Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Add API for creating Assessments #862

Merged
merged 10 commits into from
Jul 27, 2023
Merged

Add API for creating Assessments #862

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
10 commits
Select commit Hold shift + click to select a range
b51fcbb
Create api endpoints
munnsmunns Jul 25, 2023
80edd9b
Add CRUD actions to existing viewset
munnsmunns Jul 26, 2023
07c3694
add create test
munnsmunns Jul 26, 2023
7317295
add permissions test
munnsmunns Jul 26, 2023
7924457
fix permissions check
munnsmunns Jul 26, 2023
d9796e7
add functions to client
munnsmunns Jul 26, 2023
e922c2c
add write_only field for dtxsids
munnsmunns Jul 26, 2023
423fdd2
remove unneeded inheritance
munnsmunns Jul 27, 2023
45876c7
Merge branch 'main' into assessment-crud-api
munnsmunns Jul 27, 2023
f04441b
updates from review
shapiromatron Jul 27, 2023
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
43 changes: 43 additions & 0 deletions client/hawc_client/assessment.py
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,3 +1,5 @@
from requests import Response

from .client import BaseClient


Expand Down Expand Up @@ -51,3 +53,44 @@ def all_values(self) -> list[dict]:
"""
url = f"{self.session.root_url}/admin/api/reports/values/"
return self.session.get(url).json()

def create(self, data: dict) -> dict:
"""
Create an assessment.

Args:
data (dict): required metadata for creation

Returns:
dict: The resulting object, if create was successful
"""
url = f"{self.session.root_url}/assessment/api/assessment/"
return self.session.post(url, data).json()

def update(self, assessment_id: int, data: dict) -> dict:
"""
Update an existing assessment

Args:
assessment_id (int): assessment ID

data: fields to update in the assessment

Returns:
dict: The resulting object, if update was successful
"""
url = f"{self.session.root_url}/assessment/api/assessment/{assessment_id}/"
return self.session.patch(url, data).json()

def delete(self, assessment_id: int) -> Response:
"""
Delete a assessment

Args:
assessment_id (int): assessment ID

Returns:
Response: The response object.
"""
url = f"{self.session.root_url}/assessment/api/assessment/{assessment_id}/"
return self.session.delete(url)
8 changes: 7 additions & 1 deletion hawc/apps/assessment/api/viewsets.py
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -253,11 +253,17 @@ def get_queryset(self):
return self.model.objects.all()


class Assessment(AssessmentViewSet):
class Assessment(AssessmentEditViewSet):
model = models.Assessment
serializer_class = serializers.AssessmentSerializer
assessment_filter_args = "id"

def get_permissions(self):
if self.action in ["create", "update", "partial_update", "destroy"]:
return [permissions.IsAdminUser()]
else:
return super().get_permissions()

@action(detail=False, permission_classes=(permissions.AllowAny,))
def public(self, request):
queryset = self.model.objects.all().public()
Expand Down
12 changes: 10 additions & 2 deletions hawc/apps/assessment/serializers.py
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -21,8 +21,16 @@ class Meta:


class AssessmentSerializer(serializers.ModelSerializer):
rob_name = serializers.CharField(source="get_rob_name_display")
dtxsids = DSSToxSerializer(many=True)
rob_name = serializers.CharField(source="get_rob_name_display", read_only=True)
dtxsids = DSSToxSerializer(many=True, read_only=True)
dtxsids_ids = serializers.PrimaryKeyRelatedField(
write_only=True,
many=True,
source="dtxsids",
queryset=models.DSSTox.objects.all(),
required=False,
allow_null=True,
)

def to_representation(self, instance):
ret = super().to_representation(instance)
Expand Down
51 changes: 51 additions & 0 deletions tests/hawc/apps/assessment/test_api.py
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -175,3 +175,54 @@ def test_bad_request(self, db_keys):
]:
resp = client.post(url, data, format="json")
assert resp.status_code == code


@pytest.mark.django_db
class TestAssessmentCRUD:
def test_permissions(self, db_keys):
client = APIClient()
data = {
"name": "testing",
"year": "2013",
"version": "1",
"assessment_objective": "<p>Test.</p>",
"authors": "<p>Test.</p>",
"noel_name": 0,
"rob_name": 0,
"editable": "on",
"creator": 1,
Copy link
Owner

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

changed from strings to ints

"project_manager": [2],
"team_members": [1, 2],
"reviewers": [1],
"epi_version": 1,
"dtxsids_ids": ["DTXSID7020970"],
}

# test success
assert client.login(username="admin@hawcproject.org", password="pw") is True
resp = client.post(reverse("assessment:api:assessment-list"), data, format="json")
assert resp.status_code == 201

created_id = resp.json()["id"]
data.update(name="testing1")
resp = client.patch(reverse("assessment:api:assessment-detail", args=(created_id,)), data)
assert resp.status_code == 200

resp = client.delete(reverse("assessment:api:assessment-detail", args=(created_id,)))
assert resp.status_code == 204

# test failures
assert client.login(username="pm@hawcproject.org", password="pw") is True
resp = client.post(reverse("assessment:api:assessment-list"), data)
assert resp.status_code == 403

resp = client.patch(
reverse("assessment:api:assessment-detail", args=(db_keys.assessment_working,)), data
)
assert resp.status_code == 403

assert client.login(username="pm@hawcproject.org", password="pw") is True
resp = client.delete(
reverse("assessment:api:assessment-detail", args=(db_keys.assessment_working,))
)
assert resp.status_code == 403