8000 Stop using django.contrib.comments and django_comments_xtd by berkerpeksag · Pull Request #981 · python/pythondotorg · GitHub
[go: up one dir, main page]
Skip to content

Stop using django.contrib.comments and django_comments_xtd #981

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merged
merged 14 commits into from
Aug 6, 2017
Merged

Stop using django.contrib.comments and django_comments_xtd #981

Show file tree
Hide file tree
Changes from 1 commit
Commits
Show all changes
14 commits
Select commit Hold shift + click to select a range
f0cce93
Stop using django.contrib.comments and django_comments_xtd
berkerpeksag Aug 5, 2016
b46e90d
Raise 401 if a non-admin user tries to approve a job
berkerpeksag Aug 5, 2016
fac168e
Add jobs_board_admin context variable
berkerpeksag Aug 5, 2016
b48604c
Don't show canned responses to normal users
berkerpeksag Aug 5, 2016
d4dfbeb
Set creator and url field automatically in JobFactory
berkerpeksag Aug 4, 2017
f6bb5a8
Remove JobDetailReview
berkerpeksag Aug 4, 2017
8a5675e
Simplify JobListMine and JobDetail views
berkerpeksag Aug 4, 2017
f325dd0
Improve UX of job review views
berkerpeksag Aug 4, 2017
3665d81
Fix <title> when editing a job in job_form.html
berkerpeksag Aug 4, 2017
0a6179e
Remove unnecessary branch in JobCreate.get_form_kwargs()
berkerpeksag Aug 4, 2017
f02b962
Increase test coverage of Job views tip %95
berkerpeksag Aug 4, 2017
07bf6a1
Don't send email to job submitter for their own comment
berkerpeksag Aug 5, 2017
234dfde
Show commenter's username if they don't have full name set
berkerpeksag Aug 5, 2017
f6178c1
Don't show review comments when a job is in preview mode
berkerpeksag Aug 5, 2017
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
Prev Previous commit
Next Next commit
Raise 401 if a non-admin user tries to approve a job
  • Loading branch information
@berkerpeksag
berkerpeksag committed Aug 6, 2017
commit b46e90d7db568f12b645ec73e3a499406ae271b5
13 changes: 13 additions & 0 deletions jobs/tests/test_views.py
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -504,3 +504,16 @@ def test_job_comment_401(self):
response = self.client.post(url, form_data)
self.assertEqual(response.status_code, 401)
self.assertEqual(len(mail.outbox), 0)

def test_job_comment_401_approve(self):
mail.outbox = []
self.client.login(username=self.creator_username, password=self.creator_password)
url = reverse('jobs:job_review_comment_create')
form_data = {
'job': self.job1.pk,
'action': 'approve',
}
self.assertEqual(len(mail.outbox), 0)
response = self.client.post(url, form_data)
self.assertEqual(response.status_code, 401)
self.assertEqual(len(mail.outbox), 0)
4 changes: 3 additions & 1 deletion jobs/views.py
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -341,7 +341,9 @@ def form_valid(self, form):
return HttpResponse('Unauthorized', status=401)
action = self.request.POST.get('action')
valid_actions = {'approve': Job.STATUS_APPROVED, 'reject': Job.STATUS_REJECTED}
if action is not None and action in valid_actions and self.has_jobs_board_admin_access():
if action is not None and action in valid_actions:
if not self.has_jobs_board_admin_access():
return HttpResponse('Unauthorized', status=401)
action_status = valid_actions.get(action)
getattr(form.instance.job, action)(self.request.user)
messages.add_message(
Expand Down
0