Initial work on user creation.
This commit is contained in:
parent
43a43eb48b
commit
1461ce281c
|
|
@ -40,7 +40,13 @@ def get_user(username):
|
|||
@rookeries_app.route('/api/users', methods=['POST'])
|
||||
@flask_jwt.jwt_required()
|
||||
def create_user():
|
||||
# TODO: Check against roles of user.
|
||||
|
||||
current_user = flask_jwt.current_identity
|
||||
requesting_user_role = models.UserRole[current_user['role']]
|
||||
|
||||
if requesting_user_role != models.UserRole.admin:
|
||||
flask.abort(http.HTTPStatus.UNAUTHORIZED)
|
||||
|
||||
# TODO: Creates a user here... some how?
|
||||
user = models.User(**flask.request.json)
|
||||
db.session.add(user)
|
||||
|
|
|
|||
|
|
@ -16,8 +16,6 @@ from tests import utils
|
|||
|
||||
bdd.scenarios('user_management.feature')
|
||||
|
||||
# TODO: Add tests for non-existent users, modify and deletiom
|
||||
|
||||
TEST_USER_PASSWORDS = 'password-testing'
|
||||
|
||||
USER_TEMPLATES = {
|
||||
|
|
@ -91,8 +89,8 @@ def jwt_token(user_role, api_base_uri, db_engine):
|
|||
).json()['access_token']
|
||||
|
||||
|
||||
@bdd.given(parsers.parse('I create an {user_role} user'))
|
||||
@bdd.given(parsers.parse('I create a {user_role} user'))
|
||||
@bdd.given(parsers.parse('I create an {user_role} user'), target_fixture='user_response')
|
||||
@bdd.given(parsers.parse('I create a {user_role} user'), target_fixture='user_response')
|
||||
def create_new_user_response(user_role, jwt_token, api_base_uri):
|
||||
|
||||
user_creation_request = {}
|
||||
|
|
|
|||
|
|
@ -1,6 +1,7 @@
|
|||
Feature: User Management
|
||||
The user endpoints allows an app admin user to create, modify and delete users. User can modify their profiles.
|
||||
|
||||
## User Creation
|
||||
|
||||
#Scenario: Admin user can create a new admin user
|
||||
# Given I am an admin user
|
||||
|
|
@ -20,20 +21,37 @@ Feature: User Management
|
|||
# Then I get a new subscriber user
|
||||
# And I can get a subscriber user profile
|
||||
#
|
||||
#Scenario: Editor user can not create a new admin user
|
||||
# Given I am an editor user
|
||||
# And I create an admin user
|
||||
# Then I can get an unauthorized response
|
||||
#
|
||||
#Scenario: Editor user can not create a new subscriber user
|
||||
# Given I am an editor user
|
||||
# And I create a subscriber user
|
||||
# Then I get an unauthorized response
|
||||
#
|
||||
#Scenario: Editor user can not create a new editor user
|
||||
# Given I am an editor user
|
||||
# And I create an editor user
|
||||
# Then I get an unauthorized response
|
||||
Scenario: Editor user can not create a new admin user
|
||||
Given I am an editor user
|
||||
And I create an admin user
|
||||
Then I get an unauthorized response
|
||||
|
||||
Scenario: Editor user can not create a new subscriber user
|
||||
Given I am an editor user
|
||||
And I create a subscriber user
|
||||
Then I get an unauthorized response
|
||||
|
||||
Scenario: Editor user can not create a new editor user
|
||||
Given I am an editor user
|
||||
And I create an editor user
|
||||
Then I get an unauthorized response
|
||||
|
||||
Scenario: Subscriber user can not create a new admin user
|
||||
Given I am an subscriber user
|
||||
And I create an admin user
|
||||
Then I get an unauthorized response
|
||||
|
||||
Scenario: Subscriber user can not create a new subscriber user
|
||||
Given I am an subscriber user
|
||||
And I create a subscriber user
|
||||
Then I get an unauthorized response
|
||||
|
||||
Scenario: Subscriber user can not create a new editor user
|
||||
Given I am an subscriber user
|
||||
And I create an editor user
|
||||
Then I get an unauthorized response
|
||||
|
||||
## User Access
|
||||
|
||||
Scenario: Admin user can get an existing admin user
|
||||
Given I am an admin user
|
||||
|
|
@ -90,6 +108,7 @@ Scenario: Subscriber user can get own profile
|
|||
And I get my subscriber user
|
||||
Then I can get my subscriber user profile
|
||||
|
||||
## User Modification
|
||||
#
|
||||
#Scenario: Admin user can modify an admin user
|
||||
# Given I am an admin user
|
||||
|
|
@ -119,13 +138,36 @@ Scenario: Subscriber user can get own profile
|
|||
#Scenario: Editor user can modify their own user
|
||||
# Given I am an editor user
|
||||
# And I modify my user
|
||||
# Then my updates to the editor user are preserved
|
||||
# Then my updates to my editor user are preserved
|
||||
#
|
||||
#Scenario: Editor user can not modify a subscriber user
|
||||
# Given I am an editor user
|
||||
# And I modify a subscriber user
|
||||
# Then I get an unauthorized response
|
||||
|
||||
#Scenario: Subscriber user can not modify an admin user
|
||||
# Given I am an subscriber user
|
||||
# And I modify an admin user
|
||||
# Then I get an unauthorized response
|
||||
#
|
||||
#Scenario: Subscriber user can not modify an editor user
|
||||
# Given I am an subscriber user
|
||||
# And I modify an editor user
|
||||
# Then I get an unauthorized response
|
||||
#
|
||||
#Scenario: Subscriber user can modify their own user
|
||||
# Given I am an subscriber user
|
||||
# And I modify my subscriber user
|
||||
# Then my updates to the subscriber user are preserved
|
||||
#
|
||||
#Scenario: Subscriber user can not modify a subscriber user that is not self
|
||||
# Given I am an subscriber user
|
||||
# And I modify a subscriber user
|
||||
# Then I get an unauthorized response
|
||||
#
|
||||
|
||||
## User Deletion
|
||||
|
||||
Scenario: Admin user can delete an admin user
|
||||
Given I am an admin user
|
||||
And I delete an admin user
|
||||
|
|
|
|||
Loading…
Reference in New Issue