def test_edit_listing_review(self): username = '******' air_mail = models.Listing.objects.for_user(username).get(title='Air Mail') review = models.Review.objects.get(listing=air_mail, author__user__username=username) model_access.edit_listing_review(username, review, 2, 'not great') air_mail = models.Listing.objects.for_user(username).get(title='Air Mail') self.assertEqual(air_mail.last_activity.action, models.ListingActivity.REVIEW_EDITED) listing_activities = air_mail.listing_activities.filter(action=models.ListingActivity.REVIEW_EDITED) enabled_activity = listing_activities[0] self.assertEqual(enabled_activity.author.user.username, username) # Editing listing by another user should fail self.assertRaises(errors.PermissionDenied, model_access.edit_listing_review, 'wsmith', review, 2, 'still not great')
def update(self, request, pk=None, listing_pk=None): """ Update an existing review """ try: review = model_access.get_review_by_id(pk) except models.Review.DoesNotExist: return Response('Invalid review', status=status.HTTP_400_BAD_REQUEST) try: rate = request.data.get('rate', review.rate) text = request.data.get('text', None) except: return Response('Bad request to create new review', status=status.HTTP_400_BAD_REQUEST) try: review = model_access.edit_listing_review(request.user.username, review, rate, text) output = {"rate": review.rate, "text": review.text, "author": review.author.id, "listing": review.listing.id, "id": review.id} return Response(output, status=status.HTTP_200_OK) except errors.PermissionDenied: return Response('Cannot update another user\'s review', status=status.HTTP_403_FORBIDDEN)
def update(self, review_instance, validated_data): try: review = model_access.edit_listing_review(self.context['request'].user.username, review_instance, validated_data['rate'], validated_data['text']) except ValidationError as err: raise serializers.ValidationError('{}'.format(err)) return review
def update(self, request, pk=None, listing_pk=None): """ Update an existing review """ review = model_access.get_review_by_id(pk) rate = request.data.get('rate', review.rate) text = request.data.get('text', None) review = model_access.edit_listing_review(request.user.username, review, rate, text) output = {"rate": review.rate, "text": review.text, "author": review.author.id, "listing": review.listing.id, "id": review.id} return Response(output, status=status.HTTP_200_OK)