misc: fix shown_because_admin has no role and cell.restricted_to_unlogged is True (#45846)
This commit is contained in:
parent
afde19c1fe
commit
92e68e279a
|
@ -41,7 +41,7 @@ from django.utils.encoding import force_str
|
|||
from django.utils.timezone import is_naive, make_aware
|
||||
|
||||
from combo.apps.dashboard.models import DashboardCell, Tile
|
||||
from combo.data.models import Page, Placeholder
|
||||
from combo.data.models import Page, Placeholder, element_is_visible
|
||||
from combo.public.menu import get_menu_context
|
||||
from combo.utils import NothingInCacheException, flatten_context
|
||||
from combo.utils.date import make_date, make_datetime
|
||||
|
@ -312,14 +312,7 @@ def time(value, arg=None):
|
|||
|
||||
@register.filter
|
||||
def shown_because_admin(cell, request):
|
||||
if not (request.user and request.user.is_superuser):
|
||||
return False
|
||||
if cell.public:
|
||||
return False
|
||||
cell_groups = cell.groups.all()
|
||||
if not cell_groups:
|
||||
return False
|
||||
return not (set(cell_groups).intersection(request.user.groups.all()))
|
||||
return not element_is_visible(cell, user=request.user, ignore_superuser=True)
|
||||
|
||||
|
||||
@register.filter(name='has_role')
|
||||
|
|
|
@ -9,7 +9,7 @@ import pytest
|
|||
import requests
|
||||
from django.apps import apps
|
||||
from django.conf import settings
|
||||
from django.contrib.auth.models import User
|
||||
from django.contrib.auth.models import Group, User
|
||||
from django.db import connection
|
||||
from django.forms.widgets import Media
|
||||
from django.template.exceptions import TemplateDoesNotExist
|
||||
|
@ -1690,3 +1690,86 @@ def test_cell_assets(settings, app, admin_user):
|
|||
resp = app.get('/manage/assets/')
|
||||
assert link_cell.get_slug_for_asset() == 'test_cell_assets'
|
||||
assert 'Picture — %s (test)' % link_cell.get_label_for_asset() in resp.text
|
||||
|
||||
|
||||
class TestCellVisibility:
|
||||
@pytest.fixture
|
||||
def group(self, db):
|
||||
return Group.objects.create(name='Group')
|
||||
|
||||
@pytest.fixture(autouse=True)
|
||||
def setup(self, db, group):
|
||||
pg = Page.objects.create(title='Test', slug='test', template_name='standard')
|
||||
|
||||
order = 0
|
||||
|
||||
def make_cell(**kwargs):
|
||||
nonlocal order
|
||||
try:
|
||||
return TextCell.objects.create(page=pg, placeholder='content', order=order, **kwargs)
|
||||
finally:
|
||||
order += 1
|
||||
|
||||
make_cell(text='<p>Always visible</p>')
|
||||
make_cell(text='<p>Visible to unlogged only</p>', restricted_to_unlogged=True)
|
||||
make_cell(text='<p>Visible to logged only</p>', public=False)
|
||||
make_cell(text='<p>Visible only to members of group</p>', public=False).groups.add(group)
|
||||
make_cell(
|
||||
text='<p id="visible-to-non-members-of-group">Visible only to non-members of group</p>',
|
||||
public=False,
|
||||
restricted_to_unlogged=True,
|
||||
).groups.add(group)
|
||||
|
||||
def test_anonymous(self, app):
|
||||
response = app.get('/test/')
|
||||
|
||||
assert 'Always visible' in response
|
||||
assert 'Visible to unlogged only' in response
|
||||
assert 'Visible to logged only' not in response
|
||||
assert 'Visible only to members of group' not in response
|
||||
assert 'Visible only to non-members of group' not in response
|
||||
assert len(response.pyquery('.shown-because-admin')) == 0
|
||||
|
||||
def test_user(self, app):
|
||||
User.objects.create(username='user')
|
||||
response = app.get('/test/', user='user')
|
||||
|
||||
assert 'Always visible' in response
|
||||
assert 'Visible to unlogged only' not in response
|
||||
assert 'Visible to logged only' in response
|
||||
assert 'Visible only to members of group' not in response
|
||||
assert 'Visible only to non-members of group' in response
|
||||
assert len(response.pyquery('.shown-because-admin')) == 0
|
||||
|
||||
def test_user_with_role(self, app, group):
|
||||
User.objects.create(username='user').groups.add(group)
|
||||
response = app.get('/test/', user='user')
|
||||
|
||||
assert 'Always visible' in response
|
||||
assert 'Visible to unlogged only' not in response
|
||||
assert 'Visible to logged only' in response
|
||||
assert 'Visible only to members of group' in response
|
||||
assert 'Visible only to non-members of group' not in response
|
||||
assert len(response.pyquery('.shown-because-admin')) == 0
|
||||
|
||||
def test_superuser(self, app):
|
||||
User.objects.create(username='superuser', is_superuser=True)
|
||||
response = app.get('/test/', user='superuser')
|
||||
|
||||
assert 'Always visible' in response
|
||||
assert 'Visible to unlogged only' not in response
|
||||
assert 'Visible to logged only' in response
|
||||
assert 'Visible only to members of group' in response
|
||||
assert 'Visible only to non-members of group' in response
|
||||
assert response.pyquery('.shown-because-admin').text() == 'Visible only to members of group'
|
||||
|
||||
def test_superuser_with_role(self, app, group):
|
||||
User.objects.create(username='superuser', is_superuser=True).groups.add(group)
|
||||
response = app.get('/test/', user='superuser')
|
||||
|
||||
assert 'Always visible' in response
|
||||
assert 'Visible to unlogged only' not in response
|
||||
assert 'Visible to logged only' in response
|
||||
assert 'Visible only to members of group' in response
|
||||
assert 'Visible only to non-members of group' in response
|
||||
assert response.pyquery('.shown-because-admin').text() == 'Visible only to non-members of group'
|
||||
|
|
Loading…
Reference in New Issue