can't change user permissions during unittest in django
https://stackoverflow.com/questions/10102918
-
30-05-2021 - |
italiano
english
français
española
中国
日本の
العربية
Deutsch
한국어
Português
Russianسؤال
I've finally decided to make some tests for my apps but I'm stuck on testing if a user can change another user (depends on the type of the user -- I use django-rules to be able to do logical permission checks, but this is not important)
Here's the code I have so far
class RulesAndPermissionsTests(TestCase):
fixtures = ['auth_no_permissions.json', 'profiles.json', 'rules.json']
def setUp(self):
self.c = Client()
self.user = User.objects.get(username="estagiario")
self.non_staff = User.objects.get(username="fisica")
self.admin = User.objects.get(username="admin")
login = self.c.login(username='estagiario', password='estagiario')
def test_can_change_non_staff_users(self):
self.assertFalse(self.user.has_perm('logical_change_user', self.non_staff.profile)) # can't change non staff users without permission
# now add the permission and test it again
self.user.user_permissions.add(Permission.objects.get(codename='change_user'))
print self.user.get_all_permissions() # prints set([])
self.assertTrue(self.user.has_perm('logical_change_user', self.non_staff.profile))
Even after adding the permission, my user still has no permissions. Is this because I'm not allowed to create anything during the tests (is this a bad practice?)? Or does django cache the permissions somehow? If I add the permission at setUp it works, but I wanted to change it during the same test (testing with and without the permission).
Thanks in advance!
المحلول
If you look at the source code for the ModelBackend, you can see that Django does cache the permissions on the user object.
You could try wiping the cache, but that could break your tests if the caching mechanism changes in future. The easiest thing to do is to refetch the user from the database in your test.
from django.contrib.auth.models import Permission
def test_can_change_non_staff_users(self):
self.assertFalse(self.user.has_perm('logical_change_user', self.non_staff.profile)) # can't change non staff users without permission
# now add the permission and test it again
self.user.user_permissions.add(Permission.objects.get(codename='change_user'))
# refetch user from the database
self.user = User.objects.get(pk=self.user.pk)
print self.user.get_all_permissions() # should now include new permission
self.assertTrue(self.user.has_perm('logical_change_user', self.non_staff.profile))
