def test_user_credential_types(user: User):
assert user.AccountTypeID in creds.user_developer_or_trusted_user
assert user.AccountTypeID not in creds.trusted_user
assert user.AccountTypeID not in creds.developer
assert user.AccountTypeID not in creds.trusted_user_or_dev
with db.begin():
user.AccountTypeID = at.TRUSTED_USER_ID
assert user.AccountTypeID in creds.trusted_user
assert user.AccountTypeID in creds.trusted_user_or_dev
with db.begin():
user.AccountTypeID = at.DEVELOPER_ID
assert user.AccountTypeID in creds.developer
assert user.AccountTypeID in creds.trusted_user_or_dev
with db.begin():
user.AccountTypeID = at.TRUSTED_USER_AND_DEV_ID
assert user.AccountTypeID in creds.trusted_user
assert user.AccountTypeID in creds.developer
assert user.AccountTypeID in creds.trusted_user_or_dev
# Some model authorization checks.
assert user.is_elevated()
assert user.is_trusted_user()
assert user.is_developer()
def test_user_is_developer(user: User):
with db.begin():
user.AccountTypeID = at.DEVELOPER_ID
assert user.is_developer() is True
# Do it again with the combined role.
with db.begin():
user.AccountTypeID = at.TRUSTED_USER_AND_DEV_ID
assert user.is_developer() is True
def trusted_user(user: User) -> User:
with db.begin():
user.AccountTypeID = TRUSTED_USER_ID
yield user