Make tests pass for thread and post patch api, redo thread_move test util

misago/threads/api/postendpoints/patch_event.py

@@ -24,10 +24,10 @@ event_patch_dispatcher.add('acl', patch_acl)
 
 def patch_is_hidden(request, event, value):
     if value:
-        allow_hide_event(request.user, event)
+        allow_hide_event(request.user_acl, event)
         moderation.hide_post(request.user, event)
     else:
-        allow_unhide_event(request.user, event)
+        allow_unhide_event(request.user_acl, event)
         moderation.unhide_post(request.user, event)
 
     return {'is_hidden': event.is_hidden}

misago/threads/api/postendpoints/patch_post.py

@@ -89,7 +89,7 @@ post_patch_dispatcher.replace('is-liked', patch_is_liked)
 
 
 def patch_is_protected(request, post, value):
-    allow_protect_post(request.user, post)
+    allow_protect_post(request.user_acl, post)
     if value:
         moderation.protect_post(request.user, post)
     else:
@@ -101,7 +101,7 @@ post_patch_dispatcher.replace('is-protected', patch_is_protected)
 
 
 def patch_is_unapproved(request, post, value):
-    allow_approve_post(request.user, post)
+    allow_approve_post(request.user_acl, post)
 
     if value:
         raise PermissionDenied(_("Content approval can't be reversed."))
@@ -116,11 +116,11 @@ post_patch_dispatcher.replace('is-unapproved', patch_is_unapproved)
 
 def patch_is_hidden(request, post, value):
     if value is True:
-        allow_hide_post(request.user, post)
-        allow_hide_best_answer(request.user, post)
+        allow_hide_post(request.user_acl, post)
+        allow_hide_best_answer(request.user_acl, post)
         moderation.hide_post(request.user, post)
     elif value is False:
-        allow_unhide_post(request.user, post)
+        allow_unhide_post(request.user_acl, post)
         moderation.unhide_post(request.user, post)
 
     return {'is_hidden': post.is_hidden}

misago/threads/test.py

@@ -28,25 +28,19 @@ def patch_category_acl(acl_patch):
     return patch_user_acl(patch_acl)
 
 
-def patch_categories_acl_for_move(src_acl_patch=None, dst_acl_patch=None):
+def patch_other_category_acl(acl_patch):
     def patch_acl(_, user_acl):
-        src = Category.objects.get(slug="first-category")
-        dst = Category.objects.get(slug="other-category")
+        src_category = Category.objects.get(slug="first-category")
+        category_acl = user_acl['categories'][src_category.id].copy()
 
-        src_acl = user_acl['categories'][src.id]
-        dst_acl = src_acl.copy()
-        user_acl['categories'][dst.id] = dst_acl
+        dst_category = Category.objects.get(slug="other-category")
+        user_acl['categories'][dst_category.id] = category_acl
 
-        src_acl.update(default_category_acl)
-        dst_acl.update(default_category_acl)
-
-        if src_acl_patch:
-            src_acl.update(src_acl_patch)
-        if dst_acl_patch:
-            dst_acl.update(dst_acl_patch)
+        category_acl.update(default_category_acl)
+        if acl_patch:
+            category_acl.update(acl_patch)
 
-        cleanup_patched_acl(user_acl, src_acl, src)
-        cleanup_patched_acl(user_acl, dst_acl, dst)
+        cleanup_patched_acl(user_acl, category_acl, dst_category)
 
     return patch_user_acl(patch_acl)
 

misago/threads/tests/test_thread_patch_api.py

@@ -6,7 +6,7 @@ from django.utils import timezone
 from misago.categories.models import Category
 from misago.readtracker import poststracker
 from misago.threads import testutils
-from misago.threads.test import patch_category_acl, patch_categories_acl_for_move
+from misago.threads.test import patch_category_acl, patch_other_category_acl
 from misago.threads.models import Thread
 
 from .test_threads_api import ThreadsApiTestCase
@@ -427,9 +427,8 @@ class ThreadMoveApiTests(ThreadPatchApiTestCase):
         )
         self.dst_category = Category.objects.get(slug='other-category')
 
-    @patch_categories_acl_for_move(
-        {'can_move_threads': True}, {'can_start_threads': 2}
-    )
+    @patch_other_category_acl({'can_start_threads': 2})
+    @patch_category_acl({'can_move_threads': True})
     def test_move_thread_no_top(self):
         """api moves thread to other category, sets no top category"""
         response = self.patch(
@@ -459,9 +458,8 @@ class ThreadMoveApiTests(ThreadPatchApiTestCase):
         thread_json = self.get_thread_json()
         self.assertEqual(thread_json['category']['id'], self.dst_category.pk)
 
-    @patch_categories_acl_for_move(
-        {'can_move_threads': True}, {'can_start_threads': 2}
-    )
+    @patch_other_category_acl({'can_start_threads': 2})
+    @patch_category_acl({'can_move_threads': True})
     def test_move_thread_with_top(self):
         """api moves thread to other category, sets top"""
         response = self.patch(
@@ -491,9 +489,8 @@ class ThreadMoveApiTests(ThreadPatchApiTestCase):
         thread_json = self.get_thread_json()
         self.assertEqual(thread_json['category']['id'], self.dst_category.pk)
 
-    @patch_categories_acl_for_move(
-        {'can_move_threads': True}, {'can_start_threads': 2}
-    )
+    @patch_other_category_acl({'can_start_threads': 2})
+    @patch_category_acl({'can_move_threads': True})
     def test_move_thread_reads(self):
         """api moves thread reads together with thread"""
         poststracker.save_read(self.user, self.thread.first_post)
@@ -528,9 +525,8 @@ class ThreadMoveApiTests(ThreadPatchApiTestCase):
         self.assertEqual(postreads.count(), 1)
         postreads.get(category=self.dst_category)
 
-    @patch_categories_acl_for_move(
-        {'can_move_threads': True}, {'can_start_threads': 2}
-    )
+    @patch_other_category_acl({'can_start_threads': 2})
+    @patch_category_acl({'can_move_threads': True})
     def test_move_thread_subscriptions(self):
         """api moves thread subscriptions together with thread"""
         self.user.subscription_set.create(
@@ -568,7 +564,7 @@ class ThreadMoveApiTests(ThreadPatchApiTestCase):
         self.assertEqual(self.user.subscription_set.count(), 1)
         self.user.subscription_set.get(category=self.dst_category)
 
-    @patch_categories_acl_for_move({'can_move_threads': False})
+    @patch_category_acl({'can_move_threads': False})
     def test_move_thread_no_permission(self):
         """api move thread to other category with no permission fails"""
         response = self.patch(
@@ -590,7 +586,8 @@ class ThreadMoveApiTests(ThreadPatchApiTestCase):
         thread_json = self.get_thread_json()
         self.assertEqual(thread_json['category']['id'], self.category.pk)
 
-    @patch_category_acl({'can_move_threads': True, 'can_close_threads': False})
+    @patch_other_category_acl({'can_close_threads': False})
+    @patch_category_acl({'can_move_threads': True})
     def test_move_thread_closed_category_no_permission(self):
         """api move thread from closed category with no permission fails"""
         self.category.is_closed = True
@@ -612,7 +609,8 @@ class ThreadMoveApiTests(ThreadPatchApiTestCase):
             response_json['detail'][0], "This category is closed. You can't move it's threads."
         )
 
-    @patch_category_acl({'can_move_threads': True, 'can_close_threads': False})
+    @patch_other_category_acl({'can_close_threads': False})
+    @patch_category_acl({'can_move_threads': True})
     def test_move_closed_thread_no_permission(self):
         """api move closed thread with no permission fails"""
         self.thread.is_closed = True
@@ -634,7 +632,8 @@ class ThreadMoveApiTests(ThreadPatchApiTestCase):
             response_json['detail'][0], "This thread is closed. You can't move it."
         )
 
-    @patch_categories_acl_for_move({'can_move_threads': True}, {'can_see': False})
+    @patch_other_category_acl({'can_see': False})
+    @patch_category_acl({'can_move_threads': True})
     def test_move_thread_no_category_access(self):
         """api move thread to category with no access fails"""
         response = self.patch(
@@ -654,7 +653,8 @@ class ThreadMoveApiTests(ThreadPatchApiTestCase):
         thread_json = self.get_thread_json()
         self.assertEqual(thread_json['category']['id'], self.category.pk)
 
-    @patch_categories_acl_for_move({'can_move_threads': True}, {'can_browse': False})
+    @patch_other_category_acl({'can_browse': False})
+    @patch_category_acl({'can_move_threads': True})
     def test_move_thread_no_category_browse(self):
         """api move thread to category with no browsing access fails"""
         response = self.patch(
@@ -677,9 +677,8 @@ class ThreadMoveApiTests(ThreadPatchApiTestCase):
         thread_json = self.get_thread_json()
         self.assertEqual(thread_json['category']['id'], self.category.pk)
 
-    @patch_categories_acl_for_move(
-        {'can_move_threads': True}, {'can_start_threads': False}
-    )
+    @patch_other_category_acl({'can_start_threads': False})
+    @patch_category_acl({'can_move_threads': True})
     def test_move_thread_no_category_start_threads(self):
         """api move thread to category with no posting access fails"""
         response = self.patch(
@@ -702,9 +701,8 @@ class ThreadMoveApiTests(ThreadPatchApiTestCase):
         thread_json = self.get_thread_json()
         self.assertEqual(thread_json['category']['id'], self.category.pk)
 
-    @patch_categories_acl_for_move(
-        {'can_move_threads': True}, {'can_start_threads': 2}
-    )
+    @patch_other_category_acl({'can_start_threads': 2})
+    @patch_category_acl({'can_move_threads': True})
     def test_move_thread_same_category(self):
         """api move thread to category it's already in fails"""
         response = self.patch(

misago/threads/tests/test_thread_postpatch_api.py

@@ -4,10 +4,10 @@ from datetime import timedelta
 from django.urls import reverse
 from django.utils import timezone
 
-from misago.acl.testutils import override_acl
 from misago.categories.models import Category
 from misago.threads import testutils
 from misago.threads.models import Thread, Post
+from misago.threads.test import patch_category_acl
 from misago.users.testutils import AuthenticatedUserTestCase
 
 
@@ -36,21 +36,6 @@ class ThreadPostPatchApiTestCase(AuthenticatedUserTestCase):
     def refresh_thread(self):
         self.thread = Thread.objects.get(pk=self.thread.pk)
 
-    def override_acl(self, extra_acl=None):
-        new_acl = self.user.acl_cache
-        new_acl['categories'][self.category.pk].update({
-            'can_see': 1,
-            'can_browse': 1,
-            'can_start_threads': 0,
-            'can_reply_threads': 0,
-            'can_edit_posts': 1,
-        })
-
-        if extra_acl:
-            new_acl['categories'][self.category.pk].update(extra_acl)
-
-        override_acl(self.user, new_acl)
-
 
 class PostAddAclApiTests(ThreadPostPatchApiTestCase):
     def test_add_acl_true(self):
@@ -83,10 +68,9 @@ class PostAddAclApiTests(ThreadPostPatchApiTestCase):
 
 
 class PostProtectApiTests(ThreadPostPatchApiTestCase):
+    @patch_category_acl({'can_edit_posts': 2, 'can_protect_posts': True})
     def test_protect_post(self):
         """api makes it possible to protect post"""
-        self.override_acl({'can_protect_posts': 1})
-
         response = self.patch(
             self.api_link, [
                 {
@@ -104,13 +88,12 @@ class PostProtectApiTests(ThreadPostPatchApiTestCase):
         self.refresh_post()
         self.assertTrue(self.post.is_protected)
 
+    @patch_category_acl({'can_edit_posts': 2, 'can_protect_posts': True})
     def test_unprotect_post(self):
         """api makes it possible to unprotect protected post"""
         self.post.is_protected = True
         self.post.save()
 
-        self.override_acl({'can_protect_posts': 1})
-
         response = self.patch(
             self.api_link, [
                 {
@@ -128,14 +111,13 @@ class PostProtectApiTests(ThreadPostPatchApiTestCase):
         self.refresh_post()
         self.assertFalse(self.post.is_protected)
 
+    @patch_category_acl({'can_edit_posts': 2, 'can_protect_posts': True})
     def test_protect_best_answer(self):
         """api makes it possible to protect post"""
         self.thread.set_best_answer(self.user, self.post)
         self.thread.save()
 
         self.assertFalse(self.thread.best_answer_is_protected)
-        
-        self.override_acl({'can_protect_posts': 1})
 
         response = self.patch(
             self.api_link, [
@@ -157,6 +139,7 @@ class PostProtectApiTests(ThreadPostPatchApiTestCase):
         self.refresh_thread()
         self.assertTrue(self.thread.best_answer_is_protected)
 
+    @patch_category_acl({'can_edit_posts': 2, 'can_protect_posts': True})
     def test_unprotect_best_answer(self):
         """api makes it possible to unprotect protected post"""
         self.post.is_protected = True
@@ -167,8 +150,6 @@ class PostProtectApiTests(ThreadPostPatchApiTestCase):
 
         self.assertTrue(self.thread.best_answer_is_protected)
 
-        self.override_acl({'can_protect_posts': 1})
-
         response = self.patch(
             self.api_link, [
                 {
@@ -189,10 +170,9 @@ class PostProtectApiTests(ThreadPostPatchApiTestCase):
         self.refresh_thread()
         self.assertFalse(self.thread.best_answer_is_protected)
 
+    @patch_category_acl({'can_edit_posts': 2, 'can_protect_posts': False})
     def test_protect_post_no_permission(self):
         """api validates permission to protect post"""
-        self.override_acl({'can_protect_posts': 0})
-
         response = self.patch(
             self.api_link, [
                 {
@@ -210,13 +190,12 @@ class PostProtectApiTests(ThreadPostPatchApiTestCase):
         self.refresh_post()
         self.assertFalse(self.post.is_protected)
 
+    @patch_category_acl({'can_edit_posts': 2, 'can_protect_posts': False})
     def test_unprotect_post_no_permission(self):
         """api validates permission to unprotect post"""
         self.post.is_protected = True
         self.post.save()
 
-        self.override_acl({'can_protect_posts': 0})
-
         response = self.patch(
             self.api_link, [
                 {
@@ -234,10 +213,9 @@ class PostProtectApiTests(ThreadPostPatchApiTestCase):
         self.refresh_post()
         self.assertTrue(self.post.is_protected)
 
+    @patch_category_acl({'can_edit_posts': 0, 'can_protect_posts': True})
     def test_protect_post_not_editable(self):
         """api validates if we can edit post we want to protect"""
-        self.override_acl({'can_edit_posts': 0, 'can_protect_posts': 1})
-
         response = self.patch(
             self.api_link, [
                 {
@@ -255,13 +233,12 @@ class PostProtectApiTests(ThreadPostPatchApiTestCase):
         self.refresh_post()
         self.assertFalse(self.post.is_protected)
 
+    @patch_category_acl({'can_edit_posts': 0, 'can_protect_posts': True})
     def test_unprotect_post_not_editable(self):
         """api validates if we can edit post we want to protect"""
         self.post.is_protected = True
         self.post.save()
 
-        self.override_acl({'can_edit_posts': 0, 'can_protect_posts': 1})
-
         response = self.patch(
             self.api_link, [
                 {
@@ -281,13 +258,12 @@ class PostProtectApiTests(ThreadPostPatchApiTestCase):
 
 
 class PostApproveApiTests(ThreadPostPatchApiTestCase):
+    @patch_category_acl({'can_approve_content': True})
     def test_approve_post(self):
         """api makes it possible to approve post"""
         self.post.is_unapproved = True
         self.post.save()
 
-        self.override_acl({'can_approve_content': 1})
-
         response = self.patch(
             self.api_link, [
                 {
@@ -305,10 +281,9 @@ class PostApproveApiTests(ThreadPostPatchApiTestCase):
         self.refresh_post()
         self.assertFalse(self.post.is_unapproved)
 
+    @patch_category_acl({'can_approve_content': True})
     def test_unapprove_post(self):
         """unapproving posts is not supported by api"""
-        self.override_acl({'can_approve_content': 1})
-
         response = self.patch(
             self.api_link, [
                 {
@@ -326,13 +301,12 @@ class PostApproveApiTests(ThreadPostPatchApiTestCase):
         self.refresh_post()
         self.assertFalse(self.post.is_unapproved)
 
+    @patch_category_acl({'can_approve_content': False})
     def test_approve_post_no_permission(self):
         """api validates approval permission"""
         self.post.is_unapproved = True
         self.post.save()
 
-        self.override_acl({'can_approve_content': 0})
-
         response = self.patch(
             self.api_link, [
                 {
@@ -350,6 +324,7 @@ class PostApproveApiTests(ThreadPostPatchApiTestCase):
         self.refresh_post()
         self.assertTrue(self.post.is_unapproved)
 
+    @patch_category_acl({'can_approve_content': True, 'can_close_threads': False})
     def test_approve_post_closed_thread_no_permission(self):
         """api validates approval permission in closed threads"""
         self.post.is_unapproved = True
@@ -358,11 +333,6 @@ class PostApproveApiTests(ThreadPostPatchApiTestCase):
         self.thread.is_closed = True
         self.thread.save()
 
-        self.override_acl({
-            'can_approve_content': 1,
-            'can_close_threads': 0,
-        })
-
         response = self.patch(
             self.api_link, [
                 {
@@ -383,6 +353,7 @@ class PostApproveApiTests(ThreadPostPatchApiTestCase):
         self.refresh_post()
         self.assertTrue(self.post.is_unapproved)
 
+    @patch_category_acl({'can_approve_content': True, 'can_close_threads': False})
     def test_approve_post_closed_category_no_permission(self):
         """api validates approval permission in closed categories"""
         self.post.is_unapproved = True
@@ -391,11 +362,6 @@ class PostApproveApiTests(ThreadPostPatchApiTestCase):
         self.category.is_closed = True
         self.category.save()
 
-        self.override_acl({
-            'can_approve_content': 1,
-            'can_close_threads': 0,
-        })
-
         response = self.patch(
             self.api_link, [
                 {
@@ -416,6 +382,7 @@ class PostApproveApiTests(ThreadPostPatchApiTestCase):
         self.refresh_post()
         self.assertTrue(self.post.is_unapproved)
 
+    @patch_category_acl({'can_approve_content': True})
     def test_approve_first_post(self):
         """api approve first post fails"""
         self.post.is_unapproved = True
@@ -424,8 +391,6 @@ class PostApproveApiTests(ThreadPostPatchApiTestCase):
         self.thread.set_first_post(self.post)
         self.thread.save()
 
-        self.override_acl({'can_approve_content': 1})
-
         response = self.patch(
             self.api_link, [
                 {
@@ -443,14 +408,13 @@ class PostApproveApiTests(ThreadPostPatchApiTestCase):
         self.refresh_post()
         self.assertTrue(self.post.is_unapproved)
 
+    @patch_category_acl({'can_approve_content': True})
     def test_approve_hidden_post(self):
         """api approve hidden post fails"""
         self.post.is_unapproved = True
         self.post.is_hidden = True
         self.post.save()
 
-        self.override_acl({'can_approve_content': 1})
-
         response = self.patch(
             self.api_link, [
                 {
@@ -472,10 +436,9 @@ class PostApproveApiTests(ThreadPostPatchApiTestCase):
 
 
 class PostHideApiTests(ThreadPostPatchApiTestCase):
+    @patch_category_acl({'can_hide_posts': 1})
     def test_hide_post(self):
         """api makes it possible to hide post"""
-        self.override_acl({'can_hide_posts': 1})
-
         response = self.patch(
             self.api_link, [
                 {
@@ -493,10 +456,9 @@ class PostHideApiTests(ThreadPostPatchApiTestCase):
         self.refresh_post()
         self.assertTrue(self.post.is_hidden)
 
+    @patch_category_acl({'can_hide_posts': 1})
     def test_hide_own_post(self):
         """api makes it possible to hide owned post"""
-        self.override_acl({'can_hide_own_posts': 1})
-
         response = self.patch(
             self.api_link, [
                 {
@@ -514,10 +476,9 @@ class PostHideApiTests(ThreadPostPatchApiTestCase):
         self.refresh_post()
         self.assertTrue(self.post.is_hidden)
 
+    @patch_category_acl({'can_hide_posts': 0})
     def test_hide_post_no_permission(self):
         """api hide post with no permission fails"""
-        self.override_acl({'can_hide_posts': 0})
-
         response = self.patch(
             self.api_link, [
                 {
@@ -535,13 +496,12 @@ class PostHideApiTests(ThreadPostPatchApiTestCase):
         self.refresh_post()
         self.assertFalse(self.post.is_hidden)
 
+    @patch_category_acl({'can_hide_own_posts': 1, 'can_protect_posts': False})
     def test_hide_own_protected_post(self):
         """api validates if we are trying to hide protected post"""
         self.post.is_protected = True
         self.post.save()
 
-        self.override_acl({'can_protect_posts': 0, 'can_hide_own_posts': 1})
-
         response = self.patch(
             self.api_link, [
                 {
@@ -559,13 +519,12 @@ class PostHideApiTests(ThreadPostPatchApiTestCase):
         self.refresh_post()
         self.assertFalse(self.post.is_hidden)
 
+    @patch_category_acl({'can_hide_own_posts': True})
     def test_hide_other_user_post(self):
         """api validates post ownership when hiding"""
         self.post.poster = None
         self.post.save()
 
-        self.override_acl({'can_hide_own_posts': 1})
-
         response = self.patch(
             self.api_link, [
                 {
@@ -585,13 +544,12 @@ class PostHideApiTests(ThreadPostPatchApiTestCase):
         self.refresh_post()
         self.assertFalse(self.post.is_hidden)
 
+    @patch_category_acl({'post_edit_time': 1, 'can_hide_own_posts': True})
     def test_hide_own_post_after_edit_time(self):
         """api validates if we are trying to hide post after edit time"""
         self.post.posted_on = timezone.now() - timedelta(minutes=10)
         self.post.save()
 
-        self.override_acl({'post_edit_time': 1, 'can_hide_own_posts': 1})
-
         response = self.patch(
             self.api_link, [
                 {
@@ -611,13 +569,12 @@ class PostHideApiTests(ThreadPostPatchApiTestCase):
         self.refresh_post()
         self.assertFalse(self.post.is_hidden)
 
+    @patch_category_acl({'can_close_threads': False, 'can_hide_own_posts': True})
     def test_hide_post_in_closed_thread(self):
         """api validates if we are trying to hide post in closed thread"""
         self.thread.is_closed = True
         self.thread.save()
 
-        self.override_acl({'can_hide_own_posts': 1})
-
         response = self.patch(
             self.api_link, [
                 {
@@ -637,13 +594,12 @@ class PostHideApiTests(ThreadPostPatchApiTestCase):
         self.refresh_post()
         self.assertFalse(self.post.is_hidden)
 
+    @patch_category_acl({'can_close_threads': False, 'can_hide_own_posts': True})
     def test_hide_post_in_closed_category(self):
         """api validates if we are trying to hide post in closed category"""
         self.category.is_closed = True
         self.category.save()
 
-        self.override_acl({'can_hide_own_posts': 1})
-
         response = self.patch(
             self.api_link, [
                 {
@@ -663,13 +619,12 @@ class PostHideApiTests(ThreadPostPatchApiTestCase):
         self.refresh_post()
         self.assertFalse(self.post.is_hidden)
 
+    @patch_category_acl({'can_hide_posts': 1})
     def test_hide_first_post(self):
         """api hide first post fails"""
         self.thread.set_first_post(self.post)
         self.thread.save()
 
-        self.override_acl({'can_hide_posts': 1})
-
         response = self.patch(
             self.api_link, [
                 {
@@ -684,13 +639,12 @@ class PostHideApiTests(ThreadPostPatchApiTestCase):
         response_json = response.json()
         self.assertEqual(response_json['detail'][0], "You can't hide thread's first post.")
 
+    @patch_category_acl({'can_hide_posts': 1})
     def test_hide_best_answer(self):
         """api hide first post fails"""
         self.thread.set_best_answer(self.user, self.post)
         self.thread.save()
 
-        self.override_acl({'can_hide_posts': 2})
-
         response = self.patch(
             self.api_link, [
                 {
@@ -708,6 +662,7 @@ class PostHideApiTests(ThreadPostPatchApiTestCase):
 
 
 class PostUnhideApiTests(ThreadPostPatchApiTestCase):
+    @patch_category_acl({'can_hide_posts': 1})
     def test_show_post(self):
         """api makes it possible to unhide post"""
         self.post.is_hidden = True
@@ -716,8 +671,6 @@ class PostUnhideApiTests(ThreadPostPatchApiTestCase):
         self.refresh_post()
         self.assertTrue(self.post.is_hidden)
 
-        self.override_acl({'can_hide_posts': 1})
-
         response = self.patch(
             self.api_link, [
                 {
@@ -735,6 +688,7 @@ class PostUnhideApiTests(ThreadPostPatchApiTestCase):
         self.refresh_post()
         self.assertFalse(self.post.is_hidden)
 
+    @patch_category_acl({'can_hide_own_posts': 1})
     def test_show_own_post(self):
         """api makes it possible to unhide owned post"""
         self.post.is_hidden = True
@@ -743,8 +697,6 @@ class PostUnhideApiTests(ThreadPostPatchApiTestCase):
         self.refresh_post()
         self.assertTrue(self.post.is_hidden)
 
-        self.override_acl({'can_hide_own_posts': 1})
-
         response = self.patch(
             self.api_link, [
                 {
@@ -762,6 +714,7 @@ class PostUnhideApiTests(ThreadPostPatchApiTestCase):
         self.refresh_post()
         self.assertFalse(self.post.is_hidden)
 
+    @patch_category_acl({'can_hide_posts': 0})
     def test_show_post_no_permission(self):
         """api unhide post with no permission fails"""
         self.post.is_hidden = True
@@ -770,8 +723,6 @@ class PostUnhideApiTests(ThreadPostPatchApiTestCase):
         self.refresh_post()
         self.assertTrue(self.post.is_hidden)
 
-        self.override_acl({'can_hide_posts': 0})
-
         response = self.patch(
             self.api_link, [
                 {
@@ -789,13 +740,12 @@ class PostUnhideApiTests(ThreadPostPatchApiTestCase):
         self.refresh_post()
         self.assertTrue(self.post.is_hidden)
 
+    @patch_category_acl({'can_protect_posts': 0, 'can_hide_own_posts': 1})
     def test_show_own_protected_post(self):
         """api validates if we are trying to reveal protected post"""
         self.post.is_hidden = True
         self.post.save()
 
-        self.override_acl({'can_protect_posts': 0, 'can_hide_own_posts': 1})
-
         self.post.is_protected = True
         self.post.save()
 
@@ -818,14 +768,13 @@ class PostUnhideApiTests(ThreadPostPatchApiTestCase):
         self.refresh_post()
         self.assertTrue(self.post.is_hidden)
 
+    @patch_category_acl({'can_hide_own_posts': 1})
     def test_show_other_user_post(self):
         """api validates post ownership when revealing"""
         self.post.is_hidden = True
         self.post.poster = None
         self.post.save()
 
-        self.override_acl({'can_hide_own_posts': 1})
-
         response = self.patch(
             self.api_link, [
                 {
@@ -845,14 +794,13 @@ class PostUnhideApiTests(ThreadPostPatchApiTestCase):
         self.refresh_post()
         self.assertTrue(self.post.is_hidden)
 
+    @patch_category_acl({'post_edit_time': 1, 'can_hide_own_posts': 1})
     def test_show_own_post_after_edit_time(self):
         """api validates if we are trying to reveal post after edit time"""
         self.post.is_hidden = True
         self.post.posted_on = timezone.now() - timedelta(minutes=10)
         self.post.save()
 
-        self.override_acl({'post_edit_time': 1, 'can_hide_own_posts': 1})
-
         response = self.patch(
             self.api_link, [
                 {
@@ -872,6 +820,7 @@ class PostUnhideApiTests(ThreadPostPatchApiTestCase):
         self.refresh_post()
         self.assertTrue(self.post.is_hidden)
 
+    @patch_category_acl({'can_close_threads': False, 'can_hide_own_posts': 1})
     def test_show_post_in_closed_thread(self):
         """api validates if we are trying to reveal post in closed thread"""
         self.thread.is_closed = True
@@ -880,8 +829,6 @@ class PostUnhideApiTests(ThreadPostPatchApiTestCase):
         self.post.is_hidden = True
         self.post.save()
 
-        self.override_acl({'can_hide_own_posts': 1})
-
         response = self.patch(
             self.api_link, [
                 {
@@ -901,6 +848,7 @@ class PostUnhideApiTests(ThreadPostPatchApiTestCase):
         self.refresh_post()
         self.assertTrue(self.post.is_hidden)
 
+    @patch_category_acl({'can_close_threads': False, 'can_hide_own_posts': 1})
     def test_show_post_in_closed_category(self):
         """api validates if we are trying to reveal post in closed category"""
         self.category.is_closed = True
@@ -909,8 +857,6 @@ class PostUnhideApiTests(ThreadPostPatchApiTestCase):
         self.post.is_hidden = True
         self.post.save()
 
-        self.override_acl({'can_hide_own_posts': 1})
-
         response = self.patch(
             self.api_link, [
                 {
@@ -930,13 +876,12 @@ class PostUnhideApiTests(ThreadPostPatchApiTestCase):
         self.refresh_post()
         self.assertTrue(self.post.is_hidden)
 
+    @patch_category_acl({'can_hide_posts': 1})
     def test_show_first_post(self):
         """api unhide first post fails"""
         self.thread.set_first_post(self.post)
         self.thread.save()
 
-        self.override_acl({'can_hide_posts': 1})
-
         response = self.patch(
             self.api_link, [
                 {
@@ -953,10 +898,9 @@ class PostUnhideApiTests(ThreadPostPatchApiTestCase):
 
 
 class PostLikeApiTests(ThreadPostPatchApiTestCase):
+    @patch_category_acl({'can_see_posts_likes': 0})
     def test_like_no_see_permission(self):
         """api validates user's permission to see posts likes"""
-        self.override_acl({'can_see_posts_likes': 0})
-
         response = self.patch(
             self.api_link, [
                 {
@@ -972,10 +916,9 @@ class PostLikeApiTests(ThreadPostPatchApiTestCase):
             "detail": ["You can't like posts in this category."],
         })
 
+    @patch_category_acl({'can_like_posts': False})
     def test_like_no_like_permission(self):
         """api validates user's permission to see posts likes"""
-        self.override_acl({'can_like_posts': False})
-
         response = self.patch(
             self.api_link, [
                 {
@@ -1213,10 +1156,9 @@ class EventAddAclApiTests(ThreadEventPatchApiTestCase):
 
 
 class EventHideApiTests(ThreadEventPatchApiTestCase):
+    @patch_category_acl({'can_hide_events': 1})
     def test_hide_event(self):
         """api makes it possible to hide event"""
-        self.override_acl({'can_hide_events': 1})
-
         response = self.patch(
             self.api_link, [
                 {
@@ -1231,6 +1173,7 @@ class EventHideApiTests(ThreadEventPatchApiTestCase):
         self.refresh_event()
         self.assertTrue(self.event.is_hidden)
 
+    @patch_category_acl({'can_hide_events': 1})
     def test_show_event(self):
         """api makes it possible to unhide event"""
         self.event.is_hidden = True
@@ -1239,8 +1182,6 @@ class EventHideApiTests(ThreadEventPatchApiTestCase):
         self.refresh_event()
         self.assertTrue(self.event.is_hidden)
 
-        self.override_acl({'can_hide_events': 1})
-
         response = self.patch(
             self.api_link, [
                 {
@@ -1255,10 +1196,9 @@ class EventHideApiTests(ThreadEventPatchApiTestCase):
         self.refresh_event()
         self.assertFalse(self.event.is_hidden)
 
+    @patch_category_acl({'can_hide_events': 0})
     def test_hide_event_no_permission(self):
         """api hide event with no permission fails"""
-        self.override_acl({'can_hide_events': 0})
-
         response = self.patch(
             self.api_link, [
                 {
@@ -1278,13 +1218,9 @@ class EventHideApiTests(ThreadEventPatchApiTestCase):
         self.refresh_event()
         self.assertFalse(self.event.is_hidden)
 
+    @patch_category_acl({'can_close_threads': False, 'can_hide_events': 1})
     def test_hide_event_closed_thread_no_permission(self):
         """api hide event in closed thread with no permission fails"""
-        self.override_acl({
-            'can_hide_events': 1,
-            'can_close_threads': 0,
-        })
-
         self.thread.is_closed = True
         self.thread.save()
 
@@ -1307,13 +1243,9 @@ class EventHideApiTests(ThreadEventPatchApiTestCase):
         self.refresh_event()
         self.assertFalse(self.event.is_hidden)
 
+    @patch_category_acl({'can_close_threads': False, 'can_hide_events': 1})
     def test_hide_event_closed_category_no_permission(self):
         """api hide event in closed category with no permission fails"""
-        self.override_acl({
-            'can_hide_events': 1,
-            'can_close_threads': 0,
-        })
-
         self.category.is_closed = True
         self.category.save()
 
@@ -1336,6 +1268,7 @@ class EventHideApiTests(ThreadEventPatchApiTestCase):
         self.refresh_event()
         self.assertFalse(self.event.is_hidden)
 
+    @patch_category_acl({'can_hide_events': 0})
     def test_show_event_no_permission(self):
         """api unhide event with no permission fails"""
         self.event.is_hidden = True
@@ -1344,8 +1277,6 @@ class EventHideApiTests(ThreadEventPatchApiTestCase):
         self.refresh_event()
         self.assertTrue(self.event.is_hidden)
 
-        self.override_acl({'can_hide_events': 0})
-
         response = self.patch(
             self.api_link, [
                 {
@@ -1357,16 +1288,12 @@ class EventHideApiTests(ThreadEventPatchApiTestCase):
         )
         self.assertEqual(response.status_code, 404)
 
+    @patch_category_acl({'can_close_threads': False, 'can_hide_events': 1})
     def test_show_event_closed_thread_no_permission(self):
         """api show event in closed thread with no permission fails"""
         self.event.is_hidden = True
         self.event.save()
 
-        self.override_acl({
-            'can_hide_events': 1,
-            'can_close_threads': 0,
-        })
-
         self.thread.is_closed = True
         self.thread.save()
 
@@ -1389,16 +1316,12 @@ class EventHideApiTests(ThreadEventPatchApiTestCase):
         self.refresh_event()
         self.assertTrue(self.event.is_hidden)
 
+    @patch_category_acl({'can_close_threads': False, 'can_hide_events': 1})
     def test_show_event_closed_category_no_permission(self):
         """api show event in closed category with no permission fails"""
         self.event.is_hidden = True
         self.event.save()
 
-        self.override_acl({
-            'can_hide_events': 1,
-            'can_close_threads': 0,
-        })
-
         self.category.is_closed = True
         self.category.save()