def test_requires_roles(): @requires_roles(EMPLOYEE_ROLE) def test_func(): return True with app.test_request_context(): # login with two-role account account = authenticate_user(email_address2, password2, False) ok_(account is not None) eq_(int(user_session['user_id']), account.id) eq_(user_session['email_address'], email_address2) # check that current role is employee eq_(user_session['current_role'], EMPLOYEE_ROLE) # tackle parcels.view_packages_by_student_id (employee only) ok_(test_func()) # switch role to student current_user.switch_current_role(STUDENT_ROLE) # check that current role is student eq_(user_session['current_role'], STUDENT_ROLE) # tackle parcels.view_packages_by_student_id (employee only) try: test_func() ok_(False) except Forbidden: ok_(True)
def test_authenticate_user(): # test with non-existing account account = authenticate_user('*****@*****.**', password, remember_me) ok_(account is None) ok_('user_id' not in user_session) ok_('email_address' not in user_session) # test with existing account, wrong password account = authenticate_user(email_address, 'zzzz', remember_me) ok_(account is None) ok_('user_id' not in user_session) ok_('email_address' not in user_session) # test with existing account, correct password account = authenticate_user(email_address, password, remember_me) ok_(account is not None) eq_(int(user_session['user_id']), account.id) eq_(user_session['email_address'], email_address)
def test_authenticate_user(): # test with non-existing account account = authenticate_user( '*****@*****.**', password, remember_me ) ok_(account is None) ok_('user_id' not in user_session) ok_('email_address' not in user_session) # test with existing account, wrong password account = authenticate_user(email_address, 'zzzz', remember_me) ok_(account is None) ok_('user_id' not in user_session) ok_('email_address' not in user_session) # test with existing account, correct password account = authenticate_user(email_address, password, remember_me) ok_(account is not None) eq_(int(user_session['user_id']), account.id) eq_(user_session['email_address'], email_address)