def save(self, serializer):
if self.mode == PostingEndpoint.START:
self.new_thread(serializer.validated_data)
parsing_result = serializer.validated_data['parsing_result']
if self.mode == PostingEndpoint.EDIT:
self.edit_post(serializer.validated_data, parsing_result)
else:
self.new_post(serializer.validated_data, parsing_result)
if self.mode == PostingEndpoint.START:
self.post.set_search_document(self.thread.title)
else:
self.post.set_search_document()
self.post.updated_on = self.datetime
self.post.save()
self.post.update_search_vector()
update_post_checksum(self.post)
self.post.update_fields += ['checksum', 'search_vector']
if self.mode == PostingEndpoint.START:
self.thread.set_first_post(self.post)
self.thread.set_last_post(self.post)
self.thread.save()
create_audit_trail(self.request, self.post)
# annotate post for future middlewares
self.post.parsing_result = parsing_result
def test_create_audit_require_model(self):
"""create_audit_trail requires model instance"""
anonymous_user = self.get_anonymous_user()
request = MockRequest(anonymous_user)
with self.assertRaises(ValueError):
create_audit_trail(request, anonymous_user)
self.assertEqual(AuditTrail.objects.count(), 0)
def create_attachment(self, request):
upload = request.FILES.get('upload')
if not upload:
raise ValidationError(_("No file has been uploaded."))
user_roles = set(r.pk for r in request.user.get_roles())
filetype = validate_filetype(upload, user_roles)
validate_filesize(upload, filetype, request.user.acl_cache['max_attachment_size'])
attachment = Attachment(
secret=Attachment.generate_new_secret(),
filetype=filetype,
size=upload.size,
uploader=request.user,
uploader_name=request.user.username,
uploader_slug=request.user.slug,
filename=upload.name,
)
if is_upload_image(upload):
try:
attachment.set_image(upload)
except IOError:
raise ValidationError(_("Uploaded image was corrupted or invalid."))
else:
attachment.set_file(upload)
attachment.save()
add_acl(request.user, attachment)
create_audit_trail(request, attachment)
return Response(AttachmentSerializer(attachment, context={'user': request.user}).data)
def create(self, request, thread_pk):
thread = self.get_thread(request, thread_pk)
allow_start_poll(request.user, thread)
try:
if thread.poll and thread.poll.pk:
raise PermissionDenied(
_("There's already a poll in this thread."))
except Poll.DoesNotExist:
pass
instance = Poll(
thread=thread,
category=thread.category,
poster=request.user,
poster_name=request.user.username,
poster_slug=request.user.slug,
)
serializer = NewPollSerializer(instance, data=request.data)
serializer.is_valid(raise_exception=True)
serializer.save()
add_acl(request.user, instance)
for choice in instance.choices:
choice['selected'] = False
thread.has_poll = True
thread.save()
create_audit_trail(request, instance)
return Response(PollSerializer(instance).data)
def test_delete_user_remove_audit_trail(self):
"""audit trail is deleted together with user it belongs to"""
user = self.get_authenticated_user()
request = MockRequest(user)
create_audit_trail(request, self.obj)
self.assertEqual(AuditTrail.objects.count(), 1)
user.delete()
self.assertEqual(AuditTrail.objects.count(), 0)
def test_create_audit_trail(self):
"""create_audit_trail creates new db record"""
user = self.get_authenticated_user()
request = MockRequest(user)
create_audit_trail(request, self.obj)
self.assertEqual(AuditTrail.objects.count(), 1)
audit_trail = user.audittrail_set.all()[0]
self.assertEqual(audit_trail.user, user)
self.assertEqual(audit_trail.ip_address, request.user_ip)
self.assertEqual(audit_trail.content_object, self.obj)
def test_delete_audit_trail(self):
"""audit trail deletion leaves other data untouched"""
user = self.get_authenticated_user()
request = MockRequest(user)
create_audit_trail(request, self.obj)
self.assertEqual(AuditTrail.objects.count(), 1)
audit_trail = user.audittrail_set.all()[0]
audit_trail.delete()
UserModel.objects.get(id=user.id)
UserModel.objects.get(id=self.obj.id)
def test_delete_obj_keep_audit_trail(self):
"""audit trail is kept after with obj it points at is deleted"""
user = self.get_authenticated_user()
request = MockRequest(user)
create_audit_trail(request, self.obj)
self.assertEqual(AuditTrail.objects.count(), 1)
self.obj.delete()
self.assertEqual(AuditTrail.objects.count(), 1)
audit_trail = user.audittrail_set.all()[0]
self.assertEqual(audit_trail.user, user)
self.assertEqual(audit_trail.ip_address, request.user_ip)
self.assertIsNone(audit_trail.content_object)
def update(self, request, thread_pk, pk=None):
thread = self.get_thread(request, thread_pk)
instance = self.get_poll(thread, pk)
allow_edit_poll(request.user, instance)
serializer = EditPollSerializer(instance, data=request.data)
serializer.is_valid(raise_exception=True)
serializer.save()
add_acl(request.user, instance)
instance.make_choices_votes_aware(request.user)
create_audit_trail(request, instance)
return Response(PollSerializer(instance).data)
def test_create_audit_trail_anonymous_user(self):
"""create_audit_trail doesn't record anonymous users"""
user = self.get_anonymous_user()
request = MockRequest(user)
create_audit_trail(request, self.obj)
self.assertEqual(AuditTrail.objects.count(), 0)
