diff --git a/app/templates/app/detail_materi.html b/app/templates/app/detail_materi.html
index c8141efc4c138a413ee78ea550542de8e96f0823..e4a6562bfc0e9e5fb3220b783e0110e0a44e55cc 100644
--- a/app/templates/app/detail_materi.html
+++ b/app/templates/app/detail_materi.html
@@ -435,6 +435,12 @@ div.review {
{{ review.timestamp|naturaltime }}
</p>
</div>
+ {% if user.is_admin %}
+ <a class="ml-auto p-1 bd-highlight close"
+ href="{% url 'delete-review' materi_data.id review.id %}">
+ <span aria-hidden="true">×</span>
+ </a>
+ {% endif %}
</div>
<div class = 'review'>
<p class="paragraph">{{review.review}}</p>
diff --git a/app/tests.py b/app/tests.py
index f4a69296061a2a3910b24337a24becc93df5ab11..27bc5b1c74a337568b8d2ae803de2f0558b60fb8 100644
--- a/app/tests.py
+++ b/app/tests.py
@@ -858,6 +858,44 @@ class DetailMateriTest(TestCase):
self.client.post(url, {"review": "This is new review by Anonymous"})
response = self.client.get(url)
self.assertContains(response, "Anonymous")
+
+ def create_and_delete_review(self, is_admin=False, is_contributor=False):
+ url = self.url
+ self.client.login(**self.admin_credential)
+ self.client.post(url, {"review": "A review by Anonymous"})
+ delete_url = "/review/delete/" + str(self.materi1.id) + "/" + str(
+ Review.objects.get(review="A review by Anonymous").id)
+ if is_admin:
+ self.client.login(**self.admin_credential)
+ if is_contributor:
+ self.client.login(**self.contributor_credential)
+ if not is_admin and not is_contributor:
+ self.client.login(**self.anonymous_credential)
+ response = self.client.get(delete_url)
+ return response
+
+ def test_delete_review_by_admin(self):
+ self.create_and_delete_review(is_admin=True)
+ count = Review.objects.all().filter(review="A review by Anonymous").count()
+ self.assertEqual(count, 0)
+
+ def test_delete_review_by_contributor(self):
+ response = self.create_and_delete_review(is_contributor=True)
+
+ self.assertRaises(PermissionDenied)
+ self.assertEqual(response.status_code, 403)
+
+ count = Review.objects.all().filter(review="A review by Anonymous").count()
+ self.assertEqual(count, 1)
+
+ def test_delete_review_by_regular_user(self):
+ response = self.create_and_delete_review()
+
+ self.assertRaises(PermissionDenied)
+ self.assertEqual(response.status_code, 403)
+
+ count = Review.objects.all().filter(review="A review by Anonymous").count()
+ self.assertEqual(count, 1)
def test_detail_materi_contains_review_count(self):
url = self.url
diff --git a/app/urls.py b/app/urls.py
index b48be941b1a77fcacd0cae3571b7360b26199c2f..f89a0602819e3fcfc560e1a73d602edd0a439e04 100644
--- a/app/urls.py
+++ b/app/urls.py
@@ -15,6 +15,8 @@ urlpatterns = [
path("materi/like/", views.toggle_like, name="PostLikeToggle"),
path("delete/<int:pk_materi>/<int:pk_comment>",
views.delete_comment, name="delete-comment"),
+ path("review/delete/<int:pk_materi>/<int:pk_review>",
+ views.delete_review, name="delete-review"),
path("comment/like/", views.toggle_like_comment, name="comment-like-toggle"),
path("comment/dislike/", views.toggle_dislike_comment, name="comment-dislike-toggle"),
path("materi/<int:pk>/delete", views.delete_materi, name="detele-materi"),
diff --git a/app/views.py b/app/views.py
index 81c9693e1dff73a140ab1e31f490a6f0dd3a46ac..bba8b37f7761fe48dedd0eba481a423f3494d1f1 100644
--- a/app/views.py
+++ b/app/views.py
@@ -258,6 +258,14 @@ def delete_comment(request, pk_materi, pk_comment):
comment.delete()
return HttpResponseRedirect(url)
+def delete_review(request, pk_materi, pk_review):
+ if not request.user.is_authenticated or not request.user.is_admin:
+ raise PermissionDenied(request)
+ review = get_object_or_404(Review, pk=pk_review)
+ url_materi = "/materi/" + str(pk_materi) + "/"
+ review.delete()
+ return HttpResponseRedirect(url_materi)
+
def toggle_like_comment(request):
comment_id = 0
if request.method == "POST":
@@ -281,7 +289,6 @@ def toggle_dislike_comment(request):
else:
return JsonResponse({"success": False, "msg": UNSUPPORTED_MESSAGE, "comment_id": comment_id})
-
def add_rating_materi(request):
if request.method == "POST" and request.user.is_authenticated:
diff --git a/digipus/__pycache__/settings.cpython-36.pyc b/digipus/__pycache__/settings.cpython-36.pyc
index 2e8d5505327c65aad19bcc06e556bd3f737fca54..d738b3ddbb6740940b2b34c9c7651fa292ceac82 100644
Binary files a/digipus/__pycache__/settings.cpython-36.pyc and b/digipus/__pycache__/settings.cpython-36.pyc differ