def test_requires_write_permissions_on_field(self): self.plot.width = 333 self.plot.save_with_user(self.commander_user) width_audit = self.plot.audits().order_by('-created')[0] # Read only can't edit FieldPermission.objects.filter(field_name='width').update( permission_level=FieldPermission.READ_ONLY) self.assertRaises(AuthorizeException, approve_or_reject_existing_edit, width_audit, self.commander_user, approved=True) # Neither can 'write with audit' FieldPermission.objects.filter(field_name='width').update( permission_level=FieldPermission.WRITE_WITH_AUDIT) self.assertRaises(AuthorizeException, approve_or_reject_existing_edit, width_audit, self.commander_user, approved=True) # But write directly can FieldPermission.objects.filter(field_name='width').update( permission_level=FieldPermission.WRITE_DIRECTLY) approve_or_reject_existing_edit( width_audit, self.commander_user, approved=True)
def test_reject_regular_edit(self): self.plot.width = 444 self.plot.save_with_user(self.commander_user) self.plot.width = 555 self.plot.save_with_user(self.commander_user) width_audit = self.plot.audits().order_by('-created')[0] # Sanity check self.assertEqual(width_audit.field, 'width') # Should not have a reference associated with it self.assertIsNone(width_audit.ref) approve_or_reject_existing_edit( width_audit, self.commander_user, approved=False) width_audit_reloaded = Audit.objects.get(pk=width_audit.pk) self.assertIsNotNone(width_audit_reloaded.ref) refd = width_audit_reloaded.ref self.assertEqual(refd.action, Audit.Type.ReviewReject) plot_reloaded = Plot.objects.get(pk=self.plot.pk) self.assertEqual(plot_reloaded.width, 444)
def test_approving_edits_on_deleted_obj_doesnt_fail(self): self.plot.width = 444 self.plot.save_with_user(self.commander_user) width_audit = self.plot.audits().order_by('-created')[0] self.plot.delete_with_user(self.commander_user, cascade=True) approve_or_reject_existing_edit( width_audit, self.commander_user, approved=False)
def approve_or_reject_photo( request, instance, feature_id, photo_id, action): approved = action == 'approve' if approved: msg = trans('Approved') else: msg = trans('Rejected') resp = HttpResponse(msg) try: photo = (MapFeaturePhoto.objects .select_related('treephoto') .get(pk=photo_id)) try: photo = photo.treephoto except MapFeaturePhoto.DoesNotExist: pass # There is no tree photo, so use the superclass except MapFeaturePhoto.DoesNotExist: # This may be a pending tree. Let's see if there # are pending audits pending_audits = Audit.objects\ .filter(instance=instance)\ .filter(model__in=['TreePhoto', 'MapFeaturePhoto'])\ .filter(model_id=photo_id)\ .filter(requires_auth=True) if len(pending_audits) > 0: # Process as pending and quit approve_or_reject_audits_and_apply( pending_audits, request.user, approved) return resp else: # Error - no pending or regular raise Http404('Photo Not Found') # Handle the id audit first all_audits = [] for audit in photo.audits(): if audit.field == 'id': all_audits = [audit] + all_audits else: all_audits.append(audit) for audit in all_audits: approve_or_reject_existing_edit( audit, request.user, approved) return resp
def approve_or_reject_photo(request, instance, feature_id, photo_id, action): approved = action == 'approve' if approved: msg = trans('Approved') else: msg = trans('Rejected') resp = HttpResponse(msg) try: photo = (MapFeaturePhoto.objects.select_related('treephoto').get( pk=photo_id)) try: photo = photo.treephoto except MapFeaturePhoto.DoesNotExist: pass # There is no tree photo, so use the superclass except MapFeaturePhoto.DoesNotExist: # This may be a pending tree. Let's see if there # are pending audits pending_audits = Audit.objects\ .filter(instance=instance)\ .filter(model__in=['TreePhoto', 'MapFeaturePhoto'])\ .filter(model_id=photo_id)\ .filter(requires_auth=True) if len(pending_audits) > 0: # Process as pending and quit approve_or_reject_audits_and_apply(pending_audits, request.user, approved) return resp else: # Error - no pending or regular raise Http404('Photo Not Found') # Handle the id audit first all_audits = [] for audit in photo.audits(): if audit.field == 'id': all_audits = [audit] + all_audits else: all_audits.append(audit) for audit in all_audits: approve_or_reject_existing_edit(audit, request.user, approved) return resp
def approve_or_reject_photo( request, instance, feature_id, tree_id, photo_id, action): approved = action == 'approve' if approved: msg = trans('Approved') else: msg = trans('Rejected') resp = HttpResponse(msg) tree = get_object_or_404( Tree, plot_id=feature_id, instance=instance, pk=tree_id) try: photo = TreePhoto.objects.get(pk=photo_id, tree=tree) except TreePhoto.DoesNotExist: # This may be a pending tree. Let's see if there # are pending audits pending_audits = Audit.objects\ .filter(instance=instance)\ .filter(model='TreePhoto')\ .filter(model_id=photo_id)\ .filter(requires_auth=True) if len(pending_audits) > 0: # Process as pending and quit approve_or_reject_audits_and_apply( pending_audits, request.user, approved) return resp else: # Error - no pending or regular raise Http404('Tree Photo Not Found') # Handle the id audit first all_audits = [] for audit in photo.audits(): if audit.field == 'id': all_audits = [audit] + all_audits else: all_audits.append(audit) for audit in all_audits: approve_or_reject_existing_edit( audit, request.user, approved) return resp
def test_rejecting_old_edits_doesnt_update_object(self): self.plot.width = 333 self.plot.save_with_user(self.commander_user) self.plot.width = 444 self.plot.save_with_user(self.commander_user) width_audit = self.plot.audits().order_by('-created')[0] self.plot.width = 555 self.plot.save_with_user(self.commander_user) approve_or_reject_existing_edit( width_audit, self.commander_user, approved=False) reloaded_plot = Plot.objects.get(pk=self.plot.pk) self.assertEqual(reloaded_plot.width, 555)
def test_reject_id_edit(self): id_audit = self.plot.audits().get(field='id') approve_or_reject_existing_edit( id_audit, self.commander_user, approved=False) all_audits = list(self.plot.audits()) self.assertNotEqual(len(all_audits), 0) updated_audit = Audit.objects.get(pk=id_audit.pk) ref_audit = updated_audit.ref self.assertIsNotNone(ref_audit) self.assertEqual(ref_audit.action, Audit.Type.ReviewReject) self.assertRaises(Plot.DoesNotExist, Plot.objects.get, pk=self.plot.pk)