From d7866504397544a3db71d23314bc0689c6bf1b35 Mon Sep 17 00:00:00 2001
From: Salsabila Hava Qabita <salsabila.hava@ui.ac.id>
Date: Sun, 1 Nov 2020 02:43:31 +0700
Subject: [PATCH] [#49] Material: User Review (Admin Moderation)
---
app/templates/app/detail_materi.html | 6 ++++
app/tests.py | 38 ++++++++++++++++++++
app/urls.py | 2 ++
app/views.py | 9 ++++-
digipus/__pycache__/settings.cpython-36.pyc | Bin 4184 -> 4208 bytes
5 files changed, 54 insertions(+), 1 deletion(-)
diff --git a/app/templates/app/detail_materi.html b/app/templates/app/detail_materi.html
index c8141ef..e4a6562 100644
--- a/app/templates/app/detail_materi.html
+++ b/app/templates/app/detail_materi.html
@@ -435,6 +435,12 @@ div.review {
{{ review.timestamp|naturaltime }}
</p>
</div>
+ {% if user.is_admin %}
+ <a class="ml-auto p-1 bd-highlight close"
+ href="{% url 'delete-review' materi_data.id review.id %}">
+ <span aria-hidden="true">×</span>
+ </a>
+ {% endif %}
</div>
<div class = 'review'>
<p class="paragraph">{{review.review}}</p>
diff --git a/app/tests.py b/app/tests.py
index f4a6929..27bc5b1 100644
--- a/app/tests.py
+++ b/app/tests.py
@@ -858,6 +858,44 @@ class DetailMateriTest(TestCase):
self.client.post(url, {"review": "This is new review by Anonymous"})
response = self.client.get(url)
self.assertContains(response, "Anonymous")
+
+ def create_and_delete_review(self, is_admin=False, is_contributor=False):
+ url = self.url
+ self.client.login(**self.admin_credential)
+ self.client.post(url, {"review": "A review by Anonymous"})
+ delete_url = "/review/delete/" + str(self.materi1.id) + "/" + str(
+ Review.objects.get(review="A review by Anonymous").id)
+ if is_admin:
+ self.client.login(**self.admin_credential)
+ if is_contributor:
+ self.client.login(**self.contributor_credential)
+ if not is_admin and not is_contributor:
+ self.client.login(**self.anonymous_credential)
+ response = self.client.get(delete_url)
+ return response
+
+ def test_delete_review_by_admin(self):
+ self.create_and_delete_review(is_admin=True)
+ count = Review.objects.all().filter(review="A review by Anonymous").count()
+ self.assertEqual(count, 0)
+
+ def test_delete_review_by_contributor(self):
+ response = self.create_and_delete_review(is_contributor=True)
+
+ self.assertRaises(PermissionDenied)
+ self.assertEqual(response.status_code, 403)
+
+ count = Review.objects.all().filter(review="A review by Anonymous").count()
+ self.assertEqual(count, 1)
+
+ def test_delete_review_by_regular_user(self):
+ response = self.create_and_delete_review()
+
+ self.assertRaises(PermissionDenied)
+ self.assertEqual(response.status_code, 403)
+
+ count = Review.objects.all().filter(review="A review by Anonymous").count()
+ self.assertEqual(count, 1)
def test_detail_materi_contains_review_count(self):
url = self.url
diff --git a/app/urls.py b/app/urls.py
index b48be94..f89a060 100644
--- a/app/urls.py
+++ b/app/urls.py
@@ -15,6 +15,8 @@ urlpatterns = [
path("materi/like/", views.toggle_like, name="PostLikeToggle"),
path("delete/<int:pk_materi>/<int:pk_comment>",
views.delete_comment, name="delete-comment"),
+ path("review/delete/<int:pk_materi>/<int:pk_review>",
+ views.delete_review, name="delete-review"),
path("comment/like/", views.toggle_like_comment, name="comment-like-toggle"),
path("comment/dislike/", views.toggle_dislike_comment, name="comment-dislike-toggle"),
path("materi/<int:pk>/delete", views.delete_materi, name="detele-materi"),
diff --git a/app/views.py b/app/views.py
index 81c9693..bba8b37 100644
--- a/app/views.py
+++ b/app/views.py
@@ -258,6 +258,14 @@ def delete_comment(request, pk_materi, pk_comment):
comment.delete()
return HttpResponseRedirect(url)
+def delete_review(request, pk_materi, pk_review):
+ if not request.user.is_authenticated or not request.user.is_admin:
+ raise PermissionDenied(request)
+ review = get_object_or_404(Review, pk=pk_review)
+ url_materi = "/materi/" + str(pk_materi) + "/"
+ review.delete()
+ return HttpResponseRedirect(url_materi)
+
def toggle_like_comment(request):
comment_id = 0
if request.method == "POST":
@@ -281,7 +289,6 @@ def toggle_dislike_comment(request):
else:
return JsonResponse({"success": False, "msg": UNSUPPORTED_MESSAGE, "comment_id": comment_id})
-
def add_rating_materi(request):
if request.method == "POST" and request.user.is_authenticated:
diff --git a/digipus/__pycache__/settings.cpython-36.pyc b/digipus/__pycache__/settings.cpython-36.pyc
index 2e8d5505327c65aad19bcc06e556bd3f737fca54..d738b3ddbb6740940b2b34c9c7651fa292ceac82 100644
GIT binary patch
delta 686
zcmcbi@IgV@n3tF9(Y(3w(&7vZj~S4FAOiz~0|Ns?@uZ2$t@SCA>4H&$DN-rYDKaUt
zDRL?DDGDiyDbnejQ9>z7QNk(8Q6ecSsf<}1S)!>tDXPs(>5M5#DQYR|DH<u7DO%|)
znT#pgb6C<Dqr_5lqQp~KQgl=KQuI>vdzqsoQdv?A;5^AxmJ~xcPbyVn0%H-YL5fj|
z@ni!=vHE7lRF)Kr6w79&6stLGnT%1=c{!<)6BvskG8v+zQyH^lQmmU9qhwQ=vgA@_
zQ*2Ufdzn(DQ;cjF@?27-CNLJYfYq_2Sf|QE?Z>88BE=}h4(=cOW~LN}IZT<1QS~4z
zAf9w=W=dm>Qb=)%QcQ79ami#%XN*!xag9<=af?z(QHoMcQHoMaQHoMeWzXVIaZhE>
z(g2g1DITfpSz0Ncsq9(WDPEbZQ97wCDc&hQDZaf-QM#!tDSj#bV74CI0RhcSQTi!?
zQ3mzMLg|cAhABZ&MsTs<W~M0Pl#nQsl+Y;Cl&~nXl<<^@bjD1^DD#xaD2r5<l&F+w
zu+f&OEGaQ5v0%1UDoaXSN<5ftoywAukdg>y+oUK(*{0}4*`+WAGiW9y>M$}eY~IWC
znu$A#v$Qz1D7`c@C3W)()@htko~~9g!Kt~a#U-gl3g$5Zz5zZl0Y&+hso4tNsX2+o
z3PuJ-1~IvbMOm47i8;C{ndzAYrNuEYx;V9@Br`9)Sg)Y+7Kcr4eoARhsvS2d^_`g9
L&u={W0RIdCTQR|F
delta 655
zcmeyMa6>`an3tF9o%!5&Pca6D#|%h7fPsO*fq{Xcc)~>G*7|gTD8UrT6sZ*H6qyv+
z6uA`n6onM2bj~QD6vZgv6s0JU6y;RLERHPERGt)-W~Ow;6vY(P6txuf6pa+kbe2rU
z6s<Wd>5NfgDcVuusVpfvseCEADSExkQ4*;vDf)1pWGYLF0h}k5DlvhvNH3+{FvTd9
zCB?XzF_k671WcNONi#5Mo?_9=lwvuDEt4@yIxi<xasp#fSSCZ1bSh((Oo~-AW0Y(v
zQ<hw+Y>IV?O)pcbbc&%3L!L{j)C9(&Ca^k|6suHusDrSmt<RH4F-)<A`_QhLDaC#c
z6UaKam_svD8e^0~ier>wic^YnCSy8dlv0XIlyZt|luC+Xlxm7%lv;{nlzJ+A7JrIc
zDtnd&nAA*hPi4>2O7Tc#&(cou%w&zyNo7g#O7Twd>1B%2O=U^(O{w<-bM)Yr`8P8~
z>8Aul86b<KGe#Mv1V$Ob#e$ldqKs35qfAmlqD)glqs&smQo_?2GZ~}IQzD`)Qdv?W
zQ=-5oTc)z4M5n}n*;c76DX}SWV77HCOG<o7f(V#nlcE@9o1z<Km%<dxpqaRN7t;r(
z&0ATgahf^kXXNLm>KCO}W+dk6yW}UA=BDPA6zd202KeabCKhF7<|XFnrevmP7L*q2
V!|2If{8Eg^CNJeTo_vdc8UWcnwmAR*
--
GitLab