Added some tests, which are always good. Right?

README.md

@@ -111,4 +111,10 @@ Flask-Security comes packed with a few Flask-Script commands. They are:
 * `flask.ext.security.script.DeactivateUserCommand`
 * `flask.ext.security.script.ActivateUserCommand`
 
-Register these on your script manager for pure convenience.
+Register these on your script manager for pure convenience.
+
+## Contributing
+
+Feel free to fork and contribute. If you decided to do so, just be sure to include relevant tests that you feel are necessary. To run the tests, please provide instructions for any requirements. For instance, if you write a new datastore implementation, please provide instructions on how best to setup a connection when testing.
+
+If you plan on running all the provided tests you'll need a local installation of MongoDB running on the standard port 27017 without username/password protection.

flask_security/__init__.py

@@ -177,7 +177,7 @@ class UserMixin(BaseUserMixin):
         return self.active
     
     def has_role(self, role):
-        if type(role) is StringType:
+        if not isinstance(role, Role):
             role = Role(name=role)
         return role in self.roles
     
@@ -188,7 +188,7 @@ class UserMixin(BaseUserMixin):
 class AnonymousUser(AnonymousUserBase):
     def __init__(self):
         super(AnonymousUser, self).__init__()
-        self.roles = [] # TODO: Make this immutable
+        self.roles = [] # TODO: Make this immutable?
         
     def has_role(self, *args):
         return False

tests/unit_tests.py

@@ -0,0 +1,44 @@
+import unittest
+import flask_security
+from flask_security import RoleMixin, UserMixin, AnonymousUser
+
+class Role(RoleMixin):
+    def __init__(self, name, description=None):
+        self.name = name
+        self.description = description
+
+
+class User(UserMixin):
+    def __init__(self, username, email, roles):
+        self.username = username
+        self.email = email
+        self.roles = roles
+    
+# set the models or we'll get errors
+flask_security.User = User
+flask_security.Role = Role
+    
+admin = Role('admin')
+admin2 = Role('admin')
+editor = Role('editor')
+
+user = User('matt', 'matt@lp.com', [admin, editor])
+
+class SecurityEntityTests(unittest.TestCase):
+    
+    def test_role_mixin_equal(self):        
+        self.assertEqual(admin, admin2)
+    
+    def test_role_mixin_not_equal(self):        
+        self.assertNotEqual(admin, editor)
+        
+    def test_user_mixin_has_role_with_string(self):
+        self.assertTrue(user.has_role('admin'))
+        
+    def test_user_mixin_has_role_with_role_obj(self):
+        self.assertTrue(user.has_role(Role('admin')))
+        
+    def test_anonymous_user_has_no_roles(self):
+        au = AnonymousUser()
+        self.assertEqual(0, len(au.roles))
+        self.assertFalse(au.has_role('admin'))