def decorated_function(*args, **kwargs): if session.get('name') is None or not is_valid_login( session.get('user')): session['user'] = None session['name'] = None session['user_type'] = None return redirect(url_for('auth.login', next=request.url)) return f(*args, **kwargs)
def test_is_valid_login(client, app): app.data.insert('users', [ { '_id': '5cc94b99bc4316684dc7dc07', 'email': '*****@*****.**', 'last_name': 'bar1', 'first_name': 'foo1', 'user_type': 'public', 'is_approved': True, 'is_enabled': True, 'is_validated': True, 'company': '1' }, { '_id': '2', 'email': '*****@*****.**', 'last_name': 'bar2', 'first_name': 'foo2', 'user_type': 'public', 'is_approved': True, 'is_enabled': False, 'is_validated': True, 'company': '1' }, { '_id': '3', 'email': '*****@*****.**', 'last_name': 'bar3', 'first_name': 'foo3', 'user_type': 'administrator', 'is_approved': True, 'is_enabled': True, 'is_validated': True, 'company': '2' }, { '_id': '4', 'email': '*****@*****.**', 'last_name': 'bar4', 'first_name': 'foo4', 'user_type': 'administrator', 'is_approved': True, 'is_enabled': True, 'is_validated': True, 'company': '3' }, ]) app.data.insert('companies', [{ '_id': '1', 'name': 'Company1', 'is_enabled': True }, { '_id': '2', 'name': 'Company2', 'is_enabled': False }, { '_id': '3', 'name': 'Company3', 'is_enabled': True, 'expiry_date': datetime.utcnow() - timedelta(days=1) }]) with app.test_request_context(): assert is_valid_login('5cc94b99bc4316684dc7dc07') is True assert is_valid_login('2') is False assert is_valid_login('3') is False
def decorated_function(*args, **kwargs): if session.get('user_type') not in ['administrator', 'account_management'] \ or not is_valid_login(session.get('user')): return abort(403) return f(*args, **kwargs)
def decorated_function(*args, **kwargs): if session.get('user_type') is None or session.get('user_type') != 'administrator' \ or not is_valid_login(session.get('user')): return abort(403) return f(*args, **kwargs)