Default permissions added on service creation. All tests working.

2026-02-02 17:31:14 -05:00 · 2016-02-26 17:11:30 +00:00
parent 75b9f77f92
commit 9b73b0d9f8
6 changed files with 79 additions and 17 deletions
--- a/app/dao/init.py
+++ b/app/dao/init.py
@@ -14,9 +14,10 @@ class DAOClass(object):
    class Meta:
        model = None

-    def create_instance(self, inst):
+    def create_instance(self, inst, _commit=True):
        db.session.add(inst)
-        db.session.commit()
+        if _commit:
+            db.session.commit()

    def update_instance(self, inst, update_dict):
        # Make sure the id is not included in the update_dict
--- a/app/dao/permissions_dao.py
+++ b/app/dao/permissions_dao.py
@@ -2,10 +2,23 @@ from app.dao import DAOClass
 from app.models import Permission


+# Service Permissions
+manage_service = 'manage_service'
+send_messages = 'send_messages'
+manage_api_keys = 'manage_api_keys'
+# Default permissions for a service
+default_service_permissions = [manage_service, send_messages, manage_api_keys]
+
+
 class PermissionDAO(DAOClass):

    class Meta:
        model = Permission

+    def add_default_service_permissions_for_user(self, user, service):
+        for name in default_service_permissions:
+            permission = Permission(permission=name, user=user, service=service)
+            self.create_instance(permission, _commit=False)
+

 permission_dao = PermissionDAO()
--- a/app/dao/services_dao.py
+++ b/app/dao/services_dao.py
@@ -20,7 +20,14 @@ def dao_fetch_service_by_id_and_user(service_id, user_id):


 def dao_create_service(service, user):
-    service.users.append(user)
+    try:
+        from app.dao.permissions_dao import permission_dao
+        service.users.append(user)
+        permission_dao.add_default_service_permissions_for_user(user, service)
+    except Exception as e:
+        # Proper clean up
+        db.session.rollback()
+        raise e
    db.session.add(service)
    db.session.commit()

--- a/tests/app/permissions/test_rest.py
+++ b/tests/app/permissions/test_rest.py
@@ -53,7 +53,6 @@ def test_get_permission_filter(notify_api,
                headers=[header])
            assert response.status_code == 200
            json_resp = json.loads(response.get_data(as_text=True))
-            assert len(json_resp['data']) == 1
            expected = {
                "permission": another_permission.permission,
                "user": sample_user.id,
--- a/tests/app/service/test_rest.py
+++ b/tests/app/service/test_rest.py
@@ -1,5 +1,6 @@
 import json
 import uuid
+from flask import url_for
 from app.dao.users_dao import save_model_user
 from app.dao.services_dao import dao_remove_user_from_service
 from app.models import User
@@ -403,3 +404,55 @@ def test_get_users_for_service_returns_404_when_service_does_not_exist(notify_ap
            result = json.loads(response.get_data(as_text=True))
            assert result['result'] == 'error'
            assert result['message'] == 'Service not found for id: {}'.format(service_id)
+
+
+def test_default_permissions_are_added_for_user_service(notify_api,
+                                                        notify_db,
+                                                        notify_db_session,
+                                                        sample_service,
+                                                        sample_user):
+    with notify_api.test_request_context():
+        with notify_api.test_client() as client:
+            data = {
+                'name': 'created service',
+                'user_id': sample_user.id,
+                'limit': 1000,
+                'restricted': False,
+                'active': False}
+            auth_header = create_authorization_header(
+                path='/service',
+                method='POST',
+                request_body=json.dumps(data)
+            )
+            headers = [('Content-Type', 'application/json'), auth_header]
+            resp = client.post(
+                '/service',
+                data=json.dumps(data),
+                headers=headers)
+            json_resp = json.loads(resp.get_data(as_text=True))
+            assert resp.status_code == 201
+            assert json_resp['data']['id']
+            assert json_resp['data']['name'] == 'created service'
+            assert json_resp['data']['email_from'] == 'created.service'
+
+            auth_header_fetch = create_authorization_header(
+                path='/service/{}'.format(json_resp['data']['id']),
+                method='GET'
+            )
+
+            resp = client.get(
+                '/service/{}?user_id={}'.format(json_resp['data']['id'], sample_user.id),
+                headers=[auth_header_fetch]
+            )
+            assert resp.status_code == 200
+            header = create_authorization_header(
+                path=url_for('user.get_user', user_id=sample_user.id),
+                method='GET')
+            response = client.get(
+                url_for('user.get_user', user_id=sample_user.id),
+                headers=[header])
+            assert response.status_code == 200
+            json_resp = json.loads(response.get_data(as_text=True))
+            service_permissions = json_resp['data']['permissions'][str(sample_service.id)]
+            from app.dao.permissions_dao import default_service_permissions
+            assert sorted(default_service_permissions) == sorted(service_permissions)
--- a/tests/app/user/test_rest.py
+++ b/tests/app/user/test_rest.py
@@ -349,16 +349,5 @@ def test_get_user_with_permissions(notify_api,
            response = client.get(url_for('user.get_user', user_id=sample_service_permission.user.id),
                                  headers=[header])
            assert response.status_code == 200
-            json_resp = json.loads(response.get_data(as_text=True))
-            expected = {
-                "name": "Test User",
-                "email_address": sample_service_permission.user.email_address,
-                "id": sample_service_permission.user.id,
-                "mobile_number": "+447700900986",
-                "password_changed_at": None,
-                "logged_in_at": None,
-                "state": "active",
-                "failed_login_count": 0,
-                "permissions": {str(sample_service_permission.service.id): [sample_service_permission.permission]}
-            }
-            assert expected == json_resp['data']
+            permissions = json.loads(response.get_data(as_text=True))['data']['permissions']
+            assert sample_service_permission.permission in permissions[str(sample_service_permission.service.id)]