def test_acl_roles(self):
        """Update of reviewable ACL shouldn't change review status"""
        with factories.single_commit():
            threat = factories.ThreatFactory()
            review = factories.ReviewFactory(
                status=all_models.Review.STATES.REVIEWED, reviewable=threat)
        review_id = review.id

        ac_role_id = all_models.AccessControlRole.query.filter_by(
            name="Primary Contacts", object_type="Threat").one().id

        user_id = all_models.Person.query.filter_by(
            email="*****@*****.**").one().id

        self.api.modify_object(
            threat, {
                "access_control_list": [{
                    "ac_role_id": ac_role_id,
                    "person": {
                        "id": user_id
                    },
                }],
            })
        review = all_models.Review.query.get(review_id)
        self.assertEqual(review.status, all_models.Review.STATES.REVIEWED)
 def test_review_status_update(self):
   """Test updating folder preserves review status"""
   threat = factories.ThreatFactory()
   factories.ReviewFactory(
       reviewable=threat,
       status=all_models.Review.STATES.REVIEWED,
   )
   self.api.put(threat, {"folder": factories.random_str()})
   program = all_models.Threat.query.get(threat.id)
   self.assertEqual(program.review.status, all_models.Review.STATES.REVIEWED)