def test_authenticate_feedback(self): user = db.session.query(User).first() feedback = Feedback.create_feedback("NewFeedbackTitle", "NewFeedbackContent", user.username) auth = Feedback.authenticate(str(feedback.id), user.username) self.assertTrue(auth)
def delete_feedback(feedback_id): """ POST - Delete a specific piece of feedback and redirect to /users/<username> — Make sure that only the user who has written that feedback can delete it """ username = session.get("user_id") if Feedback.authenticate(feedback_id, username) == False: return redirect(url_for("do_home")) if request.method == 'POST': Feedback.delete_feedback(feedback_id) return redirect(url_for("do_home"))
def update_feedback(feedback_id): """ GET - Display a form to edit feedback — **Make sure that only the user who has written that feedback can see this form ** POST - Update a specific piece of feedback and redirect to /users/<username> — Make sure that only the user who has written that feedback can update it """ username = session.get("user_id") if Feedback.authenticate(feedback_id, username) == False: return redirect(url_for("do_home")) form = FeedbackForm() if form.validate_on_submit(): title = form.title.data content = form.content.data feedback = Feedback.update_feedback(feedback_id, title, content) return redirect(url_for("do_home")) else: feedback = Feedback.get_feedback_by_id(feedback_id) return render_template("update_feedback.html", form=form, feedback=feedback)