mirror of
https://github.com/pds-nest/nest.git
synced 2024-11-25 22:44:19 +00:00
parent
39eab92808
commit
766a16b686
2 changed files with 54 additions and 0 deletions
28
code/backend/nest_backend/routes/users/user_delete.py
Normal file
28
code/backend/nest_backend/routes/users/user_delete.py
Normal file
|
@ -0,0 +1,28 @@
|
||||||
|
from flask import render_template, abort, jsonify, request
|
||||||
|
from ...database import *
|
||||||
|
from flask_jwt_extended import jwt_required
|
||||||
|
from ...gestione import *
|
||||||
|
from flask_cors import cross_origin
|
||||||
|
|
||||||
|
|
||||||
|
@cross_origin()
|
||||||
|
@jwt_required()
|
||||||
|
def page_user_delete():
|
||||||
|
"""
|
||||||
|
API call that allows an user to be deleted from NEST.
|
||||||
|
:parameter email: The email of the user that needs to be removed.
|
||||||
|
:return: JSON-formatted data. If the user has the privilege, the target user exists and differs from the current
|
||||||
|
user, the target gets deleted and a json containing the field "result":"success" is returned.
|
||||||
|
"""
|
||||||
|
user = find_user(get_jwt_identity())
|
||||||
|
if not user.isAdmin:
|
||||||
|
return json_error("User is not admin."), 403
|
||||||
|
deluser=request.json.get('email')
|
||||||
|
target = find_user(deluser)
|
||||||
|
if not target:
|
||||||
|
return json_error("User not found."), 404
|
||||||
|
if user == target:
|
||||||
|
return json_error("The user cant delete himself. Its a sin."), 406
|
||||||
|
Base.session.delete(target)
|
||||||
|
Base.session.commit()
|
||||||
|
return json_success("The user has been deleted.")
|
26
code/backend/nest_backend/test/user_delete_test.py
Normal file
26
code/backend/nest_backend/test/user_delete_test.py
Normal file
|
@ -0,0 +1,26 @@
|
||||||
|
import requests
|
||||||
|
import json
|
||||||
|
import unittest
|
||||||
|
|
||||||
|
auth_code = ""
|
||||||
|
|
||||||
|
|
||||||
|
class MyTestCase(unittest.TestCase):
|
||||||
|
def test_user_delete(self):
|
||||||
|
global auth_code
|
||||||
|
|
||||||
|
r = requests.post('http://localhost:5000/api/login', json={'email': 'admin@admin.com', 'password': 'password'})
|
||||||
|
j = json.loads(r.text)
|
||||||
|
assert j['result'] == "success"
|
||||||
|
auth_code = j['data']['access_token']
|
||||||
|
|
||||||
|
r = requests.post(f'http://localhost:5000/api/user/remove', headers={'authorization': "Bearer " + auth_code},
|
||||||
|
json={'email': 'utente15@nest.com'})
|
||||||
|
j = json.loads(r.text)
|
||||||
|
assert j['result'] == "success"
|
||||||
|
|
||||||
|
print("User_delete eseguito correttamente!")
|
||||||
|
|
||||||
|
print("Testing del metodo user_delete")
|
||||||
|
|
||||||
|
|
Loading…
Reference in a new issue