Example #1
0
    def save(self, serializer):
        if self.mode == PostingEndpoint.START:
            self.new_thread(serializer.validated_data)

        parsing_result = serializer.validated_data['parsing_result']

        if self.mode == PostingEndpoint.EDIT:
            self.edit_post(serializer.validated_data, parsing_result)
        else:
            self.new_post(serializer.validated_data, parsing_result)

        if self.mode == PostingEndpoint.START:
            self.post.set_search_document(self.thread.title)
        else:
            self.post.set_search_document()

        self.post.updated_on = self.datetime
        self.post.save()

        self.post.update_search_vector()
        update_post_checksum(self.post)

        self.post.update_fields += ['checksum', 'search_vector']

        if self.mode == PostingEndpoint.START:
            self.thread.set_first_post(self.post)
            self.thread.set_last_post(self.post)

        self.thread.save()

        create_audit_trail(self.request, self.post)

        # annotate post for future middlewares
        self.post.parsing_result = parsing_result
Example #2
0
 def test_create_audit_require_model(self):
     """create_audit_trail requires model instance"""
     anonymous_user = self.get_anonymous_user()
     request = MockRequest(anonymous_user)
     with self.assertRaises(ValueError):
         create_audit_trail(request, anonymous_user)
     self.assertEqual(AuditTrail.objects.count(), 0)
    def create_attachment(self, request):
        upload = request.FILES.get('upload')
        if not upload:
            raise ValidationError(_("No file has been uploaded."))

        user_roles = set(r.pk for r in request.user.get_roles())
        filetype = validate_filetype(upload, user_roles)
        validate_filesize(upload, filetype, request.user.acl_cache['max_attachment_size'])

        attachment = Attachment(
            secret=Attachment.generate_new_secret(),
            filetype=filetype,
            size=upload.size,
            uploader=request.user,
            uploader_name=request.user.username,
            uploader_slug=request.user.slug,
            filename=upload.name,
        )

        if is_upload_image(upload):
            try:
                attachment.set_image(upload)
            except IOError:
                raise ValidationError(_("Uploaded image was corrupted or invalid."))
        else:
            attachment.set_file(upload)

        attachment.save()
        add_acl(request.user, attachment)

        create_audit_trail(request, attachment)

        return Response(AttachmentSerializer(attachment, context={'user': request.user}).data)
Example #4
0
    def create(self, request, thread_pk):
        thread = self.get_thread(request, thread_pk)
        allow_start_poll(request.user, thread)

        try:
            if thread.poll and thread.poll.pk:
                raise PermissionDenied(
                    _("There's already a poll in this thread."))
        except Poll.DoesNotExist:
            pass

        instance = Poll(
            thread=thread,
            category=thread.category,
            poster=request.user,
            poster_name=request.user.username,
            poster_slug=request.user.slug,
        )

        serializer = NewPollSerializer(instance, data=request.data)
        serializer.is_valid(raise_exception=True)

        serializer.save()

        add_acl(request.user, instance)
        for choice in instance.choices:
            choice['selected'] = False

        thread.has_poll = True
        thread.save()

        create_audit_trail(request, instance)

        return Response(PollSerializer(instance).data)
Example #5
0
    def test_delete_user_remove_audit_trail(self):
        """audit trail is deleted together with user it belongs to"""
        user = self.get_authenticated_user()
        request = MockRequest(user)
        create_audit_trail(request, self.obj)
        self.assertEqual(AuditTrail.objects.count(), 1)

        user.delete()
        self.assertEqual(AuditTrail.objects.count(), 0)
Example #6
0
    def test_create_audit_trail(self):
        """create_audit_trail creates new db record"""
        user = self.get_authenticated_user()
        request = MockRequest(user)
        create_audit_trail(request, self.obj)
        self.assertEqual(AuditTrail.objects.count(), 1)

        audit_trail = user.audittrail_set.all()[0]
        self.assertEqual(audit_trail.user, user)
        self.assertEqual(audit_trail.ip_address, request.user_ip)
        self.assertEqual(audit_trail.content_object, self.obj)
Example #7
0
    def test_delete_audit_trail(self):
        """audit trail deletion leaves other data untouched"""
        user = self.get_authenticated_user()
        request = MockRequest(user)
        create_audit_trail(request, self.obj)
        self.assertEqual(AuditTrail.objects.count(), 1)

        audit_trail = user.audittrail_set.all()[0]
        audit_trail.delete()

        UserModel.objects.get(id=user.id)
        UserModel.objects.get(id=self.obj.id)
Example #8
0
    def test_delete_obj_keep_audit_trail(self):
        """audit trail is kept after with obj it points at is deleted"""
        user = self.get_authenticated_user()
        request = MockRequest(user)
        create_audit_trail(request, self.obj)
        self.assertEqual(AuditTrail.objects.count(), 1)

        self.obj.delete()
        self.assertEqual(AuditTrail.objects.count(), 1)

        audit_trail = user.audittrail_set.all()[0]
        self.assertEqual(audit_trail.user, user)
        self.assertEqual(audit_trail.ip_address, request.user_ip)
        self.assertIsNone(audit_trail.content_object)
Example #9
0
    def update(self, request, thread_pk, pk=None):
        thread = self.get_thread(request, thread_pk)
        instance = self.get_poll(thread, pk)

        allow_edit_poll(request.user, instance)

        serializer = EditPollSerializer(instance, data=request.data)
        serializer.is_valid(raise_exception=True)

        serializer.save()

        add_acl(request.user, instance)
        instance.make_choices_votes_aware(request.user)

        create_audit_trail(request, instance)

        return Response(PollSerializer(instance).data)
Example #10
0
 def test_create_audit_trail_anonymous_user(self):
     """create_audit_trail doesn't record anonymous users"""
     user = self.get_anonymous_user()
     request = MockRequest(user)
     create_audit_trail(request, self.obj)
     self.assertEqual(AuditTrail.objects.count(), 0)