def set_issue(db_user: User, info: str, long_info: str, title: str, db_lang: Language, is_public: bool, is_read_only: bool) -> dict: """ Sets new issue, which will be a new discussion :param db_user: User :param info: Short information about the new issue :param long_info: Long information about the new issue :param title: Title of the new issue :param db_lang: Language :param is_public: Boolean :param is_read_only: Boolean :rtype: dict :return: Collection with information about the new issue """ DBDiscussionSession.add( Issue(title=title, info=info, long_info=long_info, author_uid=db_user.uid, is_read_only=is_read_only, is_private=not is_public, lang_uid=db_lang.uid)) DBDiscussionSession.flush() db_issue = DBDiscussionSession.query(Issue).filter( Issue.title == title, Issue.info == info).first() return {'issue': get_issue_dict_for(db_issue, 0, db_lang.ui_locales)}
def set_discussions_properties(db_user: User, db_issue: Issue, value, iproperty, translator) -> dict: """ :param db_user: User :param db_issue: Issue :param value: The value which should be assigned to property :param iproperty: Property of Issue, e.g. is_disabled :param translator: :return: """ if db_issue.author_uid != db_user.uid and not user.is_admin( db_user.nickname): return {'error': translator.get(_.noRights)} if iproperty == 'enable': db_issue.set_disabled(not value) elif iproperty == 'public': db_issue.set_private(not value) elif iproperty == 'writable': db_issue.set_read_only(not value) else: return {'error': translator.get(_.internalKeyError)} DBDiscussionSession.add(db_issue) DBDiscussionSession.flush() transaction.commit() return {'error': ''}
def test_patch_issue(self): updated_issue = { "title": "kads änd dokz", "id": 60, "long_info": "tl;dr", "something": "else" } # test without token request = construct_dummy_request(matchdict={"slug": "cat-or-dog"}, json_body=updated_issue) response: Response = apiviews.ApiIssue(request).patch() self.assertEqual( response.status_int, 401, "Should only be possible with a token for the admin or the author of the issue" ) # test with insufficent token request = create_request_with_token_header( json_body=updated_issue, match_dict={"slug": "cat-or-dog"}) response: Response = apiviews.ApiIssue(request).patch() self.assertEqual( response.status_int, 401, "Walter should only do this, if he is admin or author of the issue" ) # just right request = create_request_with_token_header( json_body=updated_issue, match_dict={"slug": "cat-or-dog"}, nickname="Tobias") issue: Issue = apiviews.ApiIssue(request).patch() db_issue: Issue = Issue.by_slug("cat-or-dog") self.assertIs( issue, db_issue, "Tobias is admin AND author of the issue, he should be authorized." ) self.assertEqual(db_issue.title, updated_issue['title']) self.assertEqual(db_issue.long_info, updated_issue['long_info']) self.assertNotEqual( db_issue.uid, updated_issue['id'], f"According to {apiviews.ApiIssue.modifiable} the id should not be mutatable!" ) self.assertNotIn("something", dir(db_issue))