Browse Source

add endpoints + test for deleting workspace role

Guénaël Muller 6 years ago
parent
commit
5c8c77e4bc

+ 115 - 0
backend/tracim_backend/tests/functional/test_workspaces.py View File

@@ -1211,6 +1211,121 @@ class TestWorkspaceMembersEndpoint(FunctionalTest):
1211 1211
         assert user_role['user_id'] == 1
1212 1212
         assert user_role['workspace_id'] == 1
1213 1213
 
1214
+    def test_api__delete_workspace_member_role__ok_200__nominal_case(self):
1215
+        """
1216
+        Delete worskpace member role
1217
+        """
1218
+        dbsession = get_tm_session(self.session_factory, transaction.manager)
1219
+        admin = dbsession.query(models.User) \
1220
+            .filter(models.User.email == 'admin@admin.admin') \
1221
+            .one()
1222
+        uapi = UserApi(
1223
+            current_user=admin,
1224
+            session=dbsession,
1225
+            config=self.app_config,
1226
+        )
1227
+        gapi = GroupApi(
1228
+            current_user=admin,
1229
+            session=dbsession,
1230
+            config=self.app_config,
1231
+        )
1232
+        groups = [gapi.get_one_with_name('managers')]
1233
+        user = uapi.create_user('test@test.test', password='test@test.test', do_save=True, do_notify=False, groups=groups)  # nopep8
1234
+        workspace_api = WorkspaceApi(
1235
+            current_user=admin,
1236
+            session=dbsession,
1237
+            config=self.app_config,
1238
+            show_deleted=True,
1239
+        )
1240
+        workspace = workspace_api.create_workspace('test', save_now=True)  # nopep8
1241
+        rapi = RoleApi(
1242
+            current_user=admin,
1243
+            session=dbsession,
1244
+            config=self.app_config,
1245
+        )
1246
+        rapi.create_one(user, workspace, UserRoleInWorkspace.WORKSPACE_MANAGER, False)  # nopep8
1247
+        transaction.commit()
1248
+
1249
+        self.testapp.authorization = (
1250
+            'Basic',
1251
+            (
1252
+                'admin@admin.admin',
1253
+                'admin@admin.admin'
1254
+            )
1255
+        )
1256
+        res = self.testapp.delete(
1257
+            '/api/v2/workspaces/{workspace_id}/members/{user_id}'.format(
1258
+                workspace_id=workspace.workspace_id,
1259
+                user_id=user.user_id,
1260
+            ),
1261
+            status=204,
1262
+        )
1263
+        # after
1264
+        roles = self.testapp.get('/api/v2/workspaces/1/members', status=200).json_body   # nopep8
1265
+        for role in roles:
1266
+            assert role['user_id'] != user.user_id
1267
+
1268
+    def test_api__delete_workspace_member_role__err_400__simple_user(self):
1269
+        """
1270
+        Delete worskpace member role
1271
+        """
1272
+        dbsession = get_tm_session(self.session_factory, transaction.manager)
1273
+        admin = dbsession.query(models.User) \
1274
+            .filter(models.User.email == 'admin@admin.admin') \
1275
+            .one()
1276
+        uapi = UserApi(
1277
+            current_user=admin,
1278
+            session=dbsession,
1279
+            config=self.app_config,
1280
+        )
1281
+        gapi = GroupApi(
1282
+            current_user=admin,
1283
+            session=dbsession,
1284
+            config=self.app_config,
1285
+        )
1286
+        groups = [gapi.get_one_with_name('users')]
1287
+        user2 = uapi.create_user('test2@test2.test2', password='test2@test2.test2', do_save=True, do_notify=False, groups=groups)  # nopep8
1288
+        groups = [gapi.get_one_with_name('managers')]
1289
+        user = uapi.create_user('test@test.test', password='test@test.test', do_save=True, do_notify=False, groups=groups)  # nopep8
1290
+        workspace_api = WorkspaceApi(
1291
+            current_user=admin,
1292
+            session=dbsession,
1293
+            config=self.app_config,
1294
+            show_deleted=True,
1295
+        )
1296
+        workspace = workspace_api.create_workspace('test', save_now=True)  # nopep8
1297
+        rapi = RoleApi(
1298
+            current_user=admin,
1299
+            session=dbsession,
1300
+            config=self.app_config,
1301
+        )
1302
+        rapi.create_one(user, workspace, UserRoleInWorkspace.WORKSPACE_MANAGER, False)  # nopep8
1303
+        rapi.create_one(user2, workspace, UserRoleInWorkspace.READER, False)  # nopep8
1304
+        transaction.commit()
1305
+
1306
+        self.testapp.authorization = (
1307
+            'Basic',
1308
+            (
1309
+                'test2@test2.test2',
1310
+                'test2@test2.test2'
1311
+            )
1312
+        )
1313
+        res = self.testapp.delete(
1314
+            '/api/v2/workspaces/{workspace_id}/members/{user_id}'.format(
1315
+                workspace_id=workspace.workspace_id,
1316
+                user_id=user.user_id,
1317
+            ),
1318
+            status=403,
1319
+        )
1320
+        # after
1321
+        roles = self.testapp.get(
1322
+            '/api/v2/workspaces/{workspace_id}/members'.format(
1323
+                workspace_id=workspace.workspace_id
1324
+            ),
1325
+            status=200
1326
+        ).json_body
1327
+        assert len([role for role in roles if role['user_id'] == user.user_id]) == 1  # nopep8
1328
+
1214 1329
 
1215 1330
 class TestUserInvitationWithMailActivatedSync(FunctionalTest):
1216 1331
 

+ 25 - 0
backend/tracim_backend/views/core_api/workspace_controller.py View File

@@ -222,6 +222,28 @@ class WorkspaceController(Controller):
222 222
         return rapi.get_user_role_workspace_with_context(role)
223 223
 
224 224
     @hapic.with_api_doc(tags=[SWAGGER_TAG_WORKSPACE_ENDPOINTS])
225
+    @require_workspace_role(UserRoleInWorkspace.WORKSPACE_MANAGER)
226
+    @hapic.input_path(WorkspaceAndUserIdPathSchema())
227
+    @hapic.output_body(NoContentSchema(), default_http_code=HTTPStatus.NO_CONTENT)  # nopep8
228
+    def delete_workspaces_members_role(
229
+            self,
230
+            context,
231
+            request: TracimRequest,
232
+            hapic_data=None
233
+    ) -> None:
234
+        app_config = request.registry.settings['CFG']
235
+        rapi = RoleApi(
236
+            current_user=request.current_user,
237
+            session=request.dbsession,
238
+            config=app_config,
239
+        )
240
+        rapi.delete_one(
241
+            user_id=hapic_data.path.user_id,
242
+            workspace_id=hapic_data.path.workspace_id,
243
+        )
244
+        return
245
+
246
+    @hapic.with_api_doc(tags=[SWAGGER_TAG_WORKSPACE_ENDPOINTS])
225 247
     @hapic.handle_exception(UserCreationFailed, HTTPStatus.BAD_REQUEST)
226 248
     @require_workspace_role(UserRoleInWorkspace.WORKSPACE_MANAGER)
227 249
     @hapic.input_path(WorkspaceIdPathSchema())
@@ -575,6 +597,9 @@ class WorkspaceController(Controller):
575 597
         # Create Workspace Members roles
576 598
         configurator.add_route('create_workspace_member', '/workspaces/{workspace_id}/members', request_method='POST')  # nopep8
577 599
         configurator.add_view(self.create_workspaces_members_role, route_name='create_workspace_member')  # nopep8
600
+        # Delete Workspace Members roles
601
+        configurator.add_route('delete_workspace_member', '/workspaces/{workspace_id}/members/{user_id}', request_method='DELETE')  # nopep8
602
+        configurator.add_view(self.delete_workspaces_members_role, route_name='delete_workspace_member')  # nopep8
578 603
         # Workspace Content
579 604
         configurator.add_route('workspace_content', '/workspaces/{workspace_id}/contents', request_method='GET')  # nopep8
580 605
         configurator.add_view(self.workspace_content, route_name='workspace_content')  # nopep8