def add_review_on_shop(request):
if request.method == 'POST':
shop_name = request.POST.get('shop_name')
description = request.POST.get('description')
rank = int(request.POST.get('rank'))
event = "ADD REVIEW ON SHOP"
suspect_sql_injection = False
suspect_sql_injection = LoggerLogic.identify_sql_injection(
shop_name, event) or suspect_sql_injection
suspect_sql_injection = LoggerLogic.identify_sql_injection(
description, event) or suspect_sql_injection
if suspect_sql_injection:
return HttpResponse(LoggerLogic.MESSAGE_SQL_INJECTION)
login = request.COOKIES.get('login_hash')
if login is not None:
writer_id = Consumer.loggedInUsers.get(login)
shop_review = ShopReview(writer_id, description, rank, shop_name)
old_review = ShopLogic.get_shop_review_with_writer(
shop_name, writer_id)
if old_review is not False:
return HttpResponse('has reviews')
if ShopLogic.add_review_on_shop(shop_review):
return HttpResponse('success')
return HttpResponse('fail')
def test_review_on_shop(self):
register(RegisteredUser('TomerTomer', '1234567878'))
user = get_user('TomerTomer')
shop = Shop('My Shop', 'Active')
ShopLogic.create_shop(shop, 'TomerTomer')
ItemsLogic.add_item_to_shop(Item(1, 'My Shop', 'milk', 'diary', 'good', 12, 100, 'regular', None, 0, 0, 0),
'TomerTomer')
purchase_id = add_purchase_and_return_id(datetime.now(), 'TomerTomer', 0)
status = PurchasedItems.add_purchased_item(purchase_id, 1, 10, 10)
shop_review = ShopReview('TomerTomer', 'Best', 10, 'My Shop')
status = ShopLogic.add_review_on_shop(shop_review)
reviews = get_all_reviews_on_shop('My Shop')
answer = len(reviews) == 1
self.assertTrue(answer)