pyl w/ burnettk
This commit is contained in:
parent
dc2a976b9c
commit
7756165b08
|
@ -105,7 +105,9 @@ def verify_token(
|
||||||
) from e
|
) from e
|
||||||
|
|
||||||
if (
|
if (
|
||||||
user_info is not None and "error" not in user_info and 'iss' in user_info
|
user_info is not None
|
||||||
|
and "error" not in user_info
|
||||||
|
and "iss" in user_info
|
||||||
): # not sure what to test yet
|
): # not sure what to test yet
|
||||||
user_model = (
|
user_model = (
|
||||||
UserModel.query.filter(UserModel.service == user_info["iss"])
|
UserModel.query.filter(UserModel.service == user_info["iss"])
|
||||||
|
|
|
@ -1,7 +1,5 @@
|
||||||
"""Script."""
|
"""Script."""
|
||||||
from __future__ import annotations
|
from __future__ import annotations
|
||||||
from spiffworkflow_backend.models.process_instance import ProcessInstanceModel, ProcessInstanceNotFoundError
|
|
||||||
from spiffworkflow_backend.services.authorization_service import AuthorizationService
|
|
||||||
|
|
||||||
import importlib
|
import importlib
|
||||||
import os
|
import os
|
||||||
|
@ -12,9 +10,12 @@ from typing import Callable
|
||||||
|
|
||||||
from flask_bpmn.api.api_error import ApiError
|
from flask_bpmn.api.api_error import ApiError
|
||||||
|
|
||||||
|
from spiffworkflow_backend.models.process_instance import ProcessInstanceModel
|
||||||
|
from spiffworkflow_backend.models.process_instance import ProcessInstanceNotFoundError
|
||||||
from spiffworkflow_backend.models.script_attributes_context import (
|
from spiffworkflow_backend.models.script_attributes_context import (
|
||||||
ScriptAttributesContext,
|
ScriptAttributesContext,
|
||||||
)
|
)
|
||||||
|
from spiffworkflow_backend.services.authorization_service import AuthorizationService
|
||||||
|
|
||||||
# Generally speaking, having some global in a flask app is TERRIBLE.
|
# Generally speaking, having some global in a flask app is TERRIBLE.
|
||||||
# This is here, because after loading the application this will never change under
|
# This is here, because after loading the application this will never change under
|
||||||
|
@ -23,7 +24,7 @@ SCRIPT_SUB_CLASSES = None
|
||||||
|
|
||||||
|
|
||||||
class ScriptUnauthorizedForUserError(Exception):
|
class ScriptUnauthorizedForUserError(Exception):
|
||||||
pass
|
"""ScriptUnauthorizedForUserError."""
|
||||||
|
|
||||||
|
|
||||||
class Script:
|
class Script:
|
||||||
|
@ -84,10 +85,13 @@ class Script:
|
||||||
instance = subclass()
|
instance = subclass()
|
||||||
|
|
||||||
def check_script_permission() -> None:
|
def check_script_permission() -> None:
|
||||||
|
"""Check_script_permission."""
|
||||||
if subclass.requires_privileged_permissions():
|
if subclass.requires_privileged_permissions():
|
||||||
script_function_name = get_script_function_name(subclass)
|
script_function_name = get_script_function_name(subclass)
|
||||||
uri = f"/v1.0/can-run-privileged-script/{script_function_name}"
|
uri = f"/v1.0/can-run-privileged-script/{script_function_name}"
|
||||||
process_instance = ProcessInstanceModel.query.filter_by(id=script_attributes_context.process_instance_id).first()
|
process_instance = ProcessInstanceModel.query.filter_by(
|
||||||
|
id=script_attributes_context.process_instance_id
|
||||||
|
).first()
|
||||||
if process_instance is None:
|
if process_instance is None:
|
||||||
raise ProcessInstanceNotFoundError(
|
raise ProcessInstanceNotFoundError(
|
||||||
f"Could not find a process instance with id '{script_attributes_context.process_instance_id}' "
|
f"Could not find a process instance with id '{script_attributes_context.process_instance_id}' "
|
||||||
|
@ -103,6 +107,7 @@ class Script:
|
||||||
)
|
)
|
||||||
|
|
||||||
def run_script_if_allowed(*ar: Any, **kw: Any) -> Any:
|
def run_script_if_allowed(*ar: Any, **kw: Any) -> Any:
|
||||||
|
"""Run_script_if_allowed."""
|
||||||
check_script_permission()
|
check_script_permission()
|
||||||
return subclass.run(
|
return subclass.run(
|
||||||
instance,
|
instance,
|
||||||
|
@ -110,9 +115,11 @@ class Script:
|
||||||
*ar,
|
*ar,
|
||||||
**kw,
|
**kw,
|
||||||
)
|
)
|
||||||
|
|
||||||
return run_script_if_allowed
|
return run_script_if_allowed
|
||||||
|
|
||||||
def get_script_function_name(subclass: type[Script]) -> str:
|
def get_script_function_name(subclass: type[Script]) -> str:
|
||||||
|
"""Get_script_function_name."""
|
||||||
return subclass.__module__.split(".")[-1]
|
return subclass.__module__.split(".")[-1]
|
||||||
|
|
||||||
execlist = {}
|
execlist = {}
|
||||||
|
|
|
@ -414,13 +414,16 @@ class ProcessInstanceReportService:
|
||||||
)
|
)
|
||||||
|
|
||||||
if report_filter.with_tasks_assigned_to_my_group is True:
|
if report_filter.with_tasks_assigned_to_my_group is True:
|
||||||
group_model_join_conditions = [GroupModel.id == HumanTaskModel.lane_assignment_id]
|
group_model_join_conditions = [
|
||||||
|
GroupModel.id == HumanTaskModel.lane_assignment_id
|
||||||
|
]
|
||||||
if report_filter.user_group_identifier:
|
if report_filter.user_group_identifier:
|
||||||
group_model_join_conditions.append(GroupModel.identifier == report_filter.user_group_identifier)
|
group_model_join_conditions.append(
|
||||||
|
GroupModel.identifier == report_filter.user_group_identifier
|
||||||
|
)
|
||||||
process_instance_query = process_instance_query.join(HumanTaskModel)
|
process_instance_query = process_instance_query.join(HumanTaskModel)
|
||||||
process_instance_query = process_instance_query.join(
|
process_instance_query = process_instance_query.join(
|
||||||
GroupModel,
|
GroupModel, and_(*group_model_join_conditions)
|
||||||
and_(*group_model_join_conditions)
|
|
||||||
)
|
)
|
||||||
process_instance_query = process_instance_query.join(
|
process_instance_query = process_instance_query.join(
|
||||||
UserGroupAssignmentModel,
|
UserGroupAssignmentModel,
|
||||||
|
|
|
@ -1,12 +1,10 @@
|
||||||
"""Test_get_localtime."""
|
"""Test_get_localtime."""
|
||||||
from flask.app import Flask
|
|
||||||
from flask_bpmn.api.api_error import ApiError
|
|
||||||
import pytest
|
import pytest
|
||||||
from spiffworkflow_backend.scripts.script import ScriptUnauthorizedForUserError
|
from flask.app import Flask
|
||||||
from tests.spiffworkflow_backend.helpers.test_data import load_test_spec
|
|
||||||
from flask.testing import FlaskClient
|
from flask.testing import FlaskClient
|
||||||
from spiffworkflow_backend.services.process_instance_processor import ProcessInstanceProcessor
|
from flask_bpmn.api.api_error import ApiError
|
||||||
from tests.spiffworkflow_backend.helpers.base_test import BaseTest
|
from tests.spiffworkflow_backend.helpers.base_test import BaseTest
|
||||||
|
from tests.spiffworkflow_backend.helpers.test_data import load_test_spec
|
||||||
|
|
||||||
from spiffworkflow_backend.models.group import GroupModel
|
from spiffworkflow_backend.models.group import GroupModel
|
||||||
from spiffworkflow_backend.models.permission_assignment import PermissionAssignmentModel
|
from spiffworkflow_backend.models.permission_assignment import PermissionAssignmentModel
|
||||||
|
@ -16,6 +14,9 @@ from spiffworkflow_backend.models.script_attributes_context import (
|
||||||
)
|
)
|
||||||
from spiffworkflow_backend.models.user import UserModel
|
from spiffworkflow_backend.models.user import UserModel
|
||||||
from spiffworkflow_backend.scripts.add_permission import AddPermission
|
from spiffworkflow_backend.scripts.add_permission import AddPermission
|
||||||
|
from spiffworkflow_backend.services.process_instance_processor import (
|
||||||
|
ProcessInstanceProcessor,
|
||||||
|
)
|
||||||
|
|
||||||
|
|
||||||
class TestAddPermission(BaseTest):
|
class TestAddPermission(BaseTest):
|
||||||
|
@ -70,11 +71,12 @@ class TestAddPermission(BaseTest):
|
||||||
client: FlaskClient,
|
client: FlaskClient,
|
||||||
with_db_and_bpmn_file_cleanup: None,
|
with_db_and_bpmn_file_cleanup: None,
|
||||||
) -> None:
|
) -> None:
|
||||||
|
"""Test_add_permission_script_through_bpmn."""
|
||||||
basic_user = self.find_or_create_user("basic_user")
|
basic_user = self.find_or_create_user("basic_user")
|
||||||
privileged_user = self.find_or_create_user("privileged_user")
|
privileged_user = self.find_or_create_user("privileged_user")
|
||||||
self.add_permissions_to_user(
|
self.add_permissions_to_user(
|
||||||
privileged_user,
|
privileged_user,
|
||||||
target_uri="/v1.0/can-run-privileged-script/*",
|
target_uri="/v1.0/can-run-privileged-script/add_permission",
|
||||||
permission_names=["create"],
|
permission_names=["create"],
|
||||||
)
|
)
|
||||||
process_model = load_test_spec(
|
process_model = load_test_spec(
|
||||||
|
|
|
@ -24,7 +24,6 @@ class TestSaveProcessInstanceMetadata(BaseTest):
|
||||||
with_super_admin_user: UserModel,
|
with_super_admin_user: UserModel,
|
||||||
) -> None:
|
) -> None:
|
||||||
"""Test_can_save_process_instance_metadata."""
|
"""Test_can_save_process_instance_metadata."""
|
||||||
initiator_user = self.find_or_create_user("initiator_user")
|
|
||||||
self.create_process_group(
|
self.create_process_group(
|
||||||
client, with_super_admin_user, "test_group", "test_group"
|
client, with_super_admin_user, "test_group", "test_group"
|
||||||
)
|
)
|
||||||
|
@ -34,7 +33,7 @@ class TestSaveProcessInstanceMetadata(BaseTest):
|
||||||
process_model_source_directory="save_process_instance_metadata",
|
process_model_source_directory="save_process_instance_metadata",
|
||||||
)
|
)
|
||||||
process_instance = self.create_process_instance_from_process_model(
|
process_instance = self.create_process_instance_from_process_model(
|
||||||
process_model=process_model, user=initiator_user
|
process_model=process_model, user=with_super_admin_user
|
||||||
)
|
)
|
||||||
processor = ProcessInstanceProcessor(process_instance)
|
processor = ProcessInstanceProcessor(process_instance)
|
||||||
processor.do_engine_steps(save=True)
|
processor.do_engine_steps(save=True)
|
||||||
|
|
Loading…
Reference in New Issue