def test_SupervisorRolePermission_authenticated_user(
authenticated_user_instance):
obj = Mock()
obj.check_supervisor = lambda user: user == authenticated_user_instance
with permissions.SupervisorRolePermission(obj=obj):
pass
del obj.check_supervisor
with pytest.raises(HTTPException):
with permissions.SupervisorRolePermission():
pass
def test_SupervisorRolePermission_authenticated_user_with_password_with_check_supervisor(
authenticated_user_instance):
authenticated_user_instance.password = "******"
obj = Mock()
obj.check_supervisor = lambda user: user == authenticated_user_instance
with permissions.SupervisorRolePermission(obj=obj,
password_required=True,
password="******"):
pass
with pytest.raises(HTTPException):
with permissions.SupervisorRolePermission(obj=obj,
password_required=True,
password="******"):
pass
def replace(cls, obj, field, value, state):
"""
Some fields require extra permissions to be changed.
Changing `is_active` and `is_regular_user` properties, current user
must be a supervisor of the changing user, and `current_password` of
the current user should be provided.
Changing `is_admin` property requires current user to be Admin, and
`current_password` of the current user should be provided..
"""
if 'current_password' not in state:
raise ValidationError(
"Updating sensitive user settings requires `current_password` test operation "
"performed before replacements.")
if field in {
User.is_active.fget.__name__,
User.is_regular_user.fget.__name__
}:
with permissions.SupervisorRolePermission(
obj=obj,
password_required=True,
password=state['current_password']):
# Access granted
pass
elif field == User.is_admin.fget.__name__:
with permissions.AdminRolePermission(
password_required=True,
password=state['current_password']):
# Access granted
pass
return super(PatchUserDetailsParameters,
cls).replace(obj, field, value, state)
def test_SupervisorRolePermission_anonymous_user_with_password(
anonymous_user_instance):
obj = Mock()
obj.check_supervisor = lambda user: False
with pytest.raises(HTTPException):
with permissions.SupervisorRolePermission(obj=obj,
password_required=True,
password="******"):
pass
def test_SupervisorRolePermission_anonymous_user(anonymous_user_instance):
with pytest.raises(HTTPException):
with permissions.SupervisorRolePermission():
pass