def update_note_template():
params = request.form
note_template_id = params.get('id', None)
subject = params.get('subject', None)
if not subject:
raise BadRequestError('Requires \'subject\'')
body = params.get('body', None)
topics = get_note_topics_from_http_post()
delete_ids_ = params.get('deleteAttachmentIds') or []
delete_ids_ = delete_ids_ if isinstance(
delete_ids_, list) else str(delete_ids_).split(',')
delete_attachment_ids = [int(id_) for id_ in delete_ids_]
note_template = NoteTemplate.find_by_id(note_template_id=note_template_id)
if not note_template:
raise ResourceNotFoundError('Template not found')
if note_template.creator_id != current_user.get_id():
raise ForbiddenRequestError('Template not available.')
note_template = NoteTemplate.update(
attachments=get_note_attachments_from_http_post(tolerate_none=True),
body=process_input_from_rich_text_editor(body),
delete_attachment_ids=delete_attachment_ids,
is_private=to_bool_or_none(params.get('isPrivate', False)),
note_template_id=note_template_id,
subject=subject,
topics=topics,
)
return tolerant_jsonify(note_template.to_api_json())
def delete_note_template(note_template_id):
note_template = NoteTemplate.find_by_id(note_template_id=note_template_id)
if not note_template:
raise ResourceNotFoundError('Template not found')
if note_template.creator_id != current_user.get_id():
raise ForbiddenRequestError('Template not available')
NoteTemplate.delete(note_template_id=note_template_id)
return tolerant_jsonify(
{'message': f'Note template {note_template_id} deleted'}), 200
def test_get_note_template_by_id(self, app, client, fake_auth):
"""Returns note templates created by current user."""
fake_auth.login(l_s_major_advisor_uid)
creator_id = AuthorizedUser.get_id_per_uid(l_s_major_advisor_uid)
names = ['Johnny', 'Tommy', 'Joey', 'Dee Dee']
for i in range(0, 4):
NoteTemplate.create(creator_id=creator_id,
title=f'{names[i]}',
subject=f'Subject {i}')
api_json = self._api_my_note_templates(client=client)
expected_order = [template['title'] for template in api_json]
expected_order.sort()
assert expected_order == [template['title'] for template in api_json]
def rename_note_template():
params = request.get_json()
note_template_id = params.get('id', None)
title = params.get('title', None)
if not title:
raise BadRequestError('Requires \'title\'')
note_template = NoteTemplate.find_by_id(note_template_id=note_template_id)
if not note_template:
raise ResourceNotFoundError('Template not found')
if note_template.creator_id != current_user.get_id():
raise ForbiddenRequestError('Template not available.')
note_template = NoteTemplate.rename(note_template_id=note_template_id,
title=title)
return tolerant_jsonify(note_template.to_api_json())
def mock_note_template(app, db):
"""Create advising note template with attachment (mock s3)."""
with mock_advising_note_s3_bucket(app):
base_dir = app.config['BASE_DIR']
path_to_file = f'{base_dir}/fixtures/mock_note_template_attachment_1.txt'
timestamp = datetime.now().timestamp()
with open(path_to_file, 'r') as file:
note_template = NoteTemplate.create(
creator_id=AuthorizedUser.get_id_per_uid('242881'),
title=f'Potholes in my lawn ({timestamp})',
subject=
f'It\'s unwise to leave my garden untended ({timestamp})',
body=f"""
See, I've found that everyone's sayin'
What to do when suckers are preyin'
""",
topics=['Three Feet High', 'Rising'],
attachments=[
{
'name': path_to_file.rsplit('/', 1)[-1],
'byte_stream': file.read(),
},
],
)
std_commit(allow_test_environment=True)
return note_template
def get_note_template(note_template_id):
note_template = NoteTemplate.find_by_id(note_template_id=note_template_id)
if not note_template:
raise ResourceNotFoundError('Template not found')
if note_template.creator_id != current_user.get_id():
raise ForbiddenRequestError('Template not available')
return tolerant_jsonify(note_template.to_api_json())
def create_note_template():
params = request.form
title = params.get('title', None)
subject = params.get('subject', None)
body = params.get('body', None)
topics = get_note_topics_from_http_post()
if not title or not subject:
raise BadRequestError(
'Note creation requires \'subject\' and \'title\'')
user_dept_codes = dept_codes_where_advising(current_user)
if current_user.is_admin or not len(user_dept_codes):
raise ForbiddenRequestError(
'Sorry, only advisors can create advising note templates')
attachments = get_note_attachments_from_http_post(tolerate_none=True)
note_template = NoteTemplate.create(
attachments=attachments,
body=process_input_from_rich_text_editor(body),
creator_id=current_user.get_id(),
is_private=to_bool_or_none(params.get('isPrivate', False)),
subject=subject,
title=title,
topics=topics,
)
return tolerant_jsonify(note_template.to_api_json())
def test_create_note_template(self, app, client, fake_auth):
"""Create a note template."""
fake_auth.login(coe_advisor_uid)
title = 'I get it, I got it'
subject = 'I know it\'s good'
base_dir = app.config['BASE_DIR']
api_json = _api_create_note_template(
app,
client,
title=title,
subject=subject,
body='The templates I write, you wish you would',
topics=[
'collaborative synergies', 'integrated architectures',
'vertical solutions'
],
attachments=[
f'{base_dir}/fixtures/mock_advising_note_attachment_1.txt',
f'{base_dir}/fixtures/mock_advising_note_attachment_2.txt',
],
)
note_template_id = api_json.get('id')
note_template = NoteTemplate.find_by_id(note_template_id)
assert note_template_id == note_template.id
assert title == note_template.title
assert subject == note_template.subject
assert len(note_template.topics) == 3
assert len(note_template.attachments) == 2
def test_unauthorized_note_template_deletion(self, client, fake_auth,
mock_note_template):
"""Advisor cannot delete another advisor's note template."""
fake_auth.login(coe_advisor_uid)
response = client.delete(
f'/api/note_template/delete/{mock_note_template.id}')
assert response.status_code == 403
assert NoteTemplate.find_by_id(mock_note_template.id)
def test_rename_note_template_unauthorized(self, app, client, fake_auth,
mock_note_template):
"""Deny user's attempt to rename someone else's note template."""
original_subject = mock_note_template.subject
fake_auth.login(coe_advisor_uid)
assert self._api_note_template_rename(
client,
note_template_id=mock_note_template.id,
title='Hack the title!',
expected_status_code=403,
)
assert NoteTemplate.find_by_id(
mock_note_template.id).subject == original_subject
def test_update_note_template_topics(self, app, client, fake_auth,
mock_note_template):
"""Update note template title."""
user = AuthorizedUser.find_by_id(mock_note_template.creator_id)
fake_auth.login(user.uid)
expected_title = 'As cool as Kim Deal'
api_json = self._api_note_template_rename(
client,
note_template_id=mock_note_template.id,
title=expected_title,
)
assert api_json['title'] == expected_title
assert NoteTemplate.find_by_id(
mock_note_template.id).title == expected_title
def get_my_note_templates():
note_templates = NoteTemplate.get_templates_created_by(
creator_id=current_user.get_id())
return tolerant_jsonify([t.to_api_json() for t in note_templates])