rookeries
/
rookeries
1
0
Fork 0
Code Issues 11 Pull Requests Projects Releases Wiki Activity

Initial work on user creation.

This commit is contained in:
Dorian 2017-03-05 20:51:32 -05:00
parent 43a43eb48b
commit 1461ce281c
3 changed files with 66 additions and 20 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

8
api/rookeries/users/views.py
View File

@ -40,7 +40,13 @@ def get_user(username):
@rookeries_app.route('/api/users', methods=['POST']) @rookeries_app.route('/api/users', methods=['POST'])
@flask_jwt.jwt_required() @flask_jwt.jwt_required()
def create_user(): def create_user():
# TODO: Check against roles of user.
current_user = flask_jwt.current_identity
requesting_user_role = models.UserRole[current_user['role']]
if requesting_user_role != models.UserRole.admin:
flask.abort(http.HTTPStatus.UNAUTHORIZED)
# TODO: Creates a user here... some how? # TODO: Creates a user here... some how?
user = models.User(**flask.request.json) user = models.User(**flask.request.json)
db.session.add(user) db.session.add(user)

6
api/tests/server/test_user_management.py
View File

@ -16,8 +16,6 @@ from tests import utils
bdd.scenarios('user_management.feature') bdd.scenarios('user_management.feature')
# TODO: Add tests for non-existent users, modify and deletiom
TEST_USER_PASSWORDS = 'password-testing' TEST_USER_PASSWORDS = 'password-testing'
USER_TEMPLATES = { USER_TEMPLATES = {
@ -91,8 +89,8 @@ def jwt_token(user_role, api_base_uri, db_engine):
).json()['access_token'] ).json()['access_token']
@bdd.given(parsers.parse('I create an {user_role} user')) @bdd.given(parsers.parse('I create an {user_role} user'), target_fixture='user_response')
@bdd.given(parsers.parse('I create a {user_role} user')) @bdd.given(parsers.parse('I create a {user_role} user'), target_fixture='user_response')
def create_new_user_response(user_role, jwt_token, api_base_uri): def create_new_user_response(user_role, jwt_token, api_base_uri):
user_creation_request = {} user_creation_request = {}

72
api/tests/server/user_management.feature
View File

@ -1,6 +1,7 @@
Feature: User Management Feature: User Management
The user endpoints allows an app admin user to create, modify and delete users. User can modify their profiles. The user endpoints allows an app admin user to create, modify and delete users. User can modify their profiles.
## User Creation
#Scenario: Admin user can create a new admin user #Scenario: Admin user can create a new admin user
# Given I am an admin user # Given I am an admin user
@ -20,20 +21,37 @@ Feature: User Management
# Then I get a new subscriber user # Then I get a new subscriber user
# And I can get a subscriber user profile # And I can get a subscriber user profile
# #
#Scenario: Editor user can not create a new admin user Scenario: Editor user can not create a new admin user
# Given I am an editor user Given I am an editor user
# And I create an admin user And I create an admin user
# Then I can get an unauthorized response Then I get an unauthorized response
#
#Scenario: Editor user can not create a new subscriber user Scenario: Editor user can not create a new subscriber user
# Given I am an editor user Given I am an editor user
# And I create a subscriber user And I create a subscriber user
# Then I get an unauthorized response Then I get an unauthorized response
#
#Scenario: Editor user can not create a new editor user Scenario: Editor user can not create a new editor user
# Given I am an editor user Given I am an editor user
# And I create an editor user And I create an editor user
# Then I get an unauthorized response Then I get an unauthorized response
Scenario: Subscriber user can not create a new admin user
Given I am an subscriber user
And I create an admin user
Then I get an unauthorized response
Scenario: Subscriber user can not create a new subscriber user
Given I am an subscriber user
And I create a subscriber user
Then I get an unauthorized response
Scenario: Subscriber user can not create a new editor user
Given I am an subscriber user
And I create an editor user
Then I get an unauthorized response
## User Access
Scenario: Admin user can get an existing admin user Scenario: Admin user can get an existing admin user
Given I am an admin user Given I am an admin user
@ -90,6 +108,7 @@ Scenario: Subscriber user can get own profile
And I get my subscriber user And I get my subscriber user
Then I can get my subscriber user profile Then I can get my subscriber user profile
## User Modification
# #
#Scenario: Admin user can modify an admin user #Scenario: Admin user can modify an admin user
# Given I am an admin user # Given I am an admin user
@ -119,13 +138,36 @@ Scenario: Subscriber user can get own profile
#Scenario: Editor user can modify their own user #Scenario: Editor user can modify their own user
# Given I am an editor user # Given I am an editor user
# And I modify my user # And I modify my user
# Then my updates to the editor user are preserved # Then my updates to my editor user are preserved
# #
#Scenario: Editor user can not modify a subscriber user #Scenario: Editor user can not modify a subscriber user
# Given I am an editor user # Given I am an editor user
# And I modify a subscriber user # And I modify a subscriber user
# Then I get an unauthorized response # Then I get an unauthorized response
#Scenario: Subscriber user can not modify an admin user
# Given I am an subscriber user
# And I modify an admin user
# Then I get an unauthorized response
# #
#Scenario: Subscriber user can not modify an editor user
# Given I am an subscriber user
# And I modify an editor user
# Then I get an unauthorized response
#
#Scenario: Subscriber user can modify their own user
# Given I am an subscriber user
# And I modify my subscriber user
# Then my updates to the subscriber user are preserved
#
#Scenario: Subscriber user can not modify a subscriber user that is not self
# Given I am an subscriber user
# And I modify a subscriber user
# Then I get an unauthorized response
#
## User Deletion
Scenario: Admin user can delete an admin user Scenario: Admin user can delete an admin user
Given I am an admin user Given I am an admin user
And I delete an admin user And I delete an admin user