taiga
/
taiga-back
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

Adding permissions and testing for resend-invitation service

remotes/origin/enhancement/email-actions
Jesús Espino 2014-07-31 14:09:09 +02:00
parent 883fd81d06
commit dd7d478d05
4 changed files with 42 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
taiga/projects/api.py
View File

@ -196,7 +196,11 @@ class MembershipViewSet(ModelCrudViewSet):
@detail_route(methods=["POST"]) @detail_route(methods=["POST"])
def resend_invitation(self, request, **kwargs): def resend_invitation(self, request, **kwargs):
services.send_invitation(invitation=self.get_object()) invitation = self.get_object()
self.check_permissions(request, 'resend_invitation', invitation.project)
services.send_invitation(invitation=invitation)
return Response(status=status.HTTP_204_NO_CONTENT) return Response(status=status.HTTP_204_NO_CONTENT)
def pre_save(self, object): def pre_save(self, object):

1
taiga/projects/permissions.py
View File

@ -42,6 +42,7 @@ class MembershipPermission(ResourcePermission):
destroy_perms = IsProjectOwner() destroy_perms = IsProjectOwner()
list_perms = AllowAny() list_perms = AllowAny()
bulk_create_perms = IsProjectOwner() bulk_create_perms = IsProjectOwner()
resend_invitation_perms = IsProjectOwner()
# User Stories # User Stories

9
tests/factories.py
View File

@ -128,6 +128,15 @@ class MembershipFactory(Factory):
user = factory.SubFactory("tests.factories.UserFactory") user = factory.SubFactory("tests.factories.UserFactory")
class InvitationFactory(Factory):
FACTORY_FOR = get_model("projects", "Membership")
token = factory.LazyAttribute(lambda obj: str(uuid.uuid1()))
project = factory.SubFactory("tests.factories.ProjectFactory")
role = factory.SubFactory("tests.factories.RoleFactory")
email = factory.Sequence(lambda n: "user{}@email.com".format(n))
class StorageEntryFactory(Factory): class StorageEntryFactory(Factory):
FACTORY_FOR = get_model("userstorage", "StorageEntry") FACTORY_FOR = get_model("userstorage", "StorageEntry")

27
tests/integration/resources_permissions/test_projects_choices_resources.py
View File

@ -1551,6 +1551,33 @@ def test_membership_action_bulk_create(client, data):
assert results == [401, 403, 403, 403, 200] assert results == [401, 403, 403, 403, 200]
def test_membership_action_resend_invitation(client, data):
public_invitation = f.InvitationFactory(project=data.public_project, role__project=data.public_project)
private_invitation1 = f.InvitationFactory(project=data.private_project1, role__project=data.private_project1)
private_invitation2 = f.InvitationFactory(project=data.private_project2, role__project=data.private_project2)
public_url = reverse('memberships-resend-invitation', kwargs={"pk": public_invitation.pk})
private1_url = reverse('memberships-resend-invitation', kwargs={"pk": private_invitation1.pk})
private2_url = reverse('memberships-resend-invitation', kwargs={"pk": private_invitation2.pk})
users = [
None,
data.registered_user,
data.project_member_without_perms,
data.project_member_with_perms,
data.project_owner
]
results = helper_test_http_method(client, 'post', public_url, None, users)
assert results == [401, 403, 403, 403, 204]
results = helper_test_http_method(client, 'post', private1_url, None, users)
assert results == [401, 403, 403, 403, 204]
results = helper_test_http_method(client, 'post', private2_url, None, users)
assert results == [404, 404, 403, 403, 204]
def test_project_template_retrieve(client, data): def test_project_template_retrieve(client, data):
url = reverse('project-templates-detail', kwargs={"pk": data.project_template.pk}) url = reverse('project-templates-detail', kwargs={"pk": data.project_template.pk})