def post(self):
payload = request.get_json()
role = payload["role"]
user = payload.get("user")
try:
role_name = role.pop("name")
role = users.find_or_create_role(role_name, **role)
if user:
user = users.get_user(user)
users.add_role_to_user(user, role_name)
except KeyError:
return "role.name must be set.", 400
db.session.commit()
return role, 201
def test_unassign_role(self, user, status_code, api, app, impersonate):
with app.test_request_context():
fake_role = users.find_or_create_role(name="pytest")
empty_user = users.create_user(username="******")
users.add_role_to_user(empty_user, fake_role)
# save the new user + role
db.session.commit()
# make sure the setup is valid
assert fake_role in empty_user.roles
with impersonate(users.get_user(user)):
res = api.delete(
url_for("settings.roles"),
json={"role": {"name": "pytest"}, "user": empty_user.username},
)
assert res.status_code == status_code, res.data
if res.status_code == 201:
# refresh the instance
empty_user = users.get_user(empty_user.username)
assert fake_role not in empty_user.roles