Add simulation put path

author: Georgios Andreadis <info@gandreadis.com> 2020-06-25 18:35:53 +0200
committer: Georgios Andreadis <info@gandreadis.com> 2020-06-25 18:35:53 +0200
commit: 00597ec99f587557b88b9982a2c41a2cb8db8112 (patch)
tree: b5a535951db7e0b99887ae6456e3410404982449 /opendc/api
parent: 4c272a01f38aba268dd8b8aa17dae4c9f56b087f (diff)
3 files changed, 79 insertions, 31 deletions
diff --git a/opendc/api/v2/simulations/simulationId/endpoint.py b/opendc/api/v2/simulations/simulationId/endpoint.py
index 5c9d126f..b08cf8be 100644
--- a/opendc/api/v2/simulations/simulationId/endpoint.py
+++ b/opendc/api/v2/simulations/simulationId/endpoint.py
@@ -3,6 +3,7 @@ from datetime import datetime
 from opendc.models.simulation import Simulation
 from opendc.models.user import User
 from opendc.util import database, exceptions
+from opendc.util.database import Database
 from opendc.util.rest import Response
 
 
@@ -19,12 +20,9 @@ def GET(request):
     if validation_error is not None:
         return validation_error
 
-    user = User.from_google_id(request.google_id)
-    authorizations = list(filter(
-        lambda x: str(x['simulationId']) == str(request.params_path['simulationId']),
-        user.obj['authorizations']))
-    if len(authorizations) == 0 or authorizations[0]['authorizationLevel'] == 'VIEW':
-        return Response(403, "Forbidden from retrieving simulation.")
+    access_error = simulation.validate_user_access(request.google_id, False)
+    if access_error is not None:
+        return access_error
 
     return Response(200, 'Successfully retrieved simulation', simulation.obj)
 
@@ -32,38 +30,26 @@ def GET(request):
 def PUT(request):
     """Update a simulation's name."""
 
-    # Make sure required parameters are there
-
     try:
         request.check_required_parameters(body={'simulation': {'name': 'name'}}, path={'simulationId': 'string'})
-
     except exceptions.ParameterError as e:
         return Response(400, str(e))
 
-    # Instantiate a Simulation and make sure it exists
-
-    simulation = Simulation.from_primary_key((request.params_path['simulationId'], ))
-
-    if not simulation.exists():
-        return Response(404, '{} not found.'.format(simulation))
-
-    # Make sure this User is allowed to edit this Simulation
-
-    if not simulation.google_id_has_at_least(request.google_id, 'EDIT'):
-        return Response(403, 'Forbidden from editing {}.'.format(simulation))
-
-    # Update this Simulation in the database
+    simulation = Simulation.from_id(request.params_path['simulationId'])
 
-    simulation.read()
+    validation_error = simulation.validate()
+    if validation_error is not None:
+        return validation_error
 
-    simulation.name = request.params_body['simulation']['name']
-    simulation.datetime_last_edited = database.datetime_to_string(datetime.now())
+    access_error = simulation.validate_user_access(request.google_id, True)
+    if access_error is not None:
+        return access_error
 
+    simulation.set_property('name', request.params_body['simulation']['name'])
+    simulation.set_property('datetime_last_edited', Database.datetime_to_string(datetime.now()))
     simulation.update()
 
-    # Return this Simulation
-
-    return Response(200, 'Successfully updated {}.'.format(simulation), simulation.to_JSON())
+    return Response(200, 'Successfully updated simulation.', simulation.obj)
 
 
 def DELETE(request):
diff --git a/opendc/api/v2/simulations/simulationId/test_endpoint.py b/opendc/api/v2/simulations/simulationId/test_endpoint.py
index cf4b375a..ad53fcaa 100644
--- a/opendc/api/v2/simulations/simulationId/test_endpoint.py
+++ b/opendc/api/v2/simulations/simulationId/test_endpoint.py
@@ -13,12 +13,67 @@ def test_get_simulation_no_authorizations(client, mocker):
 
 
 def test_get_simulation_not_authorized(client, mocker):
-    mocker.patch.object(DB, 'fetch_one', return_value={'authorizations': [{'simulationId': '2', 'authorizationLevel': 'OWN'}]})
+    mocker.patch.object(DB,
+                        'fetch_one',
+                        return_value={
+                            '_id': '1',
+                            'authorizations': [{
+                                'simulationId': '2',
+                                'authorizationLevel': 'OWN'
+                            }]
+                        })
     res = client.get('/api/v2/simulations/1')
     assert '403' in res.status
 
 
 def test_get_simulation(client, mocker):
-    mocker.patch.object(DB, 'fetch_one', return_value={'authorizations': [{'simulationId': '1', 'authorizationLevel': 'EDIT'}]})
+    mocker.patch.object(DB,
+                        'fetch_one',
+                        return_value={
+                            '_id': '1',
+                            'authorizations': [{
+                                'simulationId': '1',
+                                'authorizationLevel': 'EDIT'
+                            }]
+                        })
     res = client.get('/api/v2/simulations/1')
     assert '200' in res.status
+
+
+def test_update_simulation_missing_parameter(client):
+    assert '400' in client.put('/api/v2/simulations/1').status
+
+
+def test_update_simulation_non_existing(client, mocker):
+    mocker.patch.object(DB, 'fetch_one', return_value=None)
+    assert '404' in client.put('/api/v2/simulations/1', json={'simulation': {'name': 'S'}}).status
+
+
+def test_update_simulation_not_authorized(client, mocker):
+    mocker.patch.object(DB,
+                        'fetch_one',
+                        return_value={
+                            '_id': '1',
+                            'authorizations': [{
+                                'simulationId': '1',
+                                'authorizationLevel': 'VIEW'
+                            }]
+                        })
+    mocker.patch.object(DB, 'update', return_value={})
+    assert '403' in client.put('/api/v2/simulations/1', json={'simulation': {'name': 'S'}}).status
+
+
+def test_update_simulation(client, mocker):
+    mocker.patch.object(DB,
+                        'fetch_one',
+                        return_value={
+                            '_id': '1',
+                            'authorizations': [{
+                                'simulationId': '1',
+                                'authorizationLevel': 'OWN'
+                            }]
+                        })
+    mocker.patch.object(DB, 'update', return_value={})
+
+    res = client.put('/api/v2/simulations/1', json={'simulation': {'name': 'S'}})
+    assert '200' in res.status
diff --git a/opendc/api/v2/simulations/test_endpoint.py b/opendc/api/v2/simulations/test_endpoint.py
index fe4ac6ed..d23df74a 100644
--- a/opendc/api/v2/simulations/test_endpoint.py
+++ b/opendc/api/v2/simulations/test_endpoint.py
@@ -7,7 +7,14 @@ def test_add_simulation_missing_parameter(client):
 
 def test_add_simulation(client, mocker):
     mocker.patch.object(DB, 'fetch_one', return_value={'_id': '1', 'authorizations': []})
-    mocker.patch.object(DB, 'insert', return_value={'_id': '1', 'datetimeCreated': '000', 'datetimeEdit': '000', 'topologyIds': []})
+    mocker.patch.object(DB,
+                        'insert',
+                        return_value={
+                            '_id': '1',
+                            'datetimeCreated': '000',
+                            'datetimeEdit': '000',
+                            'topologyIds': []
+                        })
     mocker.patch.object(DB, 'update', return_value={})
     res = client.post('/api/v2/simulations', json={'simulation': {'name': 'test simulation'}})
     assert 'datetimeCreated' in res.json['content']
author	Georgios Andreadis <info@gandreadis.com>	2020-06-25 18:35:53 +0200
committer	Georgios Andreadis <info@gandreadis.com>	2020-06-25 18:35:53 +0200
commit	00597ec99f587557b88b9982a2c41a2cb8db8112 (patch)
tree	b5a535951db7e0b99887ae6456e3410404982449 /opendc/api
parent	4c272a01f38aba268dd8b8aa17dae4c9f56b087f (diff)