# HG changeset patch -- Bitbucket.org # Project django-modelviews # URL http://bitbucket.org/david/django-modelviews/overview # User David Larlet # Date 1214093715 -7200 # Node ID add8532b04a86f2be8020758a2e988db50bda2a0 # Parent 82f1d682d5600a874ea6bfc6fd1eeb0df50bdb2e Add more authentication backends --- a/tests/test_modelview/tests.py +++ b/tests/test_modelview/tests.py @@ -45,7 +45,13 @@ class ModelViewTest(TestCase): def test_restricting_authentication(self): - u = User.objects.all()[0] + a = Article.objects.all()[0] + david = User.objects.all()[0] + david.is_superuser = True + david.save() + will = User.objects.all()[1] + will.is_staff = True + will.save() response = self.client.get('/auth-articles/') self.assertEqual(response.status_code, 405) response = self.client.post('/auth-articles/', {}) @@ -53,6 +59,36 @@ class ModelViewTest(TestCase): response = self.client.login(username='david', password='baz') response = self.client.get('/auth-articles/') self.assertEqual(response.status_code, 200) + response = self.client.post('/auth-articles/', {'name': "Another article", + 'slug': "another-article", + 'body': "some other text"}) + self.assertEqual(response.status_code, 302) + self.assertEqual(Article.objects.count(), 2) + response = self.client.login(username='will', password='baz') + response = self.client.get('/auth-articles/') + self.assertEqual(response.status_code, 200) + response = self.client.post('/auth-articles/', {'name': "Another article", + 'slug': "another-article", + 'body': "some other text"}) + self.assertEqual(response.status_code, 405) + self.assertEqual(Article.objects.count(), 2) + a2 = Article.objects.all()[1] + response = self.client.login(username='david', password='baz') + response = self.client.post('/auth-articles/%s/' % a2.slug, {'name': "Yet another article", + 'slug': "yet-another-article", + 'body': "some other text"}, + REQUEST_METHOD='PUT') + self.assertEqual(response.status_code, 405) + a2 = Article.objects.all()[1] + self.assertEqual(a2.name, u'Another article') + response = self.client.login(username='will', password='baz') + response = self.client.post('/auth-articles/%s/' % a2.slug, {'name': "Yet another article again", + 'slug': "yet-another-article-again", + 'body': "some other text"}, + REQUEST_METHOD='PUT') + self.assertEqual(response.status_code, 302) + a2 = Article.objects.all()[1] + self.assertEqual(a2.name, u'Yet another article again') def test_default_responder(self): --- a/tests/urls.py +++ b/tests/urls.py @@ -12,7 +12,10 @@ rw_articles = ModelView(Article.objects. methods=('GET', 'POST', 'PUT', 'DELETE')) auth_articles = ModelView(Article.objects.all(), responders=(HtmlResponder,), - methods={'GET': django_authentication}) + methods={ + 'GET': django_authentication, + 'POST': django_superuser_authentication, + 'PUT': django_staff_authentication}) comments = ModelView(Comment.objects.all(), responders=(HtmlResponder,), methods=('GET',)) --- a/generic/rest_views.py +++ b/generic/rest_views.py @@ -12,7 +12,11 @@ except ImportError: def django_authentication(request, **kwargs): return request.user.is_authenticated() +def django_superuser_authentication(request, **kwargs): + return request.user.is_superuser +def django_staff_authentication(request, **kwargs): + return request.user.is_staff