forked from sr2/cloud-api
feat: add org user by id requires su
Part of the "sensical user adding" changes.
This commit is contained in:
parent
62c43ce883
commit
e9fe405e06
3 changed files with 23 additions and 22 deletions
|
|
@ -292,8 +292,9 @@ async def get_users(org_model: org_model_root_claim_query_dependency):
|
||||||
)
|
)
|
||||||
async def add_user_to_org(
|
async def add_user_to_org(
|
||||||
db: db_dependency,
|
db: db_dependency,
|
||||||
org_model: org_model_root_claim_body_dependency,
|
org_model: org_model_body_dependency,
|
||||||
user_model: user_model_body_dependency,
|
user_model: user_model_body_dependency,
|
||||||
|
su: super_admin_dependency,
|
||||||
request_model: OrgPostUserRequest,
|
request_model: OrgPostUserRequest,
|
||||||
):
|
):
|
||||||
"""
|
"""
|
||||||
|
|
|
||||||
|
|
@ -71,26 +71,6 @@ async def test_get_org_users_auth_root(no_su_client: AsyncClient):
|
||||||
assert "Must be the org's root user" in resp.json()["detail"]
|
assert "Must be the org's root user" in resp.json()["detail"]
|
||||||
|
|
||||||
|
|
||||||
@pytest.mark.anyio
|
|
||||||
async def test_post_org_user_auth_root(no_su_client: AsyncClient, db_session):
|
|
||||||
db_session.add(
|
|
||||||
User(
|
|
||||||
email="user@test.org",
|
|
||||||
first_name="User",
|
|
||||||
last_name="Test",
|
|
||||||
oidc_id="abcd-efgh-ijkl-1234",
|
|
||||||
)
|
|
||||||
)
|
|
||||||
db_session.flush()
|
|
||||||
|
|
||||||
resp = await no_su_client.post(
|
|
||||||
"/org/user", json={"organisation_id": 2, "user_id": 2}
|
|
||||||
)
|
|
||||||
assert resp.status_code != 422
|
|
||||||
assert resp.status_code == 401
|
|
||||||
assert "Must be the org's root user" in resp.json()["detail"]
|
|
||||||
|
|
||||||
|
|
||||||
@pytest.mark.anyio
|
@pytest.mark.anyio
|
||||||
async def test_get_org_groups_auth_root(no_su_client: AsyncClient):
|
async def test_get_org_groups_auth_root(no_su_client: AsyncClient):
|
||||||
resp = await no_su_client.get("/org/groups?org_id=2")
|
resp = await no_su_client.get("/org/groups?org_id=2")
|
||||||
|
|
|
||||||
|
|
@ -67,7 +67,7 @@ async def test_post_service_auth_su(no_su_client: AsyncClient):
|
||||||
|
|
||||||
|
|
||||||
@pytest.mark.anyio
|
@pytest.mark.anyio
|
||||||
async def test_post_perm_success(no_su_client: AsyncClient, db_session):
|
async def test_post_perm_auth_su(no_su_client: AsyncClient, db_session):
|
||||||
resp = await no_su_client.post(
|
resp = await no_su_client.post(
|
||||||
"/iam/permission",
|
"/iam/permission",
|
||||||
json={"service_id": 1, "resource": "test_resource", "action": "create"},
|
json={"service_id": 1, "resource": "test_resource", "action": "create"},
|
||||||
|
|
@ -75,3 +75,23 @@ async def test_post_perm_success(no_su_client: AsyncClient, db_session):
|
||||||
assert resp.status_code != 422
|
assert resp.status_code != 422
|
||||||
assert resp.status_code == 401
|
assert resp.status_code == 401
|
||||||
assert resp.json()["detail"] == "Must be super admin"
|
assert resp.json()["detail"] == "Must be super admin"
|
||||||
|
|
||||||
|
|
||||||
|
@pytest.mark.anyio
|
||||||
|
async def test_post_org_user_auth_su(no_su_client: AsyncClient, db_session):
|
||||||
|
db_session.add(
|
||||||
|
User(
|
||||||
|
email="user@test.org",
|
||||||
|
first_name="User",
|
||||||
|
last_name="Test",
|
||||||
|
oidc_id="abcd-efgh-ijkl-1234",
|
||||||
|
)
|
||||||
|
)
|
||||||
|
db_session.flush()
|
||||||
|
|
||||||
|
resp = await no_su_client.post(
|
||||||
|
"/org/user", json={"organisation_id": 1, "user_id": 2}
|
||||||
|
)
|
||||||
|
assert resp.status_code != 422
|
||||||
|
assert resp.status_code == 401
|
||||||
|
assert "Must be super admin" in resp.json()["detail"]
|
||||||
|
|
|
||||||
Loading…
Add table
Add a link
Reference in a new issue