2680 m2m fields refactor #2716
2680 m2m fields refactor #2716
Conversation
BCerki
force-pushed
the
2680-m2m-fields-refactor
branch
5 times, most recently
from
f331364 to
2e0c8af
Compare
| documents = models.ManyToManyField( | ||
| Document, | ||
| blank=True, | ||
| related_name="operators", | ||
| ) | ||
| contacts = models.ManyToManyField( | ||
| Contact, | ||
| blank=True, | ||
| related_name="operators", | ||
| ) |
There was a problem hiding this comment.
I don't think we're using either of these (@Sepehr-Sobhani , would you mind checking metabase? I don't have access to prod data)
| @@ -13,11 +13,6 @@ class User(UserAndContactCommonInfo): | |||
| max_length=1000, | |||
| db_comment="The name of the business the user is associated with as per their Business BCeID account", | |||
| ) | |||
| documents = models.ManyToManyField( | |||
There was a problem hiding this comment.
@Sepehr-Sobhani also this one
| @@ -32,3 +40,5 @@ def delete(self, *args, **kwargs): | |||
| default_storage.delete(self.file.name) | |||
|
|
|||
| super().delete(*args, **kwargs) | |||
|
|
|||
| # | |||
There was a problem hiding this comment.
tedious nit: seems unnecessary?
| @@ -277,6 +277,7 @@ def update_status( | |||
| if user_operator.status == UserOperator.Statuses.DECLINED: | |||
| # Set role to pending for now but we may want to add a new role for declined | |||
| user_operator.role = UserOperator.Roles.PENDING | |||
| # brianna you're going to have to go deal with thiss | |||
There was a problem hiding this comment.
do you plan to deal with "thiss" in this PR or a follow up one?
There was a problem hiding this comment.
I didn't have to deal with it in the end, actually, nothing in reg1 broke because we learned you can use set/add for both m2m and fk
| return row.id + operator; | ||
| } | ||
|
|
||
| console.log("initialdata", initialData); |
| @@ -149,6 +149,7 @@ def test_cas_director_approves_admin_access_request_with_new_operator(self, mock | |||
| ) | |||
|
|
|||
| def test_cas_analyst_declines_access_request(self, mocker): | |||
| # brianna this will be fixed after rebase | |||
| def create_contact(cls, user_guid: UUID, payload: Union[ContactIn, OperationRepresentativeIn]) -> Contact: | ||
| contact_data: dict = payload.dict(include={*ContactIn.Meta.fields}) | ||
| # `business_role` is a mandatory field in the DB but we don't collect it from the user | ||
| # so we set it to a default value here and we can change it later if needed |
There was a problem hiding this comment.
I think we can probably delete the business_role field on Contact, I don't think we use it anywhere? (but this is tech debt we can leave for later)
There was a problem hiding this comment.
There are a couple places where we filter by business_role Operation Representative
| existing_contact_address = contact.address | ||
| if existing_contact_address: | ||
| contact.address = None | ||
| contact.save(update_fields=['address']) | ||
| # contact has an address and the payload has no address data, remove the address | ||
| existing_contact_address.delete() |
There was a problem hiding this comment.
I find this part confusing and overly complex. Couldn't it be simplified to:
if contact.address:
contact.address.delete()
contact.address = None # not even sure this line is needed
contact.save(update_fields=['address'])
side note - I'm having major deja vu reading this code. Was this copied over from v1 of the service? If so there might be an argument for keeping this code as-is until we throw away all our v1 code.
There was a problem hiding this comment.
Yes, it's copied from v1. I'll leave it as-is for now
|
|
||
| class DocumentDataAccessServiceV2: | ||
| @classmethod | ||
| def get_operation_document_by_type(cls, operation_id: UUID, document_type: str) -> Document | None: |
There was a problem hiding this comment.
I got lost trying to follow the paths of where this function gets called, so apologies if this question is wrong, but do we need to add a check here based on user_guid to confirm that the user has permission to access data for the operation in question? (I couldn't tell if this gets checked somewhere else)
There was a problem hiding this comment.
I made a get_if_authorized function to this, that's how we've generally done it in other services. Thanks for catching this!
| assert created is False | ||
|
|
||
| @staticmethod | ||
| def test_update_operation_document(): |
There was a problem hiding this comment.
could I request another unit test here to confirm that an industry_user is NOT allowed to update/view a document associated with an operation outside of their operator? (this relates to my previous comment above)
BCerki
force-pushed
the
2680-m2m-fields-refactor
branch
4 times, most recently
from
adedb9b to
5113692
Compare
BCerki
force-pushed
the
2680-m2m-fields-refactor
branch
3 times, most recently
from
a4bbe6e to
9dfe44c
Compare
BCerki
force-pushed
the
2680-m2m-fields-refactor
branch
from
9dfe44c to
82a20d2
Compare
card: https://github.com/orgs/bcgov/projects/123/views/16?pane=issue&itemId=93581679&issue=bcgov%7Ccas-registration%7C2680
Notes:
operation_baker()(etc) to baker recipes, it's because operation_contact() now creates an operator, and that can make it hard to keep track of counts of things (e.g. the facility tests were failing because if there's an operation_baker and an operation_contact, we end up with two operations, two addresses, etc.)