def test_authenticate_feedback(self):
user = db.session.query(User).first()
feedback = Feedback.create_feedback("NewFeedbackTitle",
"NewFeedbackContent",
user.username)
auth = Feedback.authenticate(str(feedback.id), user.username)
self.assertTrue(auth)
def delete_feedback(feedback_id):
"""
POST - Delete a specific piece of feedback and redirect to /users/<username> — Make sure that only the user who has written that feedback can delete it
"""
username = session.get("user_id")
if Feedback.authenticate(feedback_id, username) == False:
return redirect(url_for("do_home"))
if request.method == 'POST':
Feedback.delete_feedback(feedback_id)
return redirect(url_for("do_home"))
def update_feedback(feedback_id):
"""
GET - Display a form to edit feedback — **Make sure that only the user who has written that feedback can see this form **
POST - Update a specific piece of feedback and redirect to /users/<username> — Make sure that only the user who has written that feedback can update it
"""
username = session.get("user_id")
if Feedback.authenticate(feedback_id, username) == False:
return redirect(url_for("do_home"))
form = FeedbackForm()
if form.validate_on_submit():
title = form.title.data
content = form.content.data
feedback = Feedback.update_feedback(feedback_id, title, content)
return redirect(url_for("do_home"))
else:
feedback = Feedback.get_feedback_by_id(feedback_id)
return render_template("update_feedback.html",
form=form,
feedback=feedback)
