From ebaf9a6828679278ff9f63c5747287aaeee21bf4 Mon Sep 17 00:00:00 2001
From: Harsha Rauniyar <56989732+hrauniya@users.noreply.github.com>
Date: Tue, 26 Mar 2024 19:16:18 -0400
Subject: [PATCH] Updating Create Partners endpoint/tests (#356)

* create_partners endpoint, fixing failing tests

* Updating UserRole after MemberRole changes to Admin/Publisher for Create Partner endpoint
---
 backend/routes/partners.py     |  85 ++++++++++++++------
 backend/tests/test_partners.py | 139 +++++++++++++++++++++++++++++++++
 2 files changed, 198 insertions(+), 26 deletions(-)

diff --git a/backend/routes/partners.py b/backend/routes/partners.py
index 787454378..dc82876bd 100644
--- a/backend/routes/partners.py
+++ b/backend/routes/partners.py
@@ -49,35 +49,68 @@ def get_partners(partner_id: int):
 @min_role_required(UserRole.PUBLIC)
 @validate(json=CreatePartnerSchema)
 def create_partner():
-    """Create a contributing partner.
+    """Create a contributing partner."""
 
-    Cannot be called in production environments
-    """
-    if current_app.env == "production":
-        abort(418)
-
-    try:
-        partner = partner_to_orm(request.context.json)
-    except Exception:
-        abort(400)
-
-    created = partner.create()
-    make_admin = PartnerMember(
-        partner_id=created.id,
-        user_id=get_jwt()["sub"],
-        role=MemberRole.ADMIN,
-    )
-    make_admin.create()
+    body = request.context.json
+    if (
+        body.name is not None
+        and body.url is not None
+        and body.contact_email is not None
+        and body.name != ""
+        and body.url != ""
+        and body.contact_email != ""
+    ):
+        try:
+            partner = partner_to_orm(body)
+        except Exception:
+            abort(400)
+        partner_query_email = Partner.query.filter_by(
+            contact_email=body.contact_email).first()
+        partner_query_url = Partner.query.filter_by(url=body.url).first()
+        if partner_query_email:
+            return {
+                    "status": "error",
+                    "message": "Error. Entered email or url details "
+                               + "matches existing record.",
 
-    track_to_mp(
-        request,
-        "create_partner",
-        {
+                }, 400
+        if partner_query_url:
+            return {
+                    "status": "error",
+                    "message": "Error. Entered email or url details "
+                               + "matches existing record.",
+                }, 400
+        """
+        add to database if all fields are present
+        and instance not already in db.
+        """
+        created = partner.create()
+        resp = partner_orm_to_json(created)
+
+        make_admin = PartnerMember(
+            partner_id=created.id,
+            user_id=get_jwt()["sub"],
+            role=MemberRole.ADMIN,
+        )
+        make_admin.create()
+        # update to UserRole contributor status
+        user_id = get_jwt()["sub"]
+        user = User.query.filter_by(
+            id=user_id
+        ).first()
+        user.role = UserRole.CONTRIBUTOR
+
+        track_to_mp(request, "create_partner", {
             "partner_name": partner.name,
-            "partner_contact": partner.contact_email,
-        },
-    )
-    return partner_orm_to_json(created)
+            "partner_contact": partner.contact_email
+        })
+        return resp
+    else:
+        return {
+                "status": "error",
+                "message": "Failed to create partner. " +
+                           "Please include all of the following"
+        }, 400
 
 
 @bp.route("/", methods=["GET"])
diff --git a/backend/tests/test_partners.py b/backend/tests/test_partners.py
index 3687fef2c..e01542a39 100644
--- a/backend/tests/test_partners.py
+++ b/backend/tests/test_partners.py
@@ -185,6 +185,44 @@ def test_create_partner(db_session, example_user, example_partners):
     assert association_obj.is_administrator() is True
 
 
+def test_create_partner_role_change(
+        client,
+        example_user
+
+):
+    access_token = res = client.post(
+        "api/v1/auth/login",
+        json={
+            "email": example_user.email,
+            "password": example_password
+        },
+    ).json["access_token"]
+
+    res = client.post(
+        "/api/v1/partners/create",
+        headers={"Authorization": f"Bearer {access_token}"},
+        json={
+            "name" : "Example Partner 1",
+            "url": "examplep.com",
+            "contact_email": "example_p@gmail.com",
+        }
+    )
+    assert res.status_code == 200
+    partner_member_obj = Partner.query.filter_by(
+        url="examplep.com"
+    ).first()
+
+    assert partner_member_obj.name == "Example Partner 1"
+    assert partner_member_obj.url == "examplep.com"
+    assert partner_member_obj.contact_email == "example_p@gmail.com"
+
+    # Check if UserRole in updated
+    user = User.query.filter_by(
+        email=example_user.email
+    ).first()
+    assert user.role == UserRole.CONTRIBUTOR
+
+
 def test_get_partner(client, db_session, access_token):
     # Create a partner in the database
     partner_name = "Test Partner"
@@ -836,3 +874,104 @@ def test_role_change3(
         partner_id=-1,
     ).first()
     assert role_change_instance is None
+
+
+"""
+Test for creating a new partner
+and adding existing partner already created
+"""
+
+
+def test_create_new_partner(
+        client,
+        partner_admin
+
+):
+    # test for creating new partner
+    access_token = res = client.post(
+        "api/v1/auth/login",
+        json={
+            "email": partner_admin.email,
+            "password": example_password
+        },
+    ).json["access_token"]
+
+    res = client.post(
+        "/api/v1/partners/create",
+        headers={"Authorization": f"Bearer {access_token}"},
+        json={
+            "name": "Citizens Police Data Project",
+            "url": "https://cpdp.co",
+            "contact_email": "tech@invisible.institute",
+        }
+    )
+    assert res.status_code == 200
+    partner_obj = Partner.query.filter_by(
+        url="https://cpdp.co"
+    ).first()
+    assert partner_obj.name == "Citizens Police Data Project"
+    assert partner_obj.url == "https://cpdp.co"
+    assert partner_obj.contact_email == "tech@invisible.institute"
+
+    # test for adding duplicate partner that already exists
+    res = client.post(
+        "/api/v1/partners/create",
+        headers={"Authorization": f"Bearer {access_token}"},
+        json={
+            "name": "Citizens Police Data Project",
+            "url": "https://cpdp.co",
+            "contact_email": "tech@invisible.institute",
+        }
+    )
+    assert res.status_code == 400
+
+
+"""
+Validation tests for creating
+new partners
+"""
+
+
+def test_create_partner_validation(
+        client,
+        partner_admin
+):
+    # adding partner with blank fields
+    access_token = res = client.post(
+        "api/v1/auth/login",
+        json={
+            "email": partner_admin.email,
+            "password": example_password
+        },
+    ).json["access_token"]
+    res = client.post(
+        "/api/v1/partners/create",
+        headers={"Authorization": f"Bearer {access_token}"},
+        json={
+            "name": "",
+            "url": "https://cpdp.co",
+            "contact_email": "tech@invisible.institute",
+        }
+    )
+    assert res.status_code == 400
+    res = client.post(
+        "/api/v1/partners/create",
+        headers={"Authorization": f"Bearer {access_token}"},
+        json={
+            "name": "Citizens Police Data Project",
+            "url": "",
+            "contact_email": "tech@invisible.institute",
+        }
+    )
+    assert res.status_code == 400
+
+    res = client.post(
+        "/api/v1/partners/create",
+        headers={"Authorization": f"Bearer {access_token}"},
+        json={
+            "name": "Citizens Police Data Project",
+            "url": None ,
+            "contact_email": "tech@invisible.institute",
+        }
+    )
+    assert res.status_code == 400