TT-94 feat: add method to update role

ioet · Angeluz-07 · Jan 7, 2021 · Dec 24, 2020 · Dec 24, 2020 · Jan 5, 2021
commit ca5d1354f8e06e91686222ddec5ea9f0195476dc
diff --git a/time_tracker_api/users/users_namespace.py b/time_tracker_api/users/users_namespace.py
@@ -60,6 +60,7 @@ def get(self):
         return AzureConnection().users()
 
 
+# TODO : DEPRECATE
 @ns.route('/<string:id>/roles')
 @ns.response(HTTPStatus.NOT_FOUND, 'User not found')
 @ns.response(HTTPStatus.UNPROCESSABLE_ENTITY, 'The id has an invalid format')
@@ -76,6 +77,7 @@ def post(self, id):
         return AzureConnection().update_user_role(id, ns.payload['role'])
 
 
+# TODO : DEPRECATE
 @ns.route('/<string:user_id>/roles/<string:role_id>')
 @ns.response(HTTPStatus.NOT_FOUND, 'User not found')
 @ns.response(HTTPStatus.UNPROCESSABLE_ENTITY, 'The id has an invalid format')
@@ -94,6 +96,7 @@ def delete(self, user_id, role_id):
 @ns.param('role_id', 'The role name identifier')
 class GrantRole(Resource):
     @ns.doc('grant_role')
+    @ns.marshal_with(user_response_fields)
     def post(self, user_id, role_id):
         """
         Grant role to user
@@ -103,14 +106,15 @@ def post(self, user_id, role_id):
             - admin
         ```
         """
-        return [], HTTPStatus.OK
+        return AzureConnection().update_role(user_id, role_id, is_grant=True)
 
 
 @ns.route('/<string:user_id>/roles/<string:role_id>/revoke')
 @ns.param('user_id', 'The user identifier')
 @ns.param('role_id', 'The role name identifier')
 class RevokeRole(Resource):
     @ns.doc('revoke_role')
+    @ns.marshal_with(user_response_fields)
     def post(self, user_id, role_id):
         """Revoke role to user"""
-        return [], HTTPStatus.OK
+        return AzureConnection().update_role(user_id, role_id, is_grant=False)
diff --git a/utils/azure_users.py b/utils/azure_users.py
@@ -83,6 +83,7 @@ def users(self) -> List[AzureUser]:
         assert 'value' in response.json()
         return [self.to_azure_user(item) for item in response.json()['value']]
 
+    # TODO : DEPRECATE OR UPDATE
     def update_user_role(self, id, role):
         endpoint = "{endpoint}/users/{user_id}?api-version=1.6".format(
             endpoint=self.config.ENDPOINT, user_id=id
@@ -110,3 +111,36 @@ def to_azure_user(self, item) -> AzureUser:
         email = item['otherMails'][0] if there_is_email else ''
         role = item[self.role_field] if there_is_role else None
         return AzureUser(id, name, email, role)
+
+    def update_role(self, user_id, role_id, is_grant):
+        endpoint = "{endpoint}/users/{user_id}?api-version=1.6".format(
+            endpoint=self.config.ENDPOINT, user_id=user_id
+        )
+
+        data = self.get_role_data(role_id, is_grant)
+        response = requests.patch(
+            endpoint,
+            auth=BearerAuth(self.access_token),
+            data=json.dumps(data),
+            headers=HTTP_PATCH_HEADERS,
+        )
+        assert 204 == response.status_code
+
+        response = requests.get(endpoint, auth=BearerAuth(self.access_token))
+        assert 200 == response.status_code
+
+        return self.to_azure_user(response.json())
+
+    def get_role_data(self, role_id, is_grant=True):
+        ROLE_VALUES = {
+            'admin': (
+                'extension_1d76efa96f604499acc0c0ee116a1453_role',
+                'time_tracker_admin',
+            ),
+            'test': ('waitforrealvalue', 'waitforrealvalue'),
+        }
+        field_name, field_value = ROLE_VALUES[role_id]
+        if is_grant:
+            return {field_name: field_value}
+        else:
+            return {field_name: None}