def update_user(self, user, user_details: dict, role, requesting_user="******"):
if user != requesting_user:
if not UserRole.check_role_meets_minimum_rank(role, "admin"):
return json.dumps({"error": "Method doesn't exist or user has insufficient privileges"}), 401
if user not in self.users.keys():
return json.dumps({"error": "User does not exist"}), 404
if "role" not in user_details and "password" not in user_details:
return json.dumps({"error": "Submitted user details are invalid"}), 400
user_role = self.users[user]["role"]
if UserRole.check_role_meets_minimum_rank(role, "admin"):
user_role = user_details.get("role", self.users[user]["role"])
if not UserRole.check_role_is_valid(user_role):
return json.dumps({"error": "Submitted user details are invalid"}), 400
if "password" in user_details:
if user_details["password"] == b"":
return json.dumps({"error": "Submitted user details are invalid"}), 400
user_password = base64.b64decode(user_details["password"]).decode()
else:
user_password = self.users[user]["password"]
self.users[user] = {"password": user_password, "role": user_role}
self.authentication_backend.update_user_file(self.users)
return "", 200
def add_user(self, user, user_details, role):
if not UserRole.check_role_meets_minimum_rank(role, "admin"):
return json.dumps({"error": "Method doesn't exist or user has insufficient privileges"}), 401
if user in self.users.keys():
return json.dumps({"error": "User already exists"}), 400
if "role" in user_details.keys():
new_user_role = user_details["role"]
else:
return json.dumps({"error": "Submitted user details are invalid"}), 400
if "password" not in user_details.keys() or user_details["password"] == "":
return json.dumps({"error": "Submitted user details are invalid"}), 400
if not UserRole.check_role_is_valid(new_user_role):
return json.dumps({"error": "Submitted user details are invalid"}), 400
self.users[user] = {"password": base64.b64decode(user_details["password"]).decode(), "role": new_user_role}
self.authentication_backend.update_user_file(self.users)
return "", 200
def test_check_role_is_valid(self):
self.assertTrue(UserRole.check_role_is_valid("admin"))
self.assertTrue(UserRole.check_role_is_valid("support"))
self.assertTrue(UserRole.check_role_is_valid("readOnly"))
def test_check_role_is_valid_fails_nonexistent_role(self):
self.assertFalse(UserRole.check_role_is_valid("notarole"))