From 2972e59b8808655b42f9225a72dfbbb906addfa9 Mon Sep 17 00:00:00 2001
From: Piotr Gawron <piotr.gawron@uni.lu>
Date: Thu, 19 Mar 2020 14:58:31 +0100
Subject: [PATCH] modif_flyingteam permission implemented
---
smash/web/templates/sidebar.html | 2 ++
smash/web/tests/view/test_flying_teams.py | 14 ++++++++++++++
smash/web/views/flying_teams.py | 7 ++++++-
3 files changed, 22 insertions(+), 1 deletion(-)
diff --git a/smash/web/templates/sidebar.html b/smash/web/templates/sidebar.html
index f623b037..e96f912d 100644
--- a/smash/web/templates/sidebar.html
+++ b/smash/web/templates/sidebar.html
@@ -48,7 +48,9 @@
{% if "change_appointmenttype" in permissions %}
<li data-desc="appointment_types"><a href="{% url 'web.views.appointment_types' %}">Appointment Types</a></li>
{% endif %}
+ {% if "change_flyingteam" in permissions %}
<li data-desc="flying_teams"><a href="{% url 'web.views.equipment_and_rooms.flying_teams' %}">Flying teams</a></li>
+ {% endif %}
<li data-desc="kit_requests"><a href="{% url 'web.views.kit_requests' %}">Kit requests</a></li>
<li data-desc="rooms"><a href="{% url 'web.views.equipment_and_rooms.rooms' %}">Rooms</a></li>
</ul>
diff --git a/smash/web/tests/view/test_flying_teams.py b/smash/web/tests/view/test_flying_teams.py
index 32cfe22f..e282c3e9 100644
--- a/smash/web/tests/view/test_flying_teams.py
+++ b/smash/web/tests/view/test_flying_teams.py
@@ -17,6 +17,7 @@ class FlyingTeamTests(LoggedInTestCase):
return 'Random' + ''.join(random.choice(letters) for x in range(15))
def test_flying_team_requests(self):
+ self.login_as_admin()
pages = [
'web.views.equipment_and_rooms.flying_teams',
'web.views.equipment_and_rooms.flying_teams_add',
@@ -26,7 +27,18 @@ class FlyingTeamTests(LoggedInTestCase):
response = self.client.get(reverse(page))
self.assertEqual(response.status_code, 200)
+ def test_flying_team_requests_without_permission(self):
+ pages = [
+ 'web.views.equipment_and_rooms.flying_teams',
+ 'web.views.equipment_and_rooms.flying_teams_add',
+ ]
+
+ for page in pages:
+ response = self.client.get(reverse(page))
+ self.assertEqual(response.status_code, 302)
+
def test_flying_team_add(self):
+ self.login_as_admin()
page = reverse('web.views.equipment_and_rooms.flying_teams_add')
data = {
'place': self.generate_more_or_less_random_name()
@@ -38,6 +50,7 @@ class FlyingTeamTests(LoggedInTestCase):
self.assertEqual(len(freshly_created), 1)
def test_flying_team_edit(self):
+ self.login_as_admin()
flying_team = create_flying_team()
page = reverse('web.views.equipment_and_rooms.flying_teams_edit',
kwargs={'flying_team_id': str(flying_team.id)})
@@ -51,6 +64,7 @@ class FlyingTeamTests(LoggedInTestCase):
self.assertEqual(freshly_edited.place, data["place"])
def test_flying_team_edit_request(self):
+ self.login_as_admin()
flying_team = create_flying_team()
page = reverse('web.views.equipment_and_rooms.flying_teams_edit',
kwargs={'flying_team_id': str(flying_team.id)})
diff --git a/smash/web/views/flying_teams.py b/smash/web/views/flying_teams.py
index dc6c4752..f4e3cb78 100644
--- a/smash/web/views/flying_teams.py
+++ b/smash/web/views/flying_teams.py
@@ -1,11 +1,13 @@
# coding=utf-8
from django.shortcuts import redirect, get_object_or_404
+from web.decorators import PermissionDecorator
from . import wrap_response
-from ..models import FlyingTeam
from ..forms.forms import FlyingTeamAddForm, FlyingTeamEditForm
+from ..models import FlyingTeam
+@PermissionDecorator('change_flyingteam', 'item')
def flying_teams(request):
flying_team_list = FlyingTeam.objects.order_by('-place')
context = {
@@ -16,6 +18,8 @@ def flying_teams(request):
"equipment_and_rooms/flying_teams/index.html",
context)
+
+@PermissionDecorator('change_flyingteam', 'item')
def flying_teams_add(request):
if request.method == 'POST':
form = FlyingTeamAddForm(request.POST)
@@ -28,6 +32,7 @@ def flying_teams_add(request):
return wrap_response(request, 'equipment_and_rooms/flying_teams/add.html', {'form': form})
+@PermissionDecorator('change_flyingteam', 'item')
def flying_teams_edit(request, flying_team_id):
the_flying_team = get_object_or_404(FlyingTeam, id=flying_team_id)
if request.method == 'POST':
--
GitLab