2024-06-05 12:12:14 +02:00
1 changed files with 49 additions and 1 deletions
--- a/extensions/tests/test_views.py
+++ b/extensions/tests/test_views.py
@ -5,7 +5,7 @@ from django.urls import reverse

 from common.tests.factories.extensions import create_version, create_approved_version
 from common.tests.factories.teams import TeamFactory
-from common.tests.factories.users import UserFactory
+from common.tests.factories.users import UserFactory, create_moderator
 from extensions.models import Extension, Version
 from files.models import File
 from teams.models import Team, TeamsUsers
@ -90,6 +90,54 @@ class PublicViewsTest(_BaseTestCase):
        self.assertEqual(response.status_code, 200)
        self.assertTemplateUsed(response, 'extensions/home.html')

+    def test_no_one_can_view_extension_page_when_not_listed_404(self):
+        extension = create_version(extension__is_listed=False).extension
+
+        moderator = create_moderator()
+        staff = UserFactory(is_staff=True)
+        superuser = UserFactory(is_superuser=True, is_staff=True)
+        author = extension.authors.first()
+
+        url = extension.get_absolute_url()
+        response = self.client.get(url)
+
+        for account, role in (
+            (None, 'anonymous'),
+            (moderator, 'moderator'),
+            (staff, 'staff'),
+            (superuser, 'superuser'),
+            (author, 'author'),
+        ):
+            with self.subTest(account=account, role=role):
+                self.client.logout()
+                if account:
+                    self.client.force_login(account)
+                self.assertEqual(response.status_code, 404)
+
+    def test_anyone_can_view_extension_page_when_listed(self):
+        extension = create_approved_version().extension
+
+        moderator = create_moderator()
+        staff = UserFactory(is_staff=True)
+        superuser = UserFactory(is_superuser=True, is_staff=True)
+        author = extension.authors.first()
+
+        url = extension.get_absolute_url()
+        response = self.client.get(url)
+
+        for account, role in (
+            (None, 'anonymous'),
+            (moderator, 'moderator'),
+            (staff, 'staff'),
+            (superuser, 'superuser'),
+            (author, 'author'),
+        ):
+            with self.subTest(role=role):
+                self.client.logout()
+                if account:
+                    self.client.force_login(account)
+                self.assertEqual(response.status_code, 200)
+

 class ApiViewsTest(_BaseTestCase):
    def test_blender_version_filter(self):