def test_requires_roles():
@requires_roles(EMPLOYEE_ROLE)
def test_func():
return True
with app.test_request_context():
# login with two-role account
account = authenticate_user(email_address2, password2, False)
ok_(account is not None)
eq_(int(user_session['user_id']), account.id)
eq_(user_session['email_address'], email_address2)
# check that current role is employee
eq_(user_session['current_role'], EMPLOYEE_ROLE)
# tackle parcels.view_packages_by_student_id (employee only)
ok_(test_func())
# switch role to student
current_user.switch_current_role(STUDENT_ROLE)
# check that current role is student
eq_(user_session['current_role'], STUDENT_ROLE)
# tackle parcels.view_packages_by_student_id (employee only)
try:
test_func()
ok_(False)
except Forbidden:
ok_(True)
def test_requires_roles():
@requires_roles(EMPLOYEE_ROLE)
def test_func():
return True
with app.test_request_context():
# login with two-role account
account = authenticate_user(email_address2, password2, False)
ok_(account is not None)
eq_(int(user_session['user_id']), account.id)
eq_(user_session['email_address'], email_address2)
# check that current role is employee
eq_(user_session['current_role'], EMPLOYEE_ROLE)
# tackle parcels.view_packages_by_student_id (employee only)
ok_(test_func())
# switch role to student
current_user.switch_current_role(STUDENT_ROLE)
# check that current role is student
eq_(user_session['current_role'], STUDENT_ROLE)
# tackle parcels.view_packages_by_student_id (employee only)
try:
test_func()
ok_(False)
except Forbidden:
ok_(True)
def switch_role(role):
"""Switch roles for account to the argument `role`.
Args:
role (str): `ADMIN_ROLE`, `EMPLOYEE_ROLE`, `STUDENT_ROLE`.
Returns:
Redirect to `next` or :func:`getpost.hogwarts.hogwarts_index`
"""
# TODO: implement, next so that the request can redirect to original page
if current_user.switch_current_role(role):
flash('Role has been successfully changed.', 'success')
else:
flash('Role could not be changed.', 'error')
return redirect(
request.args.get('next') or url_for('hogwarts.hogwarts_index'))
def switch_role(role):
"""Switch roles for account to the argument `role`.
Args:
role (str): `ADMIN_ROLE`, `EMPLOYEE_ROLE`, `STUDENT_ROLE`.
Returns:
Redirect to `next` or :func:`getpost.hogwarts.hogwarts_index`
"""
# TODO: implement, next so that the request can redirect to original page
if current_user.switch_current_role(role):
flash('Role has been successfully changed.', 'success')
else:
flash('Role could not be changed.', 'error')
return redirect(
request.args.get('next') or url_for('hogwarts.hogwarts_index')
)
