fix: add AuthHandler.user_is_admin() method

2024-08-05 14:27:53 -05:00 · 2024-08-05 14:27:53 -05:00 · a38a69afa2
parent 739dd285aa
commit a38a69afa2
2 changed files with 31 additions and 0 deletions
--- a/src/wuttjamaican/auth.py
+++ b/src/wuttjamaican/auth.py
@ -369,6 +369,20 @@ class AuthHandler(GenericHandler):
        """
        return self._special_role(session, 'b765a9cc331a11e6ac2a3ca9f40bc550', "Authenticated")

+    def user_is_admin(self, user, **kwargs):
+        """
+        Check if given user is a member of the "Administrator" role.
+
+        :rtype: bool
+        """
+        if user:
+            session = self.app.get_session(user)
+            admin = self.get_role_administrator(session)
+            if admin in user.roles:
+                return True
+
+        return False
+
    def get_permissions(self, session, principal,
                          include_anonymous=True,
                          include_authenticated=True):
--- a/tests/test_auth.py
+++ b/tests/test_auth.py
@ -253,6 +253,23 @@ else:
            self.assertEqual(self.session.query(model.Role).count(), 1)
            self.assertEqual(role.name, "Authenticated")

+        def test_user_is_admin(self):
+            model = self.app.model
+
+            # non-user is not admin
+            self.assertFalse(self.handler.user_is_admin(None))
+
+            # new user but not yet admin
+            user = self.handler.make_user(session=self.session)
+            self.session.commit()
+            self.assertFalse(self.handler.user_is_admin(user))
+
+            # but we can make them an admin
+            admin = self.handler.get_role_administrator(self.session)
+            user.roles.append(admin)
+            self.session.commit()
+            self.assertTrue(self.handler.user_is_admin(user))
+
        def test_get_permissions(self):
            model = self.app.model