def test_get_rcis_for_user_BUT_user_id_is_invalid(app, user_factory):
"""
Assert that the right exceptions are thrown when given invalid data
"""
user = user_factory(permissions=Permission.MODERATE_RCIS)
with app.app_context():
with pytest.raises(RecordNotFound) as e1:
librci.get_rcis_for_user(user_id=str(uuid4()), logged_in_user=user)
with app.app_context():
with pytest.raises(ValueError) as e2:
librci.get_rcis_for_user(user_id=uuid4(), logged_in_user=user)
assert 'No such user' in str(e1)
assert 'not a valid id' in str(e2)
def test_get_rcis_for_user_BUT_user_is_not_a_collaborator(app, rci, user):
"""
Assert that a user with no special permissions can't just lookup somone
else's rcis
"""
with app.app_context():
with pytest.raises(Unauthorized) as e:
rcis = librci.get_rcis_for_user(user_id=rci['created_by'],
logged_in_user=user)
assert 'do not have sufficient permissions' in str(e)
def test_get_rcis_for_user_WITH_user_having_MODERATE_RCIS_permissions(
app, user_factory, rci):
"""
A user with the MODERATE_RCIS permission can indeed lookup rcis for another
user apart from themselves
"""
with app.app_context():
user = user_factory(permissions=Permission.MODERATE_RCIS)
rcis = librci.get_rcis_for_user(user_id=rci['created_by'],
logged_in_user=user)
assert len(rcis) == 1
def test_get_rcis_for_user_WITH_user_being_a_collaborator(app, rci):
"""
Assert that the function fetches the expected rci(s)
The creator of the fixture rci is also a collaborator.
So we expect the same rci to be fetched when use use the creator's user_id
to fetch rcis
"""
with app.app_context():
db = get_db()
user = db.execute('select * from users where user_id = ?',
(rci['created_by'], )).fetchone()
rcis = librci.get_rcis_for_user(user_id=rci['created_by'],
logged_in_user=user)
assert len(rcis) == 1
assert rcis[0]['rci_id'] == rci['rci_id']
def main():
"""
The "homepage". This is what a user sees when they first log-in.
"""
logged_in_user = g.user
# 1 - Fetch user settings for default buildings the user can view.
# 1.1 If such a setting does not exist, default to all buildings
# 2 - Try to fetch the rcis for the list of buildings we have.
# 2.1 - If the call fails with `Unauthorized`, the user has no such access
# Fetch their own rcis only
user_settings = libuser.get_user_settings(
user_id=logged_in_user['user_id'])
building_list = user_settings['default_buildings']
if building_list is None:
building_list = list(libroom.get_building_manifest().keys())
try:
rcis = librci.get_rcis_for_buildings(buildings=building_list,
logged_in_user=logged_in_user)
except Unauthorized:
rcis = librci.get_rcis_for_user(user_id=logged_in_user['user_id'],
logged_in_user=logged_in_user)
user_permissions = libuser.get_user_permissions(
user_id=logged_in_user['user_id'])
display_search = user_can(permissions=Permission.MODERATE_RCIS,
user=logged_in_user)
display_system_settings = user_can(permissions=Permission.MODERATE_SYSTEM,
user=logged_in_user)
return render_template('dashboard/main.html',
rcis=rcis,
display_search=display_search,
display_system_settings=display_system_settings)