mirror of
https://github.com/GSA/notifications-api.git
synced 2025-12-23 08:51:30 -05:00
Merge pull request #104 from alphagov/add_user_permissions
Add user permissions
This commit is contained in:
Adam Shimali
@@ -3,6 +3,7 @@ from flask import current_app
|
||||
from flask_marshmallow.fields import fields
|
||||
from . import ma
|
||||
from . import models
|
||||
from app.dao.permissions_dao import permission_dao
|
||||
from marshmallow import (post_load, ValidationError, validates, validates_schema)
|
||||
|
||||
mobile_regex = re.compile("^\\+44[\\d]{10}$")
|
||||
@@ -58,6 +59,18 @@ class BaseSchema(ma.ModelSchema):
|
||||
|
||||
|
||||
class UserSchema(BaseSchema):
|
||||
|
||||
permissions = fields.Method("user_permissions", dump_only=True)
|
||||
|
||||
def user_permissions(self, usr):
|
||||
retval = {}
|
||||
for x in permission_dao.get_query({'user': usr.id}):
|
||||
service_id = str(x.service_id)
|
||||
if service_id not in retval:
|
||||
retval[service_id] = []
|
||||
retval[service_id].append(x.permission)
|
||||
return retval
|
||||
|
||||
class Meta:
|
||||
model = models.User
|
||||
exclude = (
|
||||
|
||||
@@ -341,3 +341,24 @@ def sample_permission(notify_db,
|
||||
db.session.add(p_model)
|
||||
db.session.commit()
|
||||
return p_model
|
||||
|
||||
|
||||
@pytest.fixture(scope='function')
|
||||
def sample_service_permission(notify_db,
|
||||
notify_db_session,
|
||||
service=None,
|
||||
user=None,
|
||||
permission="sample permission"):
|
||||
if user is None:
|
||||
user = sample_user(notify_db, notify_db_session)
|
||||
if service is None:
|
||||
service = sample_service(notify_db, notify_db_session)
|
||||
data = {
|
||||
'user': user,
|
||||
'service': service,
|
||||
'permission': permission
|
||||
}
|
||||
p_model = Permission(**data)
|
||||
db.session.add(p_model)
|
||||
db.session.commit()
|
||||
return p_model
|
||||
|
||||
@@ -28,8 +28,10 @@ def test_get_user_list(notify_api, notify_db, notify_db_session, sample_user, sa
|
||||
"password_changed_at": None,
|
||||
"logged_in_at": None,
|
||||
"state": "active",
|
||||
"failed_login_count": 0
|
||||
"failed_login_count": 0,
|
||||
"permissions": {}
|
||||
}
|
||||
print(json_resp['data'])
|
||||
assert expected in json_resp['data']
|
||||
|
||||
|
||||
@@ -55,7 +57,8 @@ def test_get_user(notify_api, notify_db, notify_db_session, sample_user, sample_
|
||||
"password_changed_at": None,
|
||||
"logged_in_at": None,
|
||||
"state": "active",
|
||||
"failed_login_count": 0
|
||||
"failed_login_count": 0,
|
||||
"permissions": {}
|
||||
}
|
||||
assert json_resp['data'] == expected
|
||||
|
||||
@@ -75,7 +78,8 @@ def test_post_user(notify_api, notify_db, notify_db_session, sample_admin_servic
|
||||
"password_changed_at": None,
|
||||
"logged_in_at": None,
|
||||
"state": "active",
|
||||
"failed_login_count": 0
|
||||
"failed_login_count": 0,
|
||||
"permissions": {}
|
||||
}
|
||||
auth_header = create_authorization_header(service_id=sample_admin_service_id,
|
||||
path=url_for('user.create_user'),
|
||||
@@ -108,7 +112,8 @@ def test_post_user_missing_attribute_email(notify_api, notify_db, notify_db_sess
|
||||
"password_changed_at": None,
|
||||
"logged_in_at": None,
|
||||
"state": "active",
|
||||
"failed_login_count": 0
|
||||
"failed_login_count": 0,
|
||||
"permissions": {}
|
||||
}
|
||||
auth_header = create_authorization_header(service_id=sample_admin_service_id,
|
||||
path=url_for('user.create_user'),
|
||||
@@ -139,7 +144,8 @@ def test_post_user_missing_attribute_password(notify_api, notify_db, notify_db_s
|
||||
"password_changed_at": None,
|
||||
"logged_in_at": None,
|
||||
"state": "active",
|
||||
"failed_login_count": 0
|
||||
"failed_login_count": 0,
|
||||
"permissions": {}
|
||||
}
|
||||
auth_header = create_authorization_header(service_id=sample_admin_service_id,
|
||||
path=url_for('user.create_user'),
|
||||
@@ -190,7 +196,8 @@ def test_put_user(notify_api, notify_db, notify_db_session, sample_user, sample_
|
||||
"id": user.id,
|
||||
"logged_in_at": None,
|
||||
"state": "active",
|
||||
"failed_login_count": 0
|
||||
"failed_login_count": 0,
|
||||
"permissions": {}
|
||||
}
|
||||
assert json_resp['data'] == expected
|
||||
assert json_resp['data']['email_address'] == new_email
|
||||
@@ -287,7 +294,8 @@ def test_get_user_by_email(notify_api, notify_db, notify_db_session, sample_user
|
||||
"password_changed_at": None,
|
||||
"logged_in_at": None,
|
||||
"state": "active",
|
||||
"failed_login_count": 0
|
||||
"failed_login_count": 0,
|
||||
"permissions": {}
|
||||
}
|
||||
|
||||
assert json_resp['data'] == expected
|
||||
@@ -327,3 +335,30 @@ def test_get_user_by_email_bad_url_returns_404(notify_api,
|
||||
json_resp = json.loads(resp.get_data(as_text=True))
|
||||
assert json_resp['result'] == 'error'
|
||||
assert json_resp['message'] == 'invalid request'
|
||||
|
||||
|
||||
def test_get_user_with_permissions(notify_api,
|
||||
notify_db,
|
||||
notify_db_session,
|
||||
sample_service_permission):
|
||||
with notify_api.test_request_context():
|
||||
with notify_api.test_client() as client:
|
||||
header = create_authorization_header(
|
||||
path=url_for('user.get_user', user_id=sample_service_permission.user.id),
|
||||
method='GET')
|
||||
response = client.get(url_for('user.get_user', user_id=sample_service_permission.user.id),
|
||||
headers=[header])
|
||||
assert response.status_code == 200
|
||||
json_resp = json.loads(response.get_data(as_text=True))
|
||||
expected = {
|
||||
"name": "Test User",
|
||||
"email_address": sample_service_permission.user.email_address,
|
||||
"id": sample_service_permission.user.id,
|
||||
"mobile_number": "+447700900986",
|
||||
"password_changed_at": None,
|
||||
"logged_in_at": None,
|
||||
"state": "active",
|
||||
"failed_login_count": 0,
|
||||
"permissions": {str(sample_service_permission.service.id): [sample_service_permission.permission]}
|
||||
}
|
||||
assert expected == json_resp['data']
|
||||
|
||||
Reference in New Issue
Block a user