def test_delete_permission_endpoint_with_wrong_permission_id(self):
permission_repo = PermissionRepo()
role1 = RoleFactory.create(name='admin')
permission_repo.new_permission(role1.id, 'name-1', 'keyword-1')
user_id = BaseTestCase.user_id()
PermissionFactory.create(keyword='delete_permissions', role_id=role1.id)
UserRoleFactory.create(user_id=user_id, role_id=role1.id)
response = self.client().delete(self.make_url(f'/roles/permissions/576'), headers=self.headers())
response_json = self.decode_from_json_string(response.data.decode('utf-8'))
self.assert404(response)
self.assertEqual(response_json['msg'], 'Invalid or incorrect permission id provided')
def test_delete_permission_endpoint_without_right_permission(self):
permission_repo = PermissionRepo()
role1 = RoleFactory.create(name='admin')
permission = permission_repo.new_permission(role1.id, 'name-1', 'keyword-1')
user_id = BaseTestCase.user_id()
PermissionFactory.create(keyword='delete_permissions', role_id=role1.id)
UserRoleFactory.create(user_id=user_id, role_id=1000)
response = self.client().delete(self.make_url(f'/roles/permissions/{permission.id}'), headers=self.headers())
response_json = self.decode_from_json_string(response.data.decode('utf-8'))
self.assert400(response)
self.assertEqual(response_json['msg'], 'Access Error - No Permission Granted')
def test_update_permissions_without_right_permission(self):
permission_repo = PermissionRepo()
role1 = RoleFactory.create(name='admin')
permission = permission_repo.new_permission(role1.id, 'name-1', 'keyword-1')
user_id = BaseTestCase.user_id()
PermissionFactory.create(keyword='create_permissions', role_id=role1.id)
UserRoleFactory.create(user_id=user_id, role_id=100)
data = {'name': 'New name1', 'role_id': role1.id, 'keyword': 'New eky'}
response = self.client().put(self.make_url('/roles/permissions/{}'.format(permission.id)), data=self.encode_to_json_string(data), headers=self.headers())
response_json = self.decode_from_json_string(response.data.decode('utf-8'))
self.assert400(response)
self.assertEqual(response_json['msg'], 'Access Error - No Permission Granted')
def test_list_permissions_without_right_permission(self):
permission_repo = PermissionRepo()
role1 = RoleFactory.create(name='admin')
for i in range(1,4):
permission_repo.new_permission(role1.id, f'name-{i}', f'keyword-{i}')
user_id = BaseTestCase.user_id()
PermissionFactory.create(keyword='view_permissions', role_id=role1.id)
UserRoleFactory.create(user_id=user_id, role_id=100)
response = self.client().get(self.make_url('/roles/permissions'), headers=self.headers())
response_json = self.decode_from_json_string(response.data.decode('utf-8'))
self.assert400(response)
self.assertEqual(response_json['msg'], 'Access Error - No Permission Granted')
def test_update_with_wrong_permission_id(self):
permission_repo = PermissionRepo()
role1 = RoleFactory.create(name='admin')
permission = permission_repo.new_permission(role1.id, 'name-1', 'keyword-1')
user_id = BaseTestCase.user_id()
PermissionFactory.create(keyword='create_permissions', role_id=role1.id)
UserRoleFactory.create(user_id=user_id, role_id=role1.id)
data = {'name': 'New name1', 'role_id': role1.id, 'keyword': 'New eky'}
response = self.client().put(self.make_url(f'/roles/permissions/1000'), data=self.encode_to_json_string(data), headers=self.headers())
response_json = self.decode_from_json_string(response.data.decode('utf-8'))
self.assert400(response)
self.assertEqual(response_json['msg'], 'Invalid or incorrect permission id provided')
def test_list_permissions_with_right_permission(self):
permission_repo = PermissionRepo()
role1 = RoleFactory.create(name='admin')
for i in range(1,4):
permission_repo.new_permission(role1.id, f'name-{i}', f'keyword-{i}')
user_id = BaseTestCase.user_id()
PermissionFactory.create(keyword='view_permissions', role_id=role1.id)
UserRoleFactory.create(user_id=user_id, role_id=role1.id)
response = self.client().get(self.make_url('/roles/permissions'), headers=self.headers())
response_json = self.decode_from_json_string(response.data.decode('utf-8'))
payload = response_json['payload']
self.assert200(response)
self.assertEqual(len(payload['permissions']), 4)
self.assertJSONKeysPresent(payload['permissions'][0], 'name', 'keyword', 'roleId')
def test_delete_permission_endpoint_with_right_permission(self):
permission_repo = PermissionRepo()
role1 = RoleFactory.create(name='admin')
permission = permission_repo.new_permission(role1.id, 'name-1',
'keyword-1')
user_id = BaseTestCase.user_id()
PermissionFactory.create(keyword='delete_permissions', role=role1)
UserRoleFactory.create(user_id=user_id, role=role1)
response = self.client().delete(
self.make_url(f'/roles/permissions/{permission.id}'),
headers=self.headers())
response_json = self.decode_from_json_string(
response.data.decode('utf-8'))
payload = response_json['payload']
self.assert200(response)
self.assertEqual(payload['status'], 'success')
self.assertEqual(response_json['msg'], 'permission deleted')
def __init__(self, request):
"""
Constructor.
Parameters:
-----------
request
"""
BaseController.__init__(self, request)
self.user_role_repo = UserRoleRepo()
self.role_repo = RoleRepo()
self.user_repo = UserRepo()
self.location_repo = LocationRepo()
self.perm_repo = PermissionRepo()