53 |
53 |
app = login(get_app(pub))
|
54 |
54 |
resp = app.get('/backoffice/')
|
55 |
55 |
assert 'Cards' not in resp.text
|
|
56 |
|
|
57 |
# no Cards entry, even for admin
|
|
58 |
user.is_admin = True
|
|
59 |
user.store()
|
|
60 |
resp = app.get('/backoffice/')
|
|
61 |
assert 'Cards' not in resp.text
|
|
62 |
|
56 |
63 |
carddef = CardDef()
|
57 |
64 |
carddef.name = 'foo'
|
58 |
65 |
carddef.fields = [
|
... | ... | |
69 |
76 |
carddef.store()
|
70 |
77 |
carddef.data_class().wipe()
|
71 |
78 |
|
|
79 |
# Cards entry for global admin
|
|
80 |
resp = app.get('/backoffice/')
|
|
81 |
assert 'Cards' in resp.text
|
|
82 |
resp = app.get('/backoffice/data/')
|
|
83 |
|
|
84 |
# Cards entry for section admin
|
|
85 |
user.is_admin = False
|
|
86 |
user.store()
|
|
87 |
pub.cfg['admin-permissions'] = {'cards': user.roles}
|
|
88 |
pub.write_cfg()
|
|
89 |
resp = app.get('/backoffice/')
|
|
90 |
assert 'Cards' in resp.text
|
|
91 |
resp = app.get('/backoffice/data/')
|
|
92 |
|
|
93 |
# get back to being a normal user, no Cards entry
|
|
94 |
pub.cfg['admin-permissions'] = {}
|
|
95 |
pub.write_cfg()
|
|
96 |
user.is_admin = False
|
|
97 |
user.store()
|
72 |
98 |
resp = app.get('/backoffice/')
|
73 |
99 |
assert 'Cards' not in resp.text
|
|
100 |
resp = app.get('/backoffice/data/', status=403)
|
74 |
101 |
|
|
102 |
# add specific roles
|
75 |
103 |
carddef.backoffice_submission_roles = user.roles
|
76 |
104 |
carddef.store()
|
77 |
105 |
resp = app.get('/backoffice/')
|
78 |
106 |
assert 'Cards' in resp.text
|
|
107 |
resp = app.get('/backoffice/data/')
|
79 |
108 |
|
80 |
109 |
carddef.backoffice_submission_roles = None
|
81 |
110 |
carddef.workflow_roles = {'_editor': user.roles[0]}
|
82 |
111 |
carddef.store()
|
83 |
112 |
resp = app.get('/backoffice/')
|
84 |
113 |
assert 'Cards' in resp.text
|
|
114 |
resp = app.get('/backoffice/data/')
|
85 |
115 |
|
86 |
116 |
resp = app.get('/backoffice/data/')
|
87 |
117 |
resp = resp.click('foo')
|