From 824582dab19467355530f2595f9d506c50334edd Mon Sep 17 00:00:00 2001 From: Dan Funk Date: Mon, 27 Jul 2020 11:25:29 -0400 Subject: [PATCH] Hot fix to correct for a failing test due to updates in Spiffworkflow library, and modifying the token authorization so that we can log in as different users when not in production mode. --- crc/api/user.py | 12 +++++++----- tests/test_user_roles.py | 2 +- 2 files changed, 8 insertions(+), 6 deletions(-) diff --git a/crc/api/user.py b/crc/api/user.py index a298808d..fc86bd02 100644 --- a/crc/api/user.py +++ b/crc/api/user.py @@ -31,10 +31,6 @@ def verify_token(token=None): failure_error = ApiError("invalid_token", "Unable to decode the token you provided. Please re-authenticate", status_code=403) - if not _is_production() and (token is None or 'user' not in g): - g.user = UserModel.query.first() - token = g.user.encode_auth_token() - if token: try: token_info = UserModel.decode_auth_token(token) @@ -47,7 +43,7 @@ def verify_token(token=None): raise failure_error # If there's no token and we're in production, get the user from the SSO headers and return their token - if not token and _is_production(): + elif _is_production(): uid = _get_request_uid(request) if uid is not None: @@ -63,6 +59,12 @@ def verify_token(token=None): raise ApiError("no_user", "User not found. Please login via the frontend app before accessing this feature.", status_code=403) + else: + # Fall back to a default user if this is not production. + g.user = UserModel.query.first() + token = g.user.encode_auth_token() + + def verify_token_admin(token=None): """ diff --git a/tests/test_user_roles.py b/tests/test_user_roles.py index 6104641c..8a0ea8ae 100644 --- a/tests/test_user_roles.py +++ b/tests/test_user_roles.py @@ -178,7 +178,7 @@ class TestTasksApi(BaseTest): workflow_api = self.complete_form(workflow, workflow_api.next_task, data, user_uid=submitter.uid) nav = workflow_api.navigation self.assertEquals(5, len(nav)) - self.assertEquals('COMPLETED', nav[0]['state']) # We still have some issues here, the navigation will be off when looping back. + self.assertEquals('READY', nav[0]['state']) # When you loop back the task is again in the ready state. self.assertEquals('LOCKED', nav[1]['state']) # Second item is locked, it is the review and doesn't belong to this user. self.assertEquals('LOCKED', nav[2]['state']) # third item is a gateway belonging to the supervisor, and is locked. self.assertEquals('READY', workflow_api.next_task.state)