|
1 # copyright 2003-2014 LOGILAB S.A. (Paris, FRANCE), all rights reserved. |
|
2 # contact http://www.logilab.fr/ -- mailto:contact@logilab.fr |
|
3 # |
|
4 # This file is part of CubicWeb. |
|
5 # |
|
6 # CubicWeb is free software: you can redistribute it and/or modify it under the |
|
7 # terms of the GNU Lesser General Public License as published by the Free |
|
8 # Software Foundation, either version 2.1 of the License, or (at your option) |
|
9 # any later version. |
|
10 # |
|
11 # CubicWeb is distributed in the hope that it will be useful, but WITHOUT |
|
12 # ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS |
|
13 # FOR A PARTICULAR PURPOSE. See the GNU Lesser General Public License for more |
|
14 # details. |
|
15 # |
|
16 # You should have received a copy of the GNU Lesser General Public License along |
|
17 # with CubicWeb. If not, see <http://www.gnu.org/licenses/>. |
|
18 |
|
19 from logilab.common.testlib import unittest_main |
|
20 |
|
21 from cubicweb.devtools.testlib import CubicWebTC |
|
22 from cubicweb.web.views import actions, uicfg |
|
23 |
|
24 |
|
25 class ActionsTC(CubicWebTC): |
|
26 def test_view_action(self): |
|
27 with self.admin_access.web_request(vid='rss', rql='CWUser X') as req: |
|
28 rset = req.execute('CWUser X') |
|
29 actions = self.vreg['actions'].poss_visible_objects(req, rset=rset) |
|
30 vaction = [action for action in actions if action.__regid__ == 'view'][0] |
|
31 self.assertEqual(vaction.url(), 'http://testing.fr/cubicweb/view?rql=CWUser%20X') |
|
32 |
|
33 def test_has_editable_relations(self): |
|
34 """ensure has_editable_relation predicate used by ModifyAction |
|
35 return positive score if there is only some inlined forms |
|
36 """ |
|
37 # The schema only allows the anonymous user to modify his/her own |
|
38 # EmailAddress if it is set, not to create one. Since the 'anon' CWUser |
|
39 # entity is created without any associated EmailAddress entities, there |
|
40 # are no attributes nor relations that can be edited: the "modify" |
|
41 # action should not appear. |
|
42 with self.new_access('anon').web_request() as req: |
|
43 predicate = actions.has_editable_relation() |
|
44 self.assertEqual(predicate(None, req, rset=req.user.as_rset()), |
|
45 0) |
|
46 # being allowed to 'add' the relation is not enough |
|
47 use_email = self.schema['use_email'].rdefs['CWUser', 'EmailAddress'] |
|
48 with self.temporary_permissions((use_email, {'add': ('guests',)})): |
|
49 with self.new_access('anon').web_request() as req: |
|
50 predicate = actions.has_editable_relation() |
|
51 self.assertEqual(predicate(None, req, rset=req.user.as_rset()), |
|
52 0) |
|
53 # if we also allow creating the target etype, then the "modify" action |
|
54 # should appear |
|
55 with self.temporary_permissions((use_email, {'add': ('guests',)}), |
|
56 EmailAddress={'add': ('guests',)}): |
|
57 with self.new_access('anon').web_request() as req: |
|
58 predicate = actions.has_editable_relation() |
|
59 self.assertEqual(predicate(None, req, rset=req.user.as_rset()), |
|
60 1) |
|
61 |
|
62 |
|
63 if __name__ == '__main__': |
|
64 unittest_main() |