def test_create_second_user_with_role_and_permission(database, domain,
cleanup):
__create_roles(database)
users = UserManager(database)
request_content = {
"email": "*****@*****.**",
"password": "******",
}
response = build_syft_msg(domain, CreateUserMessage, request_content,
generic_key)
# Check database
assert len(users) == 1
user = users.query(email="*****@*****.**")[0]
assert user.email == "*****@*****.**"
assert users.login(email="*****@*****.**", password="******")
assert users.role(user_id=user.id).name == "Owner"
assert users.role(user_id=user.id).can_create_users
assert users.role(user_id=user.id).can_triage_requests
# Check message response
assert response.status_code == 200
owner_id = str(users.query(email="*****@*****.**")[0].id)
second_user_content = {
"email": "*****@*****.**",
"password": "******",
"role": "Administrator",
"current_user": owner_id,
}
response = build_syft_msg(domain, CreateUserMessage, second_user_content,
generic_key)
# Check database
assert len(users) == 2
user = users.query(email="*****@*****.**")[0]
assert user.email == "*****@*****.**"
assert users.login(email="*****@*****.**", password="******")
assert users.role(user_id=user.id).name == "Administrator"
assert users.role(user_id=user.id).can_create_users == True
assert users.role(user_id=user.id).can_triage_requests == True
# Check message response
assert response.status_code == 200
def test_create_second_user(database, domain, cleanup):
__create_roles(database)
users = UserManager(database)
first_user_content = {
"email": "*****@*****.**",
"password": "******",
}
response = build_syft_msg(
domain, CreateUserMessage, first_user_content, generic_key
)
# Check database
assert len(users) == 1
user = users.query(email="*****@*****.**")[0]
assert user.email == "*****@*****.**"
assert users.login(email="*****@*****.**", password="******")
assert users.role(user_id=user.id).name == "Owner"
assert users.role(user_id=user.id).can_create_users
assert users.role(user_id=user.id).can_triage_requests
# Check message response
assert response.status_code == 200
second_user_content = {
"email": "*****@*****.**",
"password": "******",
}
response = build_syft_msg(
domain, CreateUserMessage, second_user_content, generic_key
)
# Check database
assert len(users) == 2
user = users.query(email="*****@*****.**")[0]
assert user.email == "*****@*****.**"
assert users.login(email="*****@*****.**", password="******")
assert users.role(user_id=user.id).name == "User"
assert not users.role(user_id=user.id).can_create_users
assert not users.role(user_id=user.id).can_triage_requests
# Check message response
assert response.status_code == 200
def test_create_second_user_with_owner_role_name(database, domain, cleanup):
__create_roles(database)
users = UserManager(database)
owner_content = {
"email": "*****@*****.**",
"password": "******",
}
response = build_syft_msg(domain, CreateUserMessage, owner_content,
generic_key)
# Check database
assert len(users) == 1
user = users.query(email="*****@*****.**")[0]
assert user.email == "*****@*****.**"
assert users.login(email="*****@*****.**", password="******")
assert users.role(user_id=user.id).name == "Owner"
assert users.role(user_id=user.id).can_create_users
assert users.role(user_id=user.id).can_triage_requests
# Check message response
assert response.status_code == 200
owner_id = str(users.query(email="*****@*****.**")[0].id)
second_user_content = {
"email": "*****@*****.**",
"password": "******",
"role": "Owner",
"current_user": owner_id,
}
try:
build_syft_msg(domain, CreateUserMessage, second_user_content,
generic_key)
pytest.fail("We shouldn't execute this line!")
except Exception as e:
assert str(e) == 'You can\'t create a new User with "Owner" role!'
# Check database
assert len(users) == 1
def test_update_role_with_permission(database, domain, cleanup):
__create_roles(database)
users = UserManager(database)
__create_user_samples(domain, users)
# Correct
std_user_id = users.query(email="*****@*****.**")[0].id
owner_user_id = users.query(email="*****@*****.**")[0].id
msg_content = {
"user_id": std_user_id,
"role": "3",
"current_user": owner_user_id,
}
response = build_syft_msg(domain, UpdateUserMessage, msg_content, generic_key)
assert response.status_code == 200
assert response.content == {"message": "User updated successfully!"}
user = users.query(email="*****@*****.**")[0]
assert user.email == "*****@*****.**"
assert users.role(user_id=user.id).name == "Administrator"
def test_create_first_user_msg(database, domain, cleanup):
__create_roles(database)
users = UserManager(database)
request_content = {
"email": "*****@*****.**",
"password": "******",
}
response = build_syft_msg(domain, CreateUserMessage, request_content, generic_key)
# Check database
assert len(users) == 1
user = users.query(email="*****@*****.**")[0]
assert user.email == "*****@*****.**"
assert users.login(email="*****@*****.**", password="******")
assert users.role(user_id=user.id).name == "Owner"
# Check message response
assert response.status_code == 200
assert database.session().query(Role).get(user.role).name == "Owner"
