def test_has_profile(self):
self.assertFalse(User.has_profile(None, None),
'None user and profile should not have any profile')
self.assertFalse(User.has_profile('', []),
'Empty user and profile should not have any profile')
self.assertFalse(User.has_profile('', [constants.PROFILE_ADMIN]),
'Non existing user should not have profiles')
user = User(email='*****@*****.**', profiles=[
constants.PROFILE_ADMIN
])
user_key = user.put()
self.assertTrue(User.has_profile(
'*****@*****.**', [constants.PROFILE_ADMIN]
), 'Profiles have been assigned')
user_key.delete()
def before_request():
if request.path == url_for('warmup'):
return
user = users.get_current_user()
if user:
g.logout_text = 'Salir'
g.url_logout = users.create_logout_url(url_for('admin_index'))
g.user_email = user.email()
else:
g.logout_text = 'Iniciar sesión'
g.url_logout = users.create_login_url(url_for('admin_index'))
g.user_email = None
g.menu = []
for endpoint, name, allowed_roles in constants.MENU_ITEMS:
user_allowed = User.has_profile(g.user_email, allowed_roles)
if user_allowed:
g.menu.append({
'is_active': request.path == url_for(endpoint),
'url': url_for(endpoint),
'name': name,
})
def inner_decorator(*args, **kwargs):
if(IS_TEST):
return func(*args, **kwargs)
roles_to_evaludate = [role] if role else roles if roles else []
logging.info("roles to evaluate [%s]", roles_to_evaludate)
user_email = args[1].get_unrecognized_field_info(
'authenticated_user'
)[0]
if not user_email:
if hasattr(args[1],'authenticated_user'):
user_email = args[1].authenticated_user
logging.info("user to evaluate [%s]", user_email)
if user_email and User.has_profile(user_email, roles_to_evaludate):
return func(*args, **kwargs)
else:
raise endpoints.ForbiddenException(UNAUTHORIZED_USER)
