def test_logout(client):
header = get_access_token_header()
resp = client.delete("/auth/logout/", headers=header)
assert resp.status == OK and "logout" in resp.get_json()['commands']
def test_remove_user(client):
create_user()
create_user(username="******", role=2, no_role=True)
header = get_access_token_header(username="******")
resp = client.delete("auth/users/tester/", headers=header)
assert resp.status == OK
def test_logout_unauthenticated(client):
assert client.delete("/auth/logout/").status == UNAUTHORIZED
def test_remove_user_not_admin(client):
create_user()
create_user(username="******", role=3, no_role=True)
header = get_access_token_header(username="******")
resp = client.delete("auth/users/test/", headers=header)
assert resp.status == FORBIDDEN and resp.get_json()['msg'] == ADMINS_ONLY