haiwen/seahub
1
0
Fork 0
mirror of https://github.com/haiwen/seahub.git synced 2025-08-11 11:52:08 +00:00
Code Issues Releases Wiki Activity

fix bug of user notification (#3230)

Browse Source 
* fix bug of user notification

add checks, add test cases for notifications
This commit is contained in:
Leo 2019-04-12 10:36:22 +08:00 committed by lian
parent 5d2a2b238c
commit e23fd72fc7
2 changed files with 45 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

20
seahub/api2/endpoints/notifications.py
View File

@ -5,6 +5,7 @@ from rest_framework.authentication import SessionAuthentication
from rest_framework.permissions import IsAuthenticated from rest_framework.permissions import IsAuthenticated
from rest_framework.response import Response from rest_framework.response import Response
from rest_framework.views import APIView from rest_framework.views import APIView
from rest_framework import status
from django.core.cache import cache from django.core.cache import cache
@ -123,17 +124,32 @@ class NotificationView(APIView):
notice_id = request.data.get('notice_id') notice_id = request.data.get('notice_id')
# argument check
try:
int(notice_id)
except Exception as e:
error_msg = 'notice_id invalid.'
logger.error(e)
return api_error(status.HTTP_400_BAD_REQUEST, error_msg)
# resource check
try: try:
notice = UserNotification.objects.get(id=notice_id) notice = UserNotification.objects.get(id=notice_id)
except UserNotification.DoesNotExist as e: except UserNotification.DoesNotExist as e:
logger.error(e) logger.error(e)
pass error_msg = 'Notification %s not found.' % notice_id
return api_error(status.HTTP_404_NOT_FOUND, error_msg)
# permission check
username = request.user.username
if notice.to_user != username:
error_msg = 'Permission denied.'
return api_error(status.HTTP_403_FORBIDDEN, error_msg)
if not notice.seen: if not notice.seen:
notice.seen = True notice.seen = True
notice.save() notice.save()
username = request.user.username
cache_key = get_cache_key_of_unseen_notifications(username) cache_key = get_cache_key_of_unseen_notifications(username)
cache.delete(cache_key) cache.delete(cache_key)

27
tests/api/endpoints/test_notifications.py
View File

@ -1,6 +1,7 @@
import json import json
from seahub.test_utils import BaseTestCase from seahub.test_utils import BaseTestCase
from seahub.notifications.models import UserNotification from seahub.notifications.models import UserNotification
from seahub.base.accounts import UserManager
class NotificationsTest(BaseTestCase): class NotificationsTest(BaseTestCase):
def setUp(self): def setUp(self):
@ -58,3 +59,29 @@ class NotificationTest(BaseTestCase):
self.assertEqual(200, resp.status_code) self.assertEqual(200, resp.status_code)
assert UserNotification.objects.count_unseen_user_notifications(self.username) == 0 assert UserNotification.objects.count_unseen_user_notifications(self.username) == 0
def test_argument_check_notice_id_invalid(self):
self.login_as(self.user)
data = 'notice_id=%s' % 'a'
resp = self.client.put(self.endpoint, data, 'application/x-www-form-urlencoded')
self.assertEqual(400, resp.status_code)
def test_resource_check_notification_not_found(self):
self.login_as(self.user)
notice1 = UserNotification.objects.add_user_message(self.username, 'test1')
notice2 = UserNotification.objects.add_user_message(self.username, 'test2')
data = 'notice_id=%s' % str(notice2.id + 1)
resp = self.client.put(self.endpoint, data, 'application/x-www-form-urlencoded')
self.assertEqual(404, resp.status_code)
def test_permission_check_permission_denied(self):
self.login_as(self.user)
new_user = UserManager().create_user(email='new@new.com', password='root')
notice_to_new_user = UserNotification.objects.add_user_message(new_user.name, 'test for new user')
data = 'notice_id=%s' % notice_to_new_user.id
resp = self.client.put(self.endpoint, data, 'application/x-www-form-urlencoded')
self.assertEqual(403, resp.status_code)