def test_admins_can_edit_descriptions(mockdata, client, session): with current_app.test_request_context(): login_admin(client) officer = Officer.query.first() old_description = 'meow' new_description = 'I can haz editing descriptionz' original_date = datetime.now() description = Description( text_contents=old_description, officer_id=officer.id, creator_id=1, date_created=original_date, date_updated=original_date, ) db.session.add(description) db.session.commit() form = EditTextForm(text_contents=new_description, ) rv = client.post(url_for('main.description_api', officer_id=officer.id, obj_id=description.id) + '/edit', data=form.data, follow_redirects=True) assert rv.status_code == 200 assert 'updated' in rv.data assert description.text_contents == new_description assert description.date_updated > original_date
def test_ac_cannot_edit_descriptions_not_in_their_department( mockdata, client, session): with current_app.test_request_context(): login_ac(client) officer = Officer.query.except_( Officer.query.filter_by(department_id=AC_DEPT)).first() ac = User.query.filter_by(email='*****@*****.**').first() old_description = 'meow' new_description = 'I can haz editing descriptionz' original_date = datetime.now() description = Description( text_contents=old_description, officer_id=officer.id, creator_id=ac.id, date_created=original_date, date_updated=original_date, ) db.session.add(description) db.session.commit() form = EditTextForm(text_contents=new_description, ) rv = client.post(url_for('main.description_api', officer_id=officer.id, obj_id=description.id) + '/edit', data=form.data, follow_redirects=True) assert rv.status_code == 403
def test_acs_cannot_get_edit_form_for_their_non_dept(mockdata, client, session): with current_app.test_request_context(): login_ac(client) officer = Officer.query.except_(Officer.query.filter_by(department_id=AC_DEPT)).first() description = Description( text_contents='Hello', officer_id=officer.id, creator_id=2, date_created=datetime.now(), date_updated=datetime.now(), ) db.session.add(description) db.session.commit() rv = client.get( url_for('main.description_api', obj_id=description.id, officer_id=officer.id) + '/edit', follow_redirects=True ) assert rv.status_code == 403
def test_users_can_see_descriptions(mockdata, client, session): with current_app.test_request_context(): officer = Officer.query.first() text_contents = 'You can see me' description = Description( text_contents=text_contents, officer_id=officer.id, creator_id=1, date_created=datetime.now(), date_updated=datetime.now(), ) db.session.add(description) db.session.commit() rv = client.get(url_for('main.officer_profile', officer_id=officer.id), follow_redirects=True) # ensures we're looking for a description that exists assert description in officer.descriptions assert rv.status_code == 200 assert text_contents in rv.data
def test_admins_can_see_descriptions(mockdata, client, session): with current_app.test_request_context(): login_admin(client) officer = Officer.query.first() text_contents = 'Kittens see everything' description = Description( text_contents=text_contents, officer_id=officer.id, creator_id=1, date_created=datetime.now(), date_updated=datetime.now(), ) db.session.add(description) db.session.commit() rv = client.get(url_for('main.officer_profile', officer_id=officer.id), follow_redirects=True) assert description in officer.descriptions assert rv.status_code == 200 # import pdb; pdb.set_trace() assert text_contents in rv.data
def test_acs_can_get_others_edit_form(mockdata, client, session): with current_app.test_request_context(): login_ac(client) officer = Officer.query.filter_by(department_id=AC_DEPT).first() ac = User.query.filter_by(email='*****@*****.**').first() description = Description( text_contents='Hello', officer_id=officer.id, creator_id=ac.id - 1, date_created=datetime.now(), date_updated=datetime.now(), ) db.session.add(description) db.session.commit() rv = client.get(url_for('main.description_api', obj_id=description.id, officer_id=officer.id) + '/edit', follow_redirects=True) assert rv.status_code == 200 assert 'Update' in rv.data
def test_acs_can_see_descriptions_in_their_department(mockdata, client, session): with current_app.test_request_context(): login_ac(client) officer = Officer.query.filter_by(department_id=AC_DEPT).first() text_contents = 'I can haz descriptionz' description = Description( text_contents=text_contents, officer_id=officer.id, creator_id=1, date_created=datetime.now(), date_updated=datetime.now(), ) db.session.add(description) db.session.commit() rv = client.get(url_for('main.officer_profile', officer_id=officer.id), follow_redirects=True) # ensures we're looking for a description that exists assert description in officer.descriptions assert rv.status_code == 200 assert text_contents in rv.data
def test_acs_can_delete_their_descriptions_in_their_department(mockdata, client, session): with current_app.test_request_context(): login_ac(client) ac = User.query.filter_by(email='*****@*****.**').first() officer = Officer.query.filter_by(department_id=AC_DEPT).first() description = Description( text_contents='Hello', officer_id=officer.id, creator_id=ac.id, date_created=datetime.now(), date_updated=datetime.now(), ) db.session.add(description) db.session.commit() description_id = description.id rv = client.post( url_for('main.description_api', officer_id=officer.id, obj_id=description.id) + '/delete', follow_redirects=True ) assert rv.status_code == 200 deleted = Description.query.get(description_id) assert deleted is None