Browse Source

New controller.Groups.update_settings() and associated unit tests.

Dan Helfman 10 years ago
parent
commit
3a9cd0a024
2 changed files with 126 additions and 0 deletions
  1. 39
    0
      controller/Groups.py
  2. 87
    0
      controller/test/Test_groups.py

+ 39
- 0
controller/Groups.py View File

@@ -55,3 +55,42 @@ class Groups( object ):
55 55
       admin_users = admin_users,
56 56
       other_users = other_users,
57 57
     )
58
+
59
+  @expose( view = Json )
60
+  @end_transaction
61
+  @grab_user_id
62
+  @validate(
63
+    group_id = Valid_id(),
64
+    group_name = Valid_string( min = 0, max = 100 ),
65
+    group_settings_button = unicode,
66
+    user_id = Valid_id( none_okay = True ),
67
+  )
68
+  def update_settings( self, group_id, group_name, group_settings_button, user_id = None ):
69
+    """
70
+    Update the settings for the given group.
71
+
72
+    @type group_id: unicode
73
+    @param group_id: id of group whose users to return
74
+    @type group_name: unicode
75
+    @param group_name: new name of the group
76
+    @type group_settings_button: unicode
77
+    @param group_settings_button: ignored
78
+    @rtype: dict
79
+    @return: { 'message': message }
80
+    @raise Access_error: the current user doesn't have admin membership to the given group
81
+    @raise Validation_error: one of the arguments is invalid
82
+    """
83
+    if not self.__users.check_group( user_id, group_id, admin = True ):
84
+      raise Access_error()
85
+
86
+    group = self.__database.load( Group, group_id )
87
+
88
+    if group is None:
89
+      raise Access_error()
90
+
91
+    group.name = group_name
92
+    self.__database.save( group )
93
+
94
+    return dict(
95
+      message = u"The group settings have been saved.",
96
+    )

+ 87
- 0
controller/test/Test_groups.py View File

@@ -63,6 +63,93 @@ class Test_groups( Test_controller ):
63 63
     assert result[ u"group" ].name == self.group.name
64 64
     assert result[ u"group" ].admin == self.group.admin
65 65
 
66
+  def test_load_users_without_access( self ):
67
+    self.login2()
68
+
69
+    result = self.http_post( "/groups/load_users", dict(
70
+      group_id = self.group2.object_id,
71
+    ), session_id = self.session_id )
72
+
73
+    assert u"access" in result[ u"error" ]
74
+
75
+  def test_load_users_without_admin_access( self ):
76
+    self.login()
77
+
78
+    result = self.http_post( "/groups/load_users", dict(
79
+      group_id = self.group.object_id,
80
+    ), session_id = self.session_id )
81
+
82
+    assert u"access" in result[ u"error" ]
83
+
84
+  def test_load_users_with_unknown_group( self ):
85
+    self.login()
86
+
87
+    result = self.http_post( "/groups/load_users", dict(
88
+      group_id = u"unknowngroupid",
89
+    ), session_id = self.session_id )
90
+
91
+    assert u"access" in result[ u"error" ]
92
+
93
+  def test_update_settings( self ):
94
+    self.login2()
95
+    new_name = u"new group name"
96
+
97
+    result = self.http_post( "/groups/update_settings", dict(
98
+      group_id = self.group.object_id,
99
+      group_name = new_name,
100
+      group_settings_button = u"save settings",
101
+    ), session_id = self.session_id )
102
+    
103
+    assert u"saved" in result[ u"message" ]
104
+
105
+    group = self.database.load( Group, self.group.object_id )
106
+    assert group.name == new_name
107
+
108
+  def test_update_settings_without_access( self ):
109
+    self.login2()
110
+    new_name = u"new group name"
111
+
112
+    result = self.http_post( "/groups/update_settings", dict(
113
+      group_id = self.group2.object_id,
114
+      group_name = new_name,
115
+      group_settings_button = u"save settings",
116
+    ), session_id = self.session_id )
117
+    
118
+    assert u"access" in result[ u"error" ]
119
+
120
+    group = self.database.load( Group, self.group.object_id )
121
+    assert group.name == self.group.name
122
+
123
+  def test_update_settings_without_admin_access( self ):
124
+    self.login()
125
+    new_name = u"new group name"
126
+
127
+    result = self.http_post( "/groups/update_settings", dict(
128
+      group_id = self.group.object_id,
129
+      group_name = new_name,
130
+      group_settings_button = u"save settings",
131
+    ), session_id = self.session_id )
132
+    
133
+    assert u"access" in result[ u"error" ]
134
+
135
+    group = self.database.load( Group, self.group.object_id )
136
+    assert group.name == self.group.name
137
+
138
+  def test_update_settings_with_unknown_group( self ):
139
+    self.login2()
140
+    new_name = u"new group name"
141
+
142
+    result = self.http_post( "/groups/update_settings", dict(
143
+      group_id = u"unknowngroupid",
144
+      group_name = new_name,
145
+      group_settings_button = u"save settings",
146
+    ), session_id = self.session_id )
147
+    
148
+    assert u"access" in result[ u"error" ]
149
+
150
+    group = self.database.load( Group, self.group.object_id )
151
+    assert group.name == self.group.name
152
+
66 153
   def login( self ):
67 154
     result = self.http_post( "/users/login", dict(
68 155
       username = self.username,

Loading…
Cancel
Save