def test_admin_list_add_multi(self):
new_items = [
self.applicant_character.id, self.not_applicant_character.id
]
put_admin_list('character',
new_items,
do_replace=False,
current_user=self.admin)
new_list = get_admin_list('character', current_user=self.admin)
self.assertEqual(len(new_list['info']), 4)
self.assertTrue(self.applicant_character.redlisted)
self.assertTrue(self.not_applicant_character.redlisted)
def api_put_admin_list(kind):
"""
Adds items to a specified redlist.
Args:
kind (string)
items: list of { id (int), name (string) }
Returns
(GET):
response (array) of
{
id (int),
name (string),
}
(PUT):
{'status': 'ok}
Error codes:
Forbidden (403): If logged in user is not an admin
BadRequest (400): If list type is not known
"""
return jsonify(
put_admin_list(kind,
[item['id'] for item in request.get_json()['items']],
do_replace=False,
current_user=current_user))
def api_admin_list_replace(kind):
"""
Replaces a specified redlist with the supplied items.
Args:
kind (string)
items: list of { id (int), name (string) }
Returns
200
Error codes:
Forbidden (403): If logged in user is not an admin
"""
return jsonify(
put_admin_list(kind,
[item['id'] for item in request.get_json()['items']],
do_replace=True,
current_user=current_user))
def test_forbidden_admin_list_replace(self):
new_items = [
self.applicant_character.id, self.not_applicant_character.id
]
with self.assertRaises(ForbiddenException):
put_admin_list('character',
new_items,
do_replace=True,
current_user=self.applicant)
with self.assertRaises(ForbiddenException):
put_admin_list('character',
new_items,
do_replace=True,
current_user=self.recruiter)
with self.assertRaises(ForbiddenException):
put_admin_list('character',
new_items,
do_replace=True,
current_user=self.senior_recruiter)