def test_admin_update_user_remove_old_roles_from_user(self, test_client):
user = User(email="*****@*****.**", password="******", is_admin=True)
user.is_admin = True
role1 = Role(name="test1-role")
role2 = Role(name="test2-role")
user.roles = [role1, role2]
user.save()
data = {
"id": str(user.id),
"email": "*****@*****.**",
"first_name": "Test",
"last_name": "User",
"password": "******",
"is_admin": None,
}
response = test_client.post(
f"{module_info['url_prefix']}/update",
data=data,
follow_redirects=True,
)
assert response.status_code == 200
assert user.email == "*****@*****.**"
assert user.check_password("pass")
assert len(user.roles) == 0
assert len(role1.users) == 0
assert len(role2.users) == 0
def test_admin_update_user_adding_new_roles_to_user(self, test_client):
user = User.create(email="*****@*****.**", password="******")
role1 = Role.create(name="test1-role")
role2 = Role.create(name="test2-role")
data = {
"id": str(user.id),
"email": "*****@*****.**",
"password": "******",
"first_name": "Test",
"last_name": "User",
"is_admin": "",
f"role_{role1.id}": "",
f"role_{role2.id}": "",
}
response = test_client.post(
f"{module_info['url_prefix']}/update",
data=data,
follow_redirects=True,
)
assert response.status_code == 200
assert user.email == "*****@*****.**"
assert user.check_password("newpass")
assert user.first_name == "Test"
assert user.last_name == "User"
assert len(user.roles) == 2
assert role1.users[0].email == "*****@*****.**"
assert role2.users[0].email == "*****@*****.**"
def test_admin_add_unique_user_post(self, test_client):
role1 = Role.create(name="test1-role")
role2 = Role.create(name="test2-role")
data = {
"email": "*****@*****.**",
"password": "******",
"first_name": "Test",
"last_name": "User",
"is_admin": "",
f"role_{role1.id}": "",
f"role_{role2.id}": "",
}
test_client.post(
f"{module_info['url_prefix']}/add",
data=data,
follow_redirects=True,
)
test_user = User.query.filter(User.email == "*****@*****.**").scalar()
assert test_user is not None
assert test_user.first_name == "Test"
assert test_user.last_name == "User"
assert test_user.is_admin is False
assert test_user.roles is not None
assert len(test_user.roles) == 2
assert role1.users[0].email == "*****@*****.**"
assert role2.users[0].email == "*****@*****.**"
def roles_add():
if request.method == "POST":
if not Role.query.filter(Role.name == request.form["name"]).first():
role = Role(name=request.form["name"])
role.save()
flash(notify_success("Role successfully added"))
return redirect(url_for("appadmin.roles"))
flash(notify_warning("Role already exists"))
return redirect(url_for("appadmin.roles"))
def test_admin_roles_add_existing_role_post(self, test_client):
Role.create(name="new-role")
response = test_client.post(
f"{module_info['url_prefix']}/roles/add",
data=dict(name="new-role"),
follow_redirects=True,
)
role_count = Role.query.count()
role = Role.query.filter(Role.name == "new-role").scalar()
assert response.status_code == 200
assert b"Role already exists" in response.data
assert role is not None
assert role_count == 1
def test_admin_roles_delete_existing_role_get(self, test_client):
role1 = Role.create(name="new-role1")
role2 = Role.create(name="new-role2")
response = test_client.get(
f"{module_info['url_prefix']}/roles/{role1.id}/delete",
follow_redirects=True,
)
roles = Role.query.all()
assert response.status_code == 200
assert request.path == f"{module_info['url_prefix']}/roles"
assert b"Role successfully deleted" in response.data
assert roles is not None
assert roles[0].name == role2.name
assert len(roles) == 1
def roles_delete(role_id):
role = Role.get_by_id(role_id)
if role is None:
flash(notify_warning("Unable to delete. Invalid role id"))
return redirect(url_for("appadmin.roles"))
role.delete()
flash(notify_success("Role successfully deleted"))
return redirect(url_for("appadmin.roles"))
def test_admin_delete_existing_user_get(self, test_client):
user = User(email="*****@*****.**", password="******")
role1 = Role(name="test1-role")
role2 = Role(name="test2-role")
user.roles = [role1, role2]
user.save()
response = test_client.get(
f"{module_info['url_prefix']}/delete/{user.id}",
follow_redirects=True,
)
test_user = User.query.filter(User.email == user.email).scalar()
test_roles = Role.query.count()
user_role = (User.query.join(role_user_bridge).join(Role).filter(
User.id == user.id).scalar())
assert response.status_code == 200
assert test_user is None
assert user_role is None
assert test_roles == 2
def roles_update():
if request.method == "POST":
role = Role.get_by_id(request.form["role_id"])
if role is None:
flash(notify_warning("Unable to update. Role does not exist"))
return redirect(url_for("appadmin.roles"))
role.name = request.form["role_name"]
role.update()
flash(notify_success("Role successfully updated"))
return redirect(url_for("appadmin.roles"))
def test_admin_roles_update_existing_role_post(self, test_client):
new_role = Role.create(name="new-role1")
response = test_client.post(
f"{module_info['url_prefix']}/roles/update",
data=dict(role_id=new_role.id, role_name="update-role"),
follow_redirects=True,
)
role = Role.query.scalar()
assert response.status_code == 200
assert request.path == f"{module_info['url_prefix']}/roles"
assert b"Role successfully updated" in response.data
assert role is not None
assert role.name == "update-role"
def user_add():
"""
**Adds a User**
adds a user to database.
"""
context = {}
if request.method == "POST":
email = request.form["email"]
password = request.form["password"]
first_name = request.form["first_name"]
last_name = request.form["last_name"]
admin_user = request.form.get("is_admin")
if admin_user == "True":
is_admin = True
else:
is_admin = False
has_user = db.session.query(
exists().where(User.email == email)).scalar()
if not has_user:
new_user = User()
new_user.email = email
new_user.is_admin = is_admin
new_user.first_name = first_name
new_user.last_name = last_name
new_user.password = password
for key in request.form:
if key.startswith("role_"):
role_id = key.split("_")[1]
role = Role.get_by_id(role_id)
new_user.roles.append(role)
new_user.save()
return redirect(url_for("appadmin.user_add"))
flash(notify_warning("User with same email already exists"))
context["roles"] = Role.query.all()
return render_template("appadmin/add.html", **context)
def admin_update():
"""
**Update a User record**
"""
id = request.form["id"]
password = request.form["password"]
email = request.form["email"]
first_name = request.form["first_name"]
last_name = request.form["last_name"]
is_admin = request.form.get("is_admin")
if is_admin:
is_admin = True
else:
is_admin = False
user = User.query.get(id)
if user is None:
flash(notify_warning("Unable to update. User does not exist."))
return redirect("/admin")
user.is_admin = is_admin
user.email = email
user.first_name = first_name
user.last_name = last_name
user.roles[:] = []
if password.strip():
user.password = password
for key in request.form:
if key.startswith("role_"):
role_id = key.split("_")[1]
role = Role.get_by_id(role_id)
user.roles.append(role)
user.update()
flash(notify_success("User successfully updated"))
return redirect("/appadmin")