Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Unit tests fail with new model class. #127

Open
rjekker opened this issue Aug 19, 2020 · 0 comments
Open

Unit tests fail with new model class. #127

rjekker opened this issue Aug 19, 2020 · 0 comments

Comments

@rjekker
Copy link

rjekker commented Aug 19, 2020

Adding a model class in the unit tests, users seem to get permissions they should not have.

See the following commit on my forked project: rjekker@27179a1

I create a new Model class with permissions in tests/testapp/models.py:

    @rules.predicate
    def is_car_owner(user, car):
        return car.owner == user

    class Car(RulesModel):
        owner = models.ForeignKey(get_user_model(), on_delete=models.CASCADE)

        class Meta:
            rules_permissions = {"wash": rules.always_allow,
                                 "drive": is_car_owner,
                                 "crash": rules.always_deny

I create two car instances with different owners:

        if sys.version_info.major >= 3:
            from testapp.models import Car
            Car.objects.create(
                owner=adrian
            )
            Car.objects.create(
                owner=martin
            )

Then the following test fails:

    def test_cars_owner(self):
        # adrian can *not* drive martins car
        car1 = Car.objects.get(pk=1)
        assert car1.owner.username == "adrian"
        car2 = Car.objects.get(pk=2)
        assert car2.owner.username == "martin"
        adrian = get_user_model().objects.get(pk=1)
        martin = get_user_model().objects.get(pk=2)
        assert adrian == car1.owner
        assert martin == car2.owner

        assert not adrian.has_perm(Car.get_perm("drive"), car2) # <---- Fails here
        assert not martin.has_perm(Car.get_perm("drive"), car1)

The unit test seems to decide that adrian can drive martins car, even though he should not.
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@rjekker