Remove HiddenFields and add created_by to LicensePlate and `Loc…

…ation` (#1034)

## Fixes issue
#1033

## Description of Changes
Remove `created_by` from `Form` models and add `created_by` to
`LicensePlate` and `Location` models.

## Tests and linting
- [x] This branch is up-to-date with the `develop` branch.
- [x] `pytest` passes on my local development environment.
- [x] `pre-commit` passes on my local development environment.
- [x] Manually created an incident with a link and license plate.

OpenOversight/app/filters.py

@@ -8,7 +8,7 @@
 from flask import Flask, session
 from markupsafe import Markup
 
-from OpenOversight.app.utils.constants import KEY_TIMEZONE
+from OpenOversight.app.utils.constants import FIELD_NOT_AVAILABLE, KEY_TIMEZONE
 
 
 def instantiate_filters(app: Flask):
@@ -44,22 +44,42 @@ def markdown(text: str) -> Markup:
         html = bleach.clean(_markdown.markdown(text), markdown_tags, markdown_attrs)
         return Markup(html)
 
+    @app.template_filter("display_date")
+    def display_date(value: datetime) -> str:
+        """Convert UTC datetime.datetime into a localized date string."""
+        if value:
+            return value.strftime("%b %d, %Y")
+        return FIELD_NOT_AVAILABLE
+
     @app.template_filter("local_date")
     def local_date(value: datetime) -> str:
         """Convert UTC datetime.datetime into a localized date string."""
-        return value.astimezone(pytz.timezone(get_timezone())).strftime("%b %d, %Y")
+        if value:
+            return value.astimezone(pytz.timezone(get_timezone())).strftime("%b %d, %Y")
+        return FIELD_NOT_AVAILABLE
 
     @app.template_filter("local_date_time")
     def local_date_time(value: datetime) -> str:
         """Convert UTC datetime.datetime into a localized date time string."""
-        return value.astimezone(pytz.timezone(get_timezone())).strftime(
-            "%I:%M %p on %b %d, %Y"
-        )
+        if value:
+            return value.astimezone(pytz.timezone(get_timezone())).strftime(
+                "%I:%M %p on %b %d, %Y"
+            )
+        return FIELD_NOT_AVAILABLE
+
+    @app.template_filter("display_time")
+    def display_time(value: datetime) -> str:
+        """Convert UTC datetime.datetime into a localized date string."""
+        if value:
+            return value.strftime("%I:%M %p")
+        return FIELD_NOT_AVAILABLE
 
     @app.template_filter("local_time")
     def local_time(value: datetime) -> str:
         """Convert UTC datetime.datetime into a localized time string."""
-        return value.astimezone(pytz.timezone(get_timezone())).strftime("%I:%M %p")
+        if value:
+            return value.astimezone(pytz.timezone(get_timezone())).strftime("%I:%M %p")
+        return FIELD_NOT_AVAILABLE
 
     @app.template_filter("thousands_seperator")
     def thousands_seperator(value: int) -> str:

OpenOversight/app/main/forms.py

@@ -140,11 +140,6 @@ class FaceTag(Form):
     dataY = IntegerField("dataY", validators=[InputRequired()])
     dataWidth = IntegerField("dataWidth", validators=[InputRequired()])
     dataHeight = IntegerField("dataHeight", validators=[InputRequired()])
-    created_by = HiddenField(
-        validators=[
-            DataRequired(message="Face Tags must have a valid user ID for creating.")
-        ]
-    )
 
 
 class AssignmentForm(Form):
@@ -169,11 +164,6 @@ class AssignmentForm(Form):
     resign_date = DateField(
         "Assignment end date", validators=[Optional(), validate_end_date]
     )
-    created_by = HiddenField(
-        validators=[
-            DataRequired(message="Assignments must have a valid user ID for creating.")
-        ]
-    )
 
 
 class SalaryForm(Form):
@@ -189,11 +179,6 @@ class SalaryForm(Form):
         validators=[NumberRange(min=1900, max=2100)],
     )
     is_fiscal_year = BooleanField("Is fiscal year?", default=False)
-    created_by = HiddenField(
-        validators=[
-            DataRequired(message="Salaries must have a valid user ID for creating.")
-        ]
-    )
 
     def validate(self, extra_validators=None):
         if not self.data.get("salary") and not self.data.get("overtime_pay"):
@@ -224,11 +209,6 @@ class DepartmentForm(Form):
     jobs = FieldList(
         StringField("Job", default="", validators=[Regexp(r"\w*")]), label="Ranks"
     )
-    created_by = HiddenField(
-        validators=[
-            DataRequired(message="Departments must have a valid user ID for creating.")
-        ]
-    )
     submit = SubmitField(label="Add")
 
 
@@ -258,11 +238,6 @@ class LinkForm(Form):
         default="",
         validators=[AnyOf(allowed_values(LINK_CHOICES))],
     )
-    created_by = HiddenField(
-        validators=[
-            DataRequired(message="Links must have a valid user ID for creating.")
-        ]
-    )
 
     def validate(self, extra_validators=None):
         success = super(LinkForm, self).validate(extra_validators=extra_validators)
@@ -296,11 +271,6 @@ class TextForm(EditTextForm):
     officer_id = HiddenField(
         validators=[DataRequired(message="Not a valid officer ID")]
     )
-    created_by = HiddenField(
-        validators=[
-            DataRequired(message="Text fields must have a valid user ID for creating.")
-        ]
-    )
 
 
 class AddOfficerForm(Form):
@@ -386,11 +356,6 @@ class AddOfficerForm(Form):
         min_entries=1,
         widget=BootstrapListWidget(),
     )
-    created_by = HiddenField(
-        validators=[
-            DataRequired(message="Officers must have a valid user ID for creating.")
-        ]
-    )
 
     submit = SubmitField(label="Add")
 
@@ -452,11 +417,6 @@ class AddUnitForm(Form):
         query_factory=dept_choices,
         get_label="display_name",
     )
-    created_by = HiddenField(
-        validators=[
-            DataRequired(message="Units must have a valid user ID for creating.")
-        ]
-    )
     submit = SubmitField(label="Add")
 
 
@@ -507,11 +467,6 @@ class LocationForm(Form):
             Regexp(r"^\d{5}$", message="Zip codes must have 5 digits."),
         ],
     )
-    created_by = HiddenField(
-        validators=[
-            DataRequired(message="Locations must have a valid user ID for creating.")
-        ]
-    )
 
 
 class LicensePlateForm(Form):
@@ -521,13 +476,6 @@ class LicensePlateForm(Form):
         choices=STATE_CHOICES,
         validators=[AnyOf(allowed_values(STATE_CHOICES))],
     )
-    created_by = HiddenField(
-        validators=[
-            DataRequired(
-                message="License Plates must have a valid user ID for creating."
-            )
-        ]
-    )
 
     def validate_state(self, field):
         if self.number.data != "" and field.data == "":
@@ -542,16 +490,18 @@ def process_data(self, value):
             self.data = value
 
 
-def validate_oo_id(self, field):
-    if field.data:
-        try:
-            officer_id = int(field.data)
-            officer = Officer.query.get(officer_id)
+def validate_oo_id(self, oo_id):
+    if oo_id.data and isinstance(oo_id.data, str):
+        if oo_id.data.isnumeric():
+            officer = Officer.query.get(oo_id.data)
+        else:
+            try:
+                officer_id = oo_id.data.split('value="')[1][:-2]
+                officer = Officer.query.get(officer_id)
 
-        # Sometimes we get a string in field.data with py.test, this parses it
-        except ValueError:
-            officer_id = field.data.split('value="')[1][:-2]
-            officer = Officer.query.get(officer_id)
+            # Sometimes we get a string in field.data with py.test, this parses it
+            except IndexError:
+                officer = None
 
         if not officer:
             raise ValidationError("Not a valid officer id")
@@ -597,17 +547,6 @@ class IncidentForm(DateFieldForm):
         min_entries=1,
         widget=BootstrapListWidget(),
     )
-    created_by = HiddenField(
-        validators=[DataRequired(message="Incidents must have a user id for creating.")]
-    )
-    last_updated_by = HiddenField(
-        validators=[DataRequired(message="Incidents must have a user ID for editing.")]
-    )
-    last_updated_at = HiddenField(
-        validators=[
-            DataRequired(message="Incidents must have a timestamp for editing.")
-        ]
-    )
 
     submit = SubmitField(label="Submit")
 

OpenOversight/app/main/model_view.py

@@ -77,14 +77,9 @@ def new(self, form=None):
                 add_department_query(form, current_user)
                 if getattr(current_user, "dept_pref_rel", None):
                     set_dynamic_default(form.department, current_user.dept_pref_rel)
-            if hasattr(form, "created_by") and not form.created_by.data:
-                form.created_by.data = current_user.get_id()
-            if hasattr(form, "last_updated_by"):
-                form.last_updated_by.data = current_user.get_id()
-                form.last_updated_at.data = datetime.datetime.now()
 
         if form.validate_on_submit():
-            new_obj = self.create_function(form)
+            new_obj = self.create_function(form, current_user)
             db.session.add(new_obj)
             db.session.commit()
             match self.model.__name__:

OpenOversight/app/main/views.py

@@ -382,7 +382,6 @@ def redirect_add_assignment(officer_id: int):
 @ac_or_admin_required
 def add_assignment(officer_id: int):
     form = AssignmentForm()
-    form.created_by.data = current_user.get_id()
     officer = Officer.query.filter_by(id=officer_id).first()
     form.job_title.query = (
         Job.query.filter_by(department_id=officer.department_id)
@@ -399,7 +398,7 @@ def add_assignment(officer_id: int):
             and officer.department_id == current_user.ac_department_id
         ):
             try:
-                add_new_assignment(officer_id, form)
+                add_new_assignment(officer_id, form, current_user)
                 Department(id=officer.department_id).remove_database_cache_entries(
                     [KEY_DEPT_ALL_ASSIGNMENTS, KEY_DEPT_TOTAL_ASSIGNMENTS],
                 )
@@ -495,7 +494,6 @@ def redirect_add_salary(officer_id: int):
 @ac_or_admin_required
 def add_salary(officer_id: int):
     form = SalaryForm()
-    form.created_by.data = current_user.get_id()
     officer = Officer.query.filter_by(id=officer_id).first()
     if not officer:
         flash("Officer not found")
@@ -515,6 +513,7 @@ def add_salary(officer_id: int):
                 overtime_pay=form.overtime_pay.data,
                 year=form.year.data,
                 is_fiscal_year=form.is_fiscal_year.data,
+                created_by=current_user.get_id(),
             )
             db.session.add(new_salary)
             db.session.commit()
@@ -750,7 +749,6 @@ def edit_department(department_id: int):
     previous_name = department.name
     form = EditDepartmentForm(obj=department)
     original_ranks = department.jobs
-    form.created_by.data = department.created_by
     if form.validate_on_submit():
         if form.name.data != previous_name:
             does_already_department_exist = (
@@ -1143,9 +1141,6 @@ def redirect_add_officer():
 @ac_or_admin_required
 def add_officer():
     form = AddOfficerForm()
-    form.created_by.data = current_user.get_id()
-    for link in form.links:
-        link.created_by.data = current_user.id
     add_unit_query(form, current_user)
     add_department_query(form, current_user)
     set_dynamic_default(form.department, current_user.dept_pref_rel)
@@ -2018,8 +2013,6 @@ def get_new_form(self):
         if request.args.get("officer_id"):
             form.officers[0].oo_id.data = request.args.get("officer_id")
 
-        for link in form.links:
-            link.created_by.data = current_user.id
         return form
 
     def get_edit_form(self, obj: Incident):
@@ -2028,11 +2021,6 @@ def get_edit_form(self, obj: Incident):
         no_license_plates = len(obj.license_plates)
         no_links = len(obj.links)
         no_officers = len(obj.officers)
-        for link in form.links:
-            if link.created_by.data:
-                continue
-            else:
-                link.created_by.data = current_user.id
 
         for officer_idx, officer in enumerate(obj.officers):
             form.officers[officer_idx].oo_id.data = officer.id
@@ -2366,8 +2354,6 @@ def new(self, form: FlaskForm = None):
             abort(HTTPStatus.FORBIDDEN)
         if not form:
             form = self.get_new_form()
-            if hasattr(form, "created_by") and not form.created_by.data:
-                form.created_by.data = current_user.get_id()
 
         if form.validate_on_submit():
             link = Link(
@@ -2376,7 +2362,7 @@ def new(self, form: FlaskForm = None):
                 link_type=form.link_type.data,
                 description=form.description.data,
                 author=form.author.data,
-                created_by=form.created_by.data,
+                created_by=current_user.get_id(),
             )
             self.officer.links.append(link)
             db.session.add(link)

OpenOversight/app/templates/partials/incident_fields.html

@@ -2,14 +2,14 @@
   <td>
     <strong>Date</strong>
   </td>
-  <td>{{ incident.date.strftime("%b %d, %Y") }}</td>
+  <td>{{ incident.date | display_date }}</td>
 </tr>
 {% if incident.time %}
   <tr>
     <td>
       <strong>Time</strong>
     </td>
-    <td>{{ incident.time.strftime("%l:%M %p") }}</td>
+    <td>{{ incident.time | display_time }}</td>
   </tr>
 {% endif %}
 {% if incident.report_number %}

OpenOversight/app/utils/constants.py

@@ -25,11 +25,6 @@
 KEY_S3_BUCKET_NAME = "S3_BUCKET_NAME"
 KEY_TIMEZONE = "TIMEZONE"
 
-# Flash Message Constants
-FLASH_MSG_PERMANENT_REDIRECT = (
-    "This page's address has changed, please update your bookmark!"
-)
-
 # File Handling Constants
 ENCODING_UTF_8 = "utf-8"
 SAVED_UMASK = os.umask(0o077)  # Ensure the file is read/write by the creator only
@@ -43,3 +38,9 @@
 MEGABYTE = 1024 * KILOBYTE
 MINUTE = 60
 HOUR = 60 * MINUTE
+
+# UI Constants
+FIELD_NOT_AVAILABLE = "Field Not Available"
+FLASH_MSG_PERMANENT_REDIRECT = (
+    "This page's address has changed, please update your bookmark!"
+)