feat: update user role #229

time_tracker_api/users/users_namespace.py

@@ -36,6 +36,19 @@
 
 user_response_fields.update(common_fields)
 
+user_input_fields = ns.model(
+    'UserInput',
+    {
+        'role': fields.String(
+            title="User's Role",
+            required=True,
+            max_length=50,
+            description='Role assigned to the user by the tenant',
+            example=faker.word(['admin']),
+        ),
+    },
+)
+
 
 @ns.route('')
 class Users(Resource):
@@ -59,3 +72,16 @@ class User(Resource):
     def get(self, id):
         """Get an user"""
         return {}
+
+    @ns.doc('update_user')
+    @ns.expect(user_input_fields)
+    @ns.response(
+        HTTPStatus.BAD_REQUEST, 'Invalid format or structure of the user'
+    )
+    @ns.marshal_with(user_response_fields)
+    def put(self, id):
+        """Update an user"""
+        from utils.azure_users import AzureConnection
+
+        azure_connection = AzureConnection()
+        return azure_connection.update_user_role(id, ns.payload['role'])

utils/azure_users.py

@@ -1,6 +1,7 @@
 import msal
 import os
 import requests
+import json
 from typing import List
 
 
@@ -65,22 +66,6 @@ def get_token(self):
             raise ValueError(error_info)
 
     def users(self) -> List[AzureUser]:
-        def to_azure_user(item) -> AzureUser:
-            there_is_email = len(item['otherMails']) > 0
-            there_is_role = (
-                'extension_1d76efa96f604499acc0c0ee116a1453_role' in item
-            )
-
-            id = item['objectId']
-            name = item['displayName']
-            email = item['otherMails'][0] if there_is_email else ''
-            role = (
-                item['extension_1d76efa96f604499acc0c0ee116a1453_role']
-                if there_is_role
-                else None
-            )
-            return AzureUser(id, name, email, role)
-
         endpoint = "{endpoint}/users?api-version=1.6&$select=displayName,otherMails,objectId,{role_field}".format(
             endpoint=self.config.ENDPOINT,
             role_field='extension_1d76efa96f604499acc0c0ee116a1453_role',
@@ -89,4 +74,42 @@ def to_azure_user(item) -> AzureUser:
 
         assert 200 == response.status_code
         assert 'value' in response.json()
-        return [to_azure_user(item) for item in response.json()['value']]
+        return [self.to_azure_user(item) for item in response.json()['value']]
+
+    def update_user_role(self, id, role):
+        headers = {
+            'Content-type': 'application/json',
+            'Accept': 'application/json',
+        }
+        endpoint = "{endpoint}/users/{user_id}?api-version=1.6".format(
+            endpoint=self.config.ENDPOINT, user_id=id
+        )
+        data = {'extension_1d76efa96f604499acc0c0ee116a1453_role': role}
+        response = requests.patch(
+            endpoint,
+            auth=BearerAuth(self.access_token),
+            data=json.dumps(data),
+            headers=headers,
+        )
+        assert 204 == response.status_code
+
+        response = requests.get(endpoint, auth=BearerAuth(self.access_token))
+        assert 200 == response.status_code
+
+        return self.to_azure_user(response.json())
+
+    def to_azure_user(self, item) -> AzureUser:
+        there_is_email = len(item['otherMails']) > 0
+        there_is_role = (
+            'extension_1d76efa96f604499acc0c0ee116a1453_role' in item
+        )
+
+        id = item['objectId']
+        name = item['displayName']
+        email = item['otherMails'][0] if there_is_email else ''
+        role = (
+            item['extension_1d76efa96f604499acc0c0ee116a1453_role']
+            if there_is_role
+            else None
+        )
+        return AzureUser(id, name, email, role)