def update(id):
relation = object_or_404(Relation.by_id(id))
authz.require(authz.relation_edit(relation))
data = request_data({'author': request.account})
relation = relations.save(data, relation=relation)
db.session.commit()
return jsonify(relation)
def update(id):
relation = object_or_404(Relation.by_id(id))
authz.require(authz.relation_edit(relation))
data = request_data({'author': request.account})
relation = relations.save(data, relation=relation)
db.session.commit()
return jsonify(relation)
def test_entity_edit__uneditable(self):
project, permission = _project_and_permission(editor=False)
entity_source = \
Entity(project=project, status=authz.PUBLISHED_THRESHOLD)
entity_target = \
Entity(project=project, status=authz.PUBLISHED_THRESHOLD)
db.session.add(entity_source)
db.session.add(entity_target)
rel = Relation(source=entity_source, target=entity_target)
db.session.add(rel)
db.session.commit()
with self.app.test_request_context():
flask.session['id'] = 1
self.app.preprocess_request()
self.assertFalse(authz.relation_edit(rel))
def test_entity_edit__uneditable(self):
project, permission = _project_and_permission(editor=False)
entity_source = \
Entity(project=project, status=authz.PUBLISHED_THRESHOLD)
entity_target = \
Entity(project=project, status=authz.PUBLISHED_THRESHOLD)
db.session.add(entity_source)
db.session.add(entity_target)
rel = Relation(source=entity_source, target=entity_target)
db.session.add(rel)
db.session.commit()
with self.app.test_request_context():
flask.session['id'] = 1
self.app.preprocess_request()
self.assertFalse(authz.relation_edit(rel))
def delete(id):
relation = object_or_404(Relation.by_id(id))
authz.require(authz.relation_edit(relation))
relations.delete(relation)
db.session.commit()
raise Gone()
def delete(id):
relation = object_or_404(Relation.by_id(id))
authz.require(authz.relation_edit(relation))
relations.delete(relation)
db.session.commit()
raise Gone()