marcel/linkding
1
0
Fork 0
mirror of https://github.com/sissbruecker/linkding.git synced 2025-08-09 03:37:54 +02:00
Code Issues Packages Projects Releases Wiki Activity

Fix bookmark access restrictions

Browse Source
This commit is contained in:
Sascha Ißbrücker
2022-03-22 02:24:21 +01:00
parent 66995cfab2
commit 1ffc3e0266
6 changed files with 156 additions and 7 deletions
Download Patch File Download Diff File Expand all files Collapse all files

10
bookmarks/tests/test_bookmark_remove_view.py
View File

@@ -1,3 +1,4 @@
from django.contrib.auth.models import User
from django.test import TestCase
from django.urls import reverse
@@ -33,3 +34,12 @@ class BookmarkRemoveViewTestCase(TestCase, BookmarkFactoryMixin):
)
self.assertRedirects(response, reverse('bookmarks:close'))
def test_can_only_edit_own_bookmarks(self):
other_user = User.objects.create_user('otheruser', 'otheruser@example.com', 'password123')
bookmark = self.setup_bookmark(user=other_user)
response = self.client.get(reverse('bookmarks:remove', args=[bookmark.id]))
self.assertEqual(response.status_code, 404)
self.assertTrue(Bookmark.objects.filter(id=bookmark.id).exists())