Require and validate source_uid when creating officers

[TristanGramsch]

Ensure each Officer created via POST has a valid source_uid. Validate source exists, connect it via the existing citation relationship, and add tests for missing/invalid source_uid. Fixes #507.

[TristanGramsch]

Hey @DMalone87, I saw this issue and took the initiative to solve it. Is it looking good?

[DMalone87]

This is great. The only other thing is that the current user needs to be a member of the Source organization and have a member role of at least Publisher.

[DMalone87]

police-data-trust/backend/database/models/source.py

Line 208 in 314b0f8

members = RelationshipFrom(

[TristanGramsch]

Nice to hear. I see you solved that by adding line 148, correct? Let me know if I can still develop this issue.

[DMalone87]

No, I haven't changed anything. Just highlighting the section of code I'm talking about. Sorry I wasn't clear.

You'll need to add some logic that checks to see if the user is a member of the Source indicated by the source_uid. Something like:

    if source.members.is_connected(current_user):
        member_rel = source.members.relationship(current_user)
        if member_rel.may_publish()
          # Prodeed with Creation
        else:
        abort(403, description="No permission.")
    else:
        abort(403, description="No permission.")

[TristanGramsch]

I am looking at this! I made new changes, and I just need to run tests.

[DMalone87]

Let me know if I can help

[TristanGramsch]

Hey Darrel, I believe the last change solves the check for membership. I think this is ready for merge.