def test(self):
with self.app.test_client() as c:
id1 = self.register("*****@*****.**", "d", c)['id']
user_role_svc = UserRoleService()
user_role_svc.create_user_role_by_name(user_id=id1,
role_name='admin')
self.login("*****@*****.**", "d", c)
roles = c.get('/role')
self.assert200(roles)
# assumes admin and investor roles were created by test_controller_base
self.assertEqual(2, len(roles.json))
def test_delete_user_as_admin(self):
with self.app.test_client() as c:
id1 = self.register("*****@*****.**", "d", c)['id']
id2 = self.register("*****@*****.**", "e", c)['id']
self.login("*****@*****.**", "d", c)
self.assertStatus(c.delete(f"/user/{id2}"), 401)
user_role_svc = UserRoleService()
user_role_svc.create_user_role_by_name(user_id=id1,
role_name='admin')
self.logout(c)
self.login("*****@*****.**", "d", c)
self.assertStatus(c.delete(f"/user/{id2}"), 200)
def test_get_users(self):
with self.app.test_client() as c:
id1 = self.register("*****@*****.**", "d", c)['id']
id2 = self.register("*****@*****.**", "e", c)['id']
self.login("*****@*****.**", "d", c)
self.assertStatus(c.get(f"/user"), 401)
user_role_svc = UserRoleService()
user_role_svc.create_user_role_by_name(user_id=id1,
role_name='admin')
self.logout(c)
self.login("*****@*****.**", "d", c)
response = c.get(f"/user")
self.assert200(response)
self.assertEquals(2, len(response.json))
def test_remove_role_from_user(self):
with self.app.test_client() as c:
id1 = self.register("*****@*****.**", "d", c)['id']
id2 = self.register("*****@*****.**", "e", c)['id']
user_role_svc = UserRoleService()
user_role_svc.create_user_role_by_name(user_id=id1,
role_name='admin')
self.login("*****@*****.**", "d", c)
self.assert200(
c.put(f"/user/{id2}/roles/{self.roles['admin'].id}"))
response = c.get(f"/user/{id2}")
self.assertEquals(2, len(response.json['roles']))
response = c.delete(f"/user/{id2}/roles/{self.roles['admin'].id}")
self.assert200(response)
response = c.get(f"/user/{id2}")
self.assertEquals(1, len(response.json['roles']))
class InvestorService:
user_svc = UserService()
user_role_svc = UserRoleService()
def __init__(self, _session=None):
self.session = _session or db.session
def create_investor(self, email, password):
user = self.user_svc.create_user_no_commit(email, password)
if not user:
return None
# this will commit the transaction for us
self.user_role_svc.create_user_role_by_name(user_id=user.id, role_name='investor')
return self.user_svc.get_user_by_id(user.id)
class TestUserRoleService(TestServiceBase):
user_svc = UserService()
user_role_svc = UserRoleService()
role_svc = RoleService()
def test_create_user_role_no_commit(self):
role_id = self.role_svc.create_role("test").id
user = self.user_svc.create_user_no_commit("*****@*****.**", "z")
user_role = self.user_role_svc.create_user_role_no_commit(
user_id=user.id, role_id=role_id)
self.assertEqual(user.id, user_role.user_id)
db.session.rollback()
self.assertIsNone(
UserRole.query.filter_by(user_id=user_role.user_id,
role_id=user_role.role_id).first())
def test_create_user_role_by_name(self):
role_id = self.role_svc.create_role("test").id
user = self.user_svc.create_user("*****@*****.**", "z")
user_role = self.user_role_svc.create_user_role_by_name(
user_id=user.id, role_name="test")
self.assertEqual(user.id, user_role.user_id)
self.assertEqual(role_id, user_role.role_id)
self.assertIsNotNone(
UserRole.query.filter_by(user_id=user_role.user_id,
role_id=user_role.role_id).first())
def test_create_user_role_by_id(self):
role_id = self.role_svc.create_role("test").id
user = self.user_svc.create_user("*****@*****.**", "z")
user_role = self.user_role_svc.create_user_role_by_id(user_id=user.id,
role_id=role_id)
self.assertEqual(user.id, user_role.user_id)
self.assertEqual(role_id, user_role.role_id)
self.assertIsNotNone(
UserRole.query.filter_by(user_id=user_role.user_id,
role_id=user_role.role_id).first())
def test_delete_role_id_for_user_id(self):
role_id = self.role_svc.create_role("test").id
user_id = self.user_svc.create_user("*****@*****.**", "z").id
user_role = self.user_role_svc.create_user_role_by_id(user_id=user_id,
role_id=role_id)
self.assertEqual(1,
len(UserRole.query.filter_by(user_id=user_id).all()))
deleted = self.user_role_svc.delete_role_id_for_user_id(
role_id, user_id)
self.assertEqual(role_id, deleted.role_id)
self.assertEqual(user_id, deleted.user_id)
self.assertEqual(
0, len(UserRole.query.filter_by(user_id=user_role.user_id).all()))
self.assertIsNone(
self.user_role_svc.delete_role_id_for_user_id(role_id, user_id))
def test_delete_user_roles_for_user_id(self):
role_ids = [
self.role_svc.create_role("test").id,
self.role_svc.create_role("test2").id
]
user_id = self.user_svc.create_user("*****@*****.**", "z").id
for role_id in role_ids:
self.user_role_svc.create_user_role_by_id(user_id=user_id,
role_id=role_id)
self.assertEqual(2,
len(UserRole.query.filter_by(user_id=user_id).all()))
self.user_role_svc.delete_user_roles_for_user_id(user_id)
self.assertEqual(0,
len(UserRole.query.filter_by(user_id=user_id).all()))
from flask_principal import identity_changed, Identity, AnonymousIdentity
from werkzeug.security import check_password_hash
from controller.exceptions import NotFound, Unauthorized, AlreadyExists
from core.authorization import admin_permission, admin_or_me_permission
from model.user import user_schema, users_schema
from model.user_role import user_role_schema
from service.investor_service import InvestorService
from service.user_role_service import UserRoleService
from service.user_service import UserService
user_api = Blueprint('user_api', __name__)
user_service = UserService()
investor_service = InvestorService()
user_role_service = UserRoleService()
@user_api.route('/user/<user_id>/roles/<role_id>', methods=['DELETE'])
@login_required
@admin_permission.require()
def remove_role_from_user(user_id, role_id):
"""
Grant the role to the user. Must be admin
"""
deleted_user_role = user_role_service.delete_role_id_for_user_id(
user_id=user_id, role_id=role_id)
return jsonify(user_role_schema.dump(deleted_user_role))
@user_api.route('/user/<user_id>/roles/<role_id>', methods=['PUT'])