mirror of
https://gitea.mueller.network/extern/django-helpdesk.git
synced 2024-11-26 01:43:10 +01:00
Compare user IDs to determine if same user, and add simple test case, to fix #588
This commit is contained in:
parent
342622451c
commit
113880bc3a
@ -1,4 +1,5 @@
|
||||
from django.contrib.auth import get_user_model
|
||||
from django.contrib.sites.models import Site
|
||||
from django.core import mail
|
||||
from django.urls import reverse
|
||||
from django.test import TestCase
|
||||
@ -11,6 +12,7 @@ except ImportError: # python 2
|
||||
from urlparse import urlparse
|
||||
|
||||
from helpdesk.templatetags.ticket_to_link import num_to_link
|
||||
from helpdesk.views.staff import _is_my_ticket
|
||||
|
||||
|
||||
class TicketActionsTestCase(TestCase):
|
||||
@ -22,7 +24,8 @@ class TicketActionsTestCase(TestCase):
|
||||
slug='q1',
|
||||
allow_public_submission=True,
|
||||
new_ticket_cc='new.public@example.com',
|
||||
updated_ticket_cc='update.public@example.com')
|
||||
updated_ticket_cc='update.public@example.com'
|
||||
)
|
||||
|
||||
self.ticket_data = {
|
||||
'title': 'Test Ticket',
|
||||
@ -32,6 +35,7 @@ class TicketActionsTestCase(TestCase):
|
||||
self.client = Client()
|
||||
|
||||
def loginUser(self, is_staff=True):
|
||||
"""Create a staff user and login"""
|
||||
User = get_user_model()
|
||||
self.user = User.objects.create(
|
||||
username='User_1',
|
||||
@ -124,6 +128,32 @@ class TicketActionsTestCase(TestCase):
|
||||
response = self.client.post(reverse('helpdesk:update', kwargs={'ticket_id': ticket_id}), post_data, follow=True)
|
||||
self.assertContains(response, 'Changed Status from Open to Closed')
|
||||
|
||||
def test_is_my_ticket(self):
|
||||
"""Tests whether non-staff but assigned user still counts as owner"""
|
||||
|
||||
# make non-staff user
|
||||
self.loginUser(is_staff=False)
|
||||
|
||||
# create second user
|
||||
User = get_user_model()
|
||||
self.user2 = User.objects.create(
|
||||
username='User_2',
|
||||
is_staff=False,
|
||||
)
|
||||
|
||||
initial_data = {
|
||||
'title': 'Private ticket test',
|
||||
'queue': self.queue_public,
|
||||
'assigned_to': self.user,
|
||||
'status': Ticket.OPEN_STATUS,
|
||||
}
|
||||
|
||||
# create ticket
|
||||
ticket = Ticket.objects.create(**initial_data)
|
||||
|
||||
self.assertEqual(_is_my_ticket(self.user, ticket), True)
|
||||
self.assertEqual(_is_my_ticket(self.user2, ticket), False)
|
||||
|
||||
def test_num_to_link(self):
|
||||
"""Test that we are correctly expanding links to tickets from IDs"""
|
||||
|
||||
|
@ -89,7 +89,7 @@ def _has_access_to_queue(user, queue):
|
||||
def _is_my_ticket(user, ticket):
|
||||
"""Check to see if the user has permission to access
|
||||
a ticket. If not then deny access."""
|
||||
if user.is_superuser or user.is_staff or user.id == ticket.customer_id:
|
||||
if user.is_superuser or user.is_staff or user.id == ticket.assigned_to.id:
|
||||
return True
|
||||
else:
|
||||
return False
|
||||
|
Loading…
Reference in New Issue
Block a user