Page Menu
Home
Software Heritage
Search
Configure Global Search
Log In
Files
F7163679
D7366.diff
No One
Temporary
Actions
View File
Edit File
Delete File
View Transforms
Subscribe
Mute Notifications
Award Token
Flag For Later
Size
6 KB
Subscribers
None
D7366.diff
View Options
diff --git a/cypress/integration/deposit-admin.spec.js b/cypress/integration/deposit-admin.spec.js
--- a/cypress/integration/deposit-admin.spec.js
+++ b/cypress/integration/deposit-admin.spec.js
@@ -8,8 +8,53 @@
// data to use as request query response
let responseDeposits;
let expectedOrigins;
+let depositModerationUrl;
+let depositListUrl;
+
+describe('Test moderation deposit Login/logout', function() {
+ before(function() {
+ depositModerationUrl = this.Urls.admin_deposit();
+ });
+
+ it('should not display deposit moderation link in sidebar when anonymous', function() {
+ cy.visit(depositModerationUrl);
+ cy.get(`.sidebar a[href="${depositModerationUrl}"]`)
+ .should('not.exist');
+ });
+
+ it('should not display deposit moderation link when connected as unprivileged user', function() {
+ cy.userLogin();
+ cy.visit(depositModerationUrl);
+
+ cy.get(`.sidebar a[href="${depositModerationUrl}"]`)
+ .should('not.exist');
+
+ });
+
+ it('should display deposit moderation link in sidebar when connected as privileged user', function() {
+ cy.depositLogin();
+ cy.visit(depositModerationUrl);
+
+ cy.get(`.sidebar a[href="${depositModerationUrl}"]`)
+ .should('exist');
+ });
+
+ it('should display deposit moderation link in sidebar when connected as staff member', function() {
+ cy.adminLogin();
+ cy.visit(depositModerationUrl);
+
+ cy.get(`.sidebar a[href="${depositModerationUrl}"]`)
+ .should('exist');
+ });
+
+});
describe('Test admin deposit page', function() {
+ before(function() {
+ depositModerationUrl = this.Urls.admin_deposit();
+ depositListUrl = this.Urls.admin_deposit_list();
+ });
+
beforeEach(() => {
responseDeposits = [
{
@@ -59,7 +104,7 @@
cy.adminLogin();
const testDeposits = responseDeposits;
- cy.intercept(`${this.Urls.admin_deposit_list()}**`, {
+ cy.intercept(`${depositListUrl}**`, {
body: {
'draw': 10,
'recordsTotal': testDeposits.length,
@@ -68,11 +113,10 @@
}
}).as('listDeposits');
- cy.visit(this.Urls.admin_deposit());
+ cy.visit(depositModerationUrl);
cy.location('pathname')
- .should('be.equal', this.Urls.admin_deposit());
- cy.url().should('include', '/admin/deposit');
+ .should('be.equal', depositModerationUrl);
cy.get('#swh-admin-deposit-list')
.should('exist');
diff --git a/cypress/support/index.js b/cypress/support/index.js
--- a/cypress/support/index.js
+++ b/cypress/support/index.js
@@ -56,6 +56,10 @@
return loginUser('ambassador', 'ambassador');
});
+Cypress.Commands.add('depositLogin', () => {
+ return loginUser('deposit', 'deposit');
+});
+
function mockCostlyRequests() {
cy.intercept('https://status.softwareheritage.org/**', {
body: {
diff --git a/swh/web/templates/layout.html b/swh/web/templates/layout.html
--- a/swh/web/templates/layout.html
+++ b/swh/web/templates/layout.html
@@ -221,7 +221,7 @@
<p>Help</p>
</a>
</li>
- {% if user.is_authenticated and user.is_staff or ADMIN_LIST_DEPOSIT_PERMISSION in user.get_all_permissions %}
+ {% if user.is_authenticated %}
<li class="nav-header">Administration</li>
{% if user.is_staff %}
<li class="nav-item swh-origin-save-admin-item" title="Save code now administration">
@@ -231,12 +231,14 @@
</a>
</li>
{% endif %}
+ {% if user.is_staff or ADMIN_LIST_DEPOSIT_PERMISSION in user.get_all_permissions %}
<li class="nav-item swh-deposit-admin-item" title="Deposit administration">
<a href="{% url 'admin-deposit' %}" class="nav-link swh-deposit-admin-link">
<i style="color: #fecd1b;" class="nav-icon mdi mdi-24px mdi-folder-upload"></i>
<p>Deposit</p>
</a>
</li>
+ {% endif %}
{% endif %}
</ul>
</nav>
diff --git a/swh/web/tests/create_test_admin.py b/swh/web/tests/create_test_admin.py
--- a/swh/web/tests/create_test_admin.py
+++ b/swh/web/tests/create_test_admin.py
@@ -1,4 +1,4 @@
-# Copyright (C) 2019 The Software Heritage developers
+# Copyright (C) 2019-2022 The Software Heritage developers
# See the AUTHORS file at the top-level directory of this distribution
# License: GNU Affero General Public License version 3, or any later version
# See top-level LICENSE file for more information
@@ -12,5 +12,9 @@
User = get_user_model()
-if not User.objects.filter(username=username).exists():
- User.objects.create_superuser(username, email, password)
+try:
+ user = User.objects.filter(username=username).get()
+except User.DoesNotExist:
+ user = User.objects.create_superuser(username, email, password)
+
+assert user.is_staff is True
diff --git a/swh/web/tests/create_test_users.py b/swh/web/tests/create_test_users.py
--- a/swh/web/tests/create_test_users.py
+++ b/swh/web/tests/create_test_users.py
@@ -1,4 +1,4 @@
-# Copyright (C) 2021 The Software Heritage developers
+# Copyright (C) 2021-2022 The Software Heritage developers
# See the AUTHORS file at the top-level directory of this distribution
# License: GNU Affero General Public License version 3, or any later version
# See top-level LICENSE file for more information
@@ -7,17 +7,23 @@
from django.contrib.auth import get_user_model
-from swh.web.auth.utils import SWH_AMBASSADOR_PERMISSION
+from swh.web.auth.utils import ADMIN_LIST_DEPOSIT_PERMISSION, SWH_AMBASSADOR_PERMISSION
from swh.web.tests.utils import create_django_permission
User = get_user_model()
users: Dict[str, Tuple[str, str, List[str]]] = {
- "user": ("user", "user@swh-web.org", []),
- "ambassador": ("ambassador", "ambassador@swh-web.org", [SWH_AMBASSADOR_PERMISSION]),
+ "user": ("user", "user@example.org", []),
+ "ambassador": (
+ "ambassador",
+ "ambassador@example.org",
+ [SWH_AMBASSADOR_PERMISSION],
+ ),
+ "deposit": ("deposit", "deposit@example.org", [ADMIN_LIST_DEPOSIT_PERMISSION],),
}
+
for username, (password, email, permissions) in users.items():
if not User.objects.filter(username=username).exists():
user = User.objects.create_user(username, email, password)
diff --git a/swh/web/tests/utils.py b/swh/web/tests/utils.py
--- a/swh/web/tests/utils.py
+++ b/swh/web/tests/utils.py
@@ -228,8 +228,12 @@
app_label = ".".join(perm_splitted[:-1])
perm_name = perm_splitted[-1]
content_type = ContentType.objects.create(
- id=1000, app_label=app_label, model="dummy"
+ id=1000 + ContentType.objects.count(), app_label=app_label, model="dummy"
)
+
return Permission.objects.create(
- codename=perm_name, name=perm_name, content_type=content_type, id=1000
+ codename=perm_name,
+ name=perm_name,
+ content_type=content_type,
+ id=1000 + Permission.objects.count(),
)
File Metadata
Details
Attached
Mime Type
text/plain
Expires
Thu, Jan 30, 1:01 PM (1 w, 12 h ago)
Storage Engine
blob
Storage Format
Raw Data
Storage Handle
3225556
Attached To
D7366: Fix access for people with permission access to deposit moderation
Event Timeline
Log In to Comment