From 6bfc7f77bc986b00d1eda2c891fc0e57cefcd568 Mon Sep 17 00:00:00 2001
From: Patrick Smith <patrick+dds@promptworks.com>
Date: Thu, 30 Aug 2018 14:30:20 -0400
Subject: [PATCH] Add test for new Authorization check

---
 tests/domain/test_authz.py | 20 ++++++++++++++++++++
 1 file changed, 20 insertions(+)
 create mode 100644 tests/domain/test_authz.py

diff --git a/tests/domain/test_authz.py b/tests/domain/test_authz.py
new file mode 100644
index 00000000..32368cb6
--- /dev/null
+++ b/tests/domain/test_authz.py
@@ -0,0 +1,20 @@
+from atst.domain.authz import Authorization
+from atst.domain.roles import Roles
+
+from tests.factories import RequestFactory, UserFactory
+
+
+def test_creator_can_view_own_request():
+    user = UserFactory.create()
+    request = RequestFactory.create(creator=user)
+    assert Authorization.can_view_request(user, request)
+
+    other_user = UserFactory.create()
+    assert not Authorization.can_view_request(other_user, request)
+
+
+def test_ccpo_user_can_view_request():
+    role = Roles.get("ccpo")
+    ccpo_user = UserFactory.create(atat_role=role)
+    request = RequestFactory.create()
+    assert Authorization.can_view_request(ccpo_user, request)