def test_admins_can_edit_descriptions(mockdata, client, session):
with current_app.test_request_context():
login_admin(client)
officer = Officer.query.first()
old_description = 'meow'
new_description = 'I can haz editing descriptionz'
original_date = datetime.now()
description = Description(
text_contents=old_description,
officer_id=officer.id,
creator_id=1,
date_created=original_date,
date_updated=original_date,
)
db.session.add(description)
db.session.commit()
form = EditTextForm(text_contents=new_description, )
rv = client.post(url_for('main.description_api',
officer_id=officer.id,
obj_id=description.id) + '/edit',
data=form.data,
follow_redirects=True)
assert rv.status_code == 200
assert 'updated' in rv.data
assert description.text_contents == new_description
assert description.date_updated > original_date
def test_ac_cannot_edit_descriptions_not_in_their_department(
mockdata, client, session):
with current_app.test_request_context():
login_ac(client)
officer = Officer.query.except_(
Officer.query.filter_by(department_id=AC_DEPT)).first()
ac = User.query.filter_by(email='*****@*****.**').first()
old_description = 'meow'
new_description = 'I can haz editing descriptionz'
original_date = datetime.now()
description = Description(
text_contents=old_description,
officer_id=officer.id,
creator_id=ac.id,
date_created=original_date,
date_updated=original_date,
)
db.session.add(description)
db.session.commit()
form = EditTextForm(text_contents=new_description, )
rv = client.post(url_for('main.description_api',
officer_id=officer.id,
obj_id=description.id) + '/edit',
data=form.data,
follow_redirects=True)
assert rv.status_code == 403
def test_acs_cannot_get_edit_form_for_their_non_dept(mockdata, client, session):
with current_app.test_request_context():
login_ac(client)
officer = Officer.query.except_(Officer.query.filter_by(department_id=AC_DEPT)).first()
description = Description(
text_contents='Hello',
officer_id=officer.id,
creator_id=2,
date_created=datetime.now(),
date_updated=datetime.now(),
)
db.session.add(description)
db.session.commit()
rv = client.get(
url_for('main.description_api', obj_id=description.id, officer_id=officer.id) + '/edit',
follow_redirects=True
)
assert rv.status_code == 403
def test_users_can_see_descriptions(mockdata, client, session):
with current_app.test_request_context():
officer = Officer.query.first()
text_contents = 'You can see me'
description = Description(
text_contents=text_contents,
officer_id=officer.id,
creator_id=1,
date_created=datetime.now(),
date_updated=datetime.now(),
)
db.session.add(description)
db.session.commit()
rv = client.get(url_for('main.officer_profile', officer_id=officer.id),
follow_redirects=True)
# ensures we're looking for a description that exists
assert description in officer.descriptions
assert rv.status_code == 200
assert text_contents in rv.data
def test_admins_can_see_descriptions(mockdata, client, session):
with current_app.test_request_context():
login_admin(client)
officer = Officer.query.first()
text_contents = 'Kittens see everything'
description = Description(
text_contents=text_contents,
officer_id=officer.id,
creator_id=1,
date_created=datetime.now(),
date_updated=datetime.now(),
)
db.session.add(description)
db.session.commit()
rv = client.get(url_for('main.officer_profile', officer_id=officer.id),
follow_redirects=True)
assert description in officer.descriptions
assert rv.status_code == 200
# import pdb; pdb.set_trace()
assert text_contents in rv.data
def test_acs_can_get_others_edit_form(mockdata, client, session):
with current_app.test_request_context():
login_ac(client)
officer = Officer.query.filter_by(department_id=AC_DEPT).first()
ac = User.query.filter_by(email='*****@*****.**').first()
description = Description(
text_contents='Hello',
officer_id=officer.id,
creator_id=ac.id - 1,
date_created=datetime.now(),
date_updated=datetime.now(),
)
db.session.add(description)
db.session.commit()
rv = client.get(url_for('main.description_api',
obj_id=description.id,
officer_id=officer.id) + '/edit',
follow_redirects=True)
assert rv.status_code == 200
assert 'Update' in rv.data
def test_acs_can_see_descriptions_in_their_department(mockdata, client,
session):
with current_app.test_request_context():
login_ac(client)
officer = Officer.query.filter_by(department_id=AC_DEPT).first()
text_contents = 'I can haz descriptionz'
description = Description(
text_contents=text_contents,
officer_id=officer.id,
creator_id=1,
date_created=datetime.now(),
date_updated=datetime.now(),
)
db.session.add(description)
db.session.commit()
rv = client.get(url_for('main.officer_profile', officer_id=officer.id),
follow_redirects=True)
# ensures we're looking for a description that exists
assert description in officer.descriptions
assert rv.status_code == 200
assert text_contents in rv.data
def test_acs_can_delete_their_descriptions_in_their_department(mockdata, client, session):
with current_app.test_request_context():
login_ac(client)
ac = User.query.filter_by(email='*****@*****.**').first()
officer = Officer.query.filter_by(department_id=AC_DEPT).first()
description = Description(
text_contents='Hello',
officer_id=officer.id,
creator_id=ac.id,
date_created=datetime.now(),
date_updated=datetime.now(),
)
db.session.add(description)
db.session.commit()
description_id = description.id
rv = client.post(
url_for('main.description_api', officer_id=officer.id, obj_id=description.id) + '/delete',
follow_redirects=True
)
assert rv.status_code == 200
deleted = Description.query.get(description_id)
assert deleted is None
