def test_is_last_admin_yes(self, users, token):
""" Last admin should not be able to change himself. """
user = User.find_by_identity('*****@*****.**')
assert User.is_last_admin(user, 'member', 'y') is True
assert User.is_last_admin(user, 'admin', 'y') is False
assert User.is_last_admin(user, 'admin', None) is True
assert User.is_last_admin(user, 'member', None) is True
def test_is_last_admin_no(self, users, token):
""" Not the last admin should be able to change himself. """
user = User.find_by_identity('*****@*****.**')
params = {
'role': 'admin',
'email': '*****@*****.**',
'password': '******'
}
new_user = User(**params)
new_user.save()
assert User.is_last_admin(user, 'member', 'y') is False
assert User.is_last_admin(user, 'admin', None) is False
assert User.is_last_admin(user, 'member', None) is False
def users_edit(id):
user = User.query.get(id)
form = UserForm(obj=user)
if form.validate_on_submit():
if User.is_last_admin(user,
request.form.get('role'),
request.form.get('active')):
flash(_('You are the last admin, you cannot do that.'),
'error')
return redirect(url_for('admin.users'))
form.populate_obj(user)
if user.username == '':
user.username = None
user.save()
flash(_('User has been saved successfully.'), 'success')
return redirect(url_for('admin.users'))
return render_template('admin/user/edit.jinja2', form=form, user=user)
