def test_get_rcis_for_user_BUT_user_id_is_invalid(app, user_factory): """ Assert that the right exceptions are thrown when given invalid data """ user = user_factory(permissions=Permission.MODERATE_RCIS) with app.app_context(): with pytest.raises(RecordNotFound) as e1: librci.get_rcis_for_user(user_id=str(uuid4()), logged_in_user=user) with app.app_context(): with pytest.raises(ValueError) as e2: librci.get_rcis_for_user(user_id=uuid4(), logged_in_user=user) assert 'No such user' in str(e1) assert 'not a valid id' in str(e2)
def test_get_rcis_for_user_BUT_user_is_not_a_collaborator(app, rci, user): """ Assert that a user with no special permissions can't just lookup somone else's rcis """ with app.app_context(): with pytest.raises(Unauthorized) as e: rcis = librci.get_rcis_for_user(user_id=rci['created_by'], logged_in_user=user) assert 'do not have sufficient permissions' in str(e)
def test_get_rcis_for_user_WITH_user_having_MODERATE_RCIS_permissions( app, user_factory, rci): """ A user with the MODERATE_RCIS permission can indeed lookup rcis for another user apart from themselves """ with app.app_context(): user = user_factory(permissions=Permission.MODERATE_RCIS) rcis = librci.get_rcis_for_user(user_id=rci['created_by'], logged_in_user=user) assert len(rcis) == 1
def test_get_rcis_for_user_WITH_user_being_a_collaborator(app, rci): """ Assert that the function fetches the expected rci(s) The creator of the fixture rci is also a collaborator. So we expect the same rci to be fetched when use use the creator's user_id to fetch rcis """ with app.app_context(): db = get_db() user = db.execute('select * from users where user_id = ?', (rci['created_by'], )).fetchone() rcis = librci.get_rcis_for_user(user_id=rci['created_by'], logged_in_user=user) assert len(rcis) == 1 assert rcis[0]['rci_id'] == rci['rci_id']
def main(): """ The "homepage". This is what a user sees when they first log-in. """ logged_in_user = g.user # 1 - Fetch user settings for default buildings the user can view. # 1.1 If such a setting does not exist, default to all buildings # 2 - Try to fetch the rcis for the list of buildings we have. # 2.1 - If the call fails with `Unauthorized`, the user has no such access # Fetch their own rcis only user_settings = libuser.get_user_settings( user_id=logged_in_user['user_id']) building_list = user_settings['default_buildings'] if building_list is None: building_list = list(libroom.get_building_manifest().keys()) try: rcis = librci.get_rcis_for_buildings(buildings=building_list, logged_in_user=logged_in_user) except Unauthorized: rcis = librci.get_rcis_for_user(user_id=logged_in_user['user_id'], logged_in_user=logged_in_user) user_permissions = libuser.get_user_permissions( user_id=logged_in_user['user_id']) display_search = user_can(permissions=Permission.MODERATE_RCIS, user=logged_in_user) display_system_settings = user_can(permissions=Permission.MODERATE_SYSTEM, user=logged_in_user) return render_template('dashboard/main.html', rcis=rcis, display_search=display_search, display_system_settings=display_system_settings)