def update_note_template(): params = request.form note_template_id = params.get('id', None) subject = params.get('subject', None) if not subject: raise BadRequestError('Requires \'subject\'') body = params.get('body', None) topics = get_note_topics_from_http_post() delete_ids_ = params.get('deleteAttachmentIds') or [] delete_ids_ = delete_ids_ if isinstance( delete_ids_, list) else str(delete_ids_).split(',') delete_attachment_ids = [int(id_) for id_ in delete_ids_] note_template = NoteTemplate.find_by_id(note_template_id=note_template_id) if not note_template: raise ResourceNotFoundError('Template not found') if note_template.creator_id != current_user.get_id(): raise ForbiddenRequestError('Template not available.') note_template = NoteTemplate.update( attachments=get_note_attachments_from_http_post(tolerate_none=True), body=process_input_from_rich_text_editor(body), delete_attachment_ids=delete_attachment_ids, is_private=to_bool_or_none(params.get('isPrivate', False)), note_template_id=note_template_id, subject=subject, topics=topics, ) return tolerant_jsonify(note_template.to_api_json())
def delete_note_template(note_template_id): note_template = NoteTemplate.find_by_id(note_template_id=note_template_id) if not note_template: raise ResourceNotFoundError('Template not found') if note_template.creator_id != current_user.get_id(): raise ForbiddenRequestError('Template not available') NoteTemplate.delete(note_template_id=note_template_id) return tolerant_jsonify( {'message': f'Note template {note_template_id} deleted'}), 200
def test_get_note_template_by_id(self, app, client, fake_auth): """Returns note templates created by current user.""" fake_auth.login(l_s_major_advisor_uid) creator_id = AuthorizedUser.get_id_per_uid(l_s_major_advisor_uid) names = ['Johnny', 'Tommy', 'Joey', 'Dee Dee'] for i in range(0, 4): NoteTemplate.create(creator_id=creator_id, title=f'{names[i]}', subject=f'Subject {i}') api_json = self._api_my_note_templates(client=client) expected_order = [template['title'] for template in api_json] expected_order.sort() assert expected_order == [template['title'] for template in api_json]
def rename_note_template(): params = request.get_json() note_template_id = params.get('id', None) title = params.get('title', None) if not title: raise BadRequestError('Requires \'title\'') note_template = NoteTemplate.find_by_id(note_template_id=note_template_id) if not note_template: raise ResourceNotFoundError('Template not found') if note_template.creator_id != current_user.get_id(): raise ForbiddenRequestError('Template not available.') note_template = NoteTemplate.rename(note_template_id=note_template_id, title=title) return tolerant_jsonify(note_template.to_api_json())
def mock_note_template(app, db): """Create advising note template with attachment (mock s3).""" with mock_advising_note_s3_bucket(app): base_dir = app.config['BASE_DIR'] path_to_file = f'{base_dir}/fixtures/mock_note_template_attachment_1.txt' timestamp = datetime.now().timestamp() with open(path_to_file, 'r') as file: note_template = NoteTemplate.create( creator_id=AuthorizedUser.get_id_per_uid('242881'), title=f'Potholes in my lawn ({timestamp})', subject= f'It\'s unwise to leave my garden untended ({timestamp})', body=f""" See, I've found that everyone's sayin' What to do when suckers are preyin' """, topics=['Three Feet High', 'Rising'], attachments=[ { 'name': path_to_file.rsplit('/', 1)[-1], 'byte_stream': file.read(), }, ], ) std_commit(allow_test_environment=True) return note_template
def get_note_template(note_template_id): note_template = NoteTemplate.find_by_id(note_template_id=note_template_id) if not note_template: raise ResourceNotFoundError('Template not found') if note_template.creator_id != current_user.get_id(): raise ForbiddenRequestError('Template not available') return tolerant_jsonify(note_template.to_api_json())
def create_note_template(): params = request.form title = params.get('title', None) subject = params.get('subject', None) body = params.get('body', None) topics = get_note_topics_from_http_post() if not title or not subject: raise BadRequestError( 'Note creation requires \'subject\' and \'title\'') user_dept_codes = dept_codes_where_advising(current_user) if current_user.is_admin or not len(user_dept_codes): raise ForbiddenRequestError( 'Sorry, only advisors can create advising note templates') attachments = get_note_attachments_from_http_post(tolerate_none=True) note_template = NoteTemplate.create( attachments=attachments, body=process_input_from_rich_text_editor(body), creator_id=current_user.get_id(), is_private=to_bool_or_none(params.get('isPrivate', False)), subject=subject, title=title, topics=topics, ) return tolerant_jsonify(note_template.to_api_json())
def test_create_note_template(self, app, client, fake_auth): """Create a note template.""" fake_auth.login(coe_advisor_uid) title = 'I get it, I got it' subject = 'I know it\'s good' base_dir = app.config['BASE_DIR'] api_json = _api_create_note_template( app, client, title=title, subject=subject, body='The templates I write, you wish you would', topics=[ 'collaborative synergies', 'integrated architectures', 'vertical solutions' ], attachments=[ f'{base_dir}/fixtures/mock_advising_note_attachment_1.txt', f'{base_dir}/fixtures/mock_advising_note_attachment_2.txt', ], ) note_template_id = api_json.get('id') note_template = NoteTemplate.find_by_id(note_template_id) assert note_template_id == note_template.id assert title == note_template.title assert subject == note_template.subject assert len(note_template.topics) == 3 assert len(note_template.attachments) == 2
def test_unauthorized_note_template_deletion(self, client, fake_auth, mock_note_template): """Advisor cannot delete another advisor's note template.""" fake_auth.login(coe_advisor_uid) response = client.delete( f'/api/note_template/delete/{mock_note_template.id}') assert response.status_code == 403 assert NoteTemplate.find_by_id(mock_note_template.id)
def test_rename_note_template_unauthorized(self, app, client, fake_auth, mock_note_template): """Deny user's attempt to rename someone else's note template.""" original_subject = mock_note_template.subject fake_auth.login(coe_advisor_uid) assert self._api_note_template_rename( client, note_template_id=mock_note_template.id, title='Hack the title!', expected_status_code=403, ) assert NoteTemplate.find_by_id( mock_note_template.id).subject == original_subject
def test_update_note_template_topics(self, app, client, fake_auth, mock_note_template): """Update note template title.""" user = AuthorizedUser.find_by_id(mock_note_template.creator_id) fake_auth.login(user.uid) expected_title = 'As cool as Kim Deal' api_json = self._api_note_template_rename( client, note_template_id=mock_note_template.id, title=expected_title, ) assert api_json['title'] == expected_title assert NoteTemplate.find_by_id( mock_note_template.id).title == expected_title
def get_my_note_templates(): note_templates = NoteTemplate.get_templates_created_by( creator_id=current_user.get_id()) return tolerant_jsonify([t.to_api_json() for t in note_templates])