Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

fix: Prevent arbitrary order update #7056

Merged
merged 3 commits into from
Jun 10, 2020
Merged

fix: Prevent arbitrary order update #7056

merged 3 commits into from
Jun 10, 2020

Conversation

iamareebjamal
Copy link
Member

@iamareebjamal iamareebjamal commented Jun 9, 2020
edited
Loading

Workaround for #7055

houndci-bot
houndci-bot reviewed Jun 9, 2020
View reviewed changes
tests/all/integration/api/helpers/order/test_edit_order.py Outdated
}
}}}
)

Copy link

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

blank line contains whitespace

tests/all/integration/api/helpers/order/test_edit_order.py Outdated
}
]
}
}}}
Copy link

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

continuation line missing indentation or outdented

tests/all/integration/api/helpers/order/test_edit_order.py Outdated
data=json.dumps(
{'data': {'type': 'order', 'id': order_id,
"relationships": {
"attendees": {
Copy link

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

continuation line missing indentation or outdented

tests/all/integration/api/helpers/order/test_edit_order.py Outdated

data=json.dumps(
{'data': {'type': 'order', 'id': order_id,
"relationships": {
Copy link

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

continuation line under-indented for visual indent

tests/all/integration/api/helpers/order/test_edit_order.py Outdated
attendee = AttendeeSubFactory()
db.session.commit()

data=json.dumps(
Copy link

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

missing whitespace around operator

tests/all/integration/api/helpers/order/test_edit_order.py Outdated
db.session.commit()

response = client.post(
'/v1/orders/create-order',
Copy link

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Black would make changes.

tests/all/integration/api/helpers/order/test_edit_order.py Outdated
import json

from app.models.order import Order
from tests.factories.discount_code import DiscountCodeTicketSubFactory
Copy link

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

'tests.factories.discount_code.DiscountCodeTicketSubFactory' imported but unused

houndci-bot
houndci-bot reviewed Jun 10, 2020
View reviewed changes
tests/all/integration/api/helpers/order/test_edit_order.py


def create_order(db, user):
order = OrderSubFactory(amount=234, status='initializing', user=user)
Copy link

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Black would make changes.

tests/all/integration/api/helpers/order/test_edit_order.py Outdated
from tests.factories.event import EventFactoryBasic
from tests.factories.order import OrderSubFactory

from .test_calculate_order_amount import _create_taxed_tickets
Copy link

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

'.test_calculate_order_amount._create_taxed_tickets' imported but unused

@niranjan94
Copy link
Member

Codacy Here is an overview of what got changed by this pull request:

Complexity increasing per file
==============================
- tests/all/integration/api/helpers/order/test_edit_order.py  4

See the complete overview on Codacy

@codecov
Copy link

codecov bot commented Jun 10, 2020
edited
Loading

Codecov Report

Merging #7056 into development will increase coverage by 0.41%.
The diff coverage is 85.71%.

Impacted file tree graph

@@               Coverage Diff               @@
##           development    #7056      +/-   ##
===============================================
+ Coverage        61.17%   61.59%   +0.41%     
===============================================
  Files              260      260              
  Lines            12884    12890       +6     
===============================================
+ Hits              7882     7939      +57     
+ Misses            5002     4951      -51
Impacted Files Coverage Δ
app/models/order.py 90.78% <ø> (+1.31%) ⬆️
app/api/orders.py 39.79% <50.00%> (+6.71%) ⬆️
app/models/__init__.py 100.00% <100.00%> (ø)
app/models/user.py 59.55% <0.00%> (+2.24%) ⬆️
app/api/schema/orders.py 96.87% <0.00%> (+3.12%) ⬆️
app/api/helpers/permission_manager.py 34.73% <0.00%> (+5.96%) ⬆️

Continue to review full report at Codecov.

Legend - Click here to learn more
Δ = absolute <relative> (impact), ø = not affected, ? = missing data
Powered by Codecov. Last update b9dcdba...5a09005. Read the comment docs.

@iamareebjamal iamareebjamal changed the title wip: Prevent arbitrary order update fix: Prevent arbitrary order update Jun 10, 2020
@auto-label auto-label bot added the fix label Jun 10, 2020
@iamareebjamal iamareebjamal merged commit 47a138a into fossasia:development Jun 10, 2020
@iamareebjamal iamareebjamal deleted the order-update branch June 10, 2020 03:36
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@houndci-bot houndci-bot houndci-bot left review comments

Assignees
No one assigned
Labels
fix
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@iamareebjamal @niranjan94 @houndci-bot