def test_admins_can_edit_notes(mockdata, client, session):
with current_app.test_request_context():
login_admin(client)
officer = Officer.query.first()
old_note = 'meow'
new_note = 'I can haz editing notez'
original_date = datetime.now()
note = Note(
text_contents=old_note,
officer_id=officer.id,
creator_id=1,
date_created=original_date,
date_updated=original_date,
)
db.session.add(note)
db.session.commit()
form = EditTextForm(text_contents=new_note, )
rv = client.post(
url_for('main.note_api', officer_id=officer.id, obj_id=note.id) +
'/edit',
data=form.data,
follow_redirects=True)
assert rv.status_code == 200
assert 'updated' in rv.data
assert note.text_contents == new_note
assert note.date_updated > original_date
def test_ac_can_edit_others_descriptions(mockdata, client, session):
with current_app.test_request_context():
login_ac(client)
ac = User.query.filter_by(email='*****@*****.**').first()
officer = Officer.query.filter_by(department_id=AC_DEPT).first()
old_description = 'meow'
new_description = 'I can haz editing descriptionz'
original_date = datetime.now()
description = Description(
text_contents=old_description,
officer_id=officer.id,
creator_id=ac.id - 1,
date_created=original_date,
date_updated=original_date,
)
db.session.add(description)
db.session.commit()
form = EditTextForm(text_contents=new_description, )
rv = client.post(url_for('main.description_api',
officer_id=officer.id,
obj_id=description.id) + '/edit',
data=form.data,
follow_redirects=True)
assert rv.status_code == 200
assert 'updated' in rv.data
assert description.text_contents == new_description
assert description.date_updated > original_date
def test_ac_cannot_edit_notes_not_in_their_department(mockdata, client,
session):
with current_app.test_request_context():
login_ac(client)
officer = Officer.query.except_(
Officer.query.filter_by(department_id=AC_DEPT)).first()
ac = User.query.filter_by(email='*****@*****.**').first()
old_note = 'meow'
new_note = 'I can haz editing notez'
original_date = datetime.now()
note = Note(
text_contents=old_note,
officer_id=officer.id,
creator_id=ac.id,
date_created=original_date,
date_updated=original_date,
)
db.session.add(note)
db.session.commit()
form = EditTextForm(text_contents=new_note, )
rv = client.post(
url_for('main.note_api', officer_id=officer.id, obj_id=note.id) +
'/edit',
data=form.data,
follow_redirects=True)
assert rv.status_code == 403
def test_admins_can_edit_descriptions(mockdata, client, session):
with current_app.test_request_context():
login_admin(client)
officer = Officer.query.first()
old_description = 'meow'
new_description = 'I can haz editing descriptionz'
original_date = datetime.now()
description = Description(
text_contents=old_description,
officer_id=officer.id,
creator_id=1,
date_created=original_date,
date_updated=original_date,
)
db.session.add(description)
db.session.commit()
form = EditTextForm(
text_contents=new_description,
)
rv = client.post(
url_for('main.description_api', officer_id=officer.id, obj_id=description.id) + '/edit',
data=form.data,
follow_redirects=True
)
assert rv.status_code == 200
assert 'updated' in rv.data.decode('utf-8')
assert description.text_contents == new_description
assert description.date_updated > original_date
