add permissions during target_create

TOMToolkit · Dec 21, 2023 · d424e19 · d424e19
1 parent cbce89f
commit d424e19
Show file tree

Hide file tree

Showing 2 changed files with 34 additions and 4 deletions.
diff --git a/tom_targets/tests/tests.py b/tom_targets/tests/tests.py
@@ -176,11 +176,12 @@ def test_search_one_result_authorized(self):
 @override_settings(TOM_FACILITY_CLASSES=[])
 class TestTargetCreate(TestCase):
     def setUp(self):
-        user = User.objects.create(username='testuser')
-        self.client.force_login(user)
+        self.user = User.objects.create(username='testuser')
+        self.client.force_login(self.user)
         self.group = Group.objects.create(name='agroup')
-        user.groups.add(self.group)
-        user.save()
+        self.group2 = Group.objects.create(name='agroup2')
+        self.user.groups.add(self.group)
+        self.user.save()
 
     def test_target_create_form(self):
         response = self.client.get(reverse('targets:create'))
@@ -208,6 +209,32 @@ def test_create_target(self):
         response = self.client.post(reverse('targets:create'), data=target_data, follow=True)
         self.assertContains(response, target_data['name'])
         self.assertTrue(Target.objects.filter(name=target_data['name']).exists())
+        # Check Group level permissions
+        self.assertIn("view_target", get_perms(self.user, Target.objects.filter(name=target_data['name'])[0]))
+
+    def test_create_target_no_group(self):
+        target_data = {
+            'name': 'test_target_new',
+            'type': Target.SIDEREAL,
+            'ra': 123.456,
+            'dec': -32.1,
+            'groups': [],
+            'targetextra_set-TOTAL_FORMS': 1,
+            'targetextra_set-INITIAL_FORMS': 0,
+            'targetextra_set-MIN_NUM_FORMS': 0,
+            'targetextra_set-MAX_NUM_FORMS': 1000,
+            'targetextra_set-0-key': '',
+            'targetextra_set-0-value': '',
+            'aliases-TOTAL_FORMS': 1,
+            'aliases-INITIAL_FORMS': 0,
+            'aliases-MIN_NUM_FORMS': 0,
+            'aliases-MAX_NUM_FORMS': 1000,
+        }
+        response = self.client.post(reverse('targets:create'), data=target_data, follow=True)
+        self.assertContains(response, target_data['name'])
+        self.assertTrue(Target.objects.filter(name=target_data['name']).exists())
+        # Check Target level permissions
+        self.assertIn("view_target", get_perms(self.user, Target.objects.filter(name=target_data['name'])[0]))
 
     def test_create_target_sexigesimal(self):
         """

diff --git a/tom_targets/views.py b/tom_targets/views.py
@@ -205,6 +205,9 @@ def form_valid(self, form):
             form.add_error(None, names.errors)
             form.add_error(None, names.non_form_errors())
             return super().form_invalid(form)
+        # Give the user access to the target they created
+        self.object.give_user_access(self.request.user)
+        # Run the target post save hook
         logger.info('Target post save hook: %s created: %s', self.object, True)
         run_hook('target_post_save', target=self.object, created=True)
         return redirect(self.get_success_url())