Commit e05fb5bc authored by Aurelien Lubert's avatar Aurelien Lubert
Browse files

test(pyramid/predicates): Add tests to check entity view without guest account

* Validate changeset f3b46587ea1f by testing if an entity view return a 403
  status error for guests when the cubicweb instance do not allowed anonymous
  connection
parent f3b46587ea1f
Pipeline #64377 passed with stages
in 34 minutes and 27 seconds
......@@ -5,6 +5,30 @@ def simple_test_view(request):
return request.response
class AnonymousDisallowedPredicatesTC(PyramidCWTest):
anonymous_allowed = False
settings = {"cubicweb.bwcompat": True}
def includeme(self, config):
config.add_route("view-entity", r"/{eid}", has_cw_permission="read")
config.add_view(simple_test_view, route_name="view-entity")
def setUp(self):
super(AnonymousDisallowedPredicatesTC, self).setUp()
with self.admin_access.repo_cnx() as cnx:
self.eid = self.create_user(cnx, "Fernestin").eid
cnx.commit()
def test_view_entity_without_connection(self):
res = self.webapp.get(f"/{self.eid}", status="*")
self.assertEqual(res.status_int, 403)
def test_view_entity_with_connection(self):
self.login()
res = self.webapp.get(f"/{self.eid}", status="*")
self.assertEqual(res.status_int, 200)
class PredicatesTC(PyramidCWTest):
def includeme(self, config):
# to test route predicate
......
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment