gru/mikromon
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

push

Browse Source
This commit is contained in:
Mateusz Gruszczyński
2026-03-05 15:53:33 +01:00
commit e8f6c4c609
74 changed files with 4482 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

27
tests/test_acl_api.py Normal file
View File

@@ -0,0 +1,27 @@
import json
from mikromon import db
from mikromon.models import User, Role, RoleName, Dashboard
from mikromon.security.passwords import hash_password
def _login(client, email, password):
return client.post("/auth/login", data={"email":email,"password":password}, follow_redirects=False)
def test_api_me_requires_login(client, app):
r = client.get("/api/v1/me")
assert r.status_code in (302, 401)
def test_dashboard_acl(client, app):
with app.app_context():
user_role = Role.query.filter_by(name=RoleName.USER.value).first()
if not user_role:
user_role = Role(name=RoleName.USER.value)
db.session.add(user_role); db.session.commit()
u1 = User(email="a@example.com", password_hash=hash_password("Password123!"), role_id=user_role.id)
u2 = User(email="b@example.com", password_hash=hash_password("Password123!"), role_id=user_role.id)
db.session.add_all([u1,u2]); db.session.commit()
d = Dashboard(owner_id=u1.id, name="D1", description="")
db.session.add(d); db.session.commit()
did = d.id
_login(client, "b@example.com", "Password123!")
r = client.get(f"/api/v1/dashboards/{did}")
assert r.status_code == 403