feat: TT-122 show users by type of user

tests/time_tracker_api/users/users_namespace_test.py

@@ -2,7 +2,7 @@
 from flask import json
 from flask.testing import FlaskClient
 from flask_restplus._http import HTTPStatus
-from utils.azure_users import AzureConnection
+from utils.azure_users import AzureConnection, ROLE_FIELD_VALUES, AzureUser_v2
 from pytest import mark
 
 
@@ -181,3 +181,59 @@ def test_update_role_is_called_properly_on_each_action(
     update_role_mock.assert_called_once_with(
         user_id, role_id, is_grant=is_grant
     )
+
+
+@patch('msal.ConfidentialClientApplication')
+@patch('utils.azure_users.AzureConnection.get_token')
+@patch('utils.azure_users.AzureConnection._get_user')
+@mark.parametrize(
+    'field_name,field_value,expected',
+    [
+        (ROLE_FIELD_VALUES['test'][0], ROLE_FIELD_VALUES['test'][1], True),
+        (ROLE_FIELD_VALUES['test'][0], None, False),
+    ],
+)
+def test_azure_connection_is_test_user(
+    _get_user_mock,
+    get_token_mock,
+    msal_client_mock,
+    field_name,
+    field_value,
+    expected,
+):
+    _get_user_mock.return_value = {field_name: field_value}
+    test_user_id = 'test-user-id'
+
+    az_conn = AzureConnection()
+    assert az_conn.is_test_user(test_user_id) == expected
+
+
+@patch('msal.ConfidentialClientApplication')
+@patch('utils.azure_users.AzureConnection.get_token')
+@patch('utils.azure_users.AzureConnection._get_test_user_ids')
+def test_azure_connection_get_test_user_ids(
+    _get_test_user_ids_mock, get_token_mock, msal_client_mock,
+):
+    _get_test_user_ids_mock.return_value = [
+        {'objectId': 'ID1'},
+        {'objectId': 'ID2'},
+    ]
+    ids = ['ID1', 'ID2']
+    az_conn = AzureConnection()
+    assert az_conn.get_test_user_ids() == ids
+
+
+@patch('msal.ConfidentialClientApplication')
+@patch('utils.azure_users.AzureConnection.get_token')
+@patch('utils.azure_users.AzureConnection.get_test_user_ids')
+@patch('utils.azure_users.AzureConnection.users_v2')
+def test_azure_connection_get_non_test_users(
+    users_v2_mock, get_test_user_ids_mock, get_token_mock, msal_client_mock,
+):
+    az1 = AzureUser_v2('ID1', None, None, [])
+    az2 = AzureUser_v2('ID2', None, None, [])
+    users_v2_mock.return_value = [az1, az2]
+    get_test_user_ids_mock.return_value = ['ID1']
+    non_test_users = [az2]
+    az_conn = AzureConnection()
+    assert az_conn.get_non_test_users() == non_test_users

time_tracker_api/users/users_namespace.py

@@ -3,6 +3,7 @@
 from flask_restplus._http import HTTPStatus
 
 from time_tracker_api.api import common_fields, api, NullableString
+from time_tracker_api.security import current_user_id
 
 from utils.azure_users import AzureConnection
 from commons.feature_toggles.feature_toggle_manager import FeatureToggleManager
@@ -68,7 +69,14 @@ def get(self):
         """List all users"""
         user_role_field_toggle = FeatureToggleManager('bk-user-role-field')
         if user_role_field_toggle.is_toggle_enabled_for_user():
-            return AzureConnection().users_v2()
+            azure_connection = AzureConnection()
+            current_user_is_tester = azure_connection.is_test_user(
+                current_user_id()
+            )
+            if current_user_is_tester:
+                return azure_connection.users_v2()
+            else:
+                return azure_connection.get_non_test_users()
         return AzureConnection().users()
 
 

utils/azure_users.py

@@ -178,6 +178,41 @@ def update_role(self, user_id, role_id, is_grant):
 
         return self.to_azure_user_v2(response.json())
 
+    def _get_user(self, user_id):
+        endpoint = "{endpoint}/users/{user_id}?api-version=1.6".format(
+            endpoint=self.config.ENDPOINT, user_id=user_id
+        )
+        response = requests.get(endpoint, auth=BearerAuth(self.access_token))
+        assert 200 == response.status_code
+        return response.json()
+
+    def is_test_user(self, user_id):
+        response = self._get_user(user_id)
+        field_name, field_value = ROLE_FIELD_VALUES['test']
+        return field_name in response and field_value == response[field_name]
+
+    def _get_test_user_ids(self):
+        field_name, field_value = ROLE_FIELD_VALUES['test']
+        endpoint = "{endpoint}/users?api-version=1.6&$select=objectId,{field_name}&$filter={field_name} eq '{field_value}'".format(
+            endpoint=self.config.ENDPOINT,
+            field_name=field_name,
+            field_value=field_value,
+        )
+        response = requests.get(endpoint, auth=BearerAuth(self.access_token))
+        assert 200 == response.status_code
+        assert 'value' in response.json()
+        return response.json()['value']
+
+    def get_test_user_ids(self):
+        response = self._get_test_user_ids()
+        return [item['objectId'] for item in response]
+
+    def get_non_test_users(self) -> List[AzureUser]:
+        test_user_ids = self.get_test_user_ids()
+        return [
+            user for user in self.users_v2() if user.id not in test_user_ids
+        ]
+
     def get_role_data(self, role_id, is_grant=True):
         assert role_id in ROLE_FIELD_VALUES.keys()
         field_name, field_value = ROLE_FIELD_VALUES[role_id]