def test_a_non_logged_in_user_cant_delete_comments(self):
"""
Posting to delete a comment if you're not logged in should result
in a 403 error. All comments remain intact.
"""
sharedfile = test.factories.sharedfile(self.admin)
comment = models.Comment(user_id=self.admin.id, sharedfile_id=sharedfile.id, body="just a comment")
comment.save()
response = self.post_url("/p/%s/comment/%s/delete" % (sharedfile.share_key, comment.id))
self.assertEqual(response.code, 403)
self.assertEqual(comment.id, models.Comment.get("id = %s and deleted = 0", comment.id).id)
self.assertEqual(None, models.Comment.get("id = %s and deleted = 1", comment.id))
评论列表
文章目录
