def test_admin_list_add_multi(self): new_items = [ self.applicant_character.id, self.not_applicant_character.id ] put_admin_list('character', new_items, do_replace=False, current_user=self.admin) new_list = get_admin_list('character', current_user=self.admin) self.assertEqual(len(new_list['info']), 4) self.assertTrue(self.applicant_character.redlisted) self.assertTrue(self.not_applicant_character.redlisted)
def api_put_admin_list(kind): """ Adds items to a specified redlist. Args: kind (string) items: list of { id (int), name (string) } Returns (GET): response (array) of { id (int), name (string), } (PUT): {'status': 'ok} Error codes: Forbidden (403): If logged in user is not an admin BadRequest (400): If list type is not known """ return jsonify( put_admin_list(kind, [item['id'] for item in request.get_json()['items']], do_replace=False, current_user=current_user))
def api_admin_list_replace(kind): """ Replaces a specified redlist with the supplied items. Args: kind (string) items: list of { id (int), name (string) } Returns 200 Error codes: Forbidden (403): If logged in user is not an admin """ return jsonify( put_admin_list(kind, [item['id'] for item in request.get_json()['items']], do_replace=True, current_user=current_user))
def test_forbidden_admin_list_replace(self): new_items = [ self.applicant_character.id, self.not_applicant_character.id ] with self.assertRaises(ForbiddenException): put_admin_list('character', new_items, do_replace=True, current_user=self.applicant) with self.assertRaises(ForbiddenException): put_admin_list('character', new_items, do_replace=True, current_user=self.recruiter) with self.assertRaises(ForbiddenException): put_admin_list('character', new_items, do_replace=True, current_user=self.senior_recruiter)