diff --git a/src/spiff_workflow_webapp/routes/user_blueprint.py b/src/spiff_workflow_webapp/routes/user_blueprint.py index 07efc575..1fad279b 100644 --- a/src/spiff_workflow_webapp/routes/user_blueprint.py +++ b/src/spiff_workflow_webapp/routes/user_blueprint.py @@ -105,35 +105,8 @@ def delete_group(group_name): @user_blueprint.route("/assign_user_to_group", methods=["POST"]) def assign_user_to_group(): """Assign_user_to_group.""" - content = request.json - user_id = content.get("user_id") - group_id = content.get("group_id") - - if user_id is None: - return Response( - "{error:'user_id required'}", status=400, mimetype="application/json" - ) - - if group_id is None: - return Response( - "{error:'group_id required'}", status=400, mimetype="application/json" - ) - - user = UserModel.query.filter_by(id=user_id).first() - if user is None: - return Response( - json.dumps({"error": f"User cannot be found: {user_id}"}), - status=400, - mimetype="application/json", - ) - - group = GroupModel.query.filter_by(id=group_id).first() - if group is None: - return Response( - json.dumps({"error": f"Group cannot be found: {group_id}"}), - status=400, - mimetype="application/json", - ) + user = get_user_from_request() + group = get_group_from_request() user_group_assignment = UserGroupAssignmentModel.query.filter_by( user_id=user.id, group_id=group.id @@ -154,3 +127,65 @@ def assign_user_to_group(): status=201, mimetype="application/json", ) + + +@user_blueprint.route("/remove_user_from_group", methods=["POST"]) +def remove_user_from_group(): + """Remove_user_from_group.""" + user = get_user_from_request() + group = get_group_from_request() + + user_group_assignment = UserGroupAssignmentModel.query.filter_by( + user_id=user.id, group_id=group.id + ).first() + if user_group_assignment is None: + return Response( + json.dumps({"error": f"User ({user.id}) is not in group ({group.id})"}), + status=400, + mimetype="application/json", + ) + + db.session.delete(user_group_assignment) + db.session.commit() + + return Response( + json.dumps({"ok": True}), + status=204, + mimetype="application/json", + ) + + +def get_user_from_request(): + user_id = request.json.get("user_id") + + if user_id is None: + return Response( + "{error:'user_id required'}", status=400, mimetype="application/json" + ) + + user = UserModel.query.filter_by(id=user_id).first() + if user is None: + return Response( + json.dumps({"error": f"User cannot be found: {user_id}"}), + status=400, + mimetype="application/json", + ) + return user + + +def get_group_from_request(): + group_id = request.json.get("group_id") + + if group_id is None: + return Response( + "{error:'group_id required'}", status=400, mimetype="application/json" + ) + + group = GroupModel.query.filter_by(id=group_id).first() + if group is None: + return Response( + json.dumps({"error": f"Group cannot be found: {group_id}"}), + status=400, + mimetype="application/json", + ) + return group diff --git a/tests/spiff_workflow_webapp/integration/test_user_blueprint.py b/tests/spiff_workflow_webapp/integration/test_user_blueprint.py index 5c203670..0d02213f 100644 --- a/tests/spiff_workflow_webapp/integration/test_user_blueprint.py +++ b/tests/spiff_workflow_webapp/integration/test_user_blueprint.py @@ -78,19 +78,41 @@ def test_create_returns_an_error_if_group_exists(client): def test_user_can_be_assigned_to_a_group(client): user = create_user(client, "joe") group = create_group(client, "administrators") - response = client.post( - "/assign_user_to_group", - content_type="application/json", - data=json.dumps({"user_id": user.id, "group_id": group.id}), - ) - assert response.status_code == 201 - user = UserModel.query.filter_by(id=user.id).first() - assert len(user.user_group_assignments) == 1 - assert user.user_group_assignments[0].group_id == group.id + assign_user_to_group(client, user, group) delete_user(client, user.username) delete_group(client, group.name) +def test_user_can_be_removed_from_a_group(client): + user = create_user(client, "joe") + group = create_group(client, "administrators") + assign_user_to_group(client, user, group) + remove_user_from_group(client, user, group) + delete_user(client, user.username) + delete_group(client, group.name) + + +def test_acceptance(client): + # Create a user U + user = create_user(client, 'U') + # Create a group G + group_g = create_group(client, 'G') + # Assign user U to group G + assign_user_to_group(client, user, group_g) + # Delete group G + delete_group(client, group_g.name) + # Create group H + group_h = create_group(client, 'H') + # Assign user U to group H + assign_user_to_group(client, user, group_h) + # Unassign user U from group H + remove_user_from_group(client, user, group_h) + # Delete group H + delete_group(client, group_h.name) + # Delete user U + delete_user(client, user.username) + + def create_user(client, username): response = client.get(f"/user/{username}") assert response.status_code == 201 @@ -119,3 +141,26 @@ def delete_group(client, group_name): assert response.status_code == 204 group = GroupModel.query.filter_by(name=group_name).first() assert group is None + + +def assign_user_to_group(client, user, group): + response = client.post( + "/assign_user_to_group", + content_type="application/json", + data=json.dumps({"user_id": user.id, "group_id": group.id}), + ) + assert response.status_code == 201 + user = UserModel.query.filter_by(id=user.id).first() + assert len(user.user_group_assignments) == 1 + assert user.user_group_assignments[0].group_id == group.id + + +def remove_user_from_group(client, user, group): + response = client.post( + "remove_user_from_group", + content_type="application/json", + data=json.dumps({"user_id": user.id, "group_id": group.id}), + ) + assert response.status_code == 204 + user = UserModel.query.filter_by(id=user.id).first() + assert len(user.user_group_assignments) == 0