From 8f7dd094b7a27c7b4d07da2e40d871e3c9abc56f Mon Sep 17 00:00:00 2001
From: meomancer <meomancer@gmail.com>
Date: Fri, 22 Jul 2016 14:56:04 +0700
Subject: [PATCH] fix travis

---
 django_project/base/models/project.py            | 4 ++++
 django_project/permission/tests/test_views.py    | 5 +++--
 django_project/permission/views/administrator.py | 2 +-
 django_project/permission/views/collaborator.py  | 2 +-
 django_project/permission/views/user_manager.py  | 8 +++++---
 5 files changed, 14 insertions(+), 7 deletions(-)

diff --git a/django_project/base/models/project.py b/django_project/base/models/project.py
index 0d498dc51..ce430b24d 100644
--- a/django_project/base/models/project.py
+++ b/django_project/base/models/project.py
@@ -187,6 +187,8 @@ def collaborators(self):
 
     def is_administrator(self, user):
         """checking user is administrator"""
+        if not user.is_authenticated():
+            return False
         if user.is_staff or user == self.owner:
             return True
         try:
@@ -197,6 +199,8 @@ def is_administrator(self, user):
 
     def is_collaborator(self, user):
         """checking user is collaborator"""
+        if not user.is_authenticated():
+            return False
         if user.is_staff or user == self.owner:
             return True
         try:
diff --git a/django_project/permission/tests/test_views.py b/django_project/permission/tests/test_views.py
index 0652dc3b8..a36866752 100644
--- a/django_project/permission/tests/test_views.py
+++ b/django_project/permission/tests/test_views.py
@@ -69,6 +69,7 @@ def test_AdministratorCreateView_with_login(self):
         client = Client()
         client.login(username='timlinux', password='password')
         project_slug = self.test_project_administrator.project.slug
+        print project_slug
         response = client.get(reverse('administrator-create', args=(project_slug,)))
         self.assertEqual(response.status_code, 200)
         expected_templates = [
@@ -116,7 +117,7 @@ def test_AdministratorCreate_with_login_and_project_not_own(self):
         }
         project_slug = project.slug
         response = client.post(reverse('administrator-create', args=(project_slug,)), post_data)
-        self.assertEqual(response.status_code, 400)
+        self.assertEqual(response.status_code, 404)
 
     def test_AdministratorCreate_no_login(self):
         client = Client()
@@ -246,7 +247,7 @@ def test_CollaboratorCreate_with_login_and_project_not_own(self):
         }
         project_slug = project.slug
         response = client.post(reverse('collaborator-create', args=(project_slug,)), post_data)
-        self.assertEqual(response.status_code, 400)
+        self.assertEqual(response.status_code, 404)
 
     def test_CollaboratorDeleteView_no_login(self):
         client = Client()
diff --git a/django_project/permission/views/administrator.py b/django_project/permission/views/administrator.py
index 879875775..1d5d55683 100644
--- a/django_project/permission/views/administrator.py
+++ b/django_project/permission/views/administrator.py
@@ -63,7 +63,7 @@ def get_queryset(self):
         pk = self.kwargs.get('pk', None)
         try:
             project_administrator = ProjectAdministrator.objects.get(pk=pk)
-            if project_administrator.project.owner != self.request.user:
+            if not self.request.user.is_staff and project_administrator.project.owner != self.request.user:
                 raise Http404("You don't have access to this page")
         except ProjectAdministrator.DoesNotExist:
             raise Http404
diff --git a/django_project/permission/views/collaborator.py b/django_project/permission/views/collaborator.py
index 7db4b7eba..03a8db9d6 100644
--- a/django_project/permission/views/collaborator.py
+++ b/django_project/permission/views/collaborator.py
@@ -64,7 +64,7 @@ def get_queryset(self):
         pk = self.kwargs.get('pk', None)
         try:
             project_administrator = ProjectCollaborator.objects.get(pk=pk)
-            if project_administrator.project.owner != self.request.user:
+            if not self.request.user.is_staff and project_administrator.project.owner != self.request.user:
                 raise Http404("You don't have access to this page")
         except ProjectCollaborator.DoesNotExist:
             raise Http404
diff --git a/django_project/permission/views/user_manager.py b/django_project/permission/views/user_manager.py
index 7a59e3417..6f6948f45 100644
--- a/django_project/permission/views/user_manager.py
+++ b/django_project/permission/views/user_manager.py
@@ -54,7 +54,7 @@ def dispatch(self, request, *args, **kwargs):
         if project_slug:
             try:
                 project = Project.objects.get(slug=project_slug)
-                if project.owner != self.request.user:
+                if not self.request.user.is_staff and project.owner != self.request.user:
                     raise Http404("You don't have access to this page")
             except Project.DoesNotExist:
                 raise Http404
@@ -96,6 +96,8 @@ def get_queryset(self):
         if self.request.user.is_staff:
             project_qs = Project.objects.all()
         else:
-            projects_in_admin = ProjectAdministrator.objects.filter(user=self.request.user).values('project')
-            project_qs = Project.objects.filter(Q(owner=self.request.user) | Q(pk__in=projects_in_admin))
+            projects_in_admin = ProjectAdministrator.objects.filter(
+                user=self.request.user).values('project')
+            project_qs = Project.objects.filter(
+                Q(owner=self.request.user) | Q(pk__in=projects_in_admin))
         return project_qs