Skip to content

Commit

Permalink
fix travis
Browse files Browse the repository at this point in the history
  • Loading branch information
meomancer committed Jul 22, 2016
1 parent b69cc30 commit eb234da
Show file tree
Hide file tree
Showing 5 changed files with 18 additions and 8 deletions.
4 changes: 4 additions & 0 deletions django_project/base/models/project.py
Original file line number Diff line number Diff line change
Expand Up @@ -187,6 +187,8 @@ def collaborators(self):

def is_administrator(self, user):
"""checking user is administrator"""
if not user.is_authenticated():
return False
if user.is_staff or user == self.owner:
return True
try:
Expand All @@ -197,6 +199,8 @@ def is_administrator(self, user):

def is_collaborator(self, user):
"""checking user is collaborator"""
if not user.is_authenticated():
return False
if user.is_staff or user == self.owner:
return True
try:
Expand Down
5 changes: 3 additions & 2 deletions django_project/permission/tests/test_views.py
Original file line number Diff line number Diff line change
Expand Up @@ -69,6 +69,7 @@ def test_AdministratorCreateView_with_login(self):
client = Client()
client.login(username='timlinux', password='password')
project_slug = self.test_project_administrator.project.slug
print project_slug
response = client.get(reverse('administrator-create', args=(project_slug,)))
self.assertEqual(response.status_code, 200)
expected_templates = [
Expand Down Expand Up @@ -116,7 +117,7 @@ def test_AdministratorCreate_with_login_and_project_not_own(self):
}
project_slug = project.slug
response = client.post(reverse('administrator-create', args=(project_slug,)), post_data)
self.assertEqual(response.status_code, 400)
self.assertEqual(response.status_code, 404)

def test_AdministratorCreate_no_login(self):
client = Client()
Expand Down Expand Up @@ -246,7 +247,7 @@ def test_CollaboratorCreate_with_login_and_project_not_own(self):
}
project_slug = project.slug
response = client.post(reverse('collaborator-create', args=(project_slug,)), post_data)
self.assertEqual(response.status_code, 400)
self.assertEqual(response.status_code, 404)

def test_CollaboratorDeleteView_no_login(self):
client = Client()
Expand Down
4 changes: 3 additions & 1 deletion django_project/permission/views/administrator.py
Original file line number Diff line number Diff line change
Expand Up @@ -60,10 +60,12 @@ def get_queryset(self):
if not self.request.user.is_authenticated():
raise Http404

# checking permission
pk = self.kwargs.get('pk', None)
try:
project_administrator = ProjectAdministrator.objects.get(pk=pk)
if project_administrator.project.owner != self.request.user:
project = project_administrator.project
if not self.request.user.is_staff and project.owner != self.request.user:
raise Http404("You don't have access to this page")
except ProjectAdministrator.DoesNotExist:
raise Http404
Expand Down
5 changes: 3 additions & 2 deletions django_project/permission/views/collaborator.py
Original file line number Diff line number Diff line change
Expand Up @@ -63,8 +63,9 @@ def get_queryset(self):
# checking permission
pk = self.kwargs.get('pk', None)
try:
project_administrator = ProjectCollaborator.objects.get(pk=pk)
if project_administrator.project.owner != self.request.user:
project_collaborator = ProjectCollaborator.objects.get(pk=pk)
project = project_collaborator.project
if not self.request.user.is_staff and project.owner != self.request.user:
raise Http404("You don't have access to this page")
except ProjectCollaborator.DoesNotExist:
raise Http404
Expand Down
8 changes: 5 additions & 3 deletions django_project/permission/views/user_manager.py
Original file line number Diff line number Diff line change
Expand Up @@ -54,7 +54,7 @@ def dispatch(self, request, *args, **kwargs):
if project_slug:
try:
project = Project.objects.get(slug=project_slug)
if project.owner != self.request.user:
if not self.request.user.is_staff and project.owner != self.request.user:
raise Http404("You don't have access to this page")
except Project.DoesNotExist:
raise Http404
Expand Down Expand Up @@ -96,6 +96,8 @@ def get_queryset(self):
if self.request.user.is_staff:
project_qs = Project.objects.all()
else:
projects_in_admin = ProjectAdministrator.objects.filter(user=self.request.user).values('project')
project_qs = Project.objects.filter(Q(owner=self.request.user) | Q(pk__in=projects_in_admin))
projects_in_admin = ProjectAdministrator.objects.filter(
user=self.request.user).values('project')
project_qs = Project.objects.filter(
Q(owner=self.request.user) | Q(pk__in=projects_in_admin))
return project_qs

0 comments on commit eb234da

Please sign in to comment.