[Backend] Add challenge attribute update API for staff users (#4233)

* [Backend] Add update challenge attribute API

* Add tests and URL

* Fix flake8 issues

* Fix test

* Fix tests

apps/challenges/urls.py

@@ -289,6 +289,11 @@
         views.update_challenge_approval,
         name="update_challenge_approval",
     ),
+    url(
+        r"^challenge/update_challenge_attributes/$",
+        views.update_challenge_attributes,
+        name="update_challenge_attributes",
+    ),
     url(
         r"^challenge/(?P<challenge_pk>[0-9]+)/prizes/$",
         views.get_prizes_by_challenge,

apps/challenges/views.py

@@ -4767,6 +4767,58 @@ def update_challenge_approval(request):
     return Response(response_data, status=status.HTTP_200_OK)
 
 
+@api_view(["POST"])
+@throttle_classes([UserRateThrottle])
+@permission_classes((permissions.IsAuthenticated, HasVerifiedEmail))
+@authentication_classes((JWTAuthentication, ExpiringTokenAuthentication))
+def update_challenge_attributes(request):
+    """
+    API to update attributes of the Challenge model
+    Arguments:
+        request {dict} -- Request object
+
+    Query Parameters:
+        challenge_pk {int} -- Challenge primary key
+        **kwargs {any} -- Key-value pairs representing attributes and their new values
+    """
+    if not request.user.is_staff:
+        response_data = {
+            "error": "Sorry, you are not authorized to access this resource!"
+        }
+        return Response(response_data, status=status.HTTP_401_UNAUTHORIZED)
+
+    challenge_pk = request.data.get("challenge_pk")
+
+    if not challenge_pk:
+        response_data = {
+            "error": "Challenge primary key is missing!"
+        }
+        return Response(response_data, status=status.HTTP_400_BAD_REQUEST)
+
+    try:
+        challenge = Challenge.objects.get(pk=challenge_pk)
+    except Challenge.DoesNotExist:
+        response_data = {
+            "error": f"Challenge with primary key {challenge_pk} not found!"
+        }
+        return Response(response_data, status=status.HTTP_404_NOT_FOUND)
+
+    # Update attributes based on the request data
+    for key, value in request.data.items():
+        if key != "challenge_pk" and hasattr(challenge, key):
+            setattr(challenge, key, value)
+
+    try:
+        challenge.save()
+    except Exception as e:
+        return Response({"error": str(e)}, status=status.HTTP_400_BAD_REQUEST)
+
+    response_data = {
+        "message": f"Challenge attributes updated successfully for challenge with primary key {challenge_pk}!"
+    }
+    return Response(response_data, status=status.HTTP_200_OK)
+
+
 @api_view(["PUT"])
 @throttle_classes([UserRateThrottle])
 @permission_classes((permissions.IsAuthenticated, HasVerifiedEmail))

tests/unit/challenges/test_views.py

@@ -6131,13 +6131,13 @@ def test_modify_leaderboard_data_with_other_parameters(self):
         self.assertEqual(response.status_code, status.HTTP_200_OK)
 
 
-class TestUpdateChallenge(BaseAPITestClass):
+class TestUpdateChallengeApproval(BaseAPITestClass):
     def setUp(self):
         settings.AWS_SES_REGION_NAME = "us-east-1"
         settings.AWS_SES_REGION_ENDPOINT = "email.us-east-1.amazonaws.com"
         return super().setUp()
 
-    def test_update_challenge_when_challenge_exists(self):
+    def test_update_challenge_approval_when_challenge_exists(self):
         self.user.is_staff = True
         self.user.save()
         self.url = reverse_lazy("challenges:update_challenge_approval")
@@ -6151,7 +6151,7 @@ def test_update_challenge_when_challenge_exists(self):
         self.assertEqual(response.data, expected)
         self.assertEqual(response.status_code, status.HTTP_200_OK)
 
-    def test_update_challenge_when_not_a_staff(self):
+    def test_update_challenge_approval_when_not_a_staff(self):
         self.url = reverse_lazy("challenges:update_challenge_approval")
         self.user.is_staff = False
         self.user.save()
@@ -6164,3 +6164,49 @@ def test_update_challenge_when_not_a_staff(self):
         })
         self.assertEqual(response.data, expected)
         self.assertEqual(response.status_code, status.HTTP_401_UNAUTHORIZED)
+
+
+class TestUpdateChallengeAttributes(BaseAPITestClass):
+    def setUp(self):
+        settings.AWS_SES_REGION_NAME = "us-east-1"
+        settings.AWS_SES_REGION_ENDPOINT = "email.us-east-1.amazonaws.com"
+        return super().setUp()
+
+    def test_update_challenge_attributes_when_challenge_exists(self):
+        self.url = reverse_lazy("challenges:update_challenge_attributes")
+        self.user.is_staff = True
+        self.user.save()
+
+        expected = {
+            "message": f"Challenge attributes updated successfully for challenge with primary key {self.challenge.pk}!"
+        }
+
+        response = self.client.post(self.url, {
+            "challenge_pk": self.challenge.pk,
+            "title": "Updated Title",
+            "description": "Updated Description",
+            "approved_by_admin": True,
+            "ephemeral_storage": 25,
+        })
+
+        self.assertEqual(response.data, expected)
+        self.assertEqual(response.status_code, status.HTTP_200_OK)
+
+    def test_update_challenge_attributes_when_not_a_staff(self):
+        self.url = reverse_lazy("challenges:update_challenge_attributes")
+        self.user.is_staff = False
+        self.user.save()
+        expected = {
+            "error": "Sorry, you are not authorized to access this resource!"
+        }
+
+        response = self.client.post(self.url, {
+            "challenge_pk": self.challenge.pk,
+            "title": "Updated Title",
+            "description": "Updated Description",
+            "approved_by_admin": True,
+            "ephemeral_storage": 25,
+        })
+
+        self.assertEqual(response.data, expected)
+        self.assertEqual(response.status_code, status.HTTP_401_UNAUTHORIZED)