darkhelm/notifications-admin
1
0
Fork 0
mirror of https://github.com/GSA/notifications-admin.git synced 2026-06-22 06:03:06 -04:00
Code Issues Packages Projects Releases Wiki Activity

Functionality_added, tests passing.

Browse Source
This commit is contained in:
Nicholas Staples
2016-03-03 14:32:19 +00:00
parent 9e710711cb
commit e5e9db88fd
5 changed files with 87 additions and 19 deletions
Download Patch File Download Diff File Expand all files Collapse all files

3
app/main/dao/users_dao.py
View File

@@ -8,9 +8,10 @@ from app.main.encryption import hashpw
from app import user_api_client
#
# TODO fix up this, do we really need this class why not just use the clients
# directly??
#
@login_manager.user_loader

8
app/main/forms.py
View File

@@ -110,9 +110,11 @@ class RegisterUserFromInviteForm(Form):
class InviteUserForm(Form):
email_address = email_address('Their email address')
send_messages = BooleanField("Send messages")
manage_service = BooleanField("Manage service")
manage_api_keys = BooleanField("Manage API keys")
# TODO fix this Radio field so we are not having to test for yes or no rather
# use operator equality.
send_messages = RadioField("Send messages", choices=[('yes', 'Yes'), ('no', 'No')])
manage_service = RadioField("Manage service", choices=[('yes', 'Yes'), ('no', 'No')])
manage_api_keys = RadioField("Manage API keys", choices=[('yes', 'Yes'), ('no', 'No')])
class TwoFactorForm(Form):

31
app/main/views/manage_users.py
View File

@@ -12,6 +12,7 @@ from flask_login import (
)
from notifications_python_client.errors import HTTPError
from app import user_api_client
from app.main import main
from app.main.forms import InviteUserForm
@@ -20,16 +21,6 @@ from app import user_api_client
from app import invite_api_client
from app.utils import user_has_permissions
fake_users = [
{
'name': '',
'permission_send_messages': True,
'permission_manage_service': True,
'permission_manage_api_keys': True,
'active': True
}
]
@main.route("/services/<service_id>/users")
@login_required
@@ -83,6 +74,14 @@ def edit_user_permissions(service_id, user_id):
'manage_api_keys': user.has_permissions(['manage_api_keys', 'access_developer_docs'])
})
if form.validate_on_submit():
permissions = []
permissions.extend(
_convert_role_to_permissions('send_messages') if form.send_messages.data == 'yes' else [])
permissions.extend(
_convert_role_to_permissions('manage_service') if form.manage_service.data == 'yes' else [])
permissions.extend(
_convert_role_to_permissions('manage_api_keys') if form.manage_api_keys.data == 'yes' else [])
user_api_client.set_user_permissions(user_id, service_id, permissions)
return redirect(url_for('.manage_users', service_id=service_id))
return render_template(
@@ -123,6 +122,18 @@ def cancel_invited_user(service_id, invited_user_id):
return redirect(url_for('main.manage_users', service_id=service_id))
def _convert_role_to_permissions(role):
if role == 'send_messages':
return ['send_texts', 'send_emails', 'send_letters']
elif role == 'manage_service':
return ['manage_users', 'manage_templates', 'manage_settings']
elif role == 'manage_api_keys':
return ['manage_api_keys', 'access_developer_docs']
return []
# TODO replace with method which converts each 'role' into the list
# of permissions like the method above :)
def _get_permissions(form):
permissions = []
if form.get('send_messages') and form['send_messages'] == 'yes':

59
tests/app/main/views/test_manage_users.py
View File

@@ -37,26 +37,75 @@ def test_should_show_page_for_one_user(
assert response.status_code == 200
def test_redirect_after_saving_user(
def test_edit_user_permissions(
app_,
api_user_active,
mock_login,
mock_get_service,
mock_get_users_by_service,
mock_get_invites_for_service,
mock_has_permissions
mock_has_permissions,
mock_set_user_permissions
):
with app_.test_request_context():
with app_.test_client() as client:
service_id = '55555'
client.login(api_user_active)
response = client.post(url_for(
'main.edit_user_permissions', service_id=55555, user_id=0
))
'main.edit_user_permissions', service_id=service_id, user_id=api_user_active.id
), data={'email_address': api_user_active.email_address,
'send_messages': 'yes',
'manage_service': 'yes',
'manage_api_keys': 'yes'})
assert response.status_code == 302
assert response.location == url_for(
'main.manage_users', service_id=55555, _external=True
'main.manage_users', service_id=service_id, _external=True
)
mock_set_user_permissions.assert_called_with(
str(api_user_active.id),
service_id,
['send_texts',
'send_emails',
'send_letters',
'manage_users',
'manage_templates',
'manage_settings',
'manage_api_keys',
'access_developer_docs'])
def test_edit_some_user_permissions(
app_,
api_user_active,
mock_login,
mock_get_service,
mock_get_users_by_service,
mock_get_invites_for_service,
mock_has_permissions,
mock_set_user_permissions
):
with app_.test_request_context():
with app_.test_client() as client:
service_id = '55555'
client.login(api_user_active)
response = client.post(url_for(
'main.edit_user_permissions', service_id=service_id, user_id=api_user_active.id
), data={'email_address': api_user_active.email_address,
'send_messages': 'yes',
'manage_service': 'no',
'manage_api_keys': 'no'})
assert response.status_code == 302
assert response.location == url_for(
'main.manage_users', service_id=service_id, _external=True
)
mock_set_user_permissions.assert_called_with(
str(api_user_active.id),
service_id,
['send_texts',
'send_emails',
'send_letters'])
def test_should_show_page_for_inviting_user(

5
tests/conftest.py
View File

@@ -624,3 +624,8 @@ def mock_add_user_to_service(mocker, service_one, api_user_active):
def _add_user(service_id, user_id):
return api_user_active
return mocker.patch('app.user_api_client.add_user_to_service', side_effect=_add_user)
@pytest.fixture(scope='function')
def mock_set_user_permissions(mocker):
return mocker.patch('app.user_api_client.set_user_permissions', return_value=None)