def test_admins_can_edit_notes(mockdata, client, session): with current_app.test_request_context(): login_admin(client) officer = Officer.query.first() old_note = 'meow' new_note = 'I can haz editing notez' original_date = datetime.now() note = Note( text_contents=old_note, officer_id=officer.id, creator_id=1, date_created=original_date, date_updated=original_date, ) db.session.add(note) db.session.commit() form = EditTextForm(text_contents=new_note, ) rv = client.post( url_for('main.note_api', officer_id=officer.id, obj_id=note.id) + '/edit', data=form.data, follow_redirects=True) assert rv.status_code == 200 assert 'updated' in rv.data assert note.text_contents == new_note assert note.date_updated > original_date
def test_ac_can_edit_others_descriptions(mockdata, client, session): with current_app.test_request_context(): login_ac(client) ac = User.query.filter_by(email='*****@*****.**').first() officer = Officer.query.filter_by(department_id=AC_DEPT).first() old_description = 'meow' new_description = 'I can haz editing descriptionz' original_date = datetime.now() description = Description( text_contents=old_description, officer_id=officer.id, creator_id=ac.id - 1, date_created=original_date, date_updated=original_date, ) db.session.add(description) db.session.commit() form = EditTextForm(text_contents=new_description, ) rv = client.post(url_for('main.description_api', officer_id=officer.id, obj_id=description.id) + '/edit', data=form.data, follow_redirects=True) assert rv.status_code == 200 assert 'updated' in rv.data assert description.text_contents == new_description assert description.date_updated > original_date
def test_ac_cannot_edit_notes_not_in_their_department(mockdata, client, session): with current_app.test_request_context(): login_ac(client) officer = Officer.query.except_( Officer.query.filter_by(department_id=AC_DEPT)).first() ac = User.query.filter_by(email='*****@*****.**').first() old_note = 'meow' new_note = 'I can haz editing notez' original_date = datetime.now() note = Note( text_contents=old_note, officer_id=officer.id, creator_id=ac.id, date_created=original_date, date_updated=original_date, ) db.session.add(note) db.session.commit() form = EditTextForm(text_contents=new_note, ) rv = client.post( url_for('main.note_api', officer_id=officer.id, obj_id=note.id) + '/edit', data=form.data, follow_redirects=True) assert rv.status_code == 403
def test_admins_can_edit_descriptions(mockdata, client, session): with current_app.test_request_context(): login_admin(client) officer = Officer.query.first() old_description = 'meow' new_description = 'I can haz editing descriptionz' original_date = datetime.now() description = Description( text_contents=old_description, officer_id=officer.id, creator_id=1, date_created=original_date, date_updated=original_date, ) db.session.add(description) db.session.commit() form = EditTextForm( text_contents=new_description, ) rv = client.post( url_for('main.description_api', officer_id=officer.id, obj_id=description.id) + '/edit', data=form.data, follow_redirects=True ) assert rv.status_code == 200 assert 'updated' in rv.data.decode('utf-8') assert description.text_contents == new_description assert description.date_updated > original_date