladmin.get_changelist_instance(request)
# Make sure the correct queryset is returned
@@ -588,6 +606,7 @@ class ListFiltersTests(TestCase):
self.assertEqual(choices[-1]['query_string'], '?books_authored__isnull=True')
request = self.request_factory.get('/', {'books_authored__id__exact': self.bio_book.pk})
+ request.user = self.alfred
changelist = modeladmin.get_changelist_instance(request)
# Make sure the correct choice is selected
@@ -599,6 +618,7 @@ class ListFiltersTests(TestCase):
# M2M relationship -----
request = self.request_factory.get('/', {'books_contributed__isnull': 'True'})
+ request.user = self.alfred
changelist = modeladmin.get_changelist_instance(request)
# Make sure the correct queryset is returned
@@ -613,6 +633,7 @@ class ListFiltersTests(TestCase):
self.assertEqual(choices[-1]['query_string'], '?books_contributed__isnull=True')
request = self.request_factory.get('/', {'books_contributed__id__exact': self.django_book.pk})
+ request.user = self.alfred
changelist = modeladmin.get_changelist_instance(request)
# Make sure the correct choice is selected
@@ -636,6 +657,7 @@ class ListFiltersTests(TestCase):
modeladmin = BookAdminRelatedOnlyFilter(Book, site)
request = self.request_factory.get('/')
+ request.user = self.alfred
changelist = modeladmin.get_changelist_instance(request)
# Make sure that only actual authors are present in author's list filter
@@ -652,6 +674,7 @@ class ListFiltersTests(TestCase):
modeladmin = BookAdminRelatedOnlyFilter(Book, site)
request = self.request_factory.get('/')
+ request.user = self.alfred
changelist = modeladmin.get_changelist_instance(request)
# Only actual departments should be present in employee__department's
@@ -667,6 +690,7 @@ class ListFiltersTests(TestCase):
modeladmin = BookAdminRelatedOnlyFilter(Book, site)
request = self.request_factory.get('/')
+ request.user = self.alfred
changelist = modeladmin.get_changelist_instance(request)
# Make sure that only actual contributors are present in contrib's list filter
@@ -686,6 +710,7 @@ class ListFiltersTests(TestCase):
modeladmin = BookmarkAdminGenericRelation(Bookmark, site)
request = self.request_factory.get('/', {'tags__tag': 'python'})
+ request.user = self.alfred
changelist = modeladmin.get_changelist_instance(request)
queryset = changelist.get_queryset(request)
@@ -702,9 +727,11 @@ class ListFiltersTests(TestCase):
def verify_booleanfieldlistfilter(self, modeladmin):
request = self.request_factory.get('/')
+ request.user = self.alfred
changelist = modeladmin.get_changelist_instance(request)
request = self.request_factory.get('/', {'is_best_seller__exact': 0})
+ request.user = self.alfred
changelist = modeladmin.get_changelist_instance(request)
# Make sure the correct queryset is returned
@@ -719,6 +746,7 @@ class ListFiltersTests(TestCase):
self.assertEqual(choice['query_string'], '?is_best_seller__exact=0')
request = self.request_factory.get('/', {'is_best_seller__exact': 1})
+ request.user = self.alfred
changelist = modeladmin.get_changelist_instance(request)
# Make sure the correct queryset is returned
@@ -733,6 +761,7 @@ class ListFiltersTests(TestCase):
self.assertEqual(choice['query_string'], '?is_best_seller__exact=1')
request = self.request_factory.get('/', {'is_best_seller__isnull': 'True'})
+ request.user = self.alfred
changelist = modeladmin.get_changelist_instance(request)
# Make sure the correct queryset is returned
@@ -750,9 +779,11 @@ class ListFiltersTests(TestCase):
modeladmin = BookAdmin2(Book, site)
request = self.request_factory.get('/')
+ request.user = self.alfred
changelist = modeladmin.get_changelist_instance(request)
request = self.request_factory.get('/', {'is_best_seller2__exact': 0})
+ request.user = self.alfred
changelist = modeladmin.get_changelist_instance(request)
# Make sure the correct queryset is returned
@@ -767,6 +798,7 @@ class ListFiltersTests(TestCase):
self.assertEqual(choice['query_string'], '?is_best_seller2__exact=0')
request = self.request_factory.get('/', {'is_best_seller2__exact': 1})
+ request.user = self.alfred
changelist = modeladmin.get_changelist_instance(request)
# Make sure the correct queryset is returned
@@ -781,6 +813,7 @@ class ListFiltersTests(TestCase):
self.assertEqual(choice['query_string'], '?is_best_seller2__exact=1')
request = self.request_factory.get('/', {'is_best_seller2__isnull': 'True'})
+ request.user = self.alfred
changelist = modeladmin.get_changelist_instance(request)
# Make sure the correct queryset is returned
@@ -801,9 +834,11 @@ class ListFiltersTests(TestCase):
"""
modeladmin = BookAdminWithUnderscoreLookupAndTuple(Book, site)
request = self.request_factory.get('/')
+ request.user = self.alfred
changelist = modeladmin.get_changelist_instance(request)
request = self.request_factory.get('/', {'author__email': 'alfred@example.com'})
+ request.user = self.alfred
changelist = modeladmin.get_changelist_instance(request)
# Make sure the correct queryset is returned
@@ -814,6 +849,7 @@ class ListFiltersTests(TestCase):
"""Filtering by an invalid value."""
modeladmin = BookAdmin(Book, site)
request = self.request_factory.get('/', {'author__id__exact': 'StringNotInteger!'})
+ request.user = self.alfred
with self.assertRaises(IncorrectLookupParameters):
modeladmin.get_changelist_instance(request)
@@ -822,6 +858,7 @@ class ListFiltersTests(TestCase):
# Make sure that the first option is 'All' ---------------------------
request = self.request_factory.get('/', {})
+ request.user = self.alfred
changelist = modeladmin.get_changelist_instance(request)
# Make sure the correct queryset is returned
@@ -838,6 +875,7 @@ class ListFiltersTests(TestCase):
# Look for books in the 1980s ----------------------------------------
request = self.request_factory.get('/', {'publication-decade': 'the 80s'})
+ request.user = self.alfred
changelist = modeladmin.get_changelist_instance(request)
# Make sure the correct queryset is returned
@@ -854,6 +892,7 @@ class ListFiltersTests(TestCase):
# Look for books in the 1990s ----------------------------------------
request = self.request_factory.get('/', {'publication-decade': 'the 90s'})
+ request.user = self.alfred
changelist = modeladmin.get_changelist_instance(request)
# Make sure the correct queryset is returned
@@ -870,6 +909,7 @@ class ListFiltersTests(TestCase):
# Look for books in the 2000s ----------------------------------------
request = self.request_factory.get('/', {'publication-decade': 'the 00s'})
+ request.user = self.alfred
changelist = modeladmin.get_changelist_instance(request)
# Make sure the correct queryset is returned
@@ -886,6 +926,7 @@ class ListFiltersTests(TestCase):
# Combine multiple filters -------------------------------------------
request = self.request_factory.get('/', {'publication-decade': 'the 00s', 'author__id__exact': self.alfred.pk})
+ request.user = self.alfred
changelist = modeladmin.get_changelist_instance(request)
# Make sure the correct queryset is returned
@@ -915,6 +956,7 @@ class ListFiltersTests(TestCase):
"""
modeladmin = DecadeFilterBookAdminWithoutTitle(Book, site)
request = self.request_factory.get('/', {})
+ request.user = self.alfred
msg = "The list filter 'DecadeListFilterWithoutTitle' does not specify a 'title'."
with self.assertRaisesMessage(ImproperlyConfigured, msg):
modeladmin.get_changelist_instance(request)
@@ -925,6 +967,7 @@ class ListFiltersTests(TestCase):
"""
modeladmin = DecadeFilterBookAdminWithoutParameter(Book, site)
request = self.request_factory.get('/', {})
+ request.user = self.alfred
msg = "The list filter 'DecadeListFilterWithoutParameter' does not specify a 'parameter_name'."
with self.assertRaisesMessage(ImproperlyConfigured, msg):
modeladmin.get_changelist_instance(request)
@@ -936,6 +979,7 @@ class ListFiltersTests(TestCase):
"""
modeladmin = DecadeFilterBookAdminWithNoneReturningLookups(Book, site)
request = self.request_factory.get('/', {})
+ request.user = self.alfred
changelist = modeladmin.get_changelist_instance(request)
filterspec = changelist.get_filters(request)[0]
self.assertEqual(len(filterspec), 0)
@@ -947,12 +991,14 @@ class ListFiltersTests(TestCase):
"""
modeladmin = DecadeFilterBookAdminWithFailingQueryset(Book, site)
request = self.request_factory.get('/', {})
+ request.user = self.alfred
with self.assertRaises(ZeroDivisionError):
modeladmin.get_changelist_instance(request)
def test_simplelistfilter_with_queryset_based_lookups(self):
modeladmin = DecadeFilterBookAdminWithQuerysetBasedLookups(Book, site)
request = self.request_factory.get('/', {})
+ request.user = self.alfred
changelist = modeladmin.get_changelist_instance(request)
filterspec = changelist.get_filters(request)[0][0]
@@ -978,6 +1024,7 @@ class ListFiltersTests(TestCase):
"""
modeladmin = BookAdmin(Book, site)
request = self.request_factory.get('/', {'no': '207'})
+ request.user = self.alfred
changelist = modeladmin.get_changelist_instance(request)
# Make sure the correct queryset is returned
@@ -998,6 +1045,7 @@ class ListFiltersTests(TestCase):
# When it ends with '__in' -----------------------------------------
modeladmin = DecadeFilterBookAdminParameterEndsWith__In(Book, site)
request = self.request_factory.get('/', {'decade__in': 'the 90s'})
+ request.user = self.alfred
changelist = modeladmin.get_changelist_instance(request)
# Make sure the correct queryset is returned
@@ -1015,6 +1063,7 @@ class ListFiltersTests(TestCase):
# When it ends with '__isnull' ---------------------------------------
modeladmin = DecadeFilterBookAdminParameterEndsWith__Isnull(Book, site)
request = self.request_factory.get('/', {'decade__isnull': 'the 90s'})
+ request.user = self.alfred
changelist = modeladmin.get_changelist_instance(request)
# Make sure the correct queryset is returned
@@ -1036,6 +1085,7 @@ class ListFiltersTests(TestCase):
"""
modeladmin = DepartmentFilterEmployeeAdmin(Employee, site)
request = self.request_factory.get('/', {'department': self.john.department.pk})
+ request.user = self.alfred
changelist = modeladmin.get_changelist_instance(request)
queryset = changelist.get_queryset(request)
@@ -1056,6 +1106,7 @@ class ListFiltersTests(TestCase):
"""
modeladmin = DepartmentFilterUnderscoredEmployeeAdmin(Employee, site)
request = self.request_factory.get('/', {'department__whatever': self.john.department.pk})
+ request.user = self.alfred
changelist = modeladmin.get_changelist_instance(request)
queryset = changelist.get_queryset(request)
@@ -1076,6 +1127,7 @@ class ListFiltersTests(TestCase):
modeladmin = EmployeeAdmin(Employee, site)
request = self.request_factory.get('/', {})
+ request.user = self.alfred
changelist = modeladmin.get_changelist_instance(request)
# Make sure the correct queryset is returned
@@ -1101,6 +1153,7 @@ class ListFiltersTests(TestCase):
# Filter by Department=='Development' --------------------------------
request = self.request_factory.get('/', {'department__code__exact': 'DEV'})
+ request.user = self.alfred
changelist = modeladmin.get_changelist_instance(request)
# Make sure the correct queryset is returned
@@ -1130,6 +1183,7 @@ class ListFiltersTests(TestCase):
modeladmin = DepartmentFilterDynamicValueBookAdmin(Book, site)
def _test_choices(request, expected_displays):
+ request.user = self.alfred
changelist = modeladmin.get_changelist_instance(request)
filterspec = changelist.get_filters(request)[0][0]
self.assertEqual(filterspec.title, 'publication decade')
@@ -1152,6 +1206,7 @@ class ListFiltersTests(TestCase):
"""
modeladmin = NotNinetiesListFilterAdmin(Book, site)
request = self.request_factory.get('/', {})
+ request.user = self.alfred
changelist = modeladmin.get_changelist_instance(request)
changelist.get_results(request)
self.assertEqual(changelist.full_result_count, 4)
diff --git a/tests/admin_views/admin.py b/tests/admin_views/admin.py
index 9e6ce63077..51791e961e 100644
--- a/tests/admin_views/admin.py
+++ b/tests/admin_views/admin.py
@@ -156,6 +156,10 @@ class RowLevelChangePermissionModelAdmin(admin.ModelAdmin):
""" Only allow changing objects with even id number """
return request.user.is_staff and (obj is not None) and (obj.id % 2 == 0)
+ def has_view_permission(self, request, obj=None):
+ """Only allow viewing objects if id is a multiple of 3."""
+ return request.user.is_staff and obj is not None and obj.id % 3 == 0
+
class CustomArticleAdmin(admin.ModelAdmin):
"""
diff --git a/tests/admin_views/test_templatetags.py b/tests/admin_views/test_templatetags.py
index 41bb8c37eb..929ff7e045 100644
--- a/tests/admin_views/test_templatetags.py
+++ b/tests/admin_views/test_templatetags.py
@@ -72,6 +72,9 @@ class AdminTemplateTagsTest(AdminViewBasicTestCase):
class DateHierarchyTests(TestCase):
factory = RequestFactory()
+ def setUp(self):
+ self.superuser = User.objects.create_superuser(username='super', password='secret', email='super@example.com')
+
def test_choice_links(self):
modeladmin = ModelAdmin(Question, site)
modeladmin.date_hierarchy = 'posted'
@@ -97,6 +100,7 @@ class DateHierarchyTests(TestCase):
with self.subTest(query=query):
query = {'posted__%s' % q: val for q, val in query.items()}
request = self.factory.get('/', query)
+ request.user = self.superuser
changelist = modeladmin.get_changelist_instance(request)
spec = date_hierarchy(changelist)
choices = [choice['link'] for choice in spec['choices']]
diff --git a/tests/admin_views/tests.py b/tests/admin_views/tests.py
index f8f3b3c269..f7f247fd37 100644
--- a/tests/admin_views/tests.py
+++ b/tests/admin_views/tests.py
@@ -1394,6 +1394,7 @@ class AdminViewPermissionsTest(TestCase):
@classmethod
def setUpTestData(cls):
cls.superuser = User.objects.create_superuser(username='super', password='secret', email='super@example.com')
+ cls.viewuser = User.objects.create_user(username='viewuser', password='secret', is_staff=True)
cls.adduser = User.objects.create_user(username='adduser', password='secret', is_staff=True)
cls.changeuser = User.objects.create_user(username='changeuser', password='secret', is_staff=True)
cls.deleteuser = User.objects.create_user(username='deleteuser', password='secret', is_staff=True)
@@ -1415,6 +1416,8 @@ class AdminViewPermissionsTest(TestCase):
# Setup permissions, for our users who can add, change, and delete.
opts = Article._meta
+ # User who can view Articles
+ cls.viewuser.user_permissions.add(get_perm(Article, get_permission_codename('view', opts)))
# User who can add Articles
cls.adduser.user_permissions.add(get_perm(Article, get_permission_codename('add', opts)))
# User who can change Articles
@@ -1467,6 +1470,11 @@ class AdminViewPermissionsTest(TestCase):
'username': 'joepublic',
'password': 'secret',
}
+ cls.viewuser_login = {
+ REDIRECT_FIELD_NAME: cls.index_url,
+ 'username': 'viewuser',
+ 'password': 'secret',
+ }
cls.no_username_login = {
REDIRECT_FIELD_NAME: cls.index_url,
'password': 'secret',
@@ -1503,6 +1511,14 @@ class AdminViewPermissionsTest(TestCase):
login = self.client.post(login_url, self.super_email_login)
self.assertContains(login, ERROR_MESSAGE)
+ # View User
+ response = self.client.get(self.index_url)
+ self.assertEqual(response.status_code, 302)
+ login = self.client.post(login_url, self.viewuser_login)
+ self.assertRedirects(login, self.index_url)
+ self.assertFalse(login.context)
+ self.client.get(reverse('admin:logout'))
+
# Add User
response = self.client.get(self.index_url)
self.assertEqual(response.status_code, 302)
@@ -1657,6 +1673,27 @@ class AdminViewPermissionsTest(TestCase):
self.assertEqual(Article.objects.count(), 3)
self.client.get(reverse('admin:logout'))
+ # View User should not have access to add articles
+ self.client.force_login(self.viewuser)
+ response = self.client.get(reverse('admin:admin_views_article_add'))
+ self.assertEqual(response.status_code, 403)
+ # Try POST just to make sure
+ post = self.client.post(reverse('admin:admin_views_article_add'), add_dict)
+ self.assertEqual(post.status_code, 403)
+ self.assertEqual(Article.objects.count(), 3)
+ # Now give the user permission to add but not change.
+ self.viewuser.user_permissions.add(get_perm(Article, get_permission_codename('add', Article._meta)))
+ response = self.client.get(reverse('admin:admin_views_article_add'))
+ self.assertContains(response, '<input type="submit" value="Save and view" name="_continue">')
+ post = self.client.post(reverse('admin:admin_views_article_add'), add_dict, follow=False)
+ self.assertEqual(post.status_code, 302)
+ self.assertEqual(Article.objects.count(), 4)
+ article = Article.objects.latest('pk')
+ response = self.client.get(reverse('admin:admin_views_article_change', args=(article.pk,)))
+ self.assertContains(response, '<li class="success">The article "Døm ikke" was added successfully.</li>')
+ article.delete()
+ self.client.get(reverse('admin:logout'))
+
# Add user may login and POST to add view, then redirect to admin root
self.client.force_login(self.adduser)
addpage = self.client.get(reverse('admin:admin_views_article_add'))
@@ -1668,7 +1705,7 @@ class AdminViewPermissionsTest(TestCase):
post = self.client.post(reverse('admin:admin_views_article_add'), add_dict)
self.assertRedirects(post, self.index_url)
self.assertEqual(Article.objects.count(), 4)
- self.assertEqual(len(mail.outbox), 1)
+ self.assertEqual(len(mail.outbox), 2)
self.assertEqual(mail.outbox[0].subject, 'Greetings from a created object')
self.client.get(reverse('admin:logout'))
@@ -1722,6 +1759,19 @@ class AdminViewPermissionsTest(TestCase):
self.assertEqual(post.status_code, 403)
self.client.get(reverse('admin:logout'))
+ # view user should be able to view the article but not change any of them
+ # (the POST can be sent, but no modification occures)
+ self.client.force_login(self.viewuser)
+ response = self.client.get(article_changelist_url)
+ self.assertEqual(response.status_code, 200)
+ response = self.client.get(article_change_url)
+ self.assertEqual(response.status_code, 200)
+ self.assertContains(response, '<a href="/test_admin/admin/admin_views/article/" class="closelink">Close</a>')
+ post = self.client.post(article_change_url, change_dict)
+ self.assertEqual(post.status_code, 302)
+ self.assertEqual(Article.objects.get(pk=self.a1.pk).content, '<p>Middle content</p>')
+ self.client.get(reverse('admin:logout'))
+
# change user can view all items and edit them
self.client.force_login(self.changeuser)
response = self.client.get(article_changelist_url)
@@ -1751,9 +1801,14 @@ class AdminViewPermissionsTest(TestCase):
# Test redirection when using row-level change permissions. Refs #11513.
r1 = RowLevelChangePermissionModel.objects.create(id=1, name="odd id")
r2 = RowLevelChangePermissionModel.objects.create(id=2, name="even id")
+ r3 = RowLevelChangePermissionModel.objects.create(id=3, name='odd id mult 3')
+ r6 = RowLevelChangePermissionModel.objects.create(id=6, name='even id mult 3')
change_url_1 = reverse('admin:admin_views_rowlevelchangepermissionmodel_change', args=(r1.pk,))
change_url_2 = reverse('admin:admin_views_rowlevelchangepermissionmodel_change', args=(r2.pk,))
- for login_user in [self.superuser, self.adduser, self.changeuser, self.deleteuser]:
+ change_url_3 = reverse('admin:admin_views_rowlevelchangepermissionmodel_change', args=(r3.pk,))
+ change_url_6 = reverse('admin:admin_views_rowlevelchangepermissionmodel_change', args=(r6.pk,))
+ logins = [self.superuser, self.viewuser, self.adduser, self.changeuser, self.deleteuser]
+ for login_user in logins:
self.client.force_login(login_user)
response = self.client.get(change_url_1)
self.assertEqual(response.status_code, 403)
@@ -1765,6 +1820,18 @@ class AdminViewPermissionsTest(TestCase):
response = self.client.post(change_url_2, {'name': 'changed'})
self.assertEqual(RowLevelChangePermissionModel.objects.get(id=2).name, 'changed')
self.assertRedirects(response, self.index_url)
+ response = self.client.get(change_url_3)
+ self.assertEqual(response.status_code, 200)
+ response = self.client.post(change_url_3, {'name': 'changed'})
+ self.assertEqual(response.status_code, 302)
+ self.assertRedirects(response, self.index_url)
+ self.assertEqual(RowLevelChangePermissionModel.objects.get(id=3).name, 'odd id mult 3')
+ response = self.client.get(change_url_6)
+ self.assertEqual(response.status_code, 200)
+ response = self.client.post(change_url_6, {'name': 'changed'})
+ self.assertEqual(RowLevelChangePermissionModel.objects.get(id=6).name, 'changed')
+ self.assertRedirects(response, self.index_url)
+
self.client.get(reverse('admin:logout'))
for login_user in [self.joepublicuser, self.nostaffuser]:
@@ -1833,6 +1900,15 @@ class AdminViewPermissionsTest(TestCase):
self.assertEqual(Article.objects.count(), 3)
self.client.logout()
+ # view user should not be able to delete articles
+ self.client.force_login(self.viewuser)
+ response = self.client.get(delete_url)
+ self.assertEqual(response.status_code, 403)
+ post = self.client.post(delete_url, delete_dict)
+ self.assertEqual(post.status_code, 403)
+ self.assertEqual(Article.objects.count(), 3)
+ self.client.logout()
+
# Delete user can delete
self.client.force_login(self.deleteuser)
response = self.client.get(reverse('admin:admin_views_section_delete', args=(self.s1.pk,)))
@@ -1890,6 +1966,12 @@ class AdminViewPermissionsTest(TestCase):
self.assertEqual(response.status_code, 403)
self.client.get(reverse('admin:logout'))
+ # view user can view all items
+ self.client.force_login(self.viewuser)
+ response = self.client.get(reverse('admin:admin_views_article_history', args=(self.a1.pk,)))
+ self.assertEqual(response.status_code, 200)
+ self.client.get(reverse('admin:logout'))
+
# change user can view all items and edit them
self.client.force_login(self.changeuser)
response = self.client.get(reverse('admin:admin_views_article_history', args=(self.a1.pk,)))
@@ -1898,7 +1980,8 @@ class AdminViewPermissionsTest(TestCase):
# Test redirection when using row-level change permissions. Refs #11513.
rl1 = RowLevelChangePermissionModel.objects.create(name="odd id")
rl2 = RowLevelChangePermissionModel.objects.create(name="even id")
- for login_user in [self.superuser, self.adduser, self.changeuser, self.deleteuser]:
+ logins = [self.superuser, self.viewuser, self.adduser, self.changeuser, self.deleteuser]
+ for login_user in logins:
self.client.force_login(login_user)
url = reverse('admin:admin_views_rowlevelchangepermissionmodel_history', args=(rl1.pk,))
response = self.client.get(url)
@@ -2072,6 +2155,12 @@ class AdminViewPermissionsTest(TestCase):
self.assertContains(response, 'Articles')
self.client.logout()
+ self.client.force_login(self.viewuser)
+ response = self.client.get(self.index_url)
+ self.assertContains(response, 'admin_views')
+ self.assertContains(response, 'Articles')
+ self.client.logout()
+
self.client.force_login(self.adduser)
response = self.client.get(self.index_url)
self.assertContains(response, 'admin_views')
@@ -2104,6 +2193,12 @@ class AdminViewPermissionsTest(TestCase):
self.assertNotContains(response, articles)
self.client.logout()
+ self.client.force_login(self.viewuser)
+ response = self.client.get(index_url)
+ self.assertNotContains(response, 'admin_views')
+ self.assertNotContains(response, articles)
+ self.client.logout()
+
self.client.force_login(self.adduser)
response = self.client.get(index_url)
self.assertNotContains(response, 'admin_views')
@@ -3745,6 +3840,52 @@ class AdminInlineTests(TestCase):
self.assertEqual(Widget.objects.count(), 1)
self.assertEqual(Widget.objects.all()[0].name, "Widget 1 Updated")
+ def test_simple_inline_permissions(self):
+ """
+ Changes aren't allowed without change permissions for the inline object.
+ """
+ # User who can view Articles
+ permissionuser = User.objects.create_user(
+ username='permissionuser', password='secret',
+ email='vuser@example.com', is_staff=True,
+ )
+ permissionuser.user_permissions.add(get_perm(Collector, get_permission_codename('view', Collector._meta)))
+ permissionuser.user_permissions.add(get_perm(Widget, get_permission_codename('view', Widget._meta)))
+ self.client.force_login(permissionuser)
+ # Without add permission, a new inline can't be added.
+ self.post_data['widget_set-0-name'] = 'Widget 1'
+ collector_url = reverse('admin:admin_views_collector_change', args=(self.collector.pk,))
+ response = self.client.post(collector_url, self.post_data)
+ self.assertEqual(response.status_code, 302)
+ self.assertEqual(Widget.objects.count(), 0)
+ # But after adding the permisson it can.
+ permissionuser.user_permissions.add(get_perm(Widget, get_permission_codename('add', Widget._meta)))
+ self.post_data['widget_set-0-name'] = "Widget 1"
+ collector_url = reverse('admin:admin_views_collector_change', args=(self.collector.pk,))
+ response = self.client.post(collector_url, self.post_data)
+ self.assertEqual(response.status_code, 302)
+ self.assertEqual(Widget.objects.count(), 1)
+ self.assertEqual(Widget.objects.first().name, 'Widget 1')
+ widget_id = Widget.objects.first().id
+ # Without the change permission, a POST doesn't change the object.
+ self.post_data['widget_set-INITIAL_FORMS'] = '1'
+ self.post_data['widget_set-0-id'] = str(widget_id)
+ self.post_data['widget_set-0-name'] = 'Widget 1 Updated'
+ response = self.client.post(collector_url, self.post_data)
+ self.assertEqual(response.status_code, 302)
+ self.assertEqual(Widget.objects.count(), 1)
+ self.assertEqual(Widget.objects.first().name, 'Widget 1')
+ # Now adding the change permission and editing works.
+ permissionuser.user_permissions.remove(get_perm(Widget, get_permission_codename('add', Widget._meta)))
+ permissionuser.user_permissions.add(get_perm(Widget, get_permission_codename('change', Widget._meta)))
+ self.post_data['widget_set-INITIAL_FORMS'] = '1'
+ self.post_data['widget_set-0-id'] = str(widget_id)
+ self.post_data['widget_set-0-name'] = 'Widget 1 Updated'
+ response = self.client.post(collector_url, self.post_data)
+ self.assertEqual(response.status_code, 302)
+ self.assertEqual(Widget.objects.count(), 1)
+ self.assertEqual(Widget.objects.first().name, 'Widget 1 Updated')
+
def test_explicit_autofield_inline(self):
"A model with an explicit autofield primary key can be saved as inlines. Regression for #8093"
# First add a new inline
diff --git a/tests/auth_tests/test_management.py b/tests/auth_tests/test_management.py
index 4e60333c9d..b0c5c6204b 100644
--- a/tests/auth_tests/test_management.py
+++ b/tests/auth_tests/test_management.py
@@ -767,10 +767,10 @@ class CreatePermissionsTests(TestCase):
]
create_permissions(self.app_config, verbosity=0)
- # add/change/delete permission by default + custom permission
+ # view/add/change/delete permission by default + custom permission
self.assertEqual(Permission.objects.filter(
content_type=permission_content_type,
- ).count(), 4)
+ ).count(), 5)
Permission.objects.filter(content_type=permission_content_type).delete()
Permission._meta.default_permissions = []
diff --git a/tests/modeladmin/tests.py b/tests/modeladmin/tests.py
index d0123de722..db6e9e8864 100644
--- a/tests/modeladmin/tests.py
+++ b/tests/modeladmin/tests.py
@@ -11,7 +11,7 @@ from django.contrib.admin.widgets import (
AdminDateWidget, AdminRadioSelect, AutocompleteSelect,
AutocompleteSelectMultiple,
)
-from django.contrib.auth.models import User
+from django.contrib.auth.models import Permission, User
from django.db import models
from django.forms.widgets import Select
from django.test import SimpleTestCase, TestCase
@@ -676,6 +676,18 @@ class ModelAdminTests(TestCase):
self.assertEqual(perms_needed, set())
self.assertEqual(protected, [])
+ def test_get_actions_requires_change_perm(self):
+ user = User.objects.create_user(username='bob', email='bob@test.com', password='test')
+ mock_request = MockRequest()
+ mock_request.user = user
+ mock_request.GET = {}
+ ma = ModelAdmin(Band, self.site)
+ self.assertEqual(list(ma.get_actions(mock_request).keys()), [])
+ p = Permission.objects.get(codename='change_band', content_type=get_content_type_for_model(Band()))
+ user.user_permissions.add(p)
+ mock_request.user = User.objects.get(pk=user.pk)
+ self.assertEqual(list(ma.get_actions(mock_request).keys()), ['delete_selected'])
+
class ModelAdminPermissionTests(SimpleTestCase):
@@ -683,6 +695,10 @@ class ModelAdminPermissionTests(SimpleTestCase):
def has_module_perms(self, app_label):
return app_label == 'modeladmin'
+ class MockViewUser(MockUser):
+ def has_perm(self, perm):
+ return perm == 'modeladmin.view_band'
+
class MockAddUser(MockUser):
def has_perm(self, perm):
return perm == 'modeladmin.add_band'
@@ -695,6 +711,22 @@ class ModelAdminPermissionTests(SimpleTestCase):
def has_perm(self, perm):
return perm == 'modeladmin.delete_band'
+ def test_has_view_permission(self):
+ """
+ has_view_permission() returns True for users who can view objects and
+ False for users who can't.
+ """
+ ma = ModelAdmin(Band, AdminSite())
+ request = MockRequest()
+ request.user = self.MockViewUser()
+ self.assertIs(ma.has_view_permission(request), True)
+ request.user = self.MockAddUser()
+ self.assertIs(ma.has_view_permission(request), False)
+ request.user = self.MockChangeUser()
+ self.assertIs(ma.has_view_permission(request), True)
+ request.user = self.MockDeleteUser()
+ self.assertIs(ma.has_view_permission(request), False)
+
def test_has_add_permission(self):
"""
has_add_permission returns True for users who can add objects and
@@ -702,6 +734,8 @@ class ModelAdminPermissionTests(SimpleTestCase):
"""
ma = ModelAdmin(Band, AdminSite())
request = MockRequest()
+ request.user = self.MockViewUser()
+ self.assertFalse(ma.has_add_permission(request))
request.user = self.MockAddUser()
self.assertTrue(ma.has_add_permission(request))
request.user = self.MockChangeUser()
@@ -735,6 +769,8 @@ class ModelAdminPermissionTests(SimpleTestCase):
"""
ma = ModelAdmin(Band, AdminSite())
request = MockRequest()
+ request.user = self.MockViewUser()
+ self.assertIs(ma.has_change_permission(request), False)
request.user = self.MockAddUser()
self.assertFalse(ma.has_change_permission(request))
request.user = self.MockChangeUser()
@@ -749,6 +785,8 @@ class ModelAdminPermissionTests(SimpleTestCase):
"""
ma = ModelAdmin(Band, AdminSite())
request = MockRequest()
+ request.user = self.MockViewUser()
+ self.assertIs(ma.has_delete_permission(request), False)
request.user = self.MockAddUser()
self.assertFalse(ma.has_delete_permission(request))
request.user = self.MockChangeUser()
@@ -763,6 +801,8 @@ class ModelAdminPermissionTests(SimpleTestCase):
"""
ma = ModelAdmin(Band, AdminSite())
request = MockRequest()
+ request.user = self.MockViewUser()
+ self.assertIs(ma.has_module_permission(request), True)
request.user = self.MockAddUser()
self.assertTrue(ma.has_module_permission(request))
request.user = self.MockChangeUser()
@@ -773,6 +813,8 @@ class ModelAdminPermissionTests(SimpleTestCase):
original_app_label = ma.opts.app_label
ma.opts.app_label = 'anotherapp'
try:
+ request.user = self.MockViewUser()
+ self.assertIs(ma.has_module_permission(request), False)
request.user = self.MockAddUser()
self.assertFalse(ma.has_module_permission(request))
request.user = self.MockChangeUser()
generated by cgit v1.3 (git 2.53.0) at 2026-05-02 02:29:51 +0000