221V
/
Misago


			
							123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285286287288289290291292293294295296297298299300301302303304305306307308309310311312313314315316317318319320321322323324325326327328329330331332333334335336337338339340341342343344345346347348349350351352353354355356357358359360361362363364365366367368369370371372373374375376377378379380381382383384385386387388389390391392393394395396397398399400401402403404405406407408409410411412413414415416417418419420421422423424425426427428429430431432433434435436437438439440441442443444445446447448449450451452453454455456457458459460461462463464465466467468469470471472473474475476477478479480481482483484485486487488489490491492493494495496497498499500501502503504505506507508509510511512513514515516517518519520521522523524525526527528529530531532533534535536537538539540541542543544545546547548549550551552553554555556557558559560561562563564565566567568569570571572573574575576577578579580581582583584585586587588589590591592593594595596597598599600601602603604605606607608609610611612613614615616617618619620621622623624625626627628629630631632633634635636637638639640641642643644645646647648649650651652653654655656657658659660661662663664665666667668669670671672673674675676677678679680681682683684685686687688689690691692693694695696697698699700701702703704705706707708709710711712713714715716717718719720721722723724725726727728729730731732733734735736737738739740741742743744745746747748749750751752753754755756757758759760761762763764765766767768769770771772773774775776777778779780781782783784785786787788789790791792793794795796797798799800801802803804805806807808809810811812813814815816817818819820821822823824825826827828829830831832833834835836837838839840841842843844845846847848849850851852853854855856857858859860861862863864865866867868869870871872873874875876877878879880881882883884885886887888889890891892893894895896897898899900901902903904905906907908909910911912913914915916917918919920921922923924925926927928929930931932933934935936937938939940941942943944945946947948949950951952953954955956957958959960961962963964965966967968969970971972973974975976977978979980981982983984985986987988989990991992993994995996997998999100010011002100310041005100610071008100910101011101210131014101510161017101810191020102110221023102410251026102710281029103010311032103310341035103610371038103910401041104210431044104510461047104810491050105110521053105410551056105710581059106010611062106310641065106610671068106910701071107210731074107510761077107810791080108110821083108410851086108710881089109010911092109310941095109610971098109911001101110211031104110511061107110811091110111111121113111411151116111711181119112011211122112311241125112611271128112911301131113211331134113511361137113811391140114111421143114411451146114711481149115011511152115311541155115611571158115911601161116211631164116511661167116811691170117111721173117411751176117711781179118011811182118311841185118611871188118911901191119211931194119511961197119811991200120112021203120412051206120712081209121012111212121312141215121612171218121912201221122212231224122512261227122812291230123112321233123412351236123712381239124012411242124312441245124612471248124912501251125212531254125512561257125812591260126112621263126412651266126712681269127012711272127312741275127612771278127912801281128212831284128512861287128812891290129112921293129412951296129712981299130013011302130313041305130613071308130913101311131213131314131513161317131813191320132113221323132413251326132713281329133013311332133313341335133613371338133913401341134213431344134513461347134813491350135113521353135413551356135713581359136013611362136313641365136613671368136913701371137213731374137513761377137813791380138113821383138413851386138713881389139013911392139313941395139613971398139914001401140214031404140514061407140814091410141114121413141414151416141714181419142014211422142314241425142614271428142914301431143214331434143514361437143814391440144114421443144414451446144714481449145014511452145314541455145614571458145914601461146214631464146514661467146814691470147114721473147414751476147714781479148014811482148314841485148614871488148914901491149214931494149514961497149814991500150115021503150415051506150715081509151015111512151315141515151615171518151915201521152215231524152515261527152815291530153115321533153415351536153715381539154015411542154315441545154615471548154915501551155215531554155515561557155815591560156115621563156415651566156715681569157015711572157315741575157615771578157915801581158215831584158515861587158815891590159115921593159415951596159715981599160016011602160316041605160616071608160916101611161216131614161516161617161816191620162116221623162416251626162716281629163016311632163316341635163616371638163916401641164216431644164516461647164816491650165116521653165416551656165716581659166016611662166316641665166616671668166916701671167216731674167516761677167816791680168116821683168416851686168716881689169016911692169316941695169616971698169917001701170217031704170517061707170817091710171117121713171417151716171717181719172017211722172317241725172617271728172917301731173217331734173517361737173817391740174117421743174417451746174717481749175017511752175317541755175617571758175917601761176217631764176517661767176817691770177117721773177417751776177717781779178017811782178317841785178617871788178917901791179217931794179517961797179817991800180118021803180418051806180718081809181018111812181318141815181618171818181918201821182218231824182518261827182818291830183118321833183418351836183718381839184018411842184318441845184618471848184918501851185218531854185518561857185818591860186118621863186418651866186718681869187018711872187318741875187618771878187918801881188218831884188518861887188818891890189118921893189418951896189718981899190019011902190319041905190619071908190919101911191219131914191519161917191819191920192119221923192419251926192719281929193019311932193319341935193619371938193919401941194219431944194519461947194819491950195119521953195419551956195719581959196019611962196319641965196619671968196919701971197219731974197519761977197819791980198119821983198419851986198719881989199019911992199319941995199619971998199920002001200220032004200520062007200820092010201120122013201420152016201720182019202020212022202320242025202620272028202920302031203220332034203520362037203820392040204120422043204420452046204720482049205020512052205320542055205620572058205920602061206220632064206520662067206820692070207120722073207420752076207720782079208020812082208320842085208620872088208920902091209220932094209520962097209820992100210121022103210421052106210721082109211021112112211321142115211621172118211921202121212221232124212521262127212821292130213121322133213421352136213721382139214021412142214321442145214621472148214921502151215221532154215521562157215821592160216121622163216421652166216721682169217021712172217321742175217621772178217921802181218221832184218521862187218821892190219121922193219421952196219721982199220022012202220322042205220622072208220922102211221222132214221522162217221822192220222122222223222422252226222722282229223022312232223322342235223622372238223922402241224222432244224522462247224822492250225122522253225422552256225722582259226022612262226322642265226622672268226922702271227222732274227522762277227822792280228122822283228422852286228722882289229022912292229322942295229622972298229923002301230223032304230523062307230823092310231123122313231423152316231723182319232023212322232323242325232623272328232923302331233223332334233523362337233823392340234123422343234423452346234723482349235023512352235323542355235623572358235923602361236223632364236523662367236823692370237123722373237423752376237723782379238023812382238323842385238623872388238923902391239223932394239523962397239823992400240124022403240424052406240724082409241024112412241324142415241624172418241924202421242224232424242524262427242824292430243124322433243424352436
							import json
from datetime import timedelta

from django.utils import six, timezone

from misago.acl.testutils import override_acl
from misago.categories.models import Category
from misago.readtracker import poststracker
from misago.threads import testutils
from misago.threads.models import Thread

from .test_threads_api import ThreadsApiTestCase


class ThreadPatchApiTestCase(ThreadsApiTestCase):
    def patch(self, api_link, ops):
        return self.client.patch(api_link, json.dumps(ops), content_type="application/json")


class ThreadAddAclApiTests(ThreadPatchApiTestCase):
    def test_add_acl_true(self):
        """api adds current thread's acl to response"""
        response = self.patch(self.api_link, [
            {
                'op': 'add',
                'path': 'acl',
                'value': True,
            },
        ])
        self.assertEqual(response.status_code, 200)

        response_json = response.json()
        self.assertTrue(response_json['acl'])

    def test_add_acl_false(self):
        """if value is false, api won't add acl to the response, but will set empty key"""
        response = self.patch(self.api_link, [
            {
                'op': 'add',
                'path': 'acl',
                'value': False,
            },
        ])
        self.assertEqual(response.status_code, 200)

        response_json = response.json()
        self.assertIsNone(response_json['acl'])


class ThreadChangeTitleApiTests(ThreadPatchApiTestCase):
    def test_change_thread_title(self):
        """api makes it possible to change thread title"""
        self.override_acl({'can_edit_threads': 2})

        response = self.patch(
            self.api_link, [
                {
                    'op': 'replace',
                    'path': 'title',
                    'value': "Lorem ipsum change!",
                },
            ]
        )
        self.assertEqual(response.status_code, 200)

        response_json = response.json()
        self.assertEqual(response_json['title'], "Lorem ipsum change!")

        thread_json = self.get_thread_json()
        self.assertEqual(thread_json['title'], "Lorem ipsum change!")

    def test_change_thread_title_no_permission(self):
        """api validates permission to change title"""
        self.override_acl({'can_edit_threads': 0})

        response = self.patch(
            self.api_link, [
                {
                    'op': 'replace',
                    'path': 'title',
                    'value': "Lorem ipsum change!",
                },
            ]
        )
        self.assertEqual(response.status_code, 403)
        self.assertEqual(response.json(), {
            'detail': "You can't edit threads in this category."
        })

    def test_change_thread_title_closed_category_no_permission(self):
        """api test permission to edit thread title in closed category"""
        self.override_acl({
            'can_edit_threads': 2,
            'can_close_threads': 0
        })

        self.category.is_closed = True
        self.category.save()

        response = self.patch(
            self.api_link, [
                {
                    'op': 'replace',
                    'path': 'title',
                    'value': "Lorem ipsum change!",
                },
            ]
        )
        self.assertEqual(response.status_code, 403)
        self.assertEqual(response.json(), {
            'detail': "This category is closed. You can't edit threads in it."
        })


    def test_change_thread_title_closed_thread_no_permission(self):
        """api test permission to edit closed thread title"""
        self.override_acl({
            'can_edit_threads': 2,
            'can_close_threads': 0
        })

        self.thread.is_closed = True
        self.thread.save()

        response = self.patch(
            self.api_link, [
                {
                    'op': 'replace',
                    'path': 'title',
                    'value': "Lorem ipsum change!",
                },
            ]
        )
        self.assertEqual(response.status_code, 403)
        self.assertEqual(response.json(), {
            'detail': "This thread is closed. You can't edit it."
        })

    def test_change_thread_title_after_edit_time(self):
        """api cleans, validates and rejects too short title"""
        self.override_acl({'thread_edit_time': 1, 'can_edit_threads': 1})

        self.thread.started_on = timezone.now() - timedelta(minutes=10)
        self.thread.starter = self.user
        self.thread.save()

        response = self.patch(
            self.api_link, [
                {
                    'op': 'replace',
                    'path': 'title',
                    'value': "Lorem ipsum change!",
                },
            ]
        )
        self.assertEqual(response.status_code, 403)
        self.assertEqual(response.json(), {
            'detail': "You can't edit threads that are older than 1 minute."
        })

    def test_change_thread_title_invalid(self):
        """api cleans, validates and rejects too short title"""
        self.override_acl({'can_edit_threads': 2})

        response = self.patch(
            self.api_link, [
                {
                    'op': 'replace',
                    'path': 'title',
                    'value': 12,
                },
            ]
        )
        self.assertEqual(response.status_code, 400)
        self.assertEqual(response.json(), {
            'detail': ["Thread title should be at least 5 characters long (it has 2)."]
        })


class ThreadPinGloballyApiTests(ThreadPatchApiTestCase):
    def test_pin_thread(self):
        """api makes it possible to pin globally thread"""
        self.override_acl({'can_pin_threads': 2})

        response = self.patch(
            self.api_link, [
                {
                    'op': 'replace',
                    'path': 'weight',
                    'value': 2,
                },
            ]
        )
        self.assertEqual(response.status_code, 200)

        response_json = response.json()
        self.assertEqual(response_json['weight'], 2)

        thread_json = self.get_thread_json()
        self.assertEqual(thread_json['weight'], 2)

    def test_pin_thread_closed_category_no_permission(self):
        """api checks if category is closed"""
        self.override_acl({
            'can_pin_threads': 2,
            'can_close_threads': 0,
        })

        self.category.is_closed = True
        self.category.save()

        response = self.patch(
            self.api_link, [
                {
                    'op': 'replace',
                    'path': 'weight',
                    'value': 2,
                },
            ]
        )
        self.assertEqual(response.status_code, 403)
        self.assertEqual(response.json(), {
            'detail': "This category is closed. You can't change threads weights in it."
        })

    def test_pin_thread_closed_no_permission(self):
        """api checks if thread is closed"""
        self.override_acl({
            'can_pin_threads': 2,
            'can_close_threads': 0,
        })

        self.thread.is_closed = True
        self.thread.save()

        response = self.patch(
            self.api_link, [
                {
                    'op': 'replace',
                    'path': 'weight',
                    'value': 2,
                },
            ]
        )
        self.assertEqual(response.status_code, 403)
        self.assertEqual(response.json(), {
            'detail': "This thread is closed. You can't change its weight."
        })

    def test_unpin_thread(self):
        """api makes it possible to unpin thread"""
        self.thread.weight = 2
        self.thread.save()

        thread_json = self.get_thread_json()
        self.assertEqual(thread_json['weight'], 2)

        self.override_acl({'can_pin_threads': 2})

        response = self.patch(
            self.api_link, [
                {
                    'op': 'replace',
                    'path': 'weight',
                    'value': 0,
                },
            ]
        )
        self.assertEqual(response.status_code, 200)

        response_json = response.json()
        self.assertEqual(response_json['weight'], 0)

        thread_json = self.get_thread_json()
        self.assertEqual(thread_json['weight'], 0)

    def test_pin_thread_no_permission(self):
        """api pin thread globally with no permission fails"""
        self.override_acl({'can_pin_threads': 1})

        response = self.patch(
            self.api_link, [
                {
                    'op': 'replace',
                    'path': 'weight',
                    'value': 2,
                },
            ]
        )
        self.assertEqual(response.status_code, 403)
        self.assertEqual(response.json(), {
            'detail': "You can't pin threads globally in this category."
        })

        thread_json = self.get_thread_json()
        self.assertEqual(thread_json['weight'], 0)

    def test_unpin_thread_no_permission(self):
        """api unpin thread with no permission fails"""
        self.thread.weight = 2
        self.thread.save()

        thread_json = self.get_thread_json()
        self.assertEqual(thread_json['weight'], 2)

        self.override_acl({'can_pin_threads': 1})

        response = self.patch(
            self.api_link, [
                {
                    'op': 'replace',
                    'path': 'weight',
                    'value': 1,
                },
            ]
        )
        self.assertEqual(response.status_code, 403)
        self.assertEqual(response.json(), {
            'detail': "You can't change globally pinned threads weights in this category."
        })

        thread_json = self.get_thread_json()
        self.assertEqual(thread_json['weight'], 2)


class ThreadPinLocallyApiTests(ThreadPatchApiTestCase):
    def test_pin_thread(self):
        """api makes it possible to pin locally thread"""
        self.override_acl({'can_pin_threads': 1})

        response = self.patch(
            self.api_link, [
                {
                    'op': 'replace',
                    'path': 'weight',
                    'value': 1,
                },
            ]
        )
        self.assertEqual(response.status_code, 200)

        response_json = response.json()
        self.assertEqual(response_json['weight'], 1)

        thread_json = self.get_thread_json()
        self.assertEqual(thread_json['weight'], 1)

    def test_unpin_thread(self):
        """api makes it possible to unpin thread"""
        self.thread.weight = 1
        self.thread.save()

        thread_json = self.get_thread_json()
        self.assertEqual(thread_json['weight'], 1)

        self.override_acl({'can_pin_threads': 1})

        response = self.patch(
            self.api_link, [
                {
                    'op': 'replace',
                    'path': 'weight',
                    'value': 0,
                },
            ]
        )
        self.assertEqual(response.status_code, 200)

        response_json = response.json()
        self.assertEqual(response_json['weight'], 0)

        thread_json = self.get_thread_json()
        self.assertEqual(thread_json['weight'], 0)

    def test_pin_thread_no_permission(self):
        """api pin thread locally with no permission fails"""
        self.override_acl({'can_pin_threads': 0})

        response = self.patch(
            self.api_link, [
                {
                    'op': 'replace',
                    'path': 'weight',
                    'value': 1,
                },
            ]
        )
        self.assertEqual(response.status_code, 403)
        self.assertEqual(response.json(), {
            'detail': "You can't change threads weights in this category."
        })

        thread_json = self.get_thread_json()
        self.assertEqual(thread_json['weight'], 0)

    def test_unpin_thread_no_permission(self):
        """api unpin thread with no permission fails"""
        self.thread.weight = 1
        self.thread.save()

        thread_json = self.get_thread_json()
        self.assertEqual(thread_json['weight'], 1)

        self.override_acl({'can_pin_threads': 0})

        response = self.patch(
            self.api_link, [
                {
                    'op': 'replace',
                    'path': 'weight',
                    'value': 0,
                },
            ]
        )
        self.assertEqual(response.status_code, 403)
        self.assertEqual(response.json(), {
            'detail': "You can't change threads weights in this category."
        })

        thread_json = self.get_thread_json()
        self.assertEqual(thread_json['weight'], 1)


class ThreadMoveApiTests(ThreadPatchApiTestCase):
    def setUp(self):
        super(ThreadMoveApiTests, self).setUp()

        Category(
            name='Category B',
            slug='category-b',
        ).insert_at(
            self.category,
            position='last-child',
            save=True,
        )
        self.category_b = Category.objects.get(slug='category-b')

    def override_other_acl(self, acl):
        other_category_acl = self.user.acl_cache['categories'][self.category.pk].copy()
        other_category_acl.update({
            'can_see': 1,
            'can_browse': 1,
            'can_see_all_threads': 1,
            'can_see_own_threads': 0,
            'can_hide_threads': 0,
            'can_approve_content': 0,
        })
        other_category_acl.update(acl)

        categories_acl = self.user.acl_cache['categories']
        categories_acl[self.category_b.pk] = other_category_acl

        visible_categories = [self.category.pk]
        if other_category_acl['can_see']:
            visible_categories.append(self.category_b.pk)

        override_acl(
            self.user, {
                'visible_categories': visible_categories,
                'categories': categories_acl,
            }
        )

    def test_move_thread_no_top(self):
        """api moves thread to other category, sets no top category"""
        self.override_acl({'can_move_threads': True})
        self.override_other_acl({'can_start_threads': 2})

        response = self.patch(
            self.api_link, [
                {
                    'op': 'replace',
                    'path': 'category',
                    'value': self.category_b.pk,
                },
                {
                    'op': 'add',
                    'path': 'top-category',
                    'value': self.category_b.pk,
                },
                {
                    'op': 'replace',
                    'path': 'flatten-categories',
                    'value': None,
                },
            ]
        )
        self.assertEqual(response.status_code, 200)

        response_json = response.json()
        self.assertEqual(response_json['category'], self.category_b.pk)

        self.override_other_acl({})

        thread_json = self.get_thread_json()
        self.assertEqual(thread_json['category']['id'], self.category_b.pk)

    def test_move_thread_with_top(self):
        """api moves thread to other category, sets top"""
        self.override_acl({'can_move_threads': True})
        self.override_other_acl({'can_start_threads': 2})

        response = self.patch(
            self.api_link, [
                {
                    'op': 'replace',
                    'path': 'category',
                    'value': self.category_b.pk,
                },
                {
                    'op': 'add',
                    'path': 'top-category',
                    'value': Category.objects.root_category().pk,
                },
                {
                    'op': 'replace',
                    'path': 'flatten-categories',
                    'value': None,
                },
            ]
        )
        self.assertEqual(response.status_code, 200)

        response_json = response.json()
        self.assertEqual(response_json['category'], self.category_b.pk)

        self.override_other_acl({})

        thread_json = self.get_thread_json()
        self.assertEqual(thread_json['category']['id'], self.category_b.pk)

    def test_move_thread_reads(self):
        """api moves thread reads together with thread"""
        self.override_acl({'can_move_threads': True})
        self.override_other_acl({'can_start_threads': 2})

        poststracker.save_read(self.user, self.thread.first_post)

        self.assertEqual(self.user.postread_set.count(), 1)
        self.user.postread_set.get(category=self.category)

        response = self.patch(
            self.api_link, [
                {
                    'op': 'replace',
                    'path': 'category',
                    'value': self.category_b.pk,
                },
                {
                    'op': 'add',
                    'path': 'top-category',
                    'value': self.category_b.pk,
                },
                {
                    'op': 'replace',
                    'path': 'flatten-categories',
                    'value': None,
                },
            ]
        )
        self.assertEqual(response.status_code, 200)

        # thread read was moved to new category
        postreads = self.user.postread_set.filter(post__is_event=False).order_by('id')

        self.assertEqual(postreads.count(), 1)
        postreads.get(category=self.category_b)

    def test_move_thread_subscriptions(self):
        """api moves thread subscriptions together with thread"""
        self.override_acl({'can_move_threads': True})
        self.override_other_acl({'can_start_threads': 2})

        self.user.subscription_set.create(
            thread=self.thread,
            category=self.thread.category,
            last_read_on=self.thread.last_post_on,
            send_email=False,
        )

        self.assertEqual(self.user.subscription_set.count(), 1)
        self.user.subscription_set.get(category=self.category)

        response = self.patch(
            self.api_link, [
                {
                    'op': 'replace',
                    'path': 'category',
                    'value': self.category_b.pk,
                },
                {
                    'op': 'add',
                    'path': 'top-category',
                    'value': self.category_b.pk,
                },
                {
                    'op': 'replace',
                    'path': 'flatten-categories',
                    'value': None,
                },
            ]
        )
        self.assertEqual(response.status_code, 200)

        # thread read was moved to new category
        self.assertEqual(self.user.subscription_set.count(), 1)
        self.user.subscription_set.get(category=self.category_b)

    def test_move_thread_no_permission(self):
        """api move thread to other category with no permission fails"""
        self.override_acl({'can_move_threads': False})
        self.override_other_acl({})

        response = self.patch(
            self.api_link, [
                {
                    'op': 'replace',
                    'path': 'category',
                    'value': self.category_b.pk,
                },
            ]
        )
        self.assertEqual(response.status_code, 403)
        self.assertEqual(response.json(), {
            'detail': "You can't move threads in this category."
        })
        
        self.override_other_acl({})

        thread_json = self.get_thread_json()
        self.assertEqual(thread_json['category']['id'], self.category.pk)

    def test_move_thread_closed_category_no_permission(self):
        """api move thread from closed category with no permission fails"""
        self.override_acl({
            'can_move_threads': True,
            'can_close_threads': False,
        })
        self.override_other_acl({})

        self.category.is_closed = True
        self.category.save()

        response = self.patch(
            self.api_link, [
                {
                    'op': 'replace',
                    'path': 'category',
                    'value': self.category_b.pk,
                },
            ]
        )
        self.assertEqual(response.status_code, 403)
        self.assertEqual(response.json(), {
            'detail': "This category is closed. You can't move it's threads."
        })

    def test_move_closed_thread_no_permission(self):
        """api move closed thread with no permission fails"""
        self.override_acl({
            'can_move_threads': True,
            'can_close_threads': False,
        })
        self.override_other_acl({})

        self.thread.is_closed = True
        self.thread.save()

        response = self.patch(
            self.api_link, [
                {
                    'op': 'replace',
                    'path': 'category',
                    'value': self.category_b.pk,
                },
            ]
        )
        self.assertEqual(response.status_code, 403)
        self.assertEqual(response.json(), {
            'detail': "This thread is closed. You can't move it."
        })

    def test_move_thread_no_category_access(self):
        """api move thread to category with no access fails"""
        self.override_acl({'can_move_threads': True})
        self.override_other_acl({'can_see': False})

        response = self.patch(
            self.api_link, [
                {
                    'op': 'replace',
                    'path': 'category',
                    'value': self.category_b.pk,
                },
            ]
        )
        self.assertEqual(response.status_code, 404)
        self.assertEqual(response.json(), {'detail': 'NOT FOUND'})

        self.override_other_acl({})

        thread_json = self.get_thread_json()
        self.assertEqual(thread_json['category']['id'], self.category.pk)

    def test_move_thread_no_category_browse(self):
        """api move thread to category with no browsing access fails"""
        self.override_acl({'can_move_threads': True})
        self.override_other_acl({'can_browse': False})

        response = self.patch(
            self.api_link, [
                {
                    'op': 'replace',
                    'path': 'category',
                    'value': self.category_b.pk,
                },
            ]
        )
        self.assertEqual(response.status_code, 403)
        self.assertEqual(response.json(), {
            'detail': 'You don\'t have permission to browse "Category B" contents.'
        })

        self.override_other_acl({})

        thread_json = self.get_thread_json()
        self.assertEqual(thread_json['category']['id'], self.category.pk)

    def test_move_thread_no_category_start_threads(self):
        """api move thread to category with no posting access fails"""
        self.override_acl({'can_move_threads': True})
        self.override_other_acl({'can_start_threads': False})

        response = self.patch(
            self.api_link, [
                {
                    'op': 'replace',
                    'path': 'category',
                    'value': self.category_b.pk,
                },
            ]
        )
        self.assertEqual(response.status_code, 403)
        self.assertEqual(response.json(), {
            'detail': "You don't have permission to start new threads in this category."
        })

        self.override_other_acl({})

        thread_json = self.get_thread_json()
        self.assertEqual(thread_json['category']['id'], self.category.pk)

    def test_move_thread_same_category(self):
        """api move thread to category it's already in fails"""
        self.override_acl({'can_move_threads': True})
        self.override_other_acl({'can_start_threads': 2})

        response = self.patch(
            self.api_link, [
                {
                    'op': 'replace',
                    'path': 'category',
                    'value': self.thread.category_id,
                },
            ]
        )
        self.assertEqual(response.status_code, 400)
        self.assertEqual(response.json(), {
            'detail': ["You can't move thread to the category it's already in."]
        })

        self.override_other_acl({})

        thread_json = self.get_thread_json()
        self.assertEqual(thread_json['category']['id'], self.category.pk)

    def test_thread_flatten_categories(self):
        """api flatten thread categories"""
        response = self.patch(
            self.api_link, [
                {
                    'op': 'replace',
                    'path': 'flatten-categories',
                    'value': None,
                },
            ]
        )
        self.assertEqual(response.status_code, 200)

        response_json = response.json()
        self.assertEqual(response_json['category'], self.category.pk)


class ThreadCloseApiTests(ThreadPatchApiTestCase):
    def test_close_thread(self):
        """api makes it possible to close thread"""
        self.override_acl({'can_close_threads': True})

        response = self.patch(
            self.api_link, [
                {
                    'op': 'replace',
                    'path': 'is-closed',
                    'value': True,
                },
            ]
        )
        self.assertEqual(response.status_code, 200)

        response_json = response.json()
        self.assertTrue(response_json['is_closed'])

        thread_json = self.get_thread_json()
        self.assertTrue(thread_json['is_closed'])

    def test_open_thread(self):
        """api makes it possible to open thread"""
        self.thread.is_closed = True
        self.thread.save()

        thread_json = self.get_thread_json()
        self.assertTrue(thread_json['is_closed'])

        self.override_acl({'can_close_threads': True})

        response = self.patch(
            self.api_link, [
                {
                    'op': 'replace',
                    'path': 'is-closed',
                    'value': False,
                },
            ]
        )
        self.assertEqual(response.status_code, 200)

        response_json = response.json()
        self.assertFalse(response_json['is_closed'])

        thread_json = self.get_thread_json()
        self.assertFalse(thread_json['is_closed'])

    def test_close_thread_no_permission(self):
        """api close thread with no permission fails"""
        self.override_acl({'can_close_threads': False})

        response = self.patch(
            self.api_link, [
                {
                    'op': 'replace',
                    'path': 'is-closed',
                    'value': True,
                },
            ]
        )
        self.assertEqual(response.status_code, 403)
        self.assertEqual(response.json(), {
            'detail': "You don't have permission to close this thread."
        })

        thread_json = self.get_thread_json()
        self.assertFalse(thread_json['is_closed'])

    def test_open_thread_no_permission(self):
        """api open thread with no permission fails"""
        self.thread.is_closed = True
        self.thread.save()

        thread_json = self.get_thread_json()
        self.assertTrue(thread_json['is_closed'])

        self.override_acl({'can_close_threads': False})

        response = self.patch(
            self.api_link, [
                {
                    'op': 'replace',
                    'path': 'is-closed',
                    'value': False,
                },
            ]
        )
        self.assertEqual(response.status_code, 403)
        self.assertEqual(response.json(), {
            'detail': "You don't have permission to open this thread."
        })

        thread_json = self.get_thread_json()
        self.assertTrue(thread_json['is_closed'])


class ThreadApproveApiTests(ThreadPatchApiTestCase):
    def test_approve_thread(self):
        """api makes it possible to approve thread"""
        self.thread.first_post.is_unapproved = True
        self.thread.first_post.save()

        self.thread.synchronize()
        self.thread.save()

        self.assertTrue(self.thread.is_unapproved)
        self.assertTrue(self.thread.has_unapproved_posts)

        self.override_acl({'can_approve_content': 1})

        response = self.patch(
            self.api_link, [
                {
                    'op': 'replace',
                    'path': 'is-unapproved',
                    'value': False,
                },
            ]
        )
        self.assertEqual(response.status_code, 200)

        response_json = response.json()
        self.assertFalse(response_json['is_unapproved'])
        self.assertFalse(response_json['has_unapproved_posts'])

        thread_json = self.get_thread_json()
        self.assertFalse(thread_json['is_unapproved'])
        self.assertFalse(thread_json['has_unapproved_posts'])

        thread = Thread.objects.get(pk=self.thread.pk)
        self.assertFalse(thread.is_unapproved)
        self.assertFalse(thread.has_unapproved_posts)

    def test_approve_thread_category_closed_no_permission(self):
        """api checks permission for approving threads in closed categories"""
        self.thread.first_post.is_unapproved = True
        self.thread.first_post.save()

        self.thread.synchronize()
        self.thread.save()

        self.assertTrue(self.thread.is_unapproved)
        self.assertTrue(self.thread.has_unapproved_posts)

        self.category.is_closed = True
        self.category.save()

        self.override_acl({
            'can_approve_content': 1,
            'can_close_threads': 0,
        })

        response = self.patch(
            self.api_link, [
                {
                    'op': 'replace',
                    'path': 'is-unapproved',
                    'value': False,
                },
            ]
        )
        self.assertEqual(response.status_code, 403)
        self.assertEqual(response.json(), {
            'detail': "This category is closed. You can't approve threads in it."
        })

    def test_approve_thread_closed_no_permission(self):
        """api checks permission for approving posts in closed categories"""
        self.thread.first_post.is_unapproved = True
        self.thread.first_post.save()

        self.thread.synchronize()
        self.thread.save()

        self.assertTrue(self.thread.is_unapproved)
        self.assertTrue(self.thread.has_unapproved_posts)

        self.thread.is_closed = True
        self.thread.save()

        self.override_acl({
            'can_approve_content': 1,
            'can_close_threads': 0,
        })

        response = self.patch(
            self.api_link, [
                {
                    'op': 'replace',
                    'path': 'is-unapproved',
                    'value': False,
                },
            ]
        )
        self.assertEqual(response.status_code, 403)
        self.assertEqual(response.json(), {
            'detail': "This thread is closed. You can't approve it."
        })

    def test_unapprove_thread(self):
        """api returns permission error on approval removal"""
        self.override_acl({'can_approve_content': 1})

        response = self.patch(
            self.api_link, [
                {
                    'op': 'replace',
                    'path': 'is-unapproved',
                    'value': True,
                },
            ]
        )
        self.assertEqual(response.status_code, 403)
        self.assertEqual(response.json(), {
            'detail': "Content approval can't be reversed."
        })


class ThreadHideApiTests(ThreadPatchApiTestCase):
    def test_hide_thread(self):
        """api makes it possible to hide thread"""
        self.override_acl({'can_hide_threads': 1})

        response = self.patch(
            self.api_link, [
                {
                    'op': 'replace',
                    'path': 'is-hidden',
                    'value': True,
                },
            ]
        )
        self.assertEqual(response.status_code, 200)

        response_json = response.json()
        self.assertTrue(response_json['is_hidden'])

        self.override_acl({'can_hide_threads': 1})

        thread_json = self.get_thread_json()
        self.assertTrue(thread_json['is_hidden'])

    def test_hide_thread_no_permission(self):
        """api hide thread with no permission fails"""
        self.override_acl({'can_hide_threads': 0})

        response = self.patch(
            self.api_link, [
                {
                    'op': 'replace',
                    'path': 'is-hidden',
                    'value': True,
                },
            ]
        )
        self.assertEqual(response.status_code, 403)
        self.assertEqual(response.json(), {
            'detail': "You can't hide threads in this category."
        })

        thread_json = self.get_thread_json()
        self.assertFalse(thread_json['is_hidden'])

    def test_hide_non_owned_thread(self):
        """api forbids non-moderator from hiding other users threads"""
        self.override_acl({
            'can_hide_own_threads': 1,
            'can_hide_threads': 0
        })

        response = self.patch(
            self.api_link, [
                {
                    'op': 'replace',
                    'path': 'is-hidden',
                    'value': True,
                },
            ]
        )
        self.assertEqual(response.status_code, 403)
        self.assertEqual(response.json(), {
            'detail': "You can't hide other users theads in this category."
        })

    def test_hide_owned_thread_no_time(self):
        """api forbids non-moderator from hiding other users threads"""
        self.override_acl({
            'can_hide_own_threads': 1,
            'can_hide_threads': 0,
            'thread_edit_time': 1,
        })

        self.thread.started_on = timezone.now() - timedelta(minutes=5)
        self.thread.starter = self.user
        self.thread.save()

        response = self.patch(
            self.api_link, [
                {
                    'op': 'replace',
                    'path': 'is-hidden',
                    'value': True,
                },
            ]
        )
        self.assertEqual(response.status_code, 403)
        self.assertEqual(response.json(), {
            'detail': "You can't hide threads that are older than 1 minute."
        })

    def test_hide_closed_category_no_permission(self):
        """api test permission to hide thread in closed category"""
        self.override_acl({
            'can_hide_threads': 1,
            'can_close_threads': 0
        })

        self.category.is_closed = True
        self.category.save()

        response = self.patch(
            self.api_link, [
                {
                    'op': 'replace',
                    'path': 'is-hidden',
                    'value': True,
                },
            ]
        )
        self.assertEqual(response.status_code, 403)
        self.assertEqual(response.json(), {
            'detail': "This category is closed. You can't hide threads in it."
        })

    def test_hide_closed_thread_no_permission(self):
        """api test permission to hide closed thread"""
        self.override_acl({
            'can_hide_threads': 1,
            'can_close_threads': 0
        })

        self.thread.is_closed = True
        self.thread.save()

        response = self.patch(
            self.api_link, [
                {
                    'op': 'replace',
                    'path': 'is-hidden',
                    'value': True,
                },
            ]
        )
        self.assertEqual(response.status_code, 403)
        self.assertEqual(response.json(), {
            'detail': "This thread is closed. You can't hide it."
        })


class ThreadUnhideApiTests(ThreadPatchApiTestCase):
    def setUp(self):
        super(ThreadUnhideApiTests, self).setUp()

        self.thread.is_hidden = True
        self.thread.save()

    def test_unhide_thread(self):
        """api makes it possible to unhide thread"""
        self.override_acl({'can_hide_threads': 1})

        response = self.patch(
            self.api_link, [
                {
                    'op': 'replace',
                    'path': 'is-hidden',
                    'value': False,
                },
            ]
        )
        self.assertEqual(response.status_code, 200)

        response_json = response.json()
        self.assertFalse(response_json['is_hidden'])

        self.override_acl({'can_hide_threads': 1})

        thread_json = self.get_thread_json()
        self.assertFalse(thread_json['is_hidden'])

    def test_unhide_thread_no_permission(self):
        """api unhide thread with no permission fails as thread is invisible"""
        self.override_acl({'can_hide_threads': 0})

        response = self.patch(
            self.api_link, [
                {
                    'op': 'replace',
                    'path': 'is-hidden',
                    'value': True,
                },
            ]
        )
        self.assertEqual(response.status_code, 404)

    def test_unhide_closed_category_no_permission(self):
        """api test permission to unhide thread in closed category"""
        self.override_acl({
            'can_hide_threads': 1,
            'can_close_threads': 0
        })

        self.category.is_closed = True
        self.category.save()

        response = self.patch(
            self.api_link, [
                {
                    'op': 'replace',
                    'path': 'is-hidden',
                    'value': False,
                },
            ]
        )
        self.assertEqual(response.status_code, 403)
        self.assertEqual(response.json(), {
            'detail': "This category is closed. You can't reveal threads in it."
        })

    def test_unhide_closed_thread_no_permission(self):
        """api test permission to unhide closed thread"""
        self.override_acl({
            'can_hide_threads': 1,
            'can_close_threads': 0
        })

        self.thread.is_closed = True
        self.thread.save()

        response = self.patch(
            self.api_link, [
                {
                    'op': 'replace',
                    'path': 'is-hidden',
                    'value': False,
                },
            ]
        )
        self.assertEqual(response.status_code, 403)
        self.assertEqual(response.json(), {
            'detail': "This thread is closed. You can't reveal it."
        })


class ThreadSubscribeApiTests(ThreadPatchApiTestCase):
    def test_subscribe_thread(self):
        """api makes it possible to subscribe thread"""
        response = self.patch(
            self.api_link, [
                {
                    'op': 'replace',
                    'path': 'subscription',
                    'value': 'notify',
                },
            ]
        )

        self.assertEqual(response.status_code, 200)

        response_json = response.json()
        self.assertFalse(response_json['subscription'])

        thread_json = self.get_thread_json()
        self.assertFalse(thread_json['subscription'])

        subscription = self.user.subscription_set.get(thread=self.thread)
        self.assertFalse(subscription.send_email)

    def test_subscribe_thread_with_email(self):
        """api makes it possible to subscribe thread with emails"""
        response = self.patch(
            self.api_link, [
                {
                    'op': 'replace',
                    'path': 'subscription',
                    'value': 'email',
                },
            ]
        )

        self.assertEqual(response.status_code, 200)

        response_json = response.json()
        self.assertTrue(response_json['subscription'])

        thread_json = self.get_thread_json()
        self.assertTrue(thread_json['subscription'])

        subscription = self.user.subscription_set.get(thread=self.thread)
        self.assertTrue(subscription.send_email)

    def test_unsubscribe_thread(self):
        """api makes it possible to unsubscribe thread"""
        response = self.patch(
            self.api_link, [
                {
                    'op': 'replace',
                    'path': 'subscription',
                    'value': 'remove',
                },
            ]
        )

        self.assertEqual(response.status_code, 200)

        response_json = response.json()
        self.assertIsNone(response_json['subscription'])

        thread_json = self.get_thread_json()
        self.assertIsNone(thread_json['subscription'])

        self.assertEqual(self.user.subscription_set.count(), 0)

    def test_subscribe_as_guest(self):
        """api makes it impossible to subscribe thread"""
        self.logout_user()

        response = self.patch(
            self.api_link, [
                {
                    'op': 'replace',
                    'path': 'subscription',
                    'value': 'email',
                },
            ]
        )

        self.assertEqual(response.status_code, 403)

    def test_subscribe_nonexistant_thread(self):
        """api makes it impossible to subscribe nonexistant thread"""
        bad_api_link = self.api_link.replace(
            six.text_type(self.thread.pk), six.text_type(self.thread.pk + 9)
        )

        response = self.patch(
            bad_api_link, [
                {
                    'op': 'replace',
                    'path': 'subscription',
                    'value': 'email',
                },
            ]
        )

        self.assertEqual(response.status_code, 404)


class ThreadMarkBestAnswerApiTests(ThreadPatchApiTestCase):
    def test_mark_best_answer(self):
        """api makes it possible to mark best answer"""
        self.override_acl({'can_mark_best_answers': 2})

        best_answer = testutils.reply_thread(self.thread)

        response = self.patch(
            self.api_link, [
                {
                    'op': 'replace',
                    'path': 'best-answer',
                    'value': best_answer.id,
                },
            ]
        )
        self.assertEqual(response.status_code, 200)
        self.assertEqual(response.json(), {
            'id': self.thread.id,
            'best_answer': best_answer.id,
            'best_answer_is_protected': False,
            'best_answer_marked_on': response.json()['best_answer_marked_on'],
            'best_answer_marked_by': self.user.id,
            'best_answer_marked_by_name': self.user.username,
            'best_answer_marked_by_slug': self.user.slug,
        })

        thread_json = self.get_thread_json()
        self.assertEqual(thread_json['best_answer'], best_answer.id)
        self.assertEqual(thread_json['best_answer_is_protected'], False)
        self.assertEqual(
            thread_json['best_answer_marked_on'], response.json()['best_answer_marked_on'])
        self.assertEqual(thread_json['best_answer_marked_by'], self.user.id)
        self.assertEqual(thread_json['best_answer_marked_by_name'], self.user.username)
        self.assertEqual(thread_json['best_answer_marked_by_slug'], self.user.slug)

    def test_mark_best_answer_anonymous(self):
        """api validates that user is authenticated before marking best answer"""
        self.logout_user()

        self.override_acl({'can_mark_best_answers': 2})

        best_answer = testutils.reply_thread(self.thread)

        response = self.patch(
            self.api_link, [
                {
                    'op': 'replace',
                    'path': 'best-answer',
                    'value': best_answer.id,
                },
            ]
        )
        self.assertEqual(response.status_code, 403)
        self.assertEqual(response.json(), {
            'detail': "This action is not available to guests.",
        })

        thread_json = self.get_thread_json()
        self.assertIsNone(thread_json['best_answer'])

    def test_mark_best_answer_no_permission(self):
        """api validates permission to mark best answers"""
        self.override_acl({'can_mark_best_answers': 0})

        best_answer = testutils.reply_thread(self.thread)

        response = self.patch(
            self.api_link, [
                {
                    'op': 'replace',
                    'path': 'best-answer',
                    'value': best_answer.id,
                },
            ]
        )
        self.assertEqual(response.status_code, 403)
        self.assertEqual(response.json(), {
            'detail': (
                'You don\'t have permission to mark best answers in the "First category" category.'
            ),
        })

        thread_json = self.get_thread_json()
        self.assertIsNone(thread_json['best_answer'])

    def test_mark_best_answer_not_thread_starter(self):
        """api validates permission to mark best answers in owned thread"""
        self.override_acl({'can_mark_best_answers': 1})

        best_answer = testutils.reply_thread(self.thread)

        response = self.patch(
            self.api_link, [
                {
                    'op': 'replace',
                    'path': 'best-answer',
                    'value': best_answer.id,
                },
            ]
        )
        self.assertEqual(response.status_code, 403)
        self.assertEqual(response.json(), {
            'detail': (
                "You don't have permission to mark best answer in this thread because you didn't "
                "start it."
            ),
        })

        thread_json = self.get_thread_json()
        self.assertIsNone(thread_json['best_answer'])

        # passing scenario is possible
        self.thread.starter = self.user
        self.thread.save()

        self.override_acl({'can_mark_best_answers': 1})

        response = self.patch(
            self.api_link, [
                {
                    'op': 'replace',
                    'path': 'best-answer',
                    'value': best_answer.id,
                },
            ]
        )
        self.assertEqual(response.status_code, 200)

    def test_mark_best_answer_category_closed(self):
        """api validates permission to mark best answers in closed category"""
        self.override_acl({'can_mark_best_answers': 2, 'can_close_threads': 0})

        best_answer = testutils.reply_thread(self.thread)

        self.category.is_closed = True
        self.category.save()

        response = self.patch(
            self.api_link, [
                {
                    'op': 'replace',
                    'path': 'best-answer',
                    'value': best_answer.id,
                },
            ]
        )
        self.assertEqual(response.status_code, 403)
        self.assertEqual(response.json(), {
            'detail': (
                'You don\'t have permission to mark best answer in this thread because its '
                'category "First category" is closed.'
            ),
        })

        thread_json = self.get_thread_json()
        self.assertIsNone(thread_json['best_answer'])

        # passing scenario is possible
        self.override_acl({'can_mark_best_answers': 2, 'can_close_threads': 1})

        response = self.patch(
            self.api_link, [
                {
                    'op': 'replace',
                    'path': 'best-answer',
                    'value': best_answer.id,
                },
            ]
        )
        self.assertEqual(response.status_code, 200)

    def test_mark_best_answer_thread_closed(self):
        """api validates permission to mark best answers in closed thread"""
        self.override_acl({'can_mark_best_answers': 2, 'can_close_threads': 0})

        best_answer = testutils.reply_thread(self.thread)

        self.thread.is_closed = True
        self.thread.save()

        response = self.patch(
            self.api_link, [
                {
                    'op': 'replace',
                    'path': 'best-answer',
                    'value': best_answer.id,
                },
            ]
        )
        self.assertEqual(response.status_code, 403)
        self.assertEqual(response.json(), {
            'detail': (
                "You can't mark best answer in this thread because it's closed and you don't have "
                "permission to open it."
            ),
        })

        thread_json = self.get_thread_json()
        self.assertIsNone(thread_json['best_answer'])

        # passing scenario is possible
        self.override_acl({'can_mark_best_answers': 2, 'can_close_threads': 1})

        response = self.patch(
            self.api_link, [
                {
                    'op': 'replace',
                    'path': 'best-answer',
                    'value': best_answer.id,
                },
            ]
        )
        self.assertEqual(response.status_code, 200)

    def test_mark_best_answer_invalid_post_id(self):
        """api validates that post id is int"""
        self.override_acl({'can_mark_best_answers': 2})

        response = self.patch(
            self.api_link, [
                {
                    'op': 'replace',
                    'path': 'best-answer',
                    'value': 'd7sd89a7d98sa',
                },
            ]
        )
        self.assertEqual(response.status_code, 400)
        self.assertEqual(response.json(), {
            'detail': ["A valid integer is required."],
        })

        thread_json = self.get_thread_json()
        self.assertIsNone(thread_json['best_answer'])

    def test_mark_best_answer_post_not_found(self):
        """api validates that post exists"""
        self.override_acl({'can_mark_best_answers': 2})

        response = self.patch(
            self.api_link, [
                {
                    'op': 'replace',
                    'path': 'best-answer',
                    'value': self.thread.last_post_id + 1,
                },
            ]
        )
        self.assertEqual(response.status_code, 404)
        self.assertEqual(response.json(), {'detail': 'NOT FOUND'})

        thread_json = self.get_thread_json()
        self.assertIsNone(thread_json['best_answer'])
        
    def test_mark_best_answer_post_invisible(self):
        """api validates post visibility to action author"""
        self.override_acl({'can_mark_best_answers': 2})

        unapproved_post = testutils.reply_thread(self.thread, is_unapproved=True)

        response = self.patch(
            self.api_link, [
                {
                    'op': 'replace',
                    'path': 'best-answer',
                    'value': unapproved_post.id,
                },
            ]
        )
        self.assertEqual(response.status_code, 404)
        self.assertEqual(response.json(), {'detail': 'NOT FOUND'})

        thread_json = self.get_thread_json()
        self.assertIsNone(thread_json['best_answer'])

    def test_mark_best_answer_post_other_thread(self):
        """api validates post belongs to same thread"""
        self.override_acl({'can_mark_best_answers': 2})

        other_thread = testutils.post_thread(self.category)

        response = self.patch(
            self.api_link, [
                {
                    'op': 'replace',
                    'path': 'best-answer',
                    'value': other_thread.first_post_id,
                },
            ]
        )
        self.assertEqual(response.status_code, 404)
        self.assertEqual(response.json(), {'detail': 'NOT FOUND'})

        thread_json = self.get_thread_json()
        self.assertIsNone(thread_json['best_answer'])

    def test_mark_best_answer_event_id(self):
        """api validates that post is not an event"""
        self.override_acl({'can_mark_best_answers': 2})

        best_answer = testutils.reply_thread(self.thread)
        best_answer.is_event = True
        best_answer.save()
        
        response = self.patch(
            self.api_link, [
                {
                    'op': 'replace',
                    'path': 'best-answer',
                    'value': best_answer.id,
                },
            ]
        )
        self.assertEqual(response.status_code, 403)
        self.assertEqual(response.json(), {
            'detail': "Events can't be marked as best answers.",
        })

        thread_json = self.get_thread_json()
        self.assertIsNone(thread_json['best_answer'])

    def test_mark_best_answer_first_post(self):
        """api validates that post is not a first post in thread"""
        self.override_acl({'can_mark_best_answers': 2})
        
        response = self.patch(
            self.api_link, [
                {
                    'op': 'replace',
                    'path': 'best-answer',
                    'value': self.thread.first_post_id,
                },
            ]
        )
        self.assertEqual(response.status_code, 403)
        self.assertEqual(response.json(), {
            'detail': "First post in a thread can't be marked as best answer.",
        })

        thread_json = self.get_thread_json()
        self.assertIsNone(thread_json['best_answer'])

    def test_mark_best_answer_hidden_post(self):
        """api validates that post is not hidden"""
        self.override_acl({'can_mark_best_answers': 2})
        
        best_answer = testutils.reply_thread(self.thread, is_hidden=True)

        response = self.patch(
            self.api_link, [
                {
                    'op': 'replace',
                    'path': 'best-answer',
                    'value': best_answer.id,
                },
            ]
        )
        self.assertEqual(response.status_code, 403)
        self.assertEqual(response.json(), {
            'detail': "Hidden posts can't be marked as best answers.",
        })

        thread_json = self.get_thread_json()
        self.assertIsNone(thread_json['best_answer'])

    def test_mark_best_answer_unapproved_post(self):
        """api validates that post is not unapproved"""
        self.override_acl({'can_mark_best_answers': 2})
        
        best_answer = testutils.reply_thread(self.thread, poster=self.user, is_unapproved=True)

        response = self.patch(
            self.api_link, [
                {
                    'op': 'replace',
                    'path': 'best-answer',
                    'value': best_answer.id,
                },
            ]
        )
        self.assertEqual(response.status_code, 403)
        self.assertEqual(response.json(), {
            'detail': "Unapproved posts can't be marked as best answers.",
        })

        thread_json = self.get_thread_json()
        self.assertIsNone(thread_json['best_answer'])

    def test_mark_best_answer_protected_post(self):
        """api respects post protection"""
        self.override_acl({'can_mark_best_answers': 2, 'can_protect_posts': 0})
        
        best_answer = testutils.reply_thread(self.thread, is_protected=True)

        response = self.patch(
            self.api_link, [
                {
                    'op': 'replace',
                    'path': 'best-answer',
                    'value': best_answer.id,
                },
            ]
        )
        self.assertEqual(response.status_code, 403)
        self.assertEqual(response.json(), {
            'detail': (
                "You don't have permission to mark this post as best answer because a moderator "
                "has protected it."
            ),
        })

        thread_json = self.get_thread_json()
        self.assertIsNone(thread_json['best_answer'])

        # passing scenario is possible
        self.override_acl({'can_mark_best_answers': 2, 'can_protect_posts': 1})

        response = self.patch(
            self.api_link, [
                {
                    'op': 'replace',
                    'path': 'best-answer',
                    'value': best_answer.id,
                },
            ]
        )
        self.assertEqual(response.status_code, 200)


class ThreadChangeBestAnswerApiTests(ThreadPatchApiTestCase):
    def setUp(self):
        super(ThreadChangeBestAnswerApiTests, self).setUp()

        self.best_answer = testutils.reply_thread(self.thread)
        self.thread.set_best_answer(self.user, self.best_answer)
        self.thread.save()

    def test_change_best_answer(self):
        """api makes it possible to change best answer"""
        self.override_acl({'can_mark_best_answers': 2, 'can_change_marked_answers': 2})

        best_answer = testutils.reply_thread(self.thread)

        response = self.patch(
            self.api_link, [
                {
                    'op': 'replace',
                    'path': 'best-answer',
                    'value': best_answer.id,
                },
            ]
        )
        self.assertEqual(response.status_code, 200)
        self.assertEqual(response.json(), {
            'id': self.thread.id,
            'best_answer': best_answer.id,
            'best_answer_is_protected': False,
            'best_answer_marked_on': response.json()['best_answer_marked_on'],
            'best_answer_marked_by': self.user.id,
            'best_answer_marked_by_name': self.user.username,
            'best_answer_marked_by_slug': self.user.slug,
        })

        thread_json = self.get_thread_json()
        self.assertEqual(thread_json['best_answer'], best_answer.id)
        self.assertEqual(thread_json['best_answer_is_protected'], False)
        self.assertEqual(
            thread_json['best_answer_marked_on'], response.json()['best_answer_marked_on'])
        self.assertEqual(thread_json['best_answer_marked_by'], self.user.id)
        self.assertEqual(thread_json['best_answer_marked_by_name'], self.user.username)
        self.assertEqual(thread_json['best_answer_marked_by_slug'], self.user.slug)

    def test_change_best_answer_same_post(self):
        """api validates if new best answer is same as current one"""
        self.override_acl({'can_mark_best_answers': 2, 'can_change_marked_answers': 2})

        response = self.patch(
            self.api_link, [
                {
                    'op': 'replace',
                    'path': 'best-answer',
                    'value': self.best_answer.id,
                },
            ]
        )
        self.assertEqual(response.status_code, 403)
        self.assertEqual(response.json(), {
            'detail': "This post is already marked as thread's best answer.",
        })

        thread_json = self.get_thread_json()
        self.assertEqual(thread_json['best_answer'], self.best_answer.id)

    def test_change_best_answer_no_permission_to_mark(self):
        """api validates permission to mark best answers before allowing answer change"""
        self.override_acl({'can_mark_best_answers': 0, 'can_change_marked_answers': 2})

        best_answer = testutils.reply_thread(self.thread)

        response = self.patch(
            self.api_link, [
                {
                    'op': 'replace',
                    'path': 'best-answer',
                    'value': best_answer.id,
                },
            ]
        )
        self.assertEqual(response.status_code, 403)
        self.assertEqual(response.json(), {
            'detail': (
                'You don\'t have permission to mark best answers in the "First category" category.'
            ),
        })

        thread_json = self.get_thread_json()
        self.assertEqual(thread_json['best_answer'], self.best_answer.id)

    def test_change_best_answer_no_permission(self):
        """api validates permission to change best answers"""
        self.override_acl({'can_mark_best_answers': 2, 'can_change_marked_answers': 0})

        best_answer = testutils.reply_thread(self.thread)

        response = self.patch(
            self.api_link, [
                {
                    'op': 'replace',
                    'path': 'best-answer',
                    'value': best_answer.id,
                },
            ]
        )
        self.assertEqual(response.status_code, 403)
        self.assertEqual(response.json(), {
            'detail': (
                'You don\'t have permission to change this thread\'s marked answer because it\'s '
                'in the "First category" category.'
            ),
        })

        thread_json = self.get_thread_json()
        self.assertEqual(thread_json['best_answer'], self.best_answer.id)

    def test_change_best_answer_not_starter(self):
        """api validates permission to change best answers"""
        self.override_acl({'can_mark_best_answers': 2, 'can_change_marked_answers': 1})

        best_answer = testutils.reply_thread(self.thread)

        response = self.patch(
            self.api_link, [
                {
                    'op': 'replace',
                    'path': 'best-answer',
                    'value': best_answer.id,
                },
            ]
        )
        self.assertEqual(response.status_code, 403)
        self.assertEqual(response.json(), {
            'detail': (
                "You don't have permission to change this thread's marked answer because you are "
                "not a thread starter."
            ),
        })

        thread_json = self.get_thread_json()
        self.assertEqual(thread_json['best_answer'], self.best_answer.id)

        # passing scenario is possible
        self.override_acl({'can_mark_best_answers': 2, 'can_change_marked_answers': 1})
        
        self.thread.starter = self.user
        self.thread.save()

        response = self.patch(
            self.api_link, [
                {
                    'op': 'replace',
                    'path': 'best-answer',
                    'value': best_answer.id,
                },
            ]
        )
        self.assertEqual(response.status_code, 200)

    def test_change_best_answer_timelimit(self):
        """api validates permission for starter to change best answers within timelimit"""
        self.override_acl({
            'can_mark_best_answers': 2,
            'can_change_marked_answers': 1,
            'best_answer_change_time': 5,
        })

        best_answer = testutils.reply_thread(self.thread)

        self.thread.best_answer_marked_on = timezone.now() - timedelta(minutes=6)
        self.thread.starter = self.user
        self.thread.save()

        response = self.patch(
            self.api_link, [
                {
                    'op': 'replace',
                    'path': 'best-answer',
                    'value': best_answer.id,
                },
            ]
        )
        self.assertEqual(response.status_code, 403)
        self.assertEqual(response.json(), {
            'detail': (
                "You don't have permission to change best answer that was marked for more than "
                "5 minutes."
            ),
        })

        thread_json = self.get_thread_json()
        self.assertEqual(thread_json['best_answer'], self.best_answer.id)

        # passing scenario is possible
        self.override_acl({
            'can_mark_best_answers': 2,
            'can_change_marked_answers': 1,
            'best_answer_change_time': 10,
        })
        
        response = self.patch(
            self.api_link, [
                {
                    'op': 'replace',
                    'path': 'best-answer',
                    'value': best_answer.id,
                },
            ]
        )
        self.assertEqual(response.status_code, 200)

    def test_change_best_answer_protected(self):
        """api validates permission to change protected best answers"""
        self.override_acl({
            'can_mark_best_answers': 2,
            'can_change_marked_answers': 2,
            'can_protect_posts': 0,
        })

        best_answer = testutils.reply_thread(self.thread)

        self.thread.best_answer_is_protected = True
        self.thread.save()

        response = self.patch(
            self.api_link, [
                {
                    'op': 'replace',
                    'path': 'best-answer',
                    'value': best_answer.id,
                },
            ]
        )
        self.assertEqual(response.status_code, 403)
        self.assertEqual(response.json(), {
            'detail': (
                "You don't have permission to change this thread's best answer because a "
                "moderator has protected it."
            ),
        })

        thread_json = self.get_thread_json()
        self.assertEqual(thread_json['best_answer'], self.best_answer.id)

        # passing scenario is possible
        self.override_acl({
            'can_mark_best_answers': 2,
            'can_change_marked_answers': 2,
            'can_protect_posts': 1,
        })
        
        response = self.patch(
            self.api_link, [
                {
                    'op': 'replace',
                    'path': 'best-answer',
                    'value': best_answer.id,
                },
            ]
        )
        self.assertEqual(response.status_code, 200)

    def test_change_best_answer_post_validation(self):
        """api validates new post'"""
        self.override_acl({
            'can_mark_best_answers': 2,
            'can_change_marked_answers': 2,
        })

        best_answer = testutils.reply_thread(self.thread, is_hidden=True)

        response = self.patch(
            self.api_link, [
                {
                    'op': 'replace',
                    'path': 'best-answer',
                    'value': best_answer.id,
                },
            ]
        )
        self.assertEqual(response.status_code, 403)
        self.assertEqual(response.json(), {
            'detail': "Hidden posts can't be marked as best answers.",
        })
        
        thread_json = self.get_thread_json()
        self.assertEqual(thread_json['best_answer'], self.best_answer.id)


class ThreadUnmarkBestAnswerApiTests(ThreadPatchApiTestCase):
    def setUp(self):
        super(ThreadUnmarkBestAnswerApiTests, self).setUp()

        self.best_answer = testutils.reply_thread(self.thread)
        self.thread.set_best_answer(self.user, self.best_answer)
        self.thread.save()

    def test_unmark_best_answer(self):
        """api makes it possible to unmark best answer"""
        self.override_acl({'can_mark_best_answers': 0, 'can_change_marked_answers': 2})

        response = self.patch(
            self.api_link, [
                {
                    'op': 'remove',
                    'path': 'best-answer',
                    'value': self.best_answer.id,
                },
            ]
        )
        self.assertEqual(response.status_code, 200)
        self.assertEqual(response.json(), {
            'id': self.thread.id,
            'best_answer': None,
            'best_answer_is_protected': False,
            'best_answer_marked_on': None,
            'best_answer_marked_by': None,
            'best_answer_marked_by_name': None,
            'best_answer_marked_by_slug': None,
        })

        thread_json = self.get_thread_json()
        self.assertIsNone(thread_json['best_answer'])
        self.assertFalse(thread_json['best_answer_is_protected'])
        self.assertIsNone(thread_json['best_answer_marked_on'])
        self.assertIsNone(thread_json['best_answer_marked_by'])
        self.assertIsNone(thread_json['best_answer_marked_by_name'])
        self.assertIsNone(thread_json['best_answer_marked_by_slug'])

    def test_unmark_best_answer_invalid_post_id(self):
        """api validates that post id is int"""
        self.override_acl({'can_mark_best_answers': 0, 'can_change_marked_answers': 2})

        response = self.patch(
            self.api_link, [
                {
                    'op': 'remove',
                    'path': 'best-answer',
                    'value': 'd7sd89a7d98sa',
                },
            ]
        )
        self.assertEqual(response.status_code, 400)
        self.assertEqual(response.json(), {
            'detail': ["A valid integer is required."],
        })

        thread_json = self.get_thread_json()
        self.assertEqual(thread_json['best_answer'], self.best_answer.id)

    def test_unmark_best_answer_post_not_found(self):
        """api validates that post to unmark exists"""
        self.override_acl({'can_mark_best_answers': 0, 'can_change_marked_answers': 2})

        response = self.patch(
            self.api_link, [
                {
                    'op': 'remove',
                    'path': 'best-answer',
                    'value': self.best_answer.id + 1,
                },
            ]
        )
        self.assertEqual(response.status_code, 404)
        self.assertEqual(response.json(), {'detail': 'NOT FOUND'})

        thread_json = self.get_thread_json()
        self.assertEqual(thread_json['best_answer'], self.best_answer.id)
        
    def test_unmark_best_answer_wrong_post(self):
        """api validates if post given to unmark is best answer"""
        self.override_acl({'can_mark_best_answers': 0, 'can_change_marked_answers': 2})

        best_answer = testutils.reply_thread(self.thread)

        response = self.patch(
            self.api_link, [
                {
                    'op': 'remove',
                    'path': 'best-answer',
                    'value': best_answer.id,
                },
            ]
        )
        self.assertEqual(response.status_code, 403)
        self.assertEqual(response.json(), {
            'detail': (
                "This post can't be unmarked because it's not currently marked as best answer."
            ),
        })

        thread_json = self.get_thread_json()
        self.assertEqual(thread_json['best_answer'], self.best_answer.id)

    def test_unmark_best_answer_no_permission(self):
        """api validates if user has permission to unmark best answers"""
        self.override_acl({'can_mark_best_answers': 0, 'can_change_marked_answers': 0})

        response = self.patch(
            self.api_link, [
                {
                    'op': 'remove',
                    'path': 'best-answer',
                    'value': self.best_answer.id,
                },
            ]
        )
        self.assertEqual(response.status_code, 403)
        self.assertEqual(response.json(), {
            'detail': (
                'You don\'t have permission to unmark threads answers in the "First category" '
                'category.'
            ),
        })

        thread_json = self.get_thread_json()
        self.assertEqual(thread_json['best_answer'], self.best_answer.id)

    def test_unmark_best_answer_not_starter(self):
        """api validates if starter has permission to unmark best answers"""
        self.override_acl({'can_mark_best_answers': 0, 'can_change_marked_answers': 1})

        response = self.patch(
            self.api_link, [
                {
                    'op': 'remove',
                    'path': 'best-answer',
                    'value': self.best_answer.id,
                },
            ]
        )
        self.assertEqual(response.status_code, 403)
        self.assertEqual(response.json(), {
            'detail': (
                "You don't have permission to unmark this best answer because you are not a "
                "thread starter."
            ),
        })

        thread_json = self.get_thread_json()
        self.assertEqual(thread_json['best_answer'], self.best_answer.id)

        # passing scenario is possible
        self.override_acl({'can_mark_best_answers': 0, 'can_change_marked_answers': 1})

        self.thread.starter = self.user
        self.thread.save()

        response = self.patch(
            self.api_link, [
                {
                    'op': 'remove',
                    'path': 'best-answer',
                    'value': self.best_answer.id,
                },
            ]
        )
        self.assertEqual(response.status_code, 200)

    def test_unmark_best_answer_timelimit(self):
        """api validates if starter has permission to unmark best answer within time limit"""
        self.override_acl({
            'can_mark_best_answers': 0,
            'can_change_marked_answers': 1,
            'best_answer_change_time': 5,
        })

        self.thread.best_answer_marked_on = timezone.now() - timedelta(minutes=6)
        self.thread.starter = self.user
        self.thread.save()

        response = self.patch(
            self.api_link, [
                {
                    'op': 'remove',
                    'path': 'best-answer',
                    'value': self.best_answer.id,
                },
            ]
        )
        self.assertEqual(response.status_code, 403)
        self.assertEqual(response.json(), {
            'detail': (
                "You don't have permission to unmark best answer that was marked for more than "
                "5 minutes."
            ),
        })

        thread_json = self.get_thread_json()
        self.assertEqual(thread_json['best_answer'], self.best_answer.id)

        # passing scenario is possible
        self.override_acl({
            'can_mark_best_answers': 0,
            'can_change_marked_answers': 1,
            'best_answer_change_time': 10,
        })
        
        response = self.patch(
            self.api_link, [
                {
                    'op': 'remove',
                    'path': 'best-answer',
                    'value': self.best_answer.id,
                },
            ]
        )
        self.assertEqual(response.status_code, 200)

    def test_unmark_best_answer_closed_category(self):
        """api validates if user has permission to unmark best answer in closed category"""
        self.override_acl({
            'can_mark_best_answers': 0,
            'can_change_marked_answers': 2,
            'can_close_threads': 0,
        })

        self.category.is_closed = True
        self.category.save()

        response = self.patch(
            self.api_link, [
                {
                    'op': 'remove',
                    'path': 'best-answer',
                    'value': self.best_answer.id,
                },
            ]
        )
        self.assertEqual(response.status_code, 403)
        self.assertEqual(response.json(), {
            'detail': (
                'You don\'t have permission to unmark this best answer because its category '
                '"First category" is closed.'
            ),
        })

        thread_json = self.get_thread_json()
        self.assertEqual(thread_json['best_answer'], self.best_answer.id)

        # passing scenario is possible
        self.override_acl({
            'can_mark_best_answers': 0,
            'can_change_marked_answers': 2,
            'can_close_threads': 1,
        })
        
        response = self.patch(
            self.api_link, [
                {
                    'op': 'remove',
                    'path': 'best-answer',
                    'value': self.best_answer.id,
                },
            ]
        )
        self.assertEqual(response.status_code, 200)

    def test_unmark_best_answer_closed_thread(self):
        """api validates if user has permission to unmark best answer in closed thread"""
        self.override_acl({
            'can_mark_best_answers': 0,
            'can_change_marked_answers': 2,
            'can_close_threads': 0,
        })

        self.thread.is_closed = True
        self.thread.save()

        response = self.patch(
            self.api_link, [
                {
                    'op': 'remove',
                    'path': 'best-answer',
                    'value': self.best_answer.id,
                },
            ]
        )
        self.assertEqual(response.status_code, 403)
        self.assertEqual(response.json(), {
            'detail': (
                "You can't unmark this thread's best answer because it's closed and you don't "
                "have permission to open it."
            ),
        })

        thread_json = self.get_thread_json()
        self.assertEqual(thread_json['best_answer'], self.best_answer.id)

        # passing scenario is possible
        self.override_acl({
            'can_mark_best_answers': 0,
            'can_change_marked_answers': 2,
            'can_close_threads': 1,
        })
        
        response = self.patch(
            self.api_link, [
                {
                    'op': 'remove',
                    'path': 'best-answer',
                    'value': self.best_answer.id,
                },
            ]
        )
        self.assertEqual(response.status_code, 200)

    def test_unmark_best_answer_protected(self):
        """api validates permission to unmark protected best answers"""
        self.override_acl({
            'can_mark_best_answers': 0,
            'can_change_marked_answers': 2,
            'can_protect_posts': 0,
        })

        self.thread.best_answer_is_protected = True
        self.thread.save()

        response = self.patch(
            self.api_link, [
                {
                    'op': 'remove',
                    'path': 'best-answer',
                    'value': self.best_answer.id,
                },
            ]
        )
        self.assertEqual(response.status_code, 403)
        self.assertEqual(response.json(), {
            'detail': (
                "You don't have permission to unmark this thread's best answer because a "
                "moderator has protected it."
            ),
        })

        thread_json = self.get_thread_json()
        self.assertEqual(thread_json['best_answer'], self.best_answer.id)

        # passing scenario is possible
        self.override_acl({
            'can_mark_best_answers': 0,
            'can_change_marked_answers': 2,
            'can_protect_posts': 1,
        })
        
        response = self.patch(
            self.api_link, [
                {
                    'op': 'remove',
                    'path': 'best-answer',
                    'value': self.best_answer.id,
                },
            ]
        )
        self.assertEqual(response.status_code, 200)