Started testing permissions of new-style processes

backend/unittest.py

@@ -319,21 +319,21 @@ class ExpectedSets(dict):
             res.setdefault(k, set()).update(v)
         return res
 
-    def assertEqual(self, visitor, got):
+    def assertEqual(self, testcase, visitor, got):
         got = set(got)
         wanted = self.get(visitor, set())
         if got == wanted: return
         extra = got - wanted
         missing = wanted - got
         msgs = []
-        if missing: msgs.append(self.action_msg.format(problem="misses", mismatch=", ".join(sorted(missing))))
-        if extra: msgs.append(self.action_msg.format(problem="has extra", mismatch=", ".join(sorted(extra))))
-        self.fail(self.action_msg.format(visitor=visitor) + " " + " and ".join(msgs))
+        if missing: msgs.append(self.issue_msg.format(problem="misses", mismatch=", ".join(sorted(missing))))
+        if extra: msgs.append(self.issue_msg.format(problem="has extra", mismatch=", ".join(sorted(extra))))
+        testcase.fail(self.action_msg.format(visitor=visitor) + " " + " and ".join(msgs))
 
-    def assertEmpty(self, visitor, got):
+    def assertEmpty(self, testcase, visitor, got):
         extra = set(got)
         if not extra: return
-        self.fail(self.action_msg.format(visitor=visitor) + " " + self.action_msg.format(problem="has", mismatch=", ".join(sorted(extra))))
+        testcase.fail(self.action_msg.format(visitor=visitor) + " " + self.issue_msg.format(problem="has", mismatch=", ".join(sorted(extra))))
 
 
 class ExpectedPerms(object):

process/models.py

@@ -45,10 +45,8 @@ class ProcessVisitorPermissions(bmodels.PersonVisitorPermissions):
         if self.visitor.is_admin: return True
         # The person themselves
         if self.visitor.pk == self.person.pk: return True
-        # Any AM
-        if self.visitor.am_or_none: return True
-        # The advocates
-        # TODO return self.process.advocates.filter(pk=self.visitor.pk).exists()
+        # Any active AM
+        if self.visitor.is_active_am: return True
         return False
 
     def _compute_perms(self):
@@ -62,9 +60,37 @@ class RequirementVisitorPermissions(ProcessVisitorPermissions):
         super(RequirementVisitorPermissions, self).__init__(requirement.process, visitor)
         self.requirement = requirement
 
+    @cached_property
+    def _can_edit_statements(self):
+        if self.visitor is None: return False
+        if self.visitor.is_admin: return True
+
+        if self.requirement.type == "intent":
+            return self.visitor == self.person
+        elif self.requirement.type == "sc_dmup":
+            return self.visitor == self.person
+        elif self.requirement.type == "advocate":
+            if self.process.applying_for == const.STATUS_DC_GA:
+                return self.visitor.status in (const.STATUS_DM, const.STATUS_DM_GA, const.STATUS_DD_NU, const.STATUS_DD_U)
+            elif self.process.applying_for == const.STATUS_DM:
+                return self.visitor.status in (const.STATUS_DD_NU, const.STATUS_DD_U)
+            elif self.process.applying_for == const.STATUS_DM_GA:
+                return self.visitor == self.person or self.visitor.status in (const.STATUS_DD_NU, const.STATUS_DD_U)
+            elif self.process.applying_for == const.STATUS_DD_NU:
+                return self.visitor.status in (const.STATUS_DD_NU, const.STATUS_DD_U)
+            elif self.process.applying_for == const.STATUS_DD_U:
+                return self.visitor.status in (const.STATUS_DD_NU, const.STATUS_DD_U)
+            return False
+        elif self.requirement.type == "am_ok":
+            a = self.process.current_am_assignment
+            if a is None: return False
+            return a.am.person == self.visitor
+
+        return False
+
     def _compute_perms(self):
         res = super(RequirementVisitorPermissions, self)._compute_perms()
-        #if self._can_view_email: res.add("view_mbox")
+        if self._can_edit_statements: res.add("edit_statements")
         return res