def test_get_users_as_admin(self):
response = get_users(current_user=self.admin)
assert 'info' in response
data = response['info']
self.assertEqual(len(data), 4, data)
for user in data:
self.assertIsInstance(user['id'], int)
self.assertIsInstance(user['name'], str)
self.assertIsInstance(user['is_admin'], bool)
self.assertIsInstance(user['is_recruiter'], bool)
self.assertIsInstance(user['is_senior_recruiter'], bool)
assert len(user) == 5
if user['id'] == self.recruiter.id:
self.assertEqual(user['is_admin'], False, user)
self.assertEqual(user['is_recruiter'], True, user)
self.assertEqual(user['is_senior_recruiter'], False, user)
self.assertEqual(user['name'], self.recruiter.name, user)
elif user['id'] == self.admin.id:
self.assertEqual(user['is_admin'], True, user)
self.assertEqual(user['is_recruiter'], False, user)
self.assertEqual(user['is_senior_recruiter'], False, user)
self.assertEqual(user['name'], self.admin.name, user)
elif user['id'] == self.senior_recruiter.id:
self.assertEqual(user['is_admin'], False, user)
self.assertEqual(user['is_recruiter'], True, user)
self.assertEqual(user['is_senior_recruiter'], True, user)
self.assertEqual(user['name'], self.senior_recruiter.name,
user)
elif user['id'] == self.applicant.id:
self.assertEqual(user['is_admin'], False, user)
self.assertEqual(user['is_recruiter'], False, user)
self.assertEqual(user['is_senior_recruiter'], False, user)
self.assertEqual(user['name'], self.applicant.name, user)
def api_users():
"""
Get information on all registered users.
Returned data is of the form {'info': [user_1, user_2, ...]}. Each user
dictionary has the keys `id`, `name`, `is_admin`, `is_senior_recruiter`,
and `is_recruiter`.
Returns:
response (dict)
Error codes:
Forbidden (403): If logged in user is not an admin.
"""
return jsonify(get_users(current_user=current_user))
def api_set_roles(user_id):
"""
Sets roles of a given user.
If senior_recruiter is set to True, recruiter will be ignored as an input.
If the parameters are not given, that role will be unchanged.
Args:
user_id (int)
if missing/None uses the logged in user
is_recruiter (bool, optional)
is_senior_recruiter (bool, optional)
is_admin (bool, optional)
Returned data is of the form {'info': [user_1, user_2, ...]}. Each user
dictionary has the keys `id`, `name`, `is_admin`, `is_senior_recruiter`,
and `is_recruiter`.
Returns:
response (dict)
Error codes:
Forbidden (403): If logged in user is not an admin.
"""
recruiter = query_param_to_python(request.args.get('is_recruiter', None))
senior_recruiter = query_param_to_python(request.args.get('is_senior_recruiter', None))
admin = query_param_to_python(request.args.get('is_admin', None))
set_result = set_roles(
user_id,
is_recruiter=recruiter,
is_senior_recruiter=senior_recruiter,
is_admin=admin,
current_user=current_user,
)
if set_result.get('status', '') == 'ok':
return jsonify(get_users(current_user=current_user))
return set_result
def test_get_users_as_applicant(self):
with self.assertRaises(ForbiddenException):
get_users(current_user=self.applicant)
def test_get_users_as_senior_recruiter(self):
with self.assertRaises(ForbiddenException):
get_users(current_user=self.senior_recruiter)