def get_context_data(self, **kwargs):
context = super().get_context_data(**kwargs)
context["can_edit"] = user_can_create_edit_delete(
self.request.user, self.get_object()
)
return context
def test_glsc_can_edit_uploads(glsc, data_uploads):
"""the great lakes stocking coordinator should be able edit all
data upload events that are associated with all lakes by all agencies.
"""
for upload in data_uploads:
assert user_can_create_edit_delete(glsc, upload) is True
def test_huron_sc_user_can_edit_dict_wrong_agency(huron_mdnr_sc, huron, usfws):
"""The function user_can_create_edit_delete can accept an object
(event) or a dictionary with the keys, 'lake' and 'agency'. Verfy
that they function returns FALSE because agency does not match.
"""
args = {"lake": huron, "agency": usfws}
assert user_can_create_edit_delete(huron_mdnr_sc, args) is False
def test_glsc_can_edit_dict(glsc, superior, mdnr):
"""The function user_can_create_edit_delete can accept an object
(event) or a dictionary with the keys, 'lake' and 'agency'. Verfy
that they function returns true for great lakes stocking coordinator:
"""
args = {"lake": superior, "agency": mdnr}
assert user_can_create_edit_delete(glsc, args) is True
def test_glsc_can_edit_event(glsc, stocking_events):
"""the great lakes stocking coordinator should be able edit all
stocking events in all lakes by all agencies.
"""
for event in stocking_events:
assert user_can_create_edit_delete(glsc, event) is True
def test_huron_user_user_can_edit_dict_wrong_lake(huron_mdnr_user, superior,
mdnr):
"""The function user_can_create_edit_delete can accept an object
(event) or a dictionary with the keys, 'lake' and 'agency'. Verfy
that they function returns FALSE when the lake is different.
"""
args = {"lake": superior, "agency": mdnr}
assert user_can_create_edit_delete(huron_mdnr_user, args) is False
def test_huron_user_user_can_edit_dict(huron_mdnr_user, huron, mdnr):
"""The function user_can_create_edit_delete can accept an object
(event) or a dictionary with the keys, 'lake' and 'agency'. Verfy
that they function returns false for an agency user even
if the lake and agency match their attributes.
"""
args = {"lake": huron, "agency": mdnr}
assert user_can_create_edit_delete(huron_mdnr_user, args) is False
def test_huron_sc_user_can_edit_dict(huron_mdnr_sc, huron, mdnr):
"""The function user_can_create_edit_delete can accept an object
(event) or a dictionary with the keys, 'lake' and 'agency'. Verfy
that they function returns true for an agency stocking coordinator
if the lake and agency match their attributes.
"""
args = {"lake": huron, "agency": mdnr}
assert user_can_create_edit_delete(huron_mdnr_sc, args) is True
def test_asc_can_edit_their_uploads(huron_mdnr_sc, data_uploads):
"""our agency stocking coordinator works for MDNR on Lake Huron so she
should be able to edit upload 1, but not uploads 2-4 which are in
another lake, by another agency, or both.
"""
shouldbe = [True, False, False, False]
for expected, upload in zip(shouldbe, data_uploads):
assert user_can_create_edit_delete(huron_mdnr_sc, upload) is expected
def test_asc_can_edit_their_event(huron_mdnr_sc, stocking_events):
"""our agency stocking coordinator works for MDNR on Lake Huron so she
should be able to edit event 1, but not events 2-4 which are in
another lake, by another agency, or both.
"""
shouldbe = [True, False, False, False]
for expected, event in zip(shouldbe, stocking_events):
assert user_can_create_edit_delete(huron_mdnr_sc, event) is expected
def test_func(self):
"""Verify that the user can access this element (they are a great
lakes coordinator, or the stocking coordinator foe the lake and
stocking agency).
Arguments:
- `self`:
"""
user = self.request.user
item = self.get_object()
return user_can_create_edit_delete(user, item)
def edit_stocking_event(request, stock_id):
"""A view that will present a form that will allow authorized users to
edit the attibutes of a stocking event."""
event = get_object_or_404(StockingEvent, stock_id=stock_id)
if user_can_create_edit_delete(request.user, event) is False:
return HttpResponseRedirect(
reverse(
"stocking:stocking-event-detail", kwargs={"stock_id": event.stock_id}
)
)
has_cwts = True if event.cwt_series.count() else False
choices = get_event_model_form_choices(event)
CWTSequenceFormSet = formset_factory(
CWTSequenceForm, formset=BaseCWTSequenceFormSet, extra=0, max_num=50
)
if request.method == "POST":
# for k, v in request.POST.items():
# print("{}={}".format(k, v))
cwt_formset = CWTSequenceFormSet(
request.POST, request.FILES, prefix="cwtseries"
)
if cwt_formset.is_valid():
formset_data = [x for x in cwt_formset.cleaned_data if not x.get("delete")]
form = StockingEventForm(
request.POST,
choices=choices,
cwt_formset=formset_data,
has_cwts=has_cwts,
user=request.user,
)
else:
form = StockingEventForm(
request.POST,
choices=choices,
has_cwts=has_cwts,
# cwt_formset=cwt_formset.cleaned_data,
user=request.user,
)
if form.is_valid() and cwt_formset.is_valid():
event = form.save()
url = event.get_absolute_url()
return HttpResponseRedirect(url)
else:
# covert our event object to a dictionary and add some
# additional attributes we will need in the form:
event_dict = event.__dict__
event_dict["lake_id"] = event.lake.id
event_dict["state_prov_id"] = event.stateprov.id
# add our many-to-many fields too - they aren't included in our dict by default:
event_dict["fin_clips"] = [x.abbrev for x in event.fin_clips.all()]
event_dict["fish_tags"] = [x.tag_code for x in event.fish_tags.all()]
event_dict["physchem_marks"] = [x.id for x in event.physchem_marks.all()]
# cwt_data = {}
cwt_dict = get_cwt_sequence_dict(event)
cwt_formset = CWTSequenceFormSet(initial=cwt_dict, prefix="cwtseries")
form = StockingEventForm(
event_dict,
choices=choices,
has_cwts=has_cwts,
cwt_formset=cwt_formset,
user=request.user,
)
return render(
request,
"stocking/stocking_event_form.html",
{
"form": form,
"cwt_formset": cwt_formset,
"stock_id": stock_id,
"lake": event.lake,
"has_cwts": has_cwts,
},
)
def test_agency_user_can_not_edit_any_uploads(huron_mdnr_user, data_uploads):
"""our agency user should not be able to edit any of the data upload events"""
for upload in data_uploads:
assert user_can_create_edit_delete(huron_mdnr_user, upload) is False
def test_agency_user_can_not_edit_any_events(huron_mdnr_user, stocking_events):
"""our agency user should not be able to edit any of the stocking events"""
for event in stocking_events:
assert user_can_create_edit_delete(huron_mdnr_user, event) is False