Skip to content

Commit

Permalink
Test to exploit issue chaining permission filters
Browse files Browse the repository at this point in the history
  • Loading branch information
coderbydesign committed Dec 9, 2021
1 parent 8bc9e91 commit 99e988a
Showing 1 changed file with 6 additions and 0 deletions.
6 changes: 6 additions & 0 deletions tests/management/permission/test_view.py
Original file line number Diff line number Diff line change
Expand Up @@ -421,6 +421,12 @@ def test_allowed_only_filters_any_roles_not_in_allow_list_out_when_true(self):
self.assertEqual(len(response.data.get("data")), 1)
self.assertCountEqual(expected, response_permissions)

def test_allowed_only_filters_any_roles_not_in_allow_list_out_when_true_in_chain(self):
"""Test that we filter out any permissions not in the allow list when allowed_only=true, chained with other filters."""
response = CLIENT.get(f"{LIST_URL}?allowed_only=true&exclude_globals=true", **self.headers)
self.assertEqual(response.status_code, status.HTTP_200_OK)
self.assertEqual(len(response.data.get("data")), 0)

def test_allowed_only_filters_no_permissions_out_when_false(self):
"""Test that we do not filter out any permissions not in the allow list when allowed_only=false."""
with tenant_context(self.tenant):
Expand Down

0 comments on commit 99e988a

Please sign in to comment.