def test_SupervisorRolePermission_authenticated_user( authenticated_user_instance): obj = Mock() obj.check_supervisor = lambda user: user == authenticated_user_instance with permissions.SupervisorRolePermission(obj=obj): pass del obj.check_supervisor with pytest.raises(HTTPException): with permissions.SupervisorRolePermission(): pass
def test_SupervisorRolePermission_authenticated_user_with_password_with_check_supervisor( authenticated_user_instance): authenticated_user_instance.password = "******" obj = Mock() obj.check_supervisor = lambda user: user == authenticated_user_instance with permissions.SupervisorRolePermission(obj=obj, password_required=True, password="******"): pass with pytest.raises(HTTPException): with permissions.SupervisorRolePermission(obj=obj, password_required=True, password="******"): pass
def replace(cls, obj, field, value, state): """ Some fields require extra permissions to be changed. Changing `is_active` and `is_regular_user` properties, current user must be a supervisor of the changing user, and `current_password` of the current user should be provided. Changing `is_admin` property requires current user to be Admin, and `current_password` of the current user should be provided.. """ if 'current_password' not in state: raise ValidationError( "Updating sensitive user settings requires `current_password` test operation " "performed before replacements.") if field in { User.is_active.fget.__name__, User.is_regular_user.fget.__name__ }: with permissions.SupervisorRolePermission( obj=obj, password_required=True, password=state['current_password']): # Access granted pass elif field == User.is_admin.fget.__name__: with permissions.AdminRolePermission( password_required=True, password=state['current_password']): # Access granted pass return super(PatchUserDetailsParameters, cls).replace(obj, field, value, state)
def test_SupervisorRolePermission_anonymous_user_with_password( anonymous_user_instance): obj = Mock() obj.check_supervisor = lambda user: False with pytest.raises(HTTPException): with permissions.SupervisorRolePermission(obj=obj, password_required=True, password="******"): pass
def test_SupervisorRolePermission_anonymous_user(anonymous_user_instance): with pytest.raises(HTTPException): with permissions.SupervisorRolePermission(): pass