def set_issue(db_user: User, info: str, long_info: str, title: str,
db_lang: Language, is_public: bool, is_read_only: bool) -> dict:
"""
Sets new issue, which will be a new discussion
:param db_user: User
:param info: Short information about the new issue
:param long_info: Long information about the new issue
:param title: Title of the new issue
:param db_lang: Language
:param is_public: Boolean
:param is_read_only: Boolean
:rtype: dict
:return: Collection with information about the new issue
"""
DBDiscussionSession.add(
Issue(title=title,
info=info,
long_info=long_info,
author_uid=db_user.uid,
is_read_only=is_read_only,
is_private=not is_public,
lang_uid=db_lang.uid))
DBDiscussionSession.flush()
db_issue = DBDiscussionSession.query(Issue).filter(
Issue.title == title, Issue.info == info).first()
return {'issue': get_issue_dict_for(db_issue, 0, db_lang.ui_locales)}
def set_discussions_properties(db_user: User, db_issue: Issue, value,
iproperty, translator) -> dict:
"""
:param db_user: User
:param db_issue: Issue
:param value: The value which should be assigned to property
:param iproperty: Property of Issue, e.g. is_disabled
:param translator:
:return:
"""
if db_issue.author_uid != db_user.uid and not user.is_admin(
db_user.nickname):
return {'error': translator.get(_.noRights)}
if iproperty == 'enable':
db_issue.set_disabled(not value)
elif iproperty == 'public':
db_issue.set_private(not value)
elif iproperty == 'writable':
db_issue.set_read_only(not value)
else:
return {'error': translator.get(_.internalKeyError)}
DBDiscussionSession.add(db_issue)
DBDiscussionSession.flush()
transaction.commit()
return {'error': ''}
def test_patch_issue(self):
updated_issue = {
"title": "kads änd dokz",
"id": 60,
"long_info": "tl;dr",
"something": "else"
}
# test without token
request = construct_dummy_request(matchdict={"slug": "cat-or-dog"},
json_body=updated_issue)
response: Response = apiviews.ApiIssue(request).patch()
self.assertEqual(
response.status_int, 401,
"Should only be possible with a token for the admin or the author of the issue"
)
# test with insufficent token
request = create_request_with_token_header(
json_body=updated_issue, match_dict={"slug": "cat-or-dog"})
response: Response = apiviews.ApiIssue(request).patch()
self.assertEqual(
response.status_int, 401,
"Walter should only do this, if he is admin or author of the issue"
)
# just right
request = create_request_with_token_header(
json_body=updated_issue,
match_dict={"slug": "cat-or-dog"},
nickname="Tobias")
issue: Issue = apiviews.ApiIssue(request).patch()
db_issue: Issue = Issue.by_slug("cat-or-dog")
self.assertIs(
issue, db_issue,
"Tobias is admin AND author of the issue, he should be authorized."
)
self.assertEqual(db_issue.title, updated_issue['title'])
self.assertEqual(db_issue.long_info, updated_issue['long_info'])
self.assertNotEqual(
db_issue.uid, updated_issue['id'],
f"According to {apiviews.ApiIssue.modifiable} the id should not be mutatable!"
)
self.assertNotIn("something", dir(db_issue))