def test_user_with_no_permissions_to_service_goes_to_templates(client, mocker):
user = _user_with_permissions()
mocker.patch('app.user_api_client.get_user', return_value=user)
client.login(user)
request.view_args = {'service_id': 'bar'}
@user_has_permissions()
def index():
pass
index()
def test_cant_use_decorator_without_view_args(
client,
platform_admin_user,
mocker,
):
mocker.patch('app.user_api_client.get_user', return_value=platform_admin_user)
client.login(platform_admin_user)
request.view_args = {}
@user_has_permissions()
def index():
pass
with pytest.raises(NotImplementedError):
index()
def test_platform_admin_can_see_orgs_they_dont_have(
client,
platform_admin_user,
mocker,
):
platform_admin_user['organisations'] = []
mocker.patch('app.user_api_client.get_user', return_value=platform_admin_user)
client.login(platform_admin_user)
request.view_args = {'org_id': 'org_2'}
@user_has_permissions()
def index():
pass
index()
def test_user_has_permissions_for_organisation(
client,
mocker,
):
user = _user_with_permissions()
user['organisations'] = ['org_1', 'org_2']
mocker.patch('app.user_api_client.get_user', return_value=user)
client.login(user)
request.view_args = {'org_id': 'org_2'}
@user_has_permissions()
def index():
pass
index()
def test_user_has_permissions_for_organisation(
client,
mocker,
):
user = _user_with_permissions()
user["organisations"] = ["org_1", "org_2"]
mocker.patch("app.user_api_client.get_user", return_value=user)
client.login(user)
request.view_args = {"org_id": "org_2"}
@user_has_permissions()
def index():
pass
index()
def test_user_doesnt_have_permissions_for_organisation(
client,
mocker,
):
user = _user_with_permissions()
user.organisations = ['org_1', 'org_2']
mocker.patch('app.user_api_client.get_user', return_value=user)
client.login(user)
request.view_args = {'org_id': 'org_3'}
@user_has_permissions()
def index():
pass
with pytest.raises(Forbidden):
index()
