codeforboston#284 - Added a check for the contributor having a source…

… before continuing. Will now update unit tests.
mnuzzose · Jul 25, 2023 · 5fc0d81 · 5fc0d81
1 parent c51f066
commit 5fc0d81
Show file tree

Hide file tree

Showing 7 changed files with 62 additions and 30 deletions.
diff --git a/backend/auth/jwt.py b/backend/auth/jwt.py
@@ -20,6 +20,19 @@ def verify_roles_or_abort(min_role):
  return True
 
 
+def verify_contributor_has_source_or_abort():
+ verify_jwt_in_request()
+ jwt_decoded = get_jwt()
+ current_user = User.get(jwt_decoded["sub"])
+ if (
+ current_user is None
+ or not current_user.member_of
+ ):
+ abort(403)
+ return False
+ return True
+
+
 def blueprint_role_required(*roles):
  def decorator():
  verify_roles_or_abort(roles)
@@ -45,3 +58,14 @@ def decorator(*args, **kwargs):
  return decorator
 
  return wrapper
+
+def contributor_has_source():
+ def wrapper(fn):
+ @wraps(fn)
+ def decorator(*args, **kwargs):
+ if verify_contributor_has_source_or_abort():
+ return fn(*args, **kwargs)
+
+ return decorator
+
+ return wrapper
diff --git a/backend/database/models/_assoc_tables.py b/backend/database/models/_assoc_tables.py
@@ -1,8 +1,28 @@
 from .. import db
 from backend.database.models.officer import Rank
-# from backend.database.models.source import MemberRole
+from enum import Enum
 
-""" source_user = db.Table(
+
+class MemberRole(Enum):
+ ADMIN = "Administrator"
+ PUBLISHER = "Publisher"
+ MEMBER = "Member"
+ SUBSCRIBER = "Subscriber"
+
+ def get_value(self):
+ if self == MemberRole.ADMIN:
+ return 1
+ elif self == MemberRole.PUBLISHER:
+ return 2
+ elif self == MemberRole.MEMBER:
+ return 3
+ elif self == MemberRole.SUBSCRIBER:
+ return 4
+ else:
+ return 5
+
+
+source_user = db.Table(
  'source_user',
  db.Column('source_id', db.String, db.ForeignKey('source.id'),
  primary_key=True),
@@ -13,7 +33,6 @@
  db.Column('is_active', db.Boolean),
  db.Column('is_admin', db.Boolean)
 )
- """
 
 incident_agency = db.Table(
  'incident_agency',

diff --git a/backend/database/models/source.py b/backend/database/models/source.py
@@ -1,25 +1,5 @@
 from ..core import db, CrudMixin
-# from backend.database.models._assoc_tables import source_user
-from enum import Enum
-
-
-class MemberRole(Enum):
- ADMIN = "Administrator"
- PUBLISHER = "Publisher"
- MEMBER = "Member"
- SUBSCRIBER = "Subscriber"
-
- def get_value(self):
- if self == MemberRole.ADMIN:
- return 1
- elif self == MemberRole.PUBLISHER:
- return 2
- elif self == MemberRole.MEMBER:
- return 3
- elif self == MemberRole.SUBSCRIBER:
- return 4
- else:
- return 5
+from backend.database.models._assoc_tables import source_user
 
 
 class Source(db.Model, CrudMixin):
@@ -29,6 +9,6 @@ class Source(db.Model, CrudMixin):
  contact_email = db.Column(db.Text)
  reported_incidents = db.relationship(
  'Incident', backref='source', lazy="select")
- # members = db.relationship(
- #  'User', backref='contributor_orgs',
- #  secondary=source_user, lazy="select")
+ members = db.relationship(
+ 'User', backref='contributor_orgs',
+ secondary=source_user, lazy="select")
diff --git a/backend/database/models/user.py b/backend/database/models/user.py
@@ -85,5 +85,8 @@ class User(db.Model, UserMixin, CrudMixin):
 
  phone_number = db.Column(db.Text)
 
+ member_of = db.relationship(
+ 'Source', backref='source', secondary='source_user', lazy="select")
+
  def verify_password(self, pw):
  return bcrypt.checkpw(pw.encode("utf8"), self.password.encode("utf8"))
diff --git a/backend/routes/incidents.py b/backend/routes/incidents.py
@@ -1,7 +1,7 @@
 from datetime import datetime
 from typing import Optional
 
-from backend.auth.jwt import min_role_required
+from backend.auth.jwt import min_role_required, contributor_has_source
 from backend.database.models.user import UserRole
 from flask import Blueprint, abort, current_app, request
 from flask_jwt_extended.view_decorators import jwt_required
@@ -30,8 +30,8 @@ def get_incidents(incident_id: int):
 
 @bp.route("/create", methods=["POST"])
 @jwt_required()
-# TODO: Require CONTRIBUTOR role
 @min_role_required(UserRole.CONTRIBUTOR)
+@contributor_has_source()
 @validate(json=CreateIncidentSchema)
 def create_incident():
  """Create a single incident.

diff --git a/backend/tests/conftest.py b/backend/tests/conftest.py
@@ -64,6 +64,7 @@ def example_user(db_session):
  db_session.commit()
  return user
 
+
 @pytest.fixture
 def admin_user(db_session):
  user = User(
@@ -78,6 +79,7 @@ def admin_user(db_session):
 
  return user
 
+
 @pytest.fixture
 def contributor_user(db_session):
  user = User(
@@ -92,6 +94,7 @@ def contributor_user(db_session):
 
  return user
 
+
 @pytest.fixture
 def access_token(client, example_user):
  res = client.post(
@@ -104,6 +107,7 @@ def access_token(client, example_user):
  assert res.status_code == 200
  return res.json["access_token"]
 
+
 @pytest.fixture
 def contributor_access_token(client, contributor_user):
  res = client.post(
@@ -116,6 +120,7 @@ def contributor_access_token(client, contributor_user):
  assert res.status_code == 200
  return res.json["access_token"]
 
+
 @pytest.fixture
 def cli_runner(app):
  return app.test_cli_runner()

diff --git a/backend/tests/test_incidents.py b/backend/tests/test_incidents.py
@@ -61,7 +61,8 @@ def example_incidents(db_session, client, contributor_access_token):
  res = client.post(
  "/api/v1/incidents/create",
  json=mock,
- headers={"Authorization": "Bearer {0}".format(contributor_access_token)},
+ headers={"Authorization": 
+ "Bearer {0}".format(contributor_access_token)},
  )
  assert res.status_code == 200
  created[name] = res.json