nautobot 3.0.0rc1__py3-none-any.whl → 3.0.1__py3-none-any.whl

nautobot/extras/tests/test_api.py

@@ -598,10 +598,10 @@ class ApprovalWorkflowStageTest(
                 response_obj = stage.approval_workflow_stage_responses.first()
                 self.assertEqual(response_obj.comments, "This is a test comment.")
                 self.assertEqual(response_obj.user, self.user)
-                self.assertEqual(response_obj.state, stage.state)
+                self.assertEqual(response_obj.state, ApprovalWorkflowStateChoices.COMMENT)
 
     @override_settings(EXEMPT_VIEW_PERMISSIONS=["*"])
-    def test_approval_workflow_stage_add_more_comment_to_stage(self):
+    def test_approval_workflow_stage_edit_comment(self):
         for case in self.approval_workflow_content_type_cases:
             content_type = case["content_type"]
             with self.subTest(case=content_type):
@@ -618,7 +618,61 @@ class ApprovalWorkflowStageTest(
                 self.assertHttpStatus(response, status.HTTP_200_OK)
 
                 stage.refresh_from_db()
-                self.assertEqual(stage.approval_workflow_stage_responses.count(), 2)
+                self.assertEqual(stage.approval_workflow_stage_responses.count(), 1)
+                self.assertEqual(stage.approval_workflow_stage_responses.first().comments, "This is a test comment.")
+
+    @override_settings(EXEMPT_VIEW_PERMISSIONS=["*"])
+    def test_approval_workflow_stage_not_allow_add_comment_to_approved_denied_stage(self):
+        for case in self.approval_workflow_content_type_cases:
+            content_type = case["content_type"]
+            with self.subTest(case=content_type):
+                stage = case["stage"]
+                # set state to approved so we can ensure comments *do not* work.
+                stage.state = ApprovalWorkflowStateChoices.APPROVED
+                stage.save()
+                url = reverse("extras-api:approvalworkflowstage-comment", kwargs={"pk": stage.pk})
+                self.add_permissions("extras.change_approvalworkflowstage")
+
+                data = {"comments": "This is a test comment."}
+                response = self.client.post(url, data=data, format="json", **self.header)
+                self.assertHttpStatus(response, status.HTTP_400_BAD_REQUEST)
+                self.assertEqual(
+                    response.data["detail"],
+                    f"This stage is in {stage.state} state. Can't comment approved or denied stage.",
+                )
+
+                stage.refresh_from_db()
+                self.assertEqual(stage.approval_workflow_stage_responses.count(), 0)
+
+    @override_settings(EXEMPT_VIEW_PERMISSIONS=["*"])
+    def test_state_unchanged_when_comment_added_to_approved_stage(self):
+        for case in self.approval_workflow_content_type_cases:
+            content_type = case["content_type"]
+            with self.subTest(case=content_type):
+                stage = case["stage"]
+                # set min 2 approvers
+                stage.approval_workflow_stage_definition.min_approvers = 2
+                stage.approval_workflow_stage_definition.save()
+                url = reverse("extras-api:approvalworkflowstage-comment", kwargs={"pk": stage.pk})
+                self.add_permissions("extras.change_approvalworkflowstage")
+
+                ApprovalWorkflowStageResponse.objects.create(
+                    approval_workflow_stage=stage,
+                    user=self.user,
+                    state=ApprovalWorkflowStateChoices.APPROVED,
+                    comments="Approved comment",
+                )
+
+                data = {"comments": "Edit approved comment."}
+                response = self.client.post(url, data=data, format="json", **self.header)
+                self.assertHttpStatus(response, status.HTTP_200_OK)
+
+                stage.refresh_from_db()
+                self.assertEqual(stage.approval_workflow_stage_responses.count(), 1)
+                self.assertEqual(stage.approval_workflow_stage_responses.first().comments, "Edit approved comment.")
+                self.assertEqual(
+                    stage.approval_workflow_stage_responses.first().state, ApprovalWorkflowStateChoices.APPROVED
+                )
 
     @override_settings(EXEMPT_VIEW_PERMISSIONS=["*"])
     def test_approval_workflow_stage_pending_my_approvals(self):

nautobot/extras/tests/test_customfields_filters.py

@@ -3,8 +3,8 @@ from django.db.models import Model
 from django.test import tag
 
 from nautobot.core.testing import views
-from nautobot.extras.choices import CustomFieldFilterLogicChoices, CustomFieldTypeChoices
-from nautobot.extras.models import CustomField
+from nautobot.extras.choices import CustomFieldFilterLogicChoices, CustomFieldTypeChoices, DynamicGroupOperatorChoices
+from nautobot.extras.models import CustomField, DynamicGroup, DynamicGroupMembership
 
 
 @tag("unit")
@@ -368,6 +368,82 @@ class CustomFieldsFilters:
                             instances, filtered, test_case["expected"], assert_in_msg, assert_not_in_msg
                         )
 
+        def test_str_custom_field_with_dynamic_groups(self):
+            cf_label = "test_dgs_label_str"
+            cf_label_ic = "test_dgs_label_str_ic"
+            test_data = self.filter_matrix[CustomFieldTypeChoices.TYPE_TEXT]
+            model = self.filterset.Meta.model
+            self.create_custom_field(model, cf_label)
+            self.create_custom_field(model, cf_label_ic, filter_logic=CustomFieldFilterLogicChoices.FILTER_LOOSE)
+
+            instances = self.queryset.all()[:5]
+            self.prepare_custom_fields_values(cf_label, instances, test_data["value"], "not-matched")
+            self.prepare_custom_fields_values(cf_label_ic, instances, test_data["value"], "not-matched")
+
+            ct = ContentType.objects.get_for_model(model)
+
+            filter_group = DynamicGroup.objects.create(
+                name="CustomField DynamicGroup",
+                content_type=ct,
+                filter={},
+            )
+            parent_group = DynamicGroup.objects.create(
+                name="Parent CustomField DynamicGroup",
+                content_type=ct,
+                filter={},
+            )
+            group_membership = DynamicGroupMembership.objects.create(
+                parent_group=parent_group,
+                group=filter_group,
+                operator=DynamicGroupOperatorChoices.OPERATOR_INTERSECTION,
+                weight=10,
+            )
+
+            # Prepare test cases
+            # For dynamic group we're supporting only exact or icontains for now
+            # Depending on the custom field filter logic
+            for lookup_data in test_data["lookups"]:
+                if lookup_data["lookup"] not in ["", "ic"]:
+                    continue
+
+                test_cases = [(lookup_data["lookup"], test_case) for test_case in lookup_data["test_cases"]]
+                group_membership.operator = DynamicGroupOperatorChoices.OPERATOR_INTERSECTION
+                group_membership.save()
+
+                for lookup, test_case in test_cases:
+                    assert_in_msg = f'object expected to be found for searching `{lookup}` ({lookup_data["name"]}) = "{test_case["search"]}"'
+                    assert_not_in_msg = f'object expected to be filtered out for searching `{lookup}` ({lookup_data["name"]}) = "{test_case["search"]}"'
+                    group_filter = {f"cf_{cf_label}": test_case["search"]}
+                    if lookup == "ic":
+                        group_filter = {f"cf_{cf_label_ic}": test_case["search"]}
+
+                    with self.subTest(f"Test filtering {group_filter}"):
+                        filter_group.set_filter(group_filter)
+                        filter_group.save()
+                        members = parent_group.update_cached_members()
+                        self.assertProperInstancesReturned(
+                            instances, members, test_case["expected"], assert_in_msg, assert_not_in_msg
+                        )
+
+                negated_test_cases = self.get_negated_test_cases(lookup_data["lookup"], lookup_data["test_cases"])
+                group_membership.operator = DynamicGroupOperatorChoices.OPERATOR_DIFFERENCE
+                group_membership.save()
+
+                for lookup, test_case in negated_test_cases:
+                    assert_in_msg = f'object expected to be found for searching `{lookup}` ({lookup_data["name"]}) = "{test_case["search"]}"'
+                    assert_not_in_msg = f'object expected to be filtered out for searching `{lookup}` ({lookup_data["name"]}) = "{test_case["search"]}"'
+                    group_filter = {f"cf_{cf_label}": test_case["search"]}
+                    if lookup == "ic":
+                        group_filter = {f"cf_{cf_label_ic}": test_case["search"]}
+
+                    with self.subTest(f"Test negated filtering {group_filter}"):
+                        filter_group.set_filter(group_filter)
+                        filter_group.save()
+                        members = parent_group.update_cached_members()
+                        self.assertProperInstancesReturned(
+                            instances, members, test_case["expected"], assert_in_msg, assert_not_in_msg
+                        )
+
         def test_str_custom_field_filters(self):
             cf_label = "test_fs_label_str"
             test_data = self.filter_matrix[CustomFieldTypeChoices.TYPE_TEXT]
@@ -411,11 +487,15 @@ class CustomFieldsFilters:
                         )
 
         @staticmethod
-        def create_custom_field(model: Model, label: str) -> CustomField:
+        def create_custom_field(
+            model: Model,
+            label: str,
+            filter_logic: CustomFieldFilterLogicChoices = CustomFieldFilterLogicChoices.FILTER_EXACT,
+        ) -> CustomField:
             cf = CustomField.objects.create(
                 type=CustomFieldTypeChoices.TYPE_TEXT,
                 label=label,
-                filter_logic=CustomFieldFilterLogicChoices.FILTER_EXACT,
+                filter_logic=filter_logic,
             )
             cf.content_types.set([ContentType.objects.get_for_model(model)])
             return cf

nautobot/extras/tests/test_views.py

@@ -133,12 +133,13 @@ class ApprovalWorkflowDefinitionViewTestCase(
                 name=f"Test Approval Workflow {i}",
                 model_content_type=cls.scheduledjob_ct,
                 weight=i,
+                model_constraints={"job_model__name": "NoSuchJob"},
             )
 
         cls.form_data = {
             "name": "Test Approval Workflow Definition 5",
             "model_content_type": cls.scheduledjob_ct.pk,
-            "model_constraints": '{"name": "Bulk Delete Objects"}',
+            "model_constraints": '{"job_model__name": "Bulk Delete Objects"}',
             "weight": 5,
             # These are the "management_form" fields required by the dynamic CustomFieldChoice formsets.
             "approval_workflow_stage_definitions-TOTAL_FORMS": "0",  # Set to 0 so validation succeeds until we need it
@@ -162,6 +163,7 @@ class ApprovalWorkflowStageDefinitionViewTestCase(ViewTestCases.PrimaryObjectVie
             name="Test Approval Workflow Definition 1",
             model_content_type=cls.scheduledjob_ct,
             weight=10,
+            model_constraints={"job_model__name": "NoSuchJob"},
         )
         cls.approver_group = Group.objects.create(name="Test Group 1")
         cls.updated_approver_group = Group.objects.create(name="Test Group 2")
@@ -264,7 +266,10 @@ class ApprovalWorkflowViewTestCase(
         ]
         approval_workflow_definitions = [
             ApprovalWorkflowDefinition.objects.create(
-                name=f"Test Approval Workflow {i}", model_content_type=cls.scheduledjob_ct, weight=i
+                name=f"Test Approval Workflow {i}",
+                model_content_type=cls.scheduledjob_ct,
+                weight=i,
+                model_constraints={"job_model__name": "NoSuchJob"},
             )
             for i in range(5)
         ]
@@ -333,6 +338,7 @@ class ApprovalWorkflowStageViewTestCase(
                 name=f"Test Approval Workflow {i}",
                 model_content_type=cls.scheduledjob_ct,
                 weight=i,
+                model_constraints={"job_model__name": "NoSuchJob"},
             )
             for i in range(5)
         ]
@@ -413,19 +419,33 @@ class ApprovalWorkflowStageViewTestCase(
         self.client.force_login(self.user)
         self.add_permissions("extras.change_approvalworkflowstage", "extras.view_approvalworkflowstage")
 
-        # Try GET with model-level permission
+        # Try GET with model-level permission but not belonging to the approver group
         url = reverse("extras:approvalworkflowstage_approve", args=[approval_workflow_stage.pk])
+        response = self.client.get(url, follow=True)
+        self.assertHttpStatus(response, 200)
+        self.assertBodyContains(response, "You are not permitted to approve this")
+
+        # Try GET with belonging to the approver group
+        approval_workflow_stage.approval_workflow_stage_definition.approver_group.user_set.add(self.user)
         response = self.client.get(url)
+        approval_workflow_stage.approval_workflow_stage_definition.approver_group.user_set.remove(self.user)
         self.assertHttpStatus(response, 200)
         self.assertBodyContains(response, '<div class="card border-success">')  # Assert the success panel is present
 
-        # Try POST with model-level permission
+        # Try POST with model-level permission but not belonging to the approver group
         request = {
             "path": url,
             "data": post_data({"comments": "Approved!"}),
         }
         response = self.client.post(**request, follow=True)
         self.assertHttpStatus(response, 200)
+        self.assertBodyContains(response, "You are not permitted to approve this")
+
+        # Try POST with belonging to the approver group
+        approval_workflow_stage.approval_workflow_stage_definition.approver_group.user_set.add(self.user)
+        response = self.client.post(**request, follow=True)
+        approval_workflow_stage.approval_workflow_stage_definition.approver_group.user_set.remove(self.user)
+        self.assertHttpStatus(response, 200)
         approval_workflow_stage.refresh_from_db()
         # New response should be created
         new_response = ApprovalWorkflowStageResponse.objects.get(
@@ -443,25 +463,88 @@ class ApprovalWorkflowStageViewTestCase(
         self.assertHttpStatus(response, 200)
         self.assertBodyContains(response, "Approval Date")  # Assert the approval date is present
 
+    @override_settings(EXEMPT_VIEW_PERMISSIONS=["*"])
+    def test_approve_stage_with_existing_comment_endpoint(self):
+        """Test the approve stage with existing comment endpoint."""
+        approval_workflow_stage = ApprovalWorkflowStage.objects.first()
+        new_response = ApprovalWorkflowStageResponse.objects.create(
+            approval_workflow_stage=approval_workflow_stage,
+            user=self.user,
+            comments="existing comment",
+            state=ApprovalWorkflowStateChoices.COMMENT,
+        )
+        self.assertEqual(
+            ApprovalWorkflowStageResponse.objects.filter(
+                approval_workflow_stage=approval_workflow_stage, user=self.user
+            ).count(),
+            1,
+        )
+        self.client.force_login(self.user)
+        self.add_permissions("extras.change_approvalworkflowstage", "extras.view_approvalworkflowstage")
+
+        # Try GET with model-level permission
+        approval_workflow_stage.approval_workflow_stage_definition.approver_group.user_set.add(self.user)
+        url = reverse("extras:approvalworkflowstage_approve", args=[approval_workflow_stage.pk])
+        response = self.client.get(url)
+        approval_workflow_stage.approval_workflow_stage_definition.approver_group.user_set.remove(self.user)
+        self.assertHttpStatus(response, 200)
+        self.assertBodyContains(response, '<div class="card border-success">')  # Assert the success panel is present
+        self.assertBodyContains(response, "existing comment")
+
+        # Try POST with model-level permission
+        request = {
+            "path": url,
+            "data": post_data({"comments": "Approved!"}),
+        }
+        approval_workflow_stage.approval_workflow_stage_definition.approver_group.user_set.add(self.user)
+        response = self.client.post(**request, follow=True)
+        approval_workflow_stage.approval_workflow_stage_definition.approver_group.user_set.remove(self.user)
+        self.assertHttpStatus(response, 200)
+        approval_workflow_stage.refresh_from_db()
+        # Response should be updated
+        new_response.refresh_from_db()
+        self.assertEqual(
+            ApprovalWorkflowStageResponse.objects.filter(
+                approval_workflow_stage=approval_workflow_stage, user=self.user
+            ).count(),
+            1,
+        )
+        self.assertEqual(new_response.state, ApprovalWorkflowStateChoices.APPROVED)
+        self.assertEqual(new_response.comments, "Approved!")
+
     @override_settings(EXEMPT_VIEW_PERMISSIONS=["*"])
     def test_deny_endpoint(self):
         """Test the deny endpoint."""
         approval_workflow_stage = ApprovalWorkflowStage.objects.first()
         self.add_permissions("extras.change_approvalworkflowstage", "extras.view_approvalworkflowstage")
 
-        # Try GET with model-level permission
+        # Try GET with model-level permission but not belonging to the approver group
         url = reverse("extras:approvalworkflowstage_deny", args=[approval_workflow_stage.pk])
+        response = self.client.get(url, follow=True)
+        self.assertHttpStatus(response, 200)
+        self.assertBodyContains(response, "You are not permitted to deny this")
+
+        # Try GET with belonging to the approver group
+        approval_workflow_stage.approval_workflow_stage_definition.approver_group.user_set.add(self.user)
         response = self.client.get(url)
+        approval_workflow_stage.approval_workflow_stage_definition.approver_group.user_set.remove(self.user)
         self.assertHttpStatus(response, 200)
         self.assertBodyContains(response, '<div class="card border-danger">')  # Assert the danger panel is present
 
-        # Try POST with model-level permission
+        # Try POST with model-level permission but not belonging to the approver group
         request = {
             "path": url,
             "data": post_data({"comments": "Denied!"}),
         }
         response = self.client.post(**request, follow=True)
         self.assertHttpStatus(response, 200)
+        self.assertBodyContains(response, "You are not permitted to deny this")
+
+        # Try POST with belonging to the approver group
+        approval_workflow_stage.approval_workflow_stage_definition.approver_group.user_set.add(self.user)
+        response = self.client.post(**request, follow=True)
+        approval_workflow_stage.approval_workflow_stage_definition.approver_group.user_set.remove(self.user)
+        self.assertHttpStatus(response, 200)
         approval_workflow_stage.refresh_from_db()
         # New response should be created
         new_response = ApprovalWorkflowStageResponse.objects.get(
@@ -479,6 +562,239 @@ class ApprovalWorkflowStageViewTestCase(
         self.assertHttpStatus(response, 200)
         self.assertBodyContains(response, "Denial Date")  # Assert the denial date is present
 
+    @override_settings(EXEMPT_VIEW_PERMISSIONS=["*"])
+    def test_deny_stage_with_existing_comment_endpoint(self):
+        """Test the deny stage with existing comment endpoint."""
+        approval_workflow_stage = ApprovalWorkflowStage.objects.first()
+        new_response = ApprovalWorkflowStageResponse.objects.create(
+            approval_workflow_stage=approval_workflow_stage,
+            user=self.user,
+            comments="existing comment",
+            state=ApprovalWorkflowStateChoices.COMMENT,
+        )
+        self.assertEqual(
+            ApprovalWorkflowStageResponse.objects.filter(
+                approval_workflow_stage=approval_workflow_stage, user=self.user
+            ).count(),
+            1,
+        )
+        self.client.force_login(self.user)
+        self.add_permissions("extras.change_approvalworkflowstage", "extras.view_approvalworkflowstage")
+
+        # Try GET with model-level permission
+        approval_workflow_stage.approval_workflow_stage_definition.approver_group.user_set.add(self.user)
+        url = reverse("extras:approvalworkflowstage_deny", args=[approval_workflow_stage.pk])
+        response = self.client.get(url)
+        approval_workflow_stage.approval_workflow_stage_definition.approver_group.user_set.remove(self.user)
+        self.assertHttpStatus(response, 200)
+        self.assertBodyContains(response, '<div class="card border-danger">')  # Assert the danger panel is present
+        self.assertBodyContains(response, "existing comment")
+
+        # Try POST with model-level permission
+        approval_workflow_stage.approval_workflow_stage_definition.approver_group.user_set.add(self.user)
+        request = {
+            "path": url,
+            "data": post_data({"comments": "Denied!"}),
+        }
+        response = self.client.post(**request, follow=True)
+        approval_workflow_stage.approval_workflow_stage_definition.approver_group.user_set.remove(self.user)
+        self.assertHttpStatus(response, 200)
+        approval_workflow_stage.refresh_from_db()
+        # Response should be updated
+        new_response.refresh_from_db()
+        self.assertEqual(
+            ApprovalWorkflowStageResponse.objects.filter(
+                approval_workflow_stage=approval_workflow_stage, user=self.user
+            ).count(),
+            1,
+        )
+        self.assertEqual(new_response.state, ApprovalWorkflowStateChoices.DENIED)
+        self.assertEqual(new_response.comments, "Denied!")
+        self.assertBodyContains(
+            response, f"You denied {approval_workflow_stage}."
+        )  # Assert the denial message is present
+
+    @override_settings(EXEMPT_VIEW_PERMISSIONS=["*"])
+    def test_comment_endpoint(self):
+        """Test the comment endpoint."""
+        approval_workflow_stage = ApprovalWorkflowStage.objects.first()
+        self.client.force_login(self.user)
+        self.add_permissions("extras.change_approvalworkflowstage", "extras.view_approvalworkflowstage")
+
+        # Try GET with model-level permission
+        url = reverse("extras:approvalworkflowstage_comment", args=[approval_workflow_stage.pk])
+        response = self.client.get(url)
+        self.assertHttpStatus(response, 200)
+        expected_object_button = '<button type="submit" name="_confirm" class="btn btn-info"><span aria-hidden="true" class="mdi mdi-check me-4"></span><!---->Comment</button>'
+        self.assertContains(response, expected_object_button, html=True)  # Assert button Comment
+        # Try POST with model-level permission
+        request = {
+            "path": url,
+            "data": post_data({"comments": "It is just a comment"}),
+        }
+        response = self.client.post(**request, follow=True)
+        self.assertHttpStatus(response, 200)
+        approval_workflow_stage.refresh_from_db()
+        # New response should be created
+        new_response = ApprovalWorkflowStageResponse.objects.get(
+            approval_workflow_stage=approval_workflow_stage, user=self.user
+        )
+        self.assertEqual(new_response.state, ApprovalWorkflowStateChoices.COMMENT)
+        self.assertEqual(new_response.comments, "It is just a comment")
+        self.assertBodyContains(
+            response, f"You commented {approval_workflow_stage}."
+        )  # Assert the comment message is present
+
+        # Try GET again in form should be previous message
+        url = reverse("extras:approvalworkflowstage_comment", args=[approval_workflow_stage.pk])
+        response = self.client.get(url)
+        self.assertHttpStatus(response, 200)
+        self.assertBodyContains(response, "It is just a comment")
+
+    @override_settings(EXEMPT_VIEW_PERMISSIONS=["*"])
+    def test_edit_comment_endpoint(self):
+        """Test the edit comment endpoint."""
+        approval_workflow_stage = ApprovalWorkflowStage.objects.first()
+        # create new response with a comment
+        new_response = ApprovalWorkflowStageResponse.objects.create(
+            approval_workflow_stage=approval_workflow_stage,
+            user=self.user,
+            comments="existing comment",
+            state=ApprovalWorkflowStateChoices.COMMENT,
+        )
+        self.assertEqual(
+            ApprovalWorkflowStageResponse.objects.filter(
+                approval_workflow_stage=approval_workflow_stage, user=self.user
+            ).count(),
+            1,
+        )
+        self.client.force_login(self.user)
+        self.add_permissions("extras.change_approvalworkflowstage", "extras.view_approvalworkflowstage")
+
+        # Try GET again in form should be previous message
+        url = reverse("extras:approvalworkflowstage_comment", args=[approval_workflow_stage.pk])
+        response = self.client.get(url)
+        self.assertHttpStatus(response, 200)
+        self.assertBodyContains(response, new_response.comments)
+
+        request = {
+            "path": url,
+            "data": post_data({"comments": "Edit existing comment"}),
+        }
+        response = self.client.post(**request, follow=True)
+        self.assertHttpStatus(response, 200)
+        approval_workflow_stage.refresh_from_db()
+        self.assertEqual(
+            ApprovalWorkflowStageResponse.objects.filter(
+                approval_workflow_stage=approval_workflow_stage, user=self.user
+            ).count(),
+            1,
+        )
+        edited_response = ApprovalWorkflowStageResponse.objects.get(
+            approval_workflow_stage=approval_workflow_stage, user=self.user
+        )
+        self.assertEqual(edited_response.state, ApprovalWorkflowStateChoices.COMMENT)
+        self.assertEqual(edited_response.comments, "Edit existing comment")
+
+    @override_settings(EXEMPT_VIEW_PERMISSIONS=["*"])
+    def test_add_new_comment_from_different_user(self):
+        """Test the add comment if different user add it."""
+        approval_workflow_stage = ApprovalWorkflowStage.objects.first()
+        # create new response with a comment
+        second_user = User.objects.last()
+        new_response = ApprovalWorkflowStageResponse.objects.create(
+            approval_workflow_stage=approval_workflow_stage,
+            user=second_user,
+            comments="existing comment",
+            state=ApprovalWorkflowStateChoices.COMMENT,
+        )
+        self.assertEqual(
+            ApprovalWorkflowStageResponse.objects.filter(
+                approval_workflow_stage=approval_workflow_stage, user=second_user
+            ).count(),
+            1,
+        )
+        self.client.force_login(self.user)
+        self.add_permissions("extras.change_approvalworkflowstage", "extras.view_approvalworkflowstage")
+
+        # Try GET again in form should be previous message
+        url = reverse("extras:approvalworkflowstage_comment", args=[approval_workflow_stage.pk])
+        response = self.client.get(url)
+        self.assertHttpStatus(response, 200)
+        expected_object_comment = '<textarea name="comments" cols="40" rows="10" class="form-control" placeholder="Comments" id="id_comments"></textarea>'
+        self.assertContains(response, expected_object_comment, html=True)  # Assert empty textarea
+
+        request = {
+            "path": url,
+            "data": post_data({"comments": "New comment"}),
+        }
+        response = self.client.post(**request, follow=True)
+        self.assertHttpStatus(response, 200)
+        self.assertEqual(ApprovalWorkflowStageResponse.objects.all().count(), 2)
+
+        old_response = ApprovalWorkflowStageResponse.objects.get(
+            approval_workflow_stage=approval_workflow_stage, user=second_user
+        )
+        self.assertEqual(old_response.state, ApprovalWorkflowStateChoices.COMMENT)
+        self.assertEqual(old_response.comments, "existing comment")
+        new_response = ApprovalWorkflowStageResponse.objects.get(
+            approval_workflow_stage=approval_workflow_stage, user=self.user
+        )
+        self.assertEqual(new_response.state, ApprovalWorkflowStateChoices.COMMENT)
+        self.assertEqual(new_response.comments, "New comment")
+
+    @override_settings(EXEMPT_VIEW_PERMISSIONS=["*"])
+    def test_add_comment_to_pending_approval(self):
+        """
+        Test editing or adding a comment in the approval stage that already has one approval,
+        but needs two. Only edit the comment don't change the state from APPROVED to COMMENT.
+        """
+        approval_workflow_stage = ApprovalWorkflowStage.objects.first()
+        # check min_approver to 2
+        approval_workflow_stage.approval_workflow_stage_definition.min_approvers = 2
+        approval_workflow_stage.approval_workflow_stage_definition.save()
+        # create new response with a comment
+        new_response = ApprovalWorkflowStageResponse.objects.create(
+            approval_workflow_stage=approval_workflow_stage,
+            user=self.user,
+            comments="approved comment",
+            state=ApprovalWorkflowStateChoices.APPROVED,
+        )
+        self.assertEqual(
+            ApprovalWorkflowStageResponse.objects.filter(
+                approval_workflow_stage=approval_workflow_stage, user=self.user
+            ).count(),
+            1,
+        )
+        self.client.force_login(self.user)
+        self.add_permissions("extras.change_approvalworkflowstage", "extras.view_approvalworkflowstage")
+
+        # Try GET again in form should be previous message
+        url = reverse("extras:approvalworkflowstage_comment", args=[approval_workflow_stage.pk])
+        response = self.client.get(url)
+        self.assertHttpStatus(response, 200)
+        self.assertBodyContains(response, new_response.comments)
+
+        request = {
+            "path": url,
+            "data": post_data({"comments": "Edit approved comment"}),
+        }
+        response = self.client.post(**request, follow=True)
+        self.assertHttpStatus(response, 200)
+        approval_workflow_stage.refresh_from_db()
+        self.assertEqual(
+            ApprovalWorkflowStageResponse.objects.filter(
+                approval_workflow_stage=approval_workflow_stage, user=self.user
+            ).count(),
+            1,
+        )
+        edited_response = ApprovalWorkflowStageResponse.objects.get(
+            approval_workflow_stage=approval_workflow_stage, user=self.user
+        )
+        # assert state is still APPROVED
+        self.assertEqual(edited_response.state, ApprovalWorkflowStateChoices.APPROVED)
+        self.assertEqual(edited_response.comments, "Edit approved comment")
+
 
 class ApprovalWorkflowStageResponseViewTestCase(
     ViewTestCases.DeleteObjectViewTestCase,
@@ -517,6 +833,7 @@ class ApprovalWorkflowStageResponseViewTestCase(
                 name=f"Test Approval Workflow {i} Definition",
                 model_content_type=cls.scheduledjob_ct,
                 weight=i,
+                model_constraints={"job_model__name": "NoSuchJob"},
             )
             for i in range(5)
         ]