def test_individual_admins_post_edit(self):
# An admin exists.
admin, ignore = create(
self._db, Admin, email="*****@*****.**",
)
admin.password = "******"
admin.add_role(AdminRole.SYSTEM_ADMIN)
with self.request_context_with_admin("/", method="POST"):
flask.request.form = MultiDict([
("email", "*****@*****.**"),
("password", "new password"),
("roles", json.dumps([{"role": AdminRole.SITEWIDE_LIBRARIAN},
{"role": AdminRole.LIBRARY_MANAGER, "library": self._default_library.short_name}])),
])
response = self.manager.admin_individual_admin_settings_controller.process_post()
eq_(response.status_code, 200)
eq_(admin.email, response.response[0])
# The password was changed.
old_password_match = Admin.authenticate(self._db, "*****@*****.**", "password")
eq_(None, old_password_match)
new_password_match = Admin.authenticate(self._db, "*****@*****.**", "new password")
eq_(admin, new_password_match)
# The roles were changed.
eq_(False, admin.is_system_admin())
[librarian_all, manager] = sorted(admin.roles, key=lambda x: x.role)
eq_(AdminRole.SITEWIDE_LIBRARIAN, librarian_all.role)
eq_(None, librarian_all.library)
eq_(AdminRole.LIBRARY_MANAGER, manager.role)
eq_(self._default_library, manager.library)
def test_individual_admins_post_edit(self):
# An admin exists.
admin, ignore = create(
self._db, Admin, email="*****@*****.**",
)
admin.password = "******"
admin.add_role(AdminRole.SYSTEM_ADMIN)
with self.request_context_with_admin("/", method="POST"):
flask.request.form = MultiDict([
("email", "*****@*****.**"),
("password", "new password"),
("roles", json.dumps([{"role": AdminRole.SITEWIDE_LIBRARIAN},
{"role": AdminRole.LIBRARY_MANAGER, "library": self._default_library.short_name}])),
])
response = self.manager.admin_individual_admin_settings_controller.process_post()
eq_(response.status_code, 200)
eq_(admin.email, response.response[0])
# The password was changed.
old_password_match = Admin.authenticate(self._db, "*****@*****.**", "password")
eq_(None, old_password_match)
new_password_match = Admin.authenticate(self._db, "*****@*****.**", "new password")
eq_(admin, new_password_match)
# The roles were changed.
eq_(False, admin.is_system_admin())
[librarian_all, manager] = sorted(admin.roles, key=lambda x: x.role)
eq_(AdminRole.SITEWIDE_LIBRARIAN, librarian_all.role)
eq_(None, librarian_all.library)
eq_(AdminRole.LIBRARY_MANAGER, manager.role)
eq_(self._default_library, manager.library)
def test_individual_admins_post_edit(self):
# An admin exists.
admin, ignore = create(
self._db,
Admin,
email="*****@*****.**",
)
admin.password = "******"
admin.add_role(AdminRole.SYSTEM_ADMIN)
with self.request_context_with_admin("/", method="POST"):
flask.request.form = MultiDict(
[
("email", "*****@*****.**"),
("password", "new password"),
(
"roles",
json.dumps(
[
{"role": AdminRole.SITEWIDE_LIBRARIAN},
{
"role": AdminRole.LIBRARY_MANAGER,
"library": self._default_library.short_name,
},
]
),
),
]
)
response = (
self.manager.admin_individual_admin_settings_controller.process_post()
)
assert response.status_code == 200
assert admin.email == response.get_data(as_text=True)
# The password was changed.
old_password_match = Admin.authenticate(self._db, "*****@*****.**", "password")
assert None == old_password_match
new_password_match = Admin.authenticate(
self._db, "*****@*****.**", "new password"
)
assert admin == new_password_match
# The roles were changed.
assert False == admin.is_system_admin()
[librarian_all, manager] = sorted(admin.roles, key=lambda x: x.role)
assert AdminRole.SITEWIDE_LIBRARIAN == librarian_all.role
assert None == librarian_all.library
assert AdminRole.LIBRARY_MANAGER == manager.role
assert self._default_library == manager.library
def test_individual_admins_post_create(self):
with self.request_context_with_admin("/", method="POST"):
flask.request.form = MultiDict([
("email", "*****@*****.**"),
("password", "pass"),
("roles",
json.dumps([{
"role": AdminRole.LIBRARY_MANAGER,
"library": self._default_library.short_name
}])),
])
response = self.manager.admin_individual_admin_settings_controller.process_post(
)
eq_(response.status_code, 201)
# The admin was created.
admin_match = Admin.authenticate(self._db, "*****@*****.**", "pass")
eq_(admin_match.email, response.response[0])
assert admin_match
assert admin_match.has_password("pass")
[role] = admin_match.roles
eq_(AdminRole.LIBRARY_MANAGER, role.role)
eq_(self._default_library, role.library)
# The new admin is a library manager, so they can create librarians.
with self.request_context_with_admin("/",
method="POST",
admin=admin_match):
flask.request.form = MultiDict([
("email", "*****@*****.**"),
("password", "pass"),
("roles",
json.dumps([{
"role": AdminRole.LIBRARIAN,
"library": self._default_library.short_name
}])),
])
response = self.manager.admin_individual_admin_settings_controller.process_post(
)
eq_(response.status_code, 201)
admin_match = Admin.authenticate(self._db, "*****@*****.**", "pass")
eq_(admin_match.email, response.response[0])
assert admin_match
assert admin_match.has_password("pass")
[role] = admin_match.roles
eq_(AdminRole.LIBRARIAN, role.role)
eq_(self._default_library, role.library)
def test_individual_admins_post_create_on_setup(self):
for admin in self._db.query(Admin):
self._db.delete(admin)
# Creating an admin that's not a system admin will fail.
with self.app.test_request_context("/", method="POST"):
flask.request.form = MultiDict([
("email", "*****@*****.**"),
("password", "pass"),
("roles",
json.dumps([{
"role": AdminRole.LIBRARY_MANAGER,
"library": self._default_library.short_name
}])),
])
assert_raises(
AdminNotAuthorized, self.manager.
admin_individual_admin_settings_controller.process_post)
self._db.rollback()
# The password is required.
with self.app.test_request_context("/", method="POST"):
flask.request.form = MultiDict([
("email", "*****@*****.**"),
("roles", json.dumps([{
"role": AdminRole.SYSTEM_ADMIN
}])),
])
response = self.manager.admin_individual_admin_settings_controller.process_post(
)
eq_(400, response.status_code)
eq_(response.uri, INCOMPLETE_CONFIGURATION.uri)
# Creating a system admin with a password works.
with self.app.test_request_context("/", method="POST"):
flask.request.form = MultiDict([
("email", "*****@*****.**"),
("password", "pass"),
("roles", json.dumps([{
"role": AdminRole.SYSTEM_ADMIN
}])),
])
response = self.manager.admin_individual_admin_settings_controller.process_post(
)
eq_(201, response.status_code)
# The admin was created.
admin_match = Admin.authenticate(self._db, "*****@*****.**",
"pass")
eq_(admin_match.email, response.response[0])
assert admin_match
assert admin_match.has_password("pass")
[role] = admin_match.roles
eq_(AdminRole.SYSTEM_ADMIN, role.role)
def sign_in(self, _db, request={}):
email = request.get("email")
password = request.get("password")
redirect_url = request.get("redirect")
if email and password:
match = Admin.authenticate(_db, email, password)
if match:
return dict(email=email, ), redirect_url
return INVALID_ADMIN_CREDENTIALS, None
def test_individual_admins_post_create(self):
with self.request_context_with_admin("/", method="POST"):
flask.request.form = MultiDict([
("email", "*****@*****.**"),
("password", "pass"),
("roles", json.dumps([{ "role": AdminRole.LIBRARY_MANAGER, "library": self._default_library.short_name }])),
])
response = self.manager.admin_individual_admin_settings_controller.process_post()
eq_(response.status_code, 201)
# The admin was created.
admin_match = Admin.authenticate(self._db, "*****@*****.**", "pass")
eq_(admin_match.email, response.response[0])
assert admin_match
assert admin_match.has_password("pass")
[role] = admin_match.roles
eq_(AdminRole.LIBRARY_MANAGER, role.role)
eq_(self._default_library, role.library)
# The new admin is a library manager, so they can create librarians.
with self.request_context_with_admin("/", method="POST", admin=admin_match):
flask.request.form = MultiDict([
("email", "*****@*****.**"),
("password", "pass"),
("roles", json.dumps([{ "role": AdminRole.LIBRARIAN, "library": self._default_library.short_name }])),
])
response = self.manager.admin_individual_admin_settings_controller.process_post()
eq_(response.status_code, 201)
admin_match = Admin.authenticate(self._db, "*****@*****.**", "pass")
eq_(admin_match.email, response.response[0])
assert admin_match
assert admin_match.has_password("pass")
[role] = admin_match.roles
eq_(AdminRole.LIBRARIAN, role.role)
eq_(self._default_library, role.library)
def sign_in(self, _db, request={}):
email = request.get("email")
password = request.get("password")
redirect_url = request.get("redirect")
if email and password:
match = Admin.authenticate(_db, email, password)
if match:
return dict(
email=email,
type=self.NAME,
), redirect_url
return INVALID_ADMIN_CREDENTIALS, None
def test_individual_admins_post_create_on_setup(self):
for admin in self._db.query(Admin):
self._db.delete(admin)
# Creating an admin that's not a system admin will fail.
with self.app.test_request_context("/", method="POST"):
flask.request.form = MultiDict([
("email", "*****@*****.**"),
("password", "pass"),
("roles", json.dumps([{ "role": AdminRole.LIBRARY_MANAGER, "library": self._default_library.short_name }])),
])
assert_raises(AdminNotAuthorized, self.manager.admin_individual_admin_settings_controller.process_post)
self._db.rollback()
# The password is required.
with self.app.test_request_context("/", method="POST"):
flask.request.form = MultiDict([
("email", "*****@*****.**"),
("roles", json.dumps([{ "role": AdminRole.SYSTEM_ADMIN }])),
])
response = self.manager.admin_individual_admin_settings_controller.process_post()
eq_(400, response.status_code)
eq_(response.uri, INCOMPLETE_CONFIGURATION.uri)
# Creating a system admin with a password works.
with self.app.test_request_context("/", method="POST"):
flask.request.form = MultiDict([
("email", "*****@*****.**"),
("password", "pass"),
("roles", json.dumps([{ "role": AdminRole.SYSTEM_ADMIN }])),
])
response = self.manager.admin_individual_admin_settings_controller.process_post()
eq_(201, response.status_code)
# The admin was created.
admin_match = Admin.authenticate(self._db, "*****@*****.**", "pass")
eq_(admin_match.email, response.response[0])
assert admin_match
assert admin_match.has_password("pass")
[role] = admin_match.roles
eq_(AdminRole.SYSTEM_ADMIN, role.role)
def test_individual_admins_post_create_on_setup(self):
for admin in self._db.query(Admin):
self._db.delete(admin)
# Creating an admin that's not a system admin will fail.
with self.app.test_request_context("/", method="POST"):
flask.request.form = MultiDict(
[
("email", "*****@*****.**"),
("password", "pass"),
(
"roles",
json.dumps(
[
{
"role": AdminRole.LIBRARY_MANAGER,
"library": self._default_library.short_name,
}
]
),
),
]
)
flask.request.files = {}
pytest.raises(
AdminNotAuthorized,
self.manager.admin_individual_admin_settings_controller.process_post,
)
self._db.rollback()
# The password is required.
with self.app.test_request_context("/", method="POST"):
flask.request.form = MultiDict(
[
("email", "*****@*****.**"),
("roles", json.dumps([{"role": AdminRole.SYSTEM_ADMIN}])),
]
)
flask.request.files = {}
response = (
self.manager.admin_individual_admin_settings_controller.process_post()
)
assert 400 == response.status_code
assert response.uri == INCOMPLETE_CONFIGURATION.uri
# Creating a system admin with a password works.
with self.app.test_request_context("/", method="POST"):
flask.request.form = MultiDict(
[
("email", "*****@*****.**"),
("password", "pass"),
("roles", json.dumps([{"role": AdminRole.SYSTEM_ADMIN}])),
]
)
flask.request.files = {}
response = (
self.manager.admin_individual_admin_settings_controller.process_post()
)
assert 201 == response.status_code
# The admin was created.
admin_match = Admin.authenticate(self._db, "*****@*****.**", "pass")
assert admin_match.email == response.get_data(as_text=True)
assert admin_match
assert admin_match.has_password("pass")
[role] = admin_match.roles
assert AdminRole.SYSTEM_ADMIN == role.role
def test_individual_admins_post_create(self):
with self.request_context_with_admin("/", method="POST"):
flask.request.form = MultiDict(
[
("email", "*****@*****.**"),
("password", "pass"),
(
"roles",
json.dumps(
[
{
"role": AdminRole.LIBRARY_MANAGER,
"library": self._default_library.short_name,
}
]
),
),
]
)
response = (
self.manager.admin_individual_admin_settings_controller.process_post()
)
assert response.status_code == 201
# The admin was created.
admin_match = Admin.authenticate(self._db, "*****@*****.**", "pass")
assert admin_match.email == response.get_data(as_text=True)
assert admin_match
assert admin_match.has_password("pass")
[role] = admin_match.roles
assert AdminRole.LIBRARY_MANAGER == role.role
assert self._default_library == role.library
# The new admin is a library manager, so they can create librarians.
with self.request_context_with_admin("/", method="POST", admin=admin_match):
flask.request.form = MultiDict(
[
("email", "*****@*****.**"),
("password", "pass"),
(
"roles",
json.dumps(
[
{
"role": AdminRole.LIBRARIAN,
"library": self._default_library.short_name,
}
]
),
),
]
)
response = (
self.manager.admin_individual_admin_settings_controller.process_post()
)
assert response.status_code == 201
admin_match = Admin.authenticate(self._db, "*****@*****.**", "pass")
assert admin_match.email == response.get_data(as_text=True)
assert admin_match
assert admin_match.has_password("pass")
[role] = admin_match.roles
assert AdminRole.LIBRARIAN == role.role
assert self._default_library == role.library