def _user_info(user):
return {
'email': user.email,
'admin': is_user_admin(user),
'role': user.role,
'notifications': user.notifications or {}
}
def test_is_user_admin__is_not_admin(self, mock_get_organization_config):
test_user = models.User(email='*****@*****.**',
organization='googs.com')
self.assertEqual(False, helpers.is_user_admin(test_user))
mock_get_organization_config.assert_called_once_with('googs.com')
def test_is_user_admin__is_admin_for_different_org(
self, mock_get_organization_config):
test_user = models.User(email='*****@*****.**',
organization='googs.com')
self.assertEqual(False, helpers.is_user_admin(test_user, 'alph.com'))
mock_get_organization_config.assert_not_called()
def get_my_org_users():
if not is_user_admin(copy.copy(current_user)):
abort(403)
return jsonify([
_user_info(u)
for u in get_users_by_organization(current_user.organization)
])
def _user_info(user):
return {
'id': user.id,
'created': user.created.isoformat()[:19],
'email': user.email,
'organization': user.organization,
'admin': is_user_admin(user),
'role': user.role,
'notifications': user.notifications or {}
}
def get_user(user_id):
if user_id == 'me':
return jsonify(_user_info(current_user))
user = get_user_by_id(int(user_id))
if not user or not is_user_admin(copy.copy(current_user), user.organization):
abort(403)
return jsonify(_user_info(user))
def _user_info(user, admins_ids=None):
return {
'id': user.id,
'created': user.created.isoformat()[:19],
'email': user.email,
'organization': user.organization,
'admin': user.id in admins_ids if admins_ids is not None else is_user_admin(user),
'role': user.role,
'notifications': user.notifications or {}
}
def test_is_user_admin__is_admin(self, mock_service_get,
mock_get_organization_config):
test_user = models.User(email='*****@*****.**',
organization='googs.com')
self.assertEqual(True, helpers.is_user_admin(test_user))
mock_service_get.assert_called_once_with(
'admin', '/organizations/googs.com/users?role=admin')
mock_get_organization_config.assert_called_once_with('googs.com')
def check_authorization(self):
UserRequiredHandler.check_authorization(self)
self.existing_link = None
if self.request.route_kwargs and self.request.route_kwargs.get('link_id'):
try:
self.existing_link = models.ShortLink.get_by_id(int(self.request.route_kwargs.get('link_id')))
except Exception as e:
logging.warning(str(e))
if (self.existing_link
and self.existing_link.owner != self.user_email
and not (self.user.organization == self.existing_link.organization
and user_helpers.is_user_admin(self.user))):
self.abort(403)
def check_authorization(link_id):
try:
existing_link = models.ShortLink.get_by_id(link_id)
except Exception as e:
logging.warning(str(e))
return False
if not existing_link:
return False
if (existing_link.owner != current_user.email
and not (current_user.organization == existing_link.organization
and user_helpers.is_user_admin(current_user))):
return False
return existing_link
def post_link():
object_data = request.json
if 'owner' in object_data and not user_helpers.is_user_admin(current_user):
abort(403)
try:
new_link = helpers.create_short_link(
current_user.organization,
object_data.get('owner', current_user.email),
object_data['shortpath'], object_data['destination'])
except helpers.LinkCreationException as e:
return jsonify({'error': str(e)})
logging.info(f'{current_user.email} created go link with ID {new_link.id}')
return jsonify(
convert_entity_to_dict(new_link, PUBLIC_KEYS,
get_field_conversion_fns())), 201