def __init__(self, request): BaseController.__init__(self, request) self.role_repo = RoleRepo() self.user_role_repo = UserRoleRepo() self.user_repo = UserRepo() self.permission_repo = PermissionRepo() self.redis_set = RedisSet()
def decorated(*args, **kwargs): user_role_repo = UserRoleRepo() permission_repo = PermissionRepo() user_id = Auth.user('sub') user_role = user_role_repo.find_first(**{'user_id': user_id}) if not user_id: return make_response(jsonify({'msg': 'Missing user ID in token'})), 400 if not user_role: return make_response(jsonify({'msg': 'Access Error - No Role Granted'})), 400 user_perms = permission_repo.get_unpaginated(**{'role_id': user_role.role_id}) perms = [perm.name for perm in user_perms] if len(perms) == 0: return make_response(jsonify({'msg': 'Access Error - No Permission Granted'})), 400 if permission not in perms: return make_response(jsonify({'msg': 'Access Error - Permission Denied'})), 400 return f(*args, **kwargs)
class TestUserRoleRepo(BaseTestCase): def setUp(self): self.BaseSetUp() self.repo = UserRoleRepo() def test_new_user_role_method_returns_new_user_role_object(self): user_role = UserRoleFactory.build() new_user_role = self.repo.new_user_role(user_role.role_id.id, user_role.user_id, user_role.location_id, user_role.email) self.assertIsInstance(new_user_role, UserRole) self.assertEqual(str(new_user_role.user_id), str(user_role.user_id)) self.assertEqual(new_user_role.location_id, user_role.location_id) def test_exclude_works_user_role_instance(self): user_role = UserRoleFactory.build() new_user_role = self.repo.new_user_role(user_role.role_id.id, user_role.user_id, user_role.location_id, user_role.email) excluded_response = new_user_role.to_dict(exclude=["user_id"]) self.assertFalse(excluded_response.get("user_id", False))
def decorated(*args, **kwargs): user_role_repo = UserRoleRepo() role_repo = RoleRepo() user_id = Auth.user('id') user_role = user_role_repo.find_first(**{'user_id': user_id}) if not user_id: return make_response( jsonify({'msg': 'Missing User ID in token'})), 401 if not user_role: return make_response( jsonify({'msg': 'Access Error - No Role Granted'})), 401 if role_repo.get(user_role.role_id).name != role: return make_response( jsonify({ 'msg': 'Access Error - This role does not have the access rights' })), 401 return f(*args, **kwargs)
class TestUserRoleRepo(BaseTestCase): def setUp(self): self.BaseSetUp() self.repo = UserRoleRepo() self.redis_set = RedisSet() def tearDown(self): self.BaseTearDown() def test_new_user_role_method_returns_new_user_role_object(self): role = RoleFactory.create() location = LocationFactory.create() user_role = UserRoleFactory.build(role_id=role.id, location=location) new_user_role = self.repo.new_user_role(user_role.role_id, user_role.user_id, user_role.location_id, user_role.email) self.assertIsInstance(new_user_role, UserRole) self.assertEqual(str(new_user_role.user_id), str(user_role.user_id)) self.assertEqual(new_user_role.location.id, user_role.location.id) def test_exclude_works_user_role_instance(self): role = RoleFactory.create() location = LocationFactory.create() user_role = UserRoleFactory.build(role_id=role.id, location_id=location.id) new_user_role = self.repo.new_user_role(user_role.role_id, user_role.user_id, user_role.location_id, user_role.email) excluded_response = new_user_role.to_dict(exclude=["user_id"]) self.assertFalse(excluded_response.get("user_id", False)) def test_new_user_role_updates_cache(self): role = RoleFactory.create() location = LocationFactory.create() user_role = UserRoleFactory.build(role_id=role.id, location=location) self.repo.new_user_role(user_role.role_id, user_role.user_id, user_role.location_id, user_role.email) results = self.redis_set.get(user_role.email[0:1]) self.assertTrue(user_role.email in results) results = self.redis_set.get(user_role.email[0:3]) self.assertTrue(user_role.email in results) results = self.redis_set.get(user_role.email[0:5]) self.assertTrue(user_role.email in results) results = self.redis_set.get(user_role.email[0:len(user_role.email) - 1]) self.assertTrue(user_role.email in results)
def test_run_5_minute_method(self): role = RoleFactory.create() location = LocationFactory.create() user_role = UserRoleFactory.build(role_id=role.id, location=location) UserRoleRepo().new_user_role(user_role.role_id, user_role.user_id, user_role.location_id, user_role.email) Cron(self.app).run_5_minute() results = self.redis_set.get(user_role.email[0]) self.assertEqual(user_role.email, results[0]) results = self.redis_set.get(user_role.email[0:1]) self.assertEqual(user_role.email, results[0]) results = self.redis_set.get(user_role.email[0:2]) self.assertEqual(user_role.email, results[0])
class TestUserRoleRepo(BaseTestCase): def setUp(self): self.BaseSetUp() self.repo = UserRoleRepo() self.redis_set = RedisSet() def tearDown(self): self.BaseTearDown() # def test_new_user_role_method_returns_new_user_role_object(self): # role = RoleFactory.create() # user = UserFactory.create() # # user_role = UserRoleFactoryFake.build(user_id=user.id, role_id=role.id,) # user_role = UserRoleFactory.build(role_id=role.id, user_id=user.id, ) # # # new_user_role = self.repo.new_user_role( # # user_id=user.id, role_id=user_role.role_id, # # ) # new_user_role = self.repo.new_user_role( # user_id=user_role.user_id, role_id=user_role.role_id, # ) # print(new_user_role.__dict__) # self.assertIsInstance(new_user_role, UserRole) # self.assertEqual(str(new_user_role.user_id), str(user.id)) def test_exclude_works_user_role_instance(self): role = RoleFactory.create() user = UserFactory.create() user_role = UserRoleFactory.build( role_id=role.id, user_id=user.id, ) new_user_role = self.repo.new_user_role( user_id=user_role.user_id, role_id=user_role.role_id, ) excluded_response = new_user_role.to_dict(exclude=["user_id"]) self.assertFalse(excluded_response.get("user_id", False))
class RoleController(BaseController): def __init__(self, request): BaseController.__init__(self, request) self.role_repo = RoleRepo() self.user_role_repo = UserRoleRepo() self.user_repo = UserRepo() self.permission_repo = PermissionRepo() self.redis_set = RedisSet() """ ROLES """ def list_roles(self): roles = self.role_repo.filter_by(is_deleted=False) role_list = [role.serialize() for role in roles.items] return self.handle_response("OK", payload={ "roles": role_list, "meta": self.pagination_meta(roles) }) def get_role(self, role_id): role = self.role_repo.get(role_id) if role: return self.handle_response("OK", payload={"role": role.serialize()}) return self.handle_response("Invalid or Missing role_id", status_code=400) def create_role(self): name, help_ = self.request_params("name", "help") role1 = self.role_repo.find_first(name=name) if not role1: try: role = self.role_repo.new_role(name=name, help_=help_) return self.handle_response("OK", payload={"role": role.serialize()}, status_code=201) except Exception as e: return self.handle_response("Error processing: " + str(e), status_code=400) return self.handle_response("Role with this name already exists", status_code=400) def update_role(self, role_id): name, help_ = self.request_params("name", "help") role = self.role_repo.get(role_id) if role: updates = {} if name: role1 = self.role_repo.find_first(name=name) if role1: return self.handle_response( "Role with this name already exists", status_code=400) updates["name"] = name if help_: updates["help"] = help_ role = self.role_repo.update(role, **updates) return self.handle_response("OK", payload={"role": role.serialize()}) return self.handle_response("Invalid or incorrect role_id provided", status_code=400) def delete_role(self, role_id): role = self.role_repo.get(role_id) if role: updates = {} updates["is_deleted"] = True self.role_repo.update(role, **updates) return self.handle_response("role deleted", payload={"status": "success"}) return self.handle_response("Invalid or incorrect role_id provided", status_code=404) """ USER ROLES """ def get_user_roles(self, user_id): user_roles = self.user_role_repo.get_unpaginated(user_id=user_id) if user_roles: role_list = [role.serialize() for role in user_roles] return self.handle_response("OK", payload={"user_role": role_list}) return self.handle_response("There are no roles for this user", status_code=404) def create_user_role(self): try: role_id, user_id = self.request_params("role_id", "user_id") user = self.user_repo.find_first(id=user_id) if user is None: return self.handle_response("This user record does not exist", status_code=400) user_id = user.id user_role = self.user_role_repo.get_unpaginated(role_id=role_id, user_id=user_id, is_deleted=False) if not user_role: role = self.role_repo.get(role_id) if role: user_role = self.user_role_repo.new_user_role( role_id=role_id, user_id=user_id, ) user_role_data = user_role.serialize() user_role_data.update( {"name": f"{user.first_name} {user.last_name}"}) return self.handle_response( "OK", payload={"user_role": user_role_data}, status_code=201) return self.handle_response("This role does not exist", status_code=400) return self.handle_response("This User has this Role already", status_code=400) except Exception as e: return self.handle_response("Error Occurred: " + str(e), status_code=400) def delete_user_role(self, user_role_id): user_role = self.user_role_repo.get(user_role_id) if user_role: updates = {} updates["is_deleted"] = True self.user_role_repo.update(user_role, **updates) return self.handle_response("user_role deleted for user", payload={"status": "success"}) return self.handle_response( "Invalid or incorrect user_role_id provided", status_code=404) def disable_user_role(self): user_id, role_id = self.request_params("userId", "roleId") user_role = self.user_role_repo.get_unpaginated(user_id=user_id, role_id=role_id)[0] if user_role: updates = {} updates["is_active"] = False self.user_role_repo.update(user_role, **updates) return self.handle_response("user_role disabled for user", payload={"status": "success"}) return self.handle_response( "Invalid or incorrect user_role_id provided", status_code=404) """ PERMISSIONS """ def get_role_permissions(self, role_id): permissions = self.permission_repo.get_unpaginated( **{"role_id": role_id}) perm_list = [permission.serialize() for permission in permissions] return self.handle_response("OK", payload={ "role_id": role_id, "role_permissions": perm_list }) def get_single_permission(self, role_id, permission_id): permission = self.permission_repo.filter_by(role_id=role_id, id=permission_id) permissions = [ permission.serialize() for permission in permission.items ] return self.handle_response("OK", payload={"permission": permissions}) def get_all_permissions(self): permissions = self.permission_repo.get_unpaginated() perm_list = [permission.serialize() for permission in permissions] return self.handle_response("OK", payload={"permissions": perm_list}) def create_role_permission(self): role_id, name, keyword = self.request_params("role_id", "name", "keyword") permission = self.permission_repo.get_unpaginated(name=name, is_deleted=False, role_id=role_id) if not permission: role = self.role_repo.get(role_id) if role: permission = self.permission_repo.new_permission( role_id=role_id, name=name, keyword=keyword) return self.handle_response( "OK", payload={"permission": permission.serialize()}, status_code=201, ) return self.handle_response("This role does not exist", status_code=400) return self.handle_response("This permission already exists", status_code=400) def update_permission(self, permission_id): role_id, name, keyword = self.request_params("role_id", "name", "keyword") permission = self.permission_repo.get(permission_id) if permission: updates = {} if name: permission1 = self.permission_repo.find_first(name=name) if permission1: return self.handle_response( "Permission with this name already exists", status_code=400) updates["name"] = name if role_id: updates["role_id"] = role_id if keyword: updates["keyword"] = keyword self.role_repo.update(permission, **updates) return self.handle_response( "OK", payload={"permission": permission.serialize()}) return self.handle_response( "Invalid or incorrect permission id provided", status_code=400) def delete_role_permission(self, permission_id): permission = self.permission_repo.get(permission_id) if permission: updates = {} updates["is_deleted"] = True self.role_repo.update(permission, **updates) return self.handle_response("permission deleted", payload={"status": "success"}) return self.handle_response( "Invalid or incorrect permission id provided", status_code=404) def autocomplete(self): params = self.get_params("q") rows = [] if params: for value in self.redis_set.get(params[0]): if value: rows.append(value) return self.handle_response(rows, status_code=200)
def add_user_roles_to_cache(self): '''A cron job that periodically updated the redis cache with the user emails for autocomplete ''' with self.app.app_context(): for user_role in UserRole.query.all(): UserRoleRepo().update_cache(user_role)
def setUp(self): self.BaseSetUp() self.repo = UserRoleRepo()
class RoleController(BaseController): def __init__(self, request): BaseController.__init__(self, request) self.role_repo = RoleRepo() self.user_role_repo = UserRoleRepo() self.permission_repo = PermissionRepo() self.andela_service = AndelaService() self.redis_set = RedisSet() ''' ROLES ''' def list_roles(self): roles = self.role_repo.filter_by(is_deleted=False) role_list = [role.serialize() for role in roles.items] return self.handle_response('OK', payload={ 'roles': role_list, 'meta': self.pagination_meta(roles) }) def get_role(self, role_id): role = self.role_repo.get(role_id) if role: return self.handle_response('OK', payload={'role': role.serialize()}) return self.handle_response('Invalid or Missing role_id', status_code=400) def create_role(self): name, help_ = self.request_params('name', 'help') role1 = self.role_repo.find_first(name=name) if not role1: role = self.role_repo.new_role(name=name, help_=help_) return self.handle_response('OK', payload={'role': role.serialize()}, status_code=201) return self.handle_response('Role with this name already exists', status_code=400) def update_role(self, role_id): name, help_ = self.request_params('name', 'help') role = self.role_repo.get(role_id) if role: updates = {} if name: role1 = self.role_repo.find_first(name=name) if role1: return self.handle_response( 'Role with this name already exists', status_code=400) updates['name'] = name if help_: updates['help'] = help_ self.role_repo.update(role, **updates) return self.handle_response('OK', payload={'role': role.serialize()}) return self.handle_response('Invalid or incorrect role_id provided', status_code=400) def delete_role(self, role_id): role = self.role_repo.get(role_id) if role: updates = {} updates['is_deleted'] = True self.role_repo.update(role, **updates) return self.handle_response('role deleted', payload={"status": "success"}) return self.handle_response('Invalid or incorrect role_id provided', status_code=404) ''' USER ROLES ''' def get_user_roles(self, user_id): user_roles = self.user_role_repo.get_unpaginated(user_id=user_id) if user_roles: role_list = [role.serialize() for role in user_roles] return self.handle_response('OK', payload={'user_role': role_list}) return self.handle_response('There are no roles for this user', status_code=404) def create_user_role(self): location = Auth.get_location() role_id, email_address = self.request_params('roleId', 'emailAddress') user = self.andela_service.get_user_by_email_or_id(email_address) if user is None: return self.handle_response('This user record does not exist', status_code=400) user_id = user['id'] user_role = self.user_role_repo.get_unpaginated(role_id=role_id, user_id=user_id, is_deleted=False) if not user_role: role = self.role_repo.get(role_id) if role: user_role = self.user_role_repo.new_user_role( role_id=role_id, user_id=user_id, location_id=location, email=email_address) user_role_data = user_role.serialize() user_role_data.update({'name': user.get('name')}) return self.handle_response( 'OK', payload={'user_role': user_role_data}, status_code=201) return self.handle_response('This role does not exist', status_code=400) return self.handle_response('This User has this Role already', status_code=400) def delete_user_role(self, user_role_id): user_role = self.user_role_repo.get(user_role_id) if user_role: updates = {} updates['is_deleted'] = True self.user_role_repo.update(user_role, **updates) return self.handle_response('user_role deleted for user', payload={"status": "success"}) return self.handle_response( 'Invalid or incorrect user_role_id provided', status_code=404) def disable_user_role(self): user_id, role_id = self.request_params('userId', 'roleId') user_role = self.user_role_repo.get_unpaginated(user_id=user_id, role_id=role_id)[0] if user_role: updates = {} updates['is_active'] = False self.user_role_repo.update(user_role, **updates) return self.handle_response('user_role disabled for user', payload={"status": "success"}) return self.handle_response( 'Invalid or incorrect user_role_id provided', status_code=404) ''' PERMISSIONS ''' def get_role_permissions(self, role_id): permissions = self.permission_repo.get_unpaginated( **{'role_id': role_id}) perm_list = [permission.serialize() for permission in permissions] return self.handle_response('OK', payload={ 'role_id': role_id, 'role_permissions': perm_list }) def get_single_permission(self, role_id, permission_id): permission = self.permission_repo.filter_by(role_id=role_id, id=permission_id) permissions = [ permission.serialize() for permission in permission.items ] return self.handle_response('OK', payload={'permission': permissions}) def get_all_permissions(self): permissions = self.permission_repo.get_unpaginated() perm_list = [permission.serialize() for permission in permissions] return self.handle_response('OK', payload={'permissions': perm_list}) def create_role_permission(self): role_id, name, keyword = self.request_params('role_id', 'name', 'keyword') permission = self.permission_repo.get_unpaginated(name=name, is_deleted=False, role_id=role_id) if not permission: role = self.role_repo.get(role_id) if role: permission = self.permission_repo.new_permission( role_id=role_id, name=name, keyword=keyword) return self.handle_response( 'OK', payload={'permission': permission.serialize()}, status_code=201) return self.handle_response('This role does not exist', status_code=400) return self.handle_response('This permission already exists', status_code=400) def update_permission(self, permission_id): role_id, name, keyword = self.request_params('role_id', 'name', 'keyword') permission = self.permission_repo.get(permission_id) if permission: updates = {} if name: permission1 = self.permission_repo.find_first(name=name) if permission1: return self.handle_response( 'Permission with this name already exists', status_code=400) updates['name'] = name if role_id: updates['role_id'] = role_id if keyword: updates['keyword'] = keyword self.role_repo.update(permission, **updates) return self.handle_response( 'OK', payload={'permission': permission.serialize()}) return self.handle_response( 'Invalid or incorrect permission id provided', status_code=400) def delete_role_permission(self, permission_id): permission = self.permission_repo.get(permission_id) if permission: updates = {} updates['is_deleted'] = True self.role_repo.update(permission, **updates) return self.handle_response('permission deleted', payload={"status": "success"}) return self.handle_response( 'Invalid or incorrect permission id provided', status_code=404) def autocomplete(self): params = self.get_params('q') rows = [] if params: for value in self.redis_set.get(params[0]): if value: rows.append(value) return self.handle_response(rows, status_code=200)
def setUp(self): self.BaseSetUp() self.repo = UserRoleRepo() self.redis_set = RedisSet()
class PermissionController(BaseController): def __init__(self, request): BaseController.__init__(self, request) self.role_repo = RoleRepo() self.user_role_repo = UserRoleRepo() self.permission_repo = PermissionRepo() # Roles def list_roles(self): roles = self.role_repo.fetch_all() role_list = [role.serialize() for role in roles.items] return self.handle_response('OK', payload={'roles': role_list, 'meta': self.pagination_meta(roles)}) def get_role(self, role_id): role = self.role_repo.get(role_id) if role: return self.handle_response('OK', payload={'role': role.serialize()}) return self.handle_response('Invalid or Missing role_id') def create_role(self): name, help = self.request_params('name', 'help') # return self.handle_response('OK') role = self.role_repo.create_role(name=name, help=help) if role: return self.handle_response('OK', payload={'role': role.serialize()}) return self.handle_response('Application Error') def update_role(self, role_id): pass def delete_role(self, delete_role): pass # USER ROLES def get_user_role(self, user_id): user_role = self.user_role_repo.filter_first(**{'user_id': user_id}) if user_role: return self.handle_response('OK', payload={'user_role': user_role.serialize()}) return self.handle_response('Invalid or Missing user_id') def create_user_role(self): role_id, user_id = self.request_params('roleId', 'userId') user_role = self.user_role_repo.create_user_role(role_id=role_id, user_id=user_id) if user_role: return self.handle_response('OK', payload={'user_role': user_role.serialize()}) return self.handle_response('Application Error') def delete_user_role(self, user_id): pass # PERMISSIONS def get_role_permissions(self, role_id): permissions = self.permission_repo.filter_by(**{'role_id': role_id}) perm_list = [permission.serialize() for permission in permissions.items] return self.handle_response('OK', payload={'role_id': role_id, 'role_permissions': perm_list, 'meta': self.pagination_meta(permissions)}) def create_role_permission(self): role_id, name, keyword = self.request_params('role_id', 'name', 'keyword') permission = self.permission_repo.create_permission(role_id=role_id, name=name, keyword=keyword) if permission: return self.handle_response('OK', payload={'permission': permission.serialize()}) return self.handle_response('Application Error') def delete_role_permission(self, permission_id): pass
def _create(cls, model_class, *args, **kwargs): """Create an instance of the model, and save it to the database.""" obj = super()._create(model_class, *args, **kwargs) UserRoleRepo().update_cache(obj) return obj
def __init__(self, request): BaseController.__init__(self, request) self.role_repo = RoleRepo() self.user_role_repo = UserRoleRepo() self.permission_repo = PermissionRepo() self.andela_service = AndelaService()