Merge pull request #4687 from FinnStutzenstein/catchDoubleCreationOfPersonalNotes
Fix doulbe create requests for personal notes.
This commit is contained in:
commit
6f014279d4
@ -16,6 +16,7 @@ from django.contrib.sites.shortcuts import get_current_site
|
||||
from django.core import mail
|
||||
from django.core.exceptions import ValidationError as DjangoValidationError
|
||||
from django.db import transaction
|
||||
from django.db.utils import IntegrityError
|
||||
from django.http.request import QueryDict
|
||||
from django.utils.encoding import force_bytes, force_text
|
||||
from django.utils.http import urlsafe_base64_decode, urlsafe_base64_encode
|
||||
@ -447,7 +448,14 @@ class PersonalNoteViewSet(ModelViewSet):
|
||||
Customized method to inject the request.user into serializer's save
|
||||
method so that the request.user can be saved into the model field.
|
||||
"""
|
||||
serializer.save(user=self.request.user)
|
||||
try:
|
||||
serializer.save(user=self.request.user)
|
||||
except IntegrityError:
|
||||
raise ValidationError(
|
||||
{
|
||||
"detail": f"The personal note for user {self.request.user.id} does already exist"
|
||||
}
|
||||
)
|
||||
|
||||
def update(self, request, *args, **kwargs):
|
||||
"""
|
||||
|
@ -580,10 +580,12 @@ class PersonalNoteTest(TestCase):
|
||||
Tests for PersonalNote model.
|
||||
"""
|
||||
|
||||
def setUp(self):
|
||||
self.admin = User.objects.get(username="admin")
|
||||
|
||||
def test_anonymous_without_personal_notes(self):
|
||||
admin = User.objects.get(username="admin")
|
||||
personal_note = PersonalNote.objects.create(
|
||||
user=admin, notes='["admin_personal_note_OoGh8choro0oosh0roob"]'
|
||||
user=self.admin, notes='["admin_personal_note_OoGh8choro0oosh0roob"]'
|
||||
)
|
||||
config["general_system_enable_anonymous"] = True
|
||||
guest_client = APIClient()
|
||||
@ -592,7 +594,7 @@ class PersonalNoteTest(TestCase):
|
||||
)
|
||||
self.assertEqual(response.status_code, 404)
|
||||
|
||||
def test_admin_send_JSON(self):
|
||||
def test_create(self):
|
||||
admin_client = APIClient()
|
||||
admin_client.login(username="admin", password="admin")
|
||||
response = admin_client.post(
|
||||
@ -610,3 +612,56 @@ class PersonalNoteTest(TestCase):
|
||||
format="json",
|
||||
)
|
||||
self.assertEqual(response.status_code, status.HTTP_201_CREATED)
|
||||
|
||||
def test_anonymous_create(self):
|
||||
guest_client = APIClient()
|
||||
response = guest_client.post(
|
||||
reverse("personalnote-list"), {"notes": {}}, format="json"
|
||||
)
|
||||
self.assertEqual(response.status_code, status.HTTP_403_FORBIDDEN)
|
||||
self.assertFalse(PersonalNote.objects.exists())
|
||||
|
||||
def test_create_twice(self):
|
||||
admin_client = APIClient()
|
||||
admin_client.login(username="admin", password="admin")
|
||||
response = admin_client.post(
|
||||
reverse("personalnote-list"), {"notes": {}}, format="json"
|
||||
)
|
||||
self.assertEqual(response.status_code, status.HTTP_201_CREATED)
|
||||
response = admin_client.post(
|
||||
reverse("personalnote-list"), {"notes": {}}, format="json"
|
||||
)
|
||||
self.assertEqual(response.status_code, status.HTTP_400_BAD_REQUEST)
|
||||
|
||||
def test_update(self):
|
||||
admin_client = APIClient()
|
||||
admin_client.login(username="admin", password="admin")
|
||||
personal_note = PersonalNote.objects.create(
|
||||
user=self.admin, notes="test_note_ld3mo1xjcnKNC(836qWe"
|
||||
)
|
||||
response = admin_client.put(
|
||||
reverse("personalnote-detail", args=[personal_note.pk]),
|
||||
{"notes": "test_note_do2ncoi7ci2fm93LjwlO"},
|
||||
format="json",
|
||||
)
|
||||
self.assertEqual(response.status_code, status.HTTP_200_OK)
|
||||
self.assertEqual(
|
||||
PersonalNote.objects.get().notes, "test_note_do2ncoi7ci2fm93LjwlO"
|
||||
)
|
||||
|
||||
def test_update_other_user(self):
|
||||
user = User.objects.create(username="user")
|
||||
admin_client = APIClient()
|
||||
admin_client.login(username="admin", password="admin")
|
||||
personal_note = PersonalNote.objects.create(
|
||||
user=user, notes="test_note_fof3joqmcufh32fn(/2f"
|
||||
)
|
||||
response = admin_client.put(
|
||||
reverse("personalnote-detail", args=[personal_note.pk]),
|
||||
{"notes": "test_note_1qowuddm3d8mF8h29fwI"},
|
||||
format="json",
|
||||
)
|
||||
self.assertEqual(response.status_code, status.HTTP_403_FORBIDDEN)
|
||||
self.assertEqual(
|
||||
PersonalNote.objects.get().notes, "test_note_fof3joqmcufh32fn(/2f"
|
||||
)
|
||||
|
Loading…
Reference in New Issue
Block a user