def test_has_permission_to_delete_guest(): set_user(users.find_by_id(2)) # invited by normal1 entries.do_guest_entry(1, "name", "comment") # check... set_user(users.find_by_id(1)) # god assert entries.has_permission_to_delete_guest(1) set_user(users.find_by_id(2)) # normal1 assert entries.has_permission_to_delete_guest(1) set_user(users.find_by_id(3)) # normal2 assert not entries.has_permission_to_delete_guest(1) set_user(users.find_by_id(4)) # normal3 assert not entries.has_permission_to_delete_guest(1)
def entry(sid): action = request.form['action'] comment = request.form['comment'] is_guest = request.form.get('is-guest', False) if is_guest and is_entering_action(action): guest_name = request.form['guest-name'] logi('guest entry to sid=%d, name=%s', sid, guest_name) entries.do_guest_entry(sid, guest_name, comment) else: if is_entering_action(action): logi('entry to sid=%d', sid) entries.do_entry(sid, comment, entry=True) elif is_leaving_action(action): logi('exit from sid=%d', sid) entries.do_entry(sid, comment, entry=False) return redirect(url_for('schedule.schedule'))