forked from ITISFoundation/osparc-simcore
-
Notifications
You must be signed in to change notification settings - Fork 0
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
♻️ web-server: Refactor
users
domain for improved layer separation …
…and upgrading to asyncpg (ITISFoundation#6937)
- Loading branch information
Showing
91 changed files
with
2,568 additions
and
1,799 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,59 @@ | ||
from enum import Enum | ||
from functools import total_ordering | ||
|
||
_USER_ROLE_TO_LEVEL = { | ||
"ANONYMOUS": 0, | ||
"GUEST": 10, | ||
"USER": 20, | ||
"TESTER": 30, | ||
"PRODUCT_OWNER": 40, | ||
"ADMIN": 100, | ||
} | ||
|
||
|
||
@total_ordering | ||
class UserRole(Enum): | ||
"""SORTED enumeration of user roles | ||
A role defines a set of privileges the user can perform | ||
Roles are sorted from lower to highest privileges | ||
USER is the role assigned by default A user with a higher/lower role is denoted super/infra user | ||
ANONYMOUS : The user is not logged in | ||
GUEST : Temporary user with very limited access. Main used for demos and for a limited amount of time | ||
USER : Registered user. Basic permissions to use the platform [default] | ||
TESTER : Upgraded user. First level of super-user with privileges to test the framework. | ||
Can use everything but does not have an effect in other users or actual data | ||
ADMIN : Framework admin. | ||
See security_access.py | ||
""" | ||
|
||
ANONYMOUS = "ANONYMOUS" | ||
GUEST = "GUEST" | ||
USER = "USER" | ||
TESTER = "TESTER" | ||
PRODUCT_OWNER = "PRODUCT_OWNER" | ||
ADMIN = "ADMIN" | ||
|
||
@property | ||
def privilege_level(self) -> int: | ||
return _USER_ROLE_TO_LEVEL[self.name] | ||
|
||
def __lt__(self, other: "UserRole") -> bool: | ||
if self.__class__ is other.__class__: | ||
return self.privilege_level < other.privilege_level | ||
return NotImplemented | ||
|
||
|
||
class UserStatus(str, Enum): | ||
# This is a transition state. The user is registered but not confirmed. NOTE that state is optional depending on LOGIN_REGISTRATION_CONFIRMATION_REQUIRED | ||
CONFIRMATION_PENDING = "CONFIRMATION_PENDING" | ||
# This user can now operate the platform | ||
ACTIVE = "ACTIVE" | ||
# This user is inactive because it expired after a trial period | ||
EXPIRED = "EXPIRED" | ||
# This user is inactive because he has been a bad boy | ||
BANNED = "BANNED" | ||
# This user is inactive because it was marked for deletion | ||
DELETED = "DELETED" |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,79 @@ | ||
# pylint: disable=no-value-for-parameter | ||
# pylint: disable=redefined-outer-name | ||
# pylint: disable=unused-argument | ||
# pylint: disable=unused-variable | ||
|
||
|
||
from common_library.users_enums import _USER_ROLE_TO_LEVEL, UserRole | ||
|
||
|
||
def test_user_role_to_level_map_in_sync(): | ||
# If fails, then update _USER_ROLE_TO_LEVEL map | ||
assert set(_USER_ROLE_TO_LEVEL.keys()) == set(UserRole.__members__.keys()) | ||
|
||
|
||
def test_user_roles_compares_to_admin(): | ||
assert UserRole.ANONYMOUS < UserRole.ADMIN | ||
assert UserRole.GUEST < UserRole.ADMIN | ||
assert UserRole.USER < UserRole.ADMIN | ||
assert UserRole.TESTER < UserRole.ADMIN | ||
assert UserRole.PRODUCT_OWNER < UserRole.ADMIN | ||
assert UserRole.ADMIN == UserRole.ADMIN | ||
|
||
|
||
def test_user_roles_compares_to_product_owner(): | ||
assert UserRole.ANONYMOUS < UserRole.PRODUCT_OWNER | ||
assert UserRole.GUEST < UserRole.PRODUCT_OWNER | ||
assert UserRole.USER < UserRole.PRODUCT_OWNER | ||
assert UserRole.TESTER < UserRole.PRODUCT_OWNER | ||
assert UserRole.PRODUCT_OWNER == UserRole.PRODUCT_OWNER | ||
assert UserRole.ADMIN > UserRole.PRODUCT_OWNER | ||
|
||
|
||
def test_user_roles_compares_to_tester(): | ||
assert UserRole.ANONYMOUS < UserRole.TESTER | ||
assert UserRole.GUEST < UserRole.TESTER | ||
assert UserRole.USER < UserRole.TESTER | ||
assert UserRole.TESTER == UserRole.TESTER | ||
assert UserRole.PRODUCT_OWNER > UserRole.TESTER | ||
assert UserRole.ADMIN > UserRole.TESTER | ||
|
||
|
||
def test_user_roles_compares_to_user(): | ||
assert UserRole.ANONYMOUS < UserRole.USER | ||
assert UserRole.GUEST < UserRole.USER | ||
assert UserRole.USER == UserRole.USER | ||
assert UserRole.TESTER > UserRole.USER | ||
assert UserRole.PRODUCT_OWNER > UserRole.USER | ||
assert UserRole.ADMIN > UserRole.USER | ||
|
||
|
||
def test_user_roles_compares_to_guest(): | ||
assert UserRole.ANONYMOUS < UserRole.GUEST | ||
assert UserRole.GUEST == UserRole.GUEST | ||
assert UserRole.USER > UserRole.GUEST | ||
assert UserRole.TESTER > UserRole.GUEST | ||
assert UserRole.PRODUCT_OWNER > UserRole.GUEST | ||
assert UserRole.ADMIN > UserRole.GUEST | ||
|
||
|
||
def test_user_roles_compares_to_anonymous(): | ||
assert UserRole.ANONYMOUS == UserRole.ANONYMOUS | ||
assert UserRole.GUEST > UserRole.ANONYMOUS | ||
assert UserRole.USER > UserRole.ANONYMOUS | ||
assert UserRole.TESTER > UserRole.ANONYMOUS | ||
assert UserRole.PRODUCT_OWNER > UserRole.ANONYMOUS | ||
assert UserRole.ADMIN > UserRole.ANONYMOUS | ||
|
||
|
||
def test_user_roles_compares(): | ||
# < and > | ||
assert UserRole.TESTER < UserRole.ADMIN | ||
assert UserRole.ADMIN > UserRole.TESTER | ||
|
||
# >=, == and <= | ||
assert UserRole.TESTER <= UserRole.ADMIN | ||
assert UserRole.ADMIN >= UserRole.TESTER | ||
|
||
assert UserRole.ADMIN <= UserRole.ADMIN | ||
assert UserRole.ADMIN == UserRole.ADMIN |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Oops, something went wrong.