Search code examples
djangodjango-testingdjango-permissions

can't change user permissions during unittest in django


I've finally decided to make some tests for my apps but I'm stuck on testing if a user can change another user (depends on the type of the user -- I use django-rules to be able to do logical permission checks, but this is not important)

Here's the code I have so far

class RulesAndPermissionsTests(TestCase):
    fixtures = ['auth_no_permissions.json', 'profiles.json', 'rules.json']

    def setUp(self):
        self.c = Client()
        self.user = User.objects.get(username="estagiario")
        self.non_staff = User.objects.get(username="fisica")
        self.admin = User.objects.get(username="admin")
        login = self.c.login(username='estagiario', password='estagiario')

    def test_can_change_non_staff_users(self):
        self.assertFalse(self.user.has_perm('logical_change_user', self.non_staff.profile)) # can't change non staff users without permission

        # now add the permission and test it again
        self.user.user_permissions.add(Permission.objects.get(codename='change_user'))
        print self.user.get_all_permissions() # prints set([])
        self.assertTrue(self.user.has_perm('logical_change_user', self.non_staff.profile))

Even after adding the permission, my user still has no permissions. Is this because I'm not allowed to create anything during the tests (is this a bad practice?)? Or does django cache the permissions somehow? If I add the permission at setUp it works, but I wanted to change it during the same test (testing with and without the permission).

Thanks in advance!


Solution

  • If you look at the source code for the ModelBackend, you can see that Django does cache the permissions on the user object.

    You could try wiping the cache, but that could break your tests if the caching mechanism changes in future. The easiest thing to do is to refetch the user from the database in your test.

    from django.contrib.auth.models import Permission
    
    def test_can_change_non_staff_users(self):
        self.assertFalse(self.user.has_perm('logical_change_user', self.non_staff.profile)) # can't change non staff users without permission
    
        # now add the permission and test it again
        self.user.user_permissions.add(Permission.objects.get(codename='change_user'))
    
        # refetch user from the database
        self.user = User.objects.get(pk=self.user.pk)
        print self.user.get_all_permissions() # should now include new permission
        self.assertTrue(self.user.has_perm('logical_change_user', self.non_staff.profile))