0

这就是我想要做的。

  1. 使用 mixin 来验证对象的所有权。

  2. 测试详细 url 以确保 request.user == obj.owner

我希望详细测试通过 200 断言。但它给了我一个 302。但是当我从混合中进行打印时,request.userowner是相同的。

这是我的混音:

from django.contrib.auth.mixins import UserPassesTestMixin

class IsOwnerMixin(UserPassesTestMixin):
    """
    a custom mixin that checks to see if the user is the owner of the object
    """

    def test_func(self):

        # get the object

        obj = self.get_object()

        # if the obj.user == the logged in user they can see it otherwise boo!

        if self.request.user == obj.owner:
            return True
        else:
            return False

这是我的观点:

class AwesomeDetail(LoginRequiredMixin, IsOwnerMixin, DetailView):
    """
    An awesome detail
    """
    model = models.Awesome
    template_name = "awesomeness/detail.html"

这是我的测试:

from django.test import TestCase, RequestFactory
from django.test.client import Client
from django.contrib.auth.models import AnonymousUser, User, Group
from project.awesomness import views, models

class UrlsViewsTest(TestCase):
    def setUp(self):
        self.factory = RequestFactory()
        self.user = User.objects.create_user(id='1', username='name', email='email@email.com', password='top_secret')
        self.awesome = models.Awesome.objects.create(id='2', owner=self.user)
        self.not_owner = User.objects.create_user(id='3', username='trouble', email='otheremail@otheremail.com', password='top_secret')

    def test_awesome_detail(self):
        """
        Test the awesome detail URL
        """
        request = self.factory.get('/awesome/2/')
        request.user = self.user
        response = views.AwesomeDetail.as_view()(request, pk=2)
        self.assertEqual(response.status_code, 200)

    def test_awesome_not_owner(self):
        """
        Test the awesome detail with a user that is not the owner
        """
        request = self.factory.get('/awesome/2/')
        request.user = self.not_owner
        response = views.AwesomeDetail.as_view()(request, pk=2)
        self.assertEqual(response.status_code, 302)

    def test_awesome_detail_anonymous_user(self):
        """
        Test the awesome detail with a user that is anonymous
        """
        request = self.factory.get('/awesome/2/')
        request.user = AnonymousUser()
        response = views.AwesomeDetail.as_view()(request, pk=2)
        self.assertEqual(response.status_code, 302)

最后,结果如下:

Creating test database for alias 'default'...
F..
======================================================================
FAIL: test_awesome_detail (project.awesomeness.tests.UrlsViewsTest)
----------------------------------------------------------------------
Traceback (most recent call last):
  File "/Users/dave/sandbox/project/project/awesomeness/tests.py", line 25, in test_awesome_detail
    self.assertEqual(response.status_code, 200)
AssertionError: 302 != 200

----------------------------------------------------------------------
Ran 3 tests in 0.202s

FAILED (failures=1)
Destroying test database for alias 'default'...
4

0 回答 0