def test_create_second_user_with_role_and_permission(database, domain,
cleanup):
__create_roles(database)
users = UserManager(database)
request_content = {
"email": "*****@*****.**",
"password": "******",
}
response = build_syft_msg(domain, CreateUserMessage, request_content,
generic_key)
# Check database
assert len(users) == 1
user = users.query(email="*****@*****.**")[0]
assert user.email == "*****@*****.**"
assert users.login(email="*****@*****.**", password="******")
assert users.role(user_id=user.id).name == "Owner"
assert users.role(user_id=user.id).can_create_users
assert users.role(user_id=user.id).can_triage_requests
# Check message response
assert response.status_code == 200
owner_id = str(users.query(email="*****@*****.**")[0].id)
second_user_content = {
"email": "*****@*****.**",
"password": "******",
"role": "Administrator",
"current_user": owner_id,
}
response = build_syft_msg(domain, CreateUserMessage, second_user_content,
generic_key)
# Check database
assert len(users) == 2
user = users.query(email="*****@*****.**")[0]
assert user.email == "*****@*****.**"
assert users.login(email="*****@*****.**", password="******")
assert users.role(user_id=user.id).name == "Administrator"
assert users.role(user_id=user.id).can_create_users == True
assert users.role(user_id=user.id).can_triage_requests == True
# Check message response
assert response.status_code == 200
def test_create_second_user(database, domain, cleanup):
__create_roles(database)
users = UserManager(database)
first_user_content = {
"email": "*****@*****.**",
"password": "******",
}
response = build_syft_msg(
domain, CreateUserMessage, first_user_content, generic_key
)
# Check database
assert len(users) == 1
user = users.query(email="*****@*****.**")[0]
assert user.email == "*****@*****.**"
assert users.login(email="*****@*****.**", password="******")
assert users.role(user_id=user.id).name == "Owner"
assert users.role(user_id=user.id).can_create_users
assert users.role(user_id=user.id).can_triage_requests
# Check message response
assert response.status_code == 200
second_user_content = {
"email": "*****@*****.**",
"password": "******",
}
response = build_syft_msg(
domain, CreateUserMessage, second_user_content, generic_key
)
# Check database
assert len(users) == 2
user = users.query(email="*****@*****.**")[0]
assert user.email == "*****@*****.**"
assert users.login(email="*****@*****.**", password="******")
assert users.role(user_id=user.id).name == "User"
assert not users.role(user_id=user.id).can_create_users
assert not users.role(user_id=user.id).can_triage_requests
# Check message response
assert response.status_code == 200
def test_set_password(database, cleanup):
users = UserManager(database)
test_role = create_role(*user_role)
user1 = {
"email": "*****@*****.**",
"hashed_password": "******",
"salt": "diwriqjroqds",
"private_key": "rweqoasnfa",
"role": test_role.id,
}
db_user1 = users.register(**user1)
assert users.query(id=db_user1.id)[0].hashed_password == "afhuefhaare"
users.set(user_id=db_user1.id, password="******")
assert users.login(email="*****@*****.**", password="******")
def test_create_second_user_with_owner_role_name(database, domain, cleanup):
__create_roles(database)
users = UserManager(database)
owner_content = {
"email": "*****@*****.**",
"password": "******",
}
response = build_syft_msg(domain, CreateUserMessage, owner_content,
generic_key)
# Check database
assert len(users) == 1
user = users.query(email="*****@*****.**")[0]
assert user.email == "*****@*****.**"
assert users.login(email="*****@*****.**", password="******")
assert users.role(user_id=user.id).name == "Owner"
assert users.role(user_id=user.id).can_create_users
assert users.role(user_id=user.id).can_triage_requests
# Check message response
assert response.status_code == 200
owner_id = str(users.query(email="*****@*****.**")[0].id)
second_user_content = {
"email": "*****@*****.**",
"password": "******",
"role": "Owner",
"current_user": owner_id,
}
try:
build_syft_msg(domain, CreateUserMessage, second_user_content,
generic_key)
pytest.fail("We shouldn't execute this line!")
except Exception as e:
assert str(e) == 'You can\'t create a new User with "Owner" role!'
# Check database
assert len(users) == 1
