def decorated_function(*args, **kwargs):
if session.get('name') is None or not is_valid_login(
session.get('user')):
session['user'] = None
session['name'] = None
session['user_type'] = None
return redirect(url_for('auth.login', next=request.url))
return f(*args, **kwargs)
def test_is_valid_login(client, app):
app.data.insert('users', [
{
'_id': '5cc94b99bc4316684dc7dc07',
'email': '*****@*****.**',
'last_name': 'bar1',
'first_name': 'foo1',
'user_type': 'public',
'is_approved': True,
'is_enabled': True,
'is_validated': True,
'company': '1'
},
{
'_id': '2',
'email': '*****@*****.**',
'last_name': 'bar2',
'first_name': 'foo2',
'user_type': 'public',
'is_approved': True,
'is_enabled': False,
'is_validated': True,
'company': '1'
},
{
'_id': '3',
'email': '*****@*****.**',
'last_name': 'bar3',
'first_name': 'foo3',
'user_type': 'administrator',
'is_approved': True,
'is_enabled': True,
'is_validated': True,
'company': '2'
},
{
'_id': '4',
'email': '*****@*****.**',
'last_name': 'bar4',
'first_name': 'foo4',
'user_type': 'administrator',
'is_approved': True,
'is_enabled': True,
'is_validated': True,
'company': '3'
},
])
app.data.insert('companies',
[{
'_id': '1',
'name': 'Company1',
'is_enabled': True
}, {
'_id': '2',
'name': 'Company2',
'is_enabled': False
}, {
'_id': '3',
'name': 'Company3',
'is_enabled': True,
'expiry_date': datetime.utcnow() - timedelta(days=1)
}])
with app.test_request_context():
assert is_valid_login('5cc94b99bc4316684dc7dc07') is True
assert is_valid_login('2') is False
assert is_valid_login('3') is False
def decorated_function(*args, **kwargs):
if session.get('user_type') not in ['administrator', 'account_management'] \
or not is_valid_login(session.get('user')):
return abort(403)
return f(*args, **kwargs)
def decorated_function(*args, **kwargs):
if session.get('user_type') is None or session.get('user_type') != 'administrator' \
or not is_valid_login(session.get('user')):
return abort(403)
return f(*args, **kwargs)